$ rpki-client -vvf repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft File: 40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft (raw, json) Hash identifier: Nd3nvE6oSHiLxxzVMnoGheHfJHTfmtecWLLHyRAGiqM= Subject key identifier: A2:68:85:8F:68:65:2C:A6:66:53:B1:E1:9C:31:56:56:B7:40:FB:73 Authority key identifier: 40:94:9C:7C:9D:D0:D3:F8:99:68:1F:F2:EB:53:E4:9C:8F:85:2B:AA Certificate issuer: /CN=40949C7C9DD0D3F899681FF2EB53E49C8F852BAA Certificate serial: 223540DE24FE1A1492C406FFD72DF9EE9805C162 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft Manifest number: 0120 Signing time: Fri 06 Mar 2026 12:42:13 +0000 Manifest this update: Fri 06 Mar 2026 12:37:13 +0000 Manifest next update: Mon 09 Mar 2026 14:41:13 +0000 Files and hashes: 1: 3135372e36362e302e302f32332d3234203d3e20313430343737.roa (hash: VPuK+1+6ePV1CKusC5qXhYaOQr6/W2sAl7gu8K+R3ug=) 2: 40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl (hash: O21+iW7K9kqqA5uEajsCC34Ktn3adbe4nkirq/qgPJE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 08:48:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:35:40:de:24:fe:1a:14:92:c4:06:ff:d7:2d:f9:ee:98:05:c1:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40949C7C9DD0D3F899681FF2EB53E49C8F852BAA Validity Not Before: Mar 6 12:37:13 2026 GMT Not After : Mar 9 14:41:13 2026 GMT Subject: CN=A268858F68652CA66653B1E19C315656B740FB73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:98:71:62:af:