$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: XoypVRyOUrRtaVc+i18z8avCWhddSJwMSm1yEkw//x4= Subject key identifier: 77:DC:72:56:2E:49:5F:6F:93:B4:21:D2:B8:93:59:21:D1:86:46:25 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 05B37D962A9D214266B9D6C19E6604B0A57D4656 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: 0109 Signing time: Fri 06 Mar 2026 10:11:55 +0000 Manifest this update: Fri 06 Mar 2026 10:06:55 +0000 Manifest next update: Mon 09 Mar 2026 12:00:55 +0000 Files and hashes: 1: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c=) 2: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: cgCQGHjYm9Rxv4CEgFMbU62BN4kM76TZ4O5M23Ymkqo=) 3: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: kSF1VyQJjpek8Mf3gy+lWICO98IQh62K2L543jgKTUA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 08:48:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:b3:7d:96:2a:9d:21:42:66:b9:d6:c1:9e:66:04:b0:a5:7d:46:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Mar 6 10:06:55 2026 GMT Not After : Mar 9 12:00:55 2026 GMT Subject: CN=77DC72562E495F6F93B421D2B8935921D1864625 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:fb:b0:7e:68:0c:c3:d6:9a:7f:57:98:54:d0: 1c:01:8f:5f:b0:1c:39:2a:e2:bd:2f:14:37:74:31: 2a:07:d1:5e:20:74:06:1d:9f:b1:73:2b:d0:12:7d: ca:2c:23:ac:28:54:72:56:41:67:18:00:bc:d3:5d: c6:cc:47:84:64:59:e9:de:63:3a:ad:cb:5b:9f:eb: a4:f9:31:7c:91:c3:cf:28:5f:e0:a1:ad:c3:3a:4d: d3:b9:3f:5a:89:1d:64:91:42:d0:cd:53:05:79:95: 04:da:b4:9a:06:df:fe:b8:93:2f:b6:bc:ed:9c:9b: 73:db:f2:e8:d6:8b:3e:96:fa:aa:16:20:8c:b1:54: 6d:8d:19:c8:0f:2b:cf:47:17:0e:42:a6:bb:e6:82: d3:6b:67:a5:fd:44:56:06:31:c0:e8:19:bc:1d:c3: b4:f1:41:9f:7e:ff:b1:54:1f:3d:00:23:30:88:59: ae:e2:81:2c:7f:b2:b8:01:da:e0:dd:b2:55:13:56: 2f:94:62:58:18:b6:b2:c0:f1:d0:7e:82:57:15:2e: de:9e:f6:79:6e:49:f6:81:d5:68:4d:e6:9e:a6:36: 37:78:0d:4d:35:f3:37:a6:39:bd:f1:6d:e4:73:7e: 94:88:b3:66:21:7f:fb:53:21:80:b7:17:31:90:2e: 80:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:DC:72:56:2E:49:5F:6F:93:B4:21:D2:B8:93:59:21:D1:86:46:25 X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d3:8d:48:60:57:37:13:6d:07:c9:f9:79:de:6a:b1:ac:39:20: fd:c0:f0:44:65:66:06:cb:09:2b:40:c9:c0:25:e9:91:a3:b1: 43:b1:4a:7e:5c:17:f5:07:4e:64:7c:53:c5:2a:24:80:eb:cd: 8a:24:ea:ed:ff:f8:01:30:3d:84:8b:aa:6e:81:8a:a2:0c:b6: 94:ca:37:df:b6:3a:31:42:3e:d5:3a:1e:05:1d:e3:61:f5:1c: d5:d3:37:10:63:af:37:1f:d1:4c:bd:88:6c:da:f3:d5:b0:0f: b7:49:35:b2:00:8d:29:5a:d6:2c:9d:f2:ed:be:e5:b2:a3:ca: 8b:6c:5e:cc:39:26:9f:33:1a:de:8d:52:96:51:d0:da:bf:99: 35:e4:9c:24:fb:f6:c6:fb:d8:cf:6d:2d:68:1e:b1:dc:e7:8b: f9:f6:f8:b5:27:8f:eb:bd:b1:1f:51:f8:a2:15:0e:f7:49:18: a0:55:24:9b:a2:c6:0a:e7:2e:11:70:a3:1b:5b:19:af:8b:bc: 58:84:1d:e4:af:30:b6:d8:5c:97:4f:93:f4:97:d6:c8:e1:e0: 9f:fb:90:a6:28:09:0c:bb:49:c0:4f:35:15:60:63:92:64:ee: a0:20:13:c6:26:90:8f:b3:f1:16:56:b8:70:86:32:c3:1a:32: 29:78:89:9c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBbN9liqdIUJmudbBnmYEsKV9RlYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNjAzMDYxMDA2NTVaFw0yNjAzMDkxMjAwNTVaMDMxMTAvBgNV BAMTKDc3REM3MjU2MkU0OTVGNkY5M0I0MjFEMkI4OTM1OTIxRDE4NjQ2MjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy+7B+aAzD1pp/V5hU0BwBj1+w HDkq4r0vFDd0MSoH0V4gdAYdn7FzK9ASfcosI6woVHJWQWcYALzTXcbMR4RkWene Yzqty1uf66T5MXyRw88oX+ChrcM6TdO5P1qJHWSRQtDNUwV5lQTatJoG3/64ky+2 vO2cm3Pb8ujWiz6W+qoWIIyxVG2NGcgPK89HFw5CprvmgtNrZ6X9RFYGMcDoGbwd w7TxQZ9+/7FUHz0AIzCIWa7igSx/srgB2uDdslUTVi+UYlgYtrLA8dB+glcVLt6e 9nluSfaB1WhN5p6mNjd4DU018zemOb3xbeRzfpSIs2Yhf/tTIYC3FzGQLoD3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUd9xyVi5JX2+TtCHSuJNZIdGGRiUwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANONSGBXNxNtB8n5ed5qsaw5IP3A8ERlZgbL CStAycAl6ZGjsUOxSn5cF/UHTmR8U8UqJIDrzYok6u3/+AEwPYSLqm6BiqIMtpTK N9+2OjFCPtU6HgUd42H1HNXTNxBjrzcf0Uy9iGza89WwD7dJNbIAjSla1iyd8u2+ 5bKjyotsXsw5Jp8zGt6NUpZR0Nq/mTXknCT79sb72M9tLWgesdzni/n2+LUnj+u9 sR9R+KIVDvdJGKBVJJuixgrnLhFwoxtbGa+LvFiEHeSvMLbYXJdPk/SX1sjh4J/7 kKYoCQy7ScBPNRVgY5Jk7qAgE8YmkI+z8RZWuHCGMsMaMil4iZw= -----END CERTIFICATE-----Generated at Sat Mar 7 17:50:40 2026 by rpki-client