$ rpki-client -vvf repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft File: CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft (raw, json) Hash identifier: A24DN4Uj+m86vyfMETo+/3Z/2I0jNh/qcQFzYUShOHI= Subject key identifier: D8:18:68:9F:17:CA:82:09:C4:74:19:BD:1D:6E:A3:6C:E7:42:8D:D9 Authority key identifier: CA:41:DD:E3:59:1D:CF:89:BB:D1:5B:C9:6E:05:BD:C7:32:14:09:9B Certificate issuer: /CN=CA41DDE3591DCF89BBD15BC96E05BDC73214099B Certificate serial: 3FDA4BCECC02FF03B1C0C449BD8572324CE9F009 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft Manifest number: 0564 Signing time: Tue 24 Mar 2026 20:12:05 +0000 Manifest this update: Tue 24 Mar 2026 20:07:05 +0000 Manifest next update: Sat 28 Mar 2026 05:54:05 +0000 Files and hashes: 1: 3130332e36362e38362e302f32342d3234203d3e20313431313037.roa (hash: HELC9mdQ84lzVVvguuZaZieGiyQ03u73Eihy4Pkp6bs=) 2: CA41DDE3591DCF89BBD15BC96E05BDC73214099B.crl (hash: xlvdAZFXE3OAHndOxg1n/VdbT/Dvc7ZJXz/lFk2gvHg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.crl rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 03:28:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:da:4b:ce:cc:02:ff:03:b1:c0:c4:49:bd:85:72:32:4c:e9:f0:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA41DDE3591DCF89BBD15BC96E05BDC73214099B Validity Not Before: Mar 24 20:07:05 2026 GMT Not After : Mar 28 05:54:05 2026 GMT Subject: CN=D818689F17CA8209C47419BD1D6EA36CE7428DD9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2f:80:7d:7a:3a:24:a7:c9:99:ed:8c:40:b7: ce:3c:73:ac:84:a6:56:81:bf:3e:38:87:22:c0:52: c8:fa:b7:a6:f2:17:fb:06:15:14:8f:bb:9a:84:6f: c7:1e:59:b7:40:f1:e2:a8:94:a1:47:5a:23:95:9c: 05:ae:ff:f6:d7:42:21:b5:9f:2f:2a:e2:1e:31:a9: 83:94:9c:88:34:27:aa:2f:46:53:11:ff:a2:24:b2: 2c:8d:3a:8b:e5:74:74:ba:10:70:6b:e3:0f:d2:16: 69:e2:49:46:c3:30:32:fb:4b:a8:71:65:0a:5b:26: 8a:6e:f9:ee:c9:40:57:29:4b:9e:b8:ce:0f:36:dd: 22:81:d6:5e:d5:f3:2c:92:f7:22:d2:58:68:76:7d: 27:24:7f:b5:8c:de:4e:6e:e6:24:91:4a:38:7d:22: c5:4a:69:ad:a1:3d:5e:01:9b:a9:83:c8:99:7e:bd: 89:37:9b:32:86:0a:49:db:59:1b:c0:cd:f9:b5:d2: dc:57:83:dd:e5:0a:de:9a:a5:ad:2a:6c:92:b2:9b: e3:a0:a6:49:c5:a1:d4:ad:5f:5d:e6:30:35:46:25: 1f:3f:9b:21:dc:d1:5a:18:cf:86:33:0d:4f:0f:e3: c4:b1:5e:1c:cd:24:f2:1b:27:15:62:29:fa:cf:d8: 29:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:18:68:9F:17:CA:82:09:C4:74:19:BD:1D:6E:A3:6C:E7:42:8D:D9 X509v3 Authority Key Identifier: keyid:CA:41:DD:E3:59:1D:CF:89:BB:D1:5B:C9:6E:05:BD:C7:32:14:09:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:7b:dd:1f:8e:47:ed:71:5c:c8:24:37:20:04:59:3c:cf:98: 