$ rpki-client -vvf repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft File: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft (raw, json) Hash identifier: uATKxwHn7vCQesBQ1wPIETPvrB+NAxsi79D6I2bRZQU= Subject key identifier: 10:46:44:E3:68:A0:D3:7E:7B:DB:52:4E:FA:11:35:E1:E4:21:68:23 Authority key identifier: 28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC Certificate issuer: /CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Certificate serial: 596858A0CFB8999B14AFDCCB6959D459CDE16487 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft Manifest number: D0 Signing time: Fri 20 Mar 2026 01:22:19 +0000 Manifest this update: Fri 20 Mar 2026 01:17:19 +0000 Manifest next update: Mon 23 Mar 2026 12:27:19 +0000 Files and hashes: 1: 3130332e3135352e3139312e302f32342d3234203d3e20313431303637.roa (hash: HqTyhMmIQNWyd9Uu39hBDh2ymSKez80mYyj1XdusXb0=) 2: 3130332e3135352e3139302e302f32342d3234203d3e20313431303637.roa (hash: 4k5l0oKGlgrseypJOAcgbZ3voSGQS5pK7FIolyad81E=) 3: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl (hash: mNN7R2wjKB3OoGw5TGNmJ/hxoWlUAS7i+Iu46lgstm0=) 4: 323430363a373534303a3a2f33322d3332203d3e20313431303637.roa (hash: tGZJC6gHp+rBRUU+fviXr/Qmv6Fq3jy2euNYPnmiMt4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Mar 2026 12:27:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:68:58:a0:cf:b8:99:9b:14:af:dc:cb:69:59:d4:59:cd:e1:64:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Validity Not Before: Mar 20 01:17:19 2026 GMT Not After : Mar 23 12:27:19 2026 GMT Subject: CN=104644E368A0D37E7BDB524EFA1135E1E4216823 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:09:a4:b9:21:ae:e9:0a:11:26:f2:77:2c:16: 7b:13:f1:f1:46:bb:8e:17:33:b7:9a:34:39:75:ef: 92:e2:c3:89:92:34:e0:95:ff:a4:b2:59:e1:c7:49: 06:9e:02:a6:19:1c:2c:ae:15:57:9c:b9:f8:df:a6: 1a:dd:19:e2:69:ce:2d:33:13:27:c9:ca:d7:b5:56: 58:46:c1:a5:ea:87:6f:17:9b:f2:4a:7b:bc:1c:5c: 20:51:13:aa:b4:be:a7:f0:6c:ff:85:f2:65:f5:bd: 98:b7:7a:e3:a9:16:d9:de:a9:a8:49:4a:20:35:0b: bb:68:2c:dc:18:99:3f:8a:e8:8b:1e:e2:fc:b0:11: b9:dc:af:0d:e9:7e:2a:c2:d3:4d:47:62:ae:a9:3f: e5:f3:ba:61:6c:f3:4d:34:a3:87:41:fc:89:0a:34: 49:ac:f7:43:59:69:50:8f:0f:7e:d7:43:28:3e:39: 96:2b:8a:cf:7d:b1:7b:10:ab:e8:e7:8e:f8:d3:0b: de:c6:81:e6:08:1f:66:c2:83:92:4c:82:71:f0:09: 6c:f2:f0:fa:34:45:b8:e8:dd:7f:35:44:e8:af:6b: 68:75:86:8f:38:97:82:c6:dc:dc:68:f4:f1:54:75: b4:e8:e9:fb:15:c0:3b:a4:44:f1:cb:01:97:98:0f: 79:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:46:44:E3:68:A0:D3:7E:7B:DB:52:4E:FA:11:35:E1:E4:21:68:23 