$ rpki-client -vvf repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft File: CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft (raw, json) Hash identifier: A8f1Jg5LtFfGCywZsPY1vBOQB3RIO4oW1wcD5q/QqAY= Subject key identifier: 31:19:1B:78:4A:19:9E:70:3E:15:AA:F4:21:36:05:18:48:A6:45:8A Authority key identifier: CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C Certificate issuer: /CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Certificate serial: 77A1008CFD87A838E032980C0C433E5003FBBF5D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft Manifest number: 03D4 Signing time: Sun 22 Mar 2026 21:52:30 +0000 Manifest this update: Sun 22 Mar 2026 21:47:30 +0000 Manifest next update: Thu 26 Mar 2026 07:49:30 +0000 Files and hashes: 1: 323030313a6466303a663730303a3a2f34382d3438203d3e20313339333939.roa (hash: ylDWnunXe+P0sSpHe2ems7WUQ+PsguFxQzvub0cWxiw=) 2: 3130332e39312e32382e302f32322d3234203d3e203338343936.roa (hash: iZk4nKRAyYY4CGj+caK3PfJut3d/hrLgka43LgJ9lgQ=) 3: 3132332e3235332e3234342e302f32322d3234203d3e20313339333939.roa (hash: jLcNXh3PdlCUsOrK8Wn6cIHJ87Bgrp1+sOpFF9srttE=) 4: CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl (hash: NErt7IUn1mZaTXBksCxekedfzePh/z7D7qP17MYVo+Q=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 07:49:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:a1:00:8c:fd:87:a8:38:e0:32:98:0c:0c:43:3e:50:03:fb:bf:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Validity Not Before: Mar 22 21:47:30 2026 GMT Not After : Mar 26 07:49:30 2026 GMT Subject: CN=31191B784A199E703E15AAF42136051848A6458A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:78:9e:38:9b:bc:4d:94:35:36:0c:d4:63:35: a3:b0:44:19:05:22:1a:45:38:4c:3b:37:73:97:d5: 4c:73:c3:4e:90:09:d7:4f:08:07:5e:cc:8d:c5:c9: 69:38:4f:1b:cc:85:f1:56:18:72:11:e2:50:21:6e: dd:73:c1:de:57:dd:9f:a7:5f:18:eb:e5:56:7c:f8: 17:13:f5:5f:3c:91:b1:ca:b0:35:20:c9:e2:56:98: ed:3d:b9:a1:6d:de:19:fa:07:19:24:71:bc:0a:4d: 43:48:ab:5f:6b:68:9a:2e:ed:78:b7:34:20:3f:13: fa:57:ac:5e:d7:90:6d:4d:80:bd:39:1b:10:0b:44: 8e:58:a7:46:58:ea:f7:11:2a:8f:9b:e9:bd:e8:e9: a7:04:f9:86:74:66:0b:44:76:b0:27:64:b9:20:c1: 17:6c:83:61:99:6d:18:cb:b0:db:b6:14:0b:e8:7e: d9:69:01:ad:18:1a:66:41:16:14:d8:92:66:1a:c7: 6f:4a:ce:64:2d:5f:92:7c:60:dd:d5:45:2c:b4:e5: 82:85:08:af:2e:6c:42:63:26:09:df:a1:c4:3f:00: 38:39:20:7c:39:0d:11:91:6f:1a:88:3b:55:df:48: f9:0e:da:76:32:94:65:9f:82:70:7c:a3:07:44:fa: 8c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:19:1B:78:4A:19:9E:70:3E:15:AA:F4:21:36:05:18:48:A6:45:8A X509v3 Authority Key Identifier: keyid:CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:29:38:88:2e:ae:53:6a:d9:e1:58:dd:fa:31:ad:b8:e7:09: 3b:6e:7e:e8:5f:5b:37:25:03:07:bd:b5:d3:54:9f:4a:85:f6: c3:99:65:a0:6b:94:cc:be:54:44:d2:b7:7d:02:a6:99:a4:19: f0:a0:40:b4:51:8c:fa:7d:93:a8:4f:89:fd:b4:a3:ea:57:1b: 3c:f9:45:69:19:0a:1b:a3:ed:89:72:79:19:d4:08:53:3f:93: 5d:8c:e2:c6:7e:c6:01:92:f9:94:ed:b0:bf:23:9e:8e:20:46: 1e:bc:d2:9d:e0:39:1b:04:9a:26:0b:f9:4a:58:46:c8:66:f4: 18:f1:84:4d:74:c7:bb:03:bb:b5:c5:4c:9c:dd:f5:c5:2e:89: e8:49:23:86:0c:12:af:98:74:3c:b3:b2:74:2c:97:14:a1:aa: 9b:38:ba:2d:01:01:85:6b:48:25:69:5b:8a:93:11:da:21:51: 23:59:30:ad:07:19:3a:93:25:1a:98:6f:6d:a5:7e:86:02:87: 6b:27:ec:7c:69:91:87:18:54:ad:c0:4c:f2:dc:98:ac:cf:5f: de:3e:26:ed:d5:c1:53:d8:a1:12:19:a7:4f:29:16:b8:15:93: a7:f7:38:6d:60:8a:17:9c:98:60:3e:d6:96:ab:c4:82:99:51: 12:e1:49:87 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUd6EAjP2HqDjgMpgMDEM+UAP7v10wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRD RkQ3RTI2QzAeFw0yNjAzMjIyMTQ3MzBaFw0yNjAzMjYwNzQ5MzBaMDMxMTAvBgNV BAMTKDMxMTkxQjc4NEExOTlFNzAzRTE1QUFGNDIxMzYwNTE4NDhBNjQ1OEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMeJ44m7xNlDU2DNRjNaOwRBkF IhpFOEw7N3OX1Uxzw06QCddPCAdezI3FyWk4TxvMhfFWGHIR4lAhbt1zwd5X3Z+n Xxjr5VZ8+BcT9V88kbHKsDUgyeJWmO09uaFt3hn6BxkkcbwKTUNIq19raJou7Xi3 NCA/E/pXrF7XkG1NgL05GxALRI5Yp0ZY6vcRKo+b6b3o6acE+YZ0ZgtEdrAnZLkg wRdsg2GZbRjLsNu2FAvoftlpAa0YGmZBFhTYkmYax29KzmQtX5J8YN3VRSy05YKF CK8ubEJjJgnfocQ/ADg5IHw5DRGRbxqIO1XfSPkO2nYylGWfgnB8owdE+ozDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMRkbeEoZnnA+Far0ITYFGEimRYowHwYDVR0j BBgwFoAUynBPeF6liz9lnm48j3Hi1M/X4mwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NDIxOTg1Yi1hMGU2LTRlMDUtYmVmNi1mZTZmNWE2ZTJmNDMvMC9DQTcwNEY3ODVF QTU4QjNGNjU5RTZFM0M4RjcxRTJENENGRDdFMjZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRDRkQ3 RTI2Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDQyMTk4NWItYTBlNi00ZTA1LWJl ZjYtZmU2ZjVhNmUyZjQzLzAvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUy RDRDRkQ3RTI2Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKQpOIgurlNq2eFY3foxrbjnCTtufuhfWzcl Awe9tdNUn0qF9sOZZaBrlMy+VETSt30CppmkGfCgQLRRjPp9k6hPif20o+pXGzz5 RWkZChuj7YlyeRnUCFM/k12M4sZ+xgGS+ZTtsL8jno4gRh680p3gORsEmiYL+UpY Rshm9BjxhE10x7sDu7XFTJzd9cUuiehJI4YMEq+YdDyzsnQslxShqps4ui0BAYVr SCVpW4qTEdohUSNZMK0HGTqTJRqYb22lfoYCh2sn7HxpkYcYVK3ATPLcmKzPX94+ Ju3VwVPYoRIZp08pFrgVk6f3OG1gihecmGA+1parxIKZURLhSYc= -----END CERTIFICATE-----Generated at Tue Mar 24 12:26:43 2026 by rpki-client