2c:04:b9:55:d4:ea:b0:25:a6:89:ff:8b:a7:59:3b:ba:21:6c: de:d2:39:70:77:0c:d9:38:98:ab:5d:29:c4:ec:11:51:a1:d2: 5f:fa:39:7d:8c:0f:f4:a1:64:06:00:f9:e5:78:6c:d2:98:e7: 18:94:60:b7:7a:c6:e3:3e:91:63:68:e3:15:a7:34:96:0e:ae: f1:9b:20:8a:20:72:50:cf:a5:88:09:2a:30:4c:21:f9:4f:a1: f1:5f:60:3a:77:09:a0:36:30:b2:4d:3d:56:4a:16:6f:1f:c5: c1:42:0d:7f:d1:e2:19:e1:6f:39:33:ae:a8:21:f7:e6:01:97: 18:70:c9:ba:d3:d6:67:4c:79:75:21:dc:9b:92:72:ca:be:d3: 92:d9:4c:50:0b:c4:4c:54:38:00:94:0b:ea:b7:1a:7d:1a:66: 62:c5:ae:dc:f7:6a:d7:6c:d6:f3:b1:c7:22:18:6c:57:6d:0d: 8c:3e:3f:c0:fa:a7:5d:b7:4d:a3:74:b9:d5:16:98:3e:de:70: bc:75:95:52:08:65:c2:75:94:ab:43:84:a5:e1:36:27:8a:7a: d2:59:53:e4:fd:62:23:7c:a7:34:eb:31:d0:45:48:e4:df:4c: b6:5e:8b:b0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUP9pLzswC/wOxwMRJvYVyMkzp8AkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E0MURERTM1OTFEQ0Y4OUJCRDE1QkM5NkUwNUJEQzcz MjE0MDk5QjAeFw0yNjAzMjQyMDA3MDVaFw0yNjAzMjgwNTU0MDVaMDMxMTAvBgNV BAMTKEQ4MTg2ODlGMTdDQTgyMDlDNDc0MTlCRDFENkVBMzZDRTc0MjhERDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCL4B9ejokp8mZ7YxAt848c6yE plaBvz44hyLAUsj6t6byF/sGFRSPu5qEb8ceWbdA8eKolKFHWiOVnAWu//bXQiG1 ny8q4h4xqYOUnIg0J6ovRlMR/6IksiyNOovldHS6EHBr4w/SFmniSUbDMDL7S6hx ZQpbJopu+e7JQFcpS564zg823SKB1l7V8yyS9yLSWGh2fSckf7WM3k5u5iSRSjh9 IsVKaa2hPV4Bm6mDyJl+vYk3mzKGCknbWRvAzfm10txXg93lCt6apa0qbJKym+Og pknFodStX13mMDVGJR8/myHc0VoYz4YzDU8P48SxXhzNJPIbJxViKfrP2CljAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2BhonxfKggnEdBm9HW6jbOdCjdkwHwYDVR0j BBgwFoAUykHd41kdz4m70VvJbgW9xzIUCZswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZmNjMmQ0NC05NDE4LTQwMTMtOTcyMy1hOTc4ZjhiZDhiNmIvMC9DQTQxRERFMzU5 MURDRjg5QkJEMTVCQzk2RTA1QkRDNzMyMTQwOTlCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E0MURERTM1OTFEQ0Y4OUJCRDE1QkM5NkUwNUJEQzczMjE0 MDk5Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGZjYzJkNDQtOTQxOC00MDEzLTk3 MjMtYTk3OGY4YmQ4YjZiLzAvQ0E0MURERTM1OTFEQ0Y4OUJCRDE1QkM5NkUwNUJE QzczMjE0MDk5Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJF73R+OR+1xXMgkNyAEWTzPmCwEuVXU6rAl pon/i6dZO7ohbN7SOXB3DNk4mKtdKcTsEVGh0l/6OX2MD/ShZAYA+eV4bNKY5xiU YLd6xuM+kWNo4xWnNJYOrvGbIIogclDPpYgJKjBMIflPofFfYDp3CaA2MLJNPVZK Fm8fxcFCDX/R4hnhbzkzrqgh9+YBlxhwybrT1mdMeXUh3JuScsq+05LZTFALxExU OACUC+q3Gn0aZmLFrtz3atds1vOxxyIYbFdtDYw+P8D6p123TaN0udUWmD7ecLx1 lVIIZcJ1lKtDhKXhNieKetJZU+T9YiN8pzTrMdBFSOTfTLZei7A= -----END CERTIFICATE-----Generated at Wed Mar 25 04:33:57 2026 by rpki-client