X509v3 Authority Key Identifier: keyid:28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:1d:b8:7c:ab:88:40:74:72:1d:f2:70:5b:0e:ba:b8:0c:01: a2:42:24:c9:5d:fb:0f:4a:c1:28:65:3a:3b:a7:81:1b:c5:46: a1:e1:60:e7:ae:8b:55:10:c0:1d:13:6f:85:04:7c:ef:63:f6: 52:f5:ee:4d:c4:0a:7d:d5:19:00:c8:44:91:57:af:3f:f8:a1: 3d:f7:78:51:46:0c:c2:e2:a5:49:f0:38:68:ab:24:93:69:a9: c9:25:a3:d5:68:ac:26:e6:8a:25:8d:81:57:09:d0:03:79:5f: c0:95:2b:6c:75:3b:93:98:f7:3d:5b:80:0e:79:57:47:1b:b0: 1a:36:17:80:cf:ad:58:58:63:11:3e:b4:29:8c:d0:8c:64:38: 71:37:00:13:74:e6:a1:8d:de:3a:a5:0b:3c:72:8f:5b:ea:e3: 4f:64:9d:ed:b3:7a:ac:b9:2d:55:57:6f:60:1e:97:e2:f1:e8: de:5f:93:c6:e3:e0:2d:7f:a6:fa:03:7e:82:5c:04:e5:82:c8: f3:9a:d0:b0:fe:e0:6e:b4:72:a9:d1:8a:f9:a6:9d:4b:92:93: f0:cf:bf:86:a8:f8:d6:db:b1:0d:41:59:3f:ae:17:c7:da:d1: 90:d4:49:83:25:05:d5:b3:f1:ad:c6:82:4a:cb:f9:b5:72:d2: 72:d5:0c:21 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWWhYoM+4mZsUr9zLaVnUWc3hZIcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZD NTdFOUJFQzAeFw0yNjAzMjAwMTE3MTlaFw0yNjAzMjMxMjI3MTlaMDMxMTAvBgNV BAMTKDEwNDY0NEUzNjhBMEQzN0U3QkRCNTI0RUZBMTEzNUUxRTQyMTY4MjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgCaS5Ia7pChEm8ncsFnsT8fFG u44XM7eaNDl175Liw4mSNOCV/6SyWeHHSQaeAqYZHCyuFVecufjfphrdGeJpzi0z EyfJyte1VlhGwaXqh28Xm/JKe7wcXCBRE6q0vqfwbP+F8mX1vZi3euOpFtneqahJ SiA1C7toLNwYmT+K6Ise4vywEbncrw3pfirC001HYq6pP+XzumFs8000o4dB/IkK NEms90NZaVCPD37XQyg+OZYris99sXsQq+jnjvjTC97GgeYIH2bCg5JMgnHwCWzy 8Po0Rbjo3X81ROiva2h1ho84l4LG3Nxo9PFUdbTo6fsVwDukRPHLAZeYD3mRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUEEZE42ig035721JO+hE14eQhaCMwHwYDVR0j BBgwFoAUKLMFxmM2xDOrYBum8LNS5sV+m+wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YjZlOWI1MS1iZDg3LTQ5MDUtOWJmNC1hODQ4YTQ0ZTViYTUvMC8yOEIzMDVDNjYz MzZDNDMzQUI2MDFCQTZGMEIzNTJFNkM1N0U5QkVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZDNTdF OUJFQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGI2ZTliNTEtYmQ4Ny00OTA1LTli ZjQtYTg0OGE0NGU1YmE1LzAvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUy RTZDNTdFOUJFQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJwduHyriEB0ch3ycFsOurgMAaJCJMld+w9K wShlOjungRvFRqHhYOeui1UQwB0Tb4UEfO9j9lL17k3ECn3VGQDIRJFXrz/4oT33 eFFGDMLipUnwOGirJJNpqcklo9VorCbmiiWNgVcJ0AN5X8CVK2x1O5OY9z1bgA55 V0cbsBo2F4DPrVhYYxE+tCmM0IxkOHE3ABN05qGN3jqlCzxyj1vq409kne2zeqy5 LVVXb2Ael+Lx6N5fk8bj4C1/pvoDfoJcBOWCyPOa0LD+4G60cqnRivmmnUuSk/DP v4ao+NbbsQ1BWT+uF8fa0ZDUSYMlBdWz8a3GgkrL+bVy0nLVDCE= -----END CERTIFICATE-----Generated at Sat Mar 21 12:25:54 2026 by rpki-client