$ rpki-client -vvf repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft File: D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft (raw, json) Hash identifier: sRVHeKPycXmKN0Zb8B7RHLZnf33c278DrJpQjhdjs3E= Subject key identifier: AA:5E:BA:DA:BF:41:7F:FB:B1:76:B3:6F:34:78:7C:46:2A:98:E7:34 Authority key identifier: D9:D0:73:0D:B5:12:95:FE:C5:BD:48:0C:DD:42:B5:E8:51:7C:8F:DB Certificate issuer: /CN=D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB Certificate serial: 6392B24FE2A343E430C8C8AB62A4B22DEA85E585 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft Manifest number: 0285 Signing time: Sat 07 Mar 2026 13:12:10 +0000 Manifest this update: Sat 07 Mar 2026 13:07:10 +0000 Manifest next update: Tue 10 Mar 2026 22:28:10 +0000 Files and hashes: 1: D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl (hash: AE4JbQF7lrW7PwNfrs6F3/hPgw0T5D31I++lOXQ1TSs=) 2: 3130332e3138332e3235302e302f32332d3234203d3e2034383030.roa (hash: pN4ghT04j5zTe3lEB7yWGrreTGcCSMxjpmVgBxWJn+Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 22:43:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:92:b2:4f:e2:a3:43:e4:30:c8:c8:ab:62:a4:b2:2d:ea:85:e5:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB Validity Not Before: Mar 7 13:07:10 2026 GMT Not After : Mar 10 22:28:10 2026 GMT Subject: CN=AA5EBADABF417FFBB176B36F34787C462A98E734 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3e:97:6e:86:65:bc:4d:6a:ce:d3:fb:67:e1: 40:6c:5a:f5:e9:ec:9c:db:c8:a0:ae:b0:fe:87:df: ba:18:72:d8:d0:dd:a1:85:4c:30:f0:27:51:71:ea: c9:51:45:40:b4:93:d3:2a:bf:8e:e5:3d:cb:2b:88: 8d:d4:c0:ba:be:6a:4b:fb:02:2d:4c:dd:fe:1a:dd: 23:07:52:1b:d2:27:37:73:13:e3:44:48:a2:7e:fe: fe:36:e8:5d:f3:7a:39:4d:7e:01:f9:e0:be:51:a9: f7:2b:62:3e:b1:0a:5f:e7:ef:46:30:88:de:0d:f1: b5:50:22:8d:a5:ad:fa:0e:e2:54:82:a7:89:94:b1: 46:1f:5e:97:e2:6e:18:4f:b8:f0:fa:d8:78:bb:74: 1e:d2:91:2f:ae:de:87:c1:6a:a7:da:31:f6:b6:f6: 68:53:fa:6b:fd:13:ad:87:40:87:5f:f9:36:69:27: 9a:0a:fe:61:69:b3:72:1a:64:0c:68:33:0e:87:b0: f3:f7:d3:43:52:0d:34:cb:52:bb:fb:ed:19:6d:24: b2:ca:e3:ef:ae:6e:ed:7f:de:2d:25:a4:7c:1b:03: e3:8d:f1:56:81:e4:5c:74:8f:f5:d4:22:49:a4:f7: 47:ff:3c:0f:ac:5d:b9:ab:35:74:36:6b:f0:c6:3b: 54:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:5E:BA:DA:BF:41:7F:FB:B1:76:B3:6F:34:78:7C:46:2A:98:E7:34 X509v3 Authority Key Identifier: keyid:D9:D0:73:0D:B5:12:95:FE:C5:BD:48:0C:DD:42:B5:E8:51:7C:8F:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:c8:33:ad:e8:31:af:ef:88:7e:6b:37:f7:02:3c:32:20:4d: a3:48:8a:74:8c:a4:c8:f4:17:50:76:93:8c:a3:81:3a:eb:2e: d4:7a:32:a3:17:17:4d:fc:f9:bf:ad:46:6e:43:47:b9:a2:a9: 38:5e:9e:c2:40:e1:5d:ab:c9:41:35:82:05:06:16:6e:e8:c9: 9e:4d:6b:ce:de:87:1b:cd:c8:e2:f3:b2:29:88:24:d6:36:2c: da:6b:64:b4:2e:d0:9a:20:d2:55:c9:2c:57:37:ad:c4:d7:b7: 94:78:c7:48:c9:08:56:3b:09:f3:5f:f7:6e:51:87:75:7f:b2: 0b:05:b0:2b:14:ca:5e:6c:ac:ed:f8:38:89:9b:11:07:e3:86: 3f:bc:e8:7f:10:5d:fb:0f:40:4a:45:5e:9f:ce:dc:ed:88:5a: 12:b8:3b:87:14:a2:8f:95:56:dc:ab:3f:26:3c:7a:ff:3b:ec: 62:4b:da:e5:d7:ca:f3:c0:e7:9e:57:0f:9c:6d:66:d4:c2:da: e3:8d:4f:b7:a2:60:aa:81:e7:21:60:02:a5:38:30:1c:8a:0d: 77:75:87:75:c2:56:ae:a1:62:0c:7b:ac:36:93:4c:d7:9b:49: e5:8d:14:16:8f:e3:82:33:39:df:9e:f2:ef:78:0f:ba:01:0d: 19:24:e4:c2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUY5KyT+KjQ+QwyMirYqSyLeqF5YUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1RTg1 MTdDOEZEQjAeFw0yNjAzMDcxMzA3MTBaFw0yNjAzMTAyMjI4MTBaMDMxMTAvBgNV BAMTKEFBNUVCQURBQkY0MTdGRkJCMTc2QjM2RjM0Nzg3QzQ2MkE5OEU3MzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGPpduhmW8TWrO0/tn4UBsWvXp 7JzbyKCusP6H37oYctjQ3aGFTDDwJ1Fx6slRRUC0k9Mqv47lPcsriI3UwLq+akv7 Ai1M3f4a3SMHUhvSJzdzE+NESKJ+/v426F3zejlNfgH54L5RqfcrYj6xCl/n70Yw iN4N8bVQIo2lrfoO4lSCp4mUsUYfXpfibhhPuPD62Hi7dB7SkS+u3ofBaqfaMfa2 9mhT+mv9E62HQIdf+TZpJ5oK/mFps3IaZAxoMw6HsPP300NSDTTLUrv77RltJLLK 4++ubu1/3i0lpHwbA+ON8VaB5Fx0j/XUIkmk90f/PA+sXbmrNXQ2a/DGO1QNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUql662r9Bf/uxdrNvNHh8RiqY5zQwHwYDVR0j BBgwFoAU2dBzDbUSlf7FvUgM3UK16FF8j9swDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YWUyYjhiMy1kZWM4LTQxY2YtYTE2ZC1lMTE3MTU2MWQ3MjUvMC9EOUQwNzMwREI1 MTI5NUZFQzVCRDQ4MENERDQyQjVFODUxN0M4RkRCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1RTg1MTdD OEZEQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWFlMmI4YjMtZGVjOC00MWNmLWEx NmQtZTExNzE1NjFkNzI1LzAvRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1 RTg1MTdDOEZEQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAInIM63oMa/viH5rN/cCPDIgTaNIinSMpMj0 F1B2k4yjgTrrLtR6MqMXF038+b+tRm5DR7miqThensJA4V2ryUE1ggUGFm7oyZ5N a87ehxvNyOLzsimIJNY2LNprZLQu0Jog0lXJLFc3rcTXt5R4x0jJCFY7CfNf925R h3V/sgsFsCsUyl5srO34OImbEQfjhj+86H8QXfsPQEpFXp/O3O2IWhK4O4cUoo+V VtyrPyY8ev877GJL2uXXyvPA555XD5xtZtTC2uONT7eiYKqB5yFgAqU4MByKDXd1 h3XCVq6hYgx7rDaTTNebSeWNFBaP44IzOd+e8u94D7oBDRkk5MI= -----END CERTIFICATE-----Generated at Sat Mar 7 21:09:46 2026 by rpki-client