$ rpki-client -vvf repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft File: 2D18956397FA6055A44153CABF07303FD6E55E44.mft (raw, json) Hash identifier: EjT/YmxtV2+KiOzxuJ4IVRQItb/5Msqvy+Wn1eONZ8s= Subject key identifier: 7A:AE:BB:FE:5C:4F:97:BF:CA:BA:90:C9:FD:4C:7C:B0:87:DE:D5:41 Authority key identifier: 2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 Certificate issuer: /CN=2D18956397FA6055A44153CABF07303FD6E55E44 Certificate serial: 53E63833818D8FDB1042F9864F45928DC9F731CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft Manifest number: 0568 Signing time: Sat 21 Mar 2026 15:02:23 +0000 Manifest this update: Sat 21 Mar 2026 14:57:23 +0000 Manifest next update: Wed 25 Mar 2026 00:45:23 +0000 Files and hashes: 1: 3130332e3135352e3230302e302f32332d3233203d3e20313431303733.roa (hash: tLzip6pluW4kS8q/xNkX5NOxfLZpZ4mdvSRQjE8Ako0=) 2: 3130332e3135352e3230302e302f32332d3234203d3e20313431303733.roa (hash: 9xklfE4ToaNUXHfz0ScOS9CrgCGo8s6jfw/9Yuz7c2I=) 3: 323430363a373734303a3a2f33322d3332203d3e20313431303733.roa (hash: BilMX6PAfP77Q5Ze/r2bseAvAFYgHI4D9c4hoNAPY/0=) 4: 2D18956397FA6055A44153CABF07303FD6E55E44.crl (hash: eZwNwaIiW39PKlyjOcpQjOx/0u8T4icCc8trzBAmXj4=) 5: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (hash: L3wXXsnBA+OZbTlcmfk9tvtnuCN6qKltUcu107Tb7ZI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Mar 2026 00:45:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:e6:38:33:81:8d:8f:db:10:42:f9:86:4f:45:92:8d:c9:f7:31:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D18956397FA6055A44153CABF07303FD6E55E44 Validity Not Before: Mar 21 14:57:23 2026 GMT Not After : Mar 25 00:45:23 2026 GMT Subject: CN=7AAEBBFE5C4F97BFCABA90C9FD4C7CB087DED541 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:44:c7:e0:c6:3b:b8:96:ce:65:4a:62:02:6c: 2c:f5:9e:66:f7:fe:74:6f:3e:b5:42:9a:6d:5e:52: 5e:88:26:03:77:59:e0:42:b7:c7:f6:18:0c:1f:56: 80:f9:58:f7:67:72:b4:14:86:a5:9d:0e:b6:72:8d: d0:66:de:01:ea:dc:2a:e2:e9:85:c8:e6:49:4d:33: 73:1b:a9:6c:69:03:fa:31:af:1b:93:a3:a3:44:87: 88:de:bc:52:0a:f4:59:8c:ba:e8:e8:c1:3e:f8:12: 9c:cb:aa:5e:64:96:ef:9b:59:bb:99:fc:c8:5a:83: 0b:12:8c:7e:ee:11:e8:0f:d9:45:9c:db:1a:04:32: b6:ef:3d:85:ab:99:6b:9b:fa:af:52:d2:61:41:1a: f9:3b:12:2b:b6:4b:99:94:01:4a:89:0c:7e:ec:14: a3:5d:25:10:e4:30:95:af:f6:71:ef:b3:79:78:bd: f3:0b:dd:92:4d:60:2b:89:1c:66:68:84:f2:2b:58: 20:be:08:22:f4:b3:d9:e3:8f:c5:62:00:13:bd:8c: b0:9c:39:16:88:42:cb:2f:81:13:74:19:26:80:69: 9a:12:31:c0:23:9f:22:b3:7d:56:ab:c0:15:36:77: c9:ca:3f:00:de:82:9a:ea:c1:b6:d1:d6:73:7e:8c: 1a:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:AE:BB:FE:5C:4F:97:BF:CA:BA:90:C9:FD:4C:7C:B0:87:DE:D5:41 X509v3 Authority Key Identifier: keyid:2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:2a:64:6a:9d:d9:ba:32:37:10:4f:4b:f7:2b:0c:da:45:d5: 8e:9b:f3:0d:b5:55:1a:3c:0b:c6:7e:20:37:2b:23:f9:d7:e7: 64:e6:8d:e8:65:c3:4e:e3:ad:dd:84:b0:d1:64:9e:1a:e0:f4: d3:70:38:fe:8b:5f:c3:e1:7f:16:0f:be:0b:de:3b:58:f8:f4: 39:8b:f2:52:d5:45:1d:45:ef:f9:da:f5:d1:50:07:d4:07:cd: e3:47:95:06:3b:5f:ed:4a:6f:67:77:42:6b:f0:27:2e:0a:c2: 21:d6:3d:d1:a1:4d:e4:94:b4:56:98:e3:dd:9f:19:19:b1:77: 42:93:f1:c6:63:6e:04:52:73:88:0c:e0:45:5d:e4:20:54:85: 70:40:bb:48:0d:ad:d1:60:c4:4a:e2:cd:d2:c8:22:99:cc:f5: 9c:31:bc:64:6c:bc:c9:c3:09:94:19:78:92:3a:42:d2:9f:c7: 61:84:3e:bc:27:02:00:f1:24:15:f8:ad:69:67:c6:e0:57:07: 7c:d9:0c:d5:bc:c4:72:f7:9c:84:8f:e9:e1:5d:ec:c0:b2:0d: b6:a5:4d:50:1f:e4:a3:aa:4b:1d:67:10:c9:cf:b5:e2:54:f6: 25:15:29:0e:80:b7:39:46:c0:11:f8:b8:e6:6d:e3:74:4e:04: 91:54:3b:1c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUU+Y4M4GNj9sQQvmGT0WSjcn3Mc8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZE NkU1NUU0NDAeFw0yNjAzMjExNDU3MjNaFw0yNjAzMjUwMDQ1MjNaMDMxMTAvBgNV BAMTKDdBQUVCQkZFNUM0Rjk3QkZDQUJBOTBDOUZENEM3Q0IwODdERUQ1NDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4RMfgxju4ls5lSmICbCz1nmb3 /nRvPrVCmm1eUl6IJgN3WeBCt8f2GAwfVoD5WPdncrQUhqWdDrZyjdBm3gHq3Cri 6YXI5klNM3MbqWxpA/oxrxuTo6NEh4jevFIK9FmMuujowT74EpzLql5klu+bWbuZ /MhagwsSjH7uEegP2UWc2xoEMrbvPYWrmWub+q9S0mFBGvk7Eiu2S5mUAUqJDH7s FKNdJRDkMJWv9nHvs3l4vfML3ZJNYCuJHGZohPIrWCC+CCL0s9njj8ViABO9jLCc ORaIQssvgRN0GSaAaZoSMcAjnyKzfVarwBU2d8nKPwDegprqwbbR1nN+jBrfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUeq67/lxPl7/KupDJ/Ux8sIfe1UEwHwYDVR0j BBgwFoAULRiVY5f6YFWkQVPKvwcwP9blXkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ODU4Zjg1Yy1hNDU4LTRhNTgtYmJkZS00YmZiMzQzZGM0YjAvMC8yRDE4OTU2Mzk3 RkE2MDU1QTQ0MTUzQ0FCRjA3MzAzRkQ2RTU1RTQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZENkU1 NUU0NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDg1OGY4NWMtYTQ1OC00YTU4LWJi ZGUtNGJmYjM0M2RjNGIwLzAvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMw M0ZENkU1NUU0NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACkqZGqd2boyNxBPS/crDNpF1Y6b8w21VRo8 C8Z+IDcrI/nX52Tmjehlw07jrd2EsNFknhrg9NNwOP6LX8PhfxYPvgveO1j49DmL 8lLVRR1F7/na9dFQB9QHzeNHlQY7X+1Kb2d3QmvwJy4KwiHWPdGhTeSUtFaY492f GRmxd0KT8cZjbgRSc4gM4EVd5CBUhXBAu0gNrdFgxErizdLIIpnM9ZwxvGRsvMnD CZQZeJI6QtKfx2GEPrwnAgDxJBX4rWlnxuBXB3zZDNW8xHL3nISP6eFd7MCyDbal TVAf5KOqSx1nEMnPteJU9iUVKQ6AtzlGwBH4uOZt43ROBJFUOxw= -----END CERTIFICATE-----Generated at Mon Mar 23 04:14:27 2026 by rpki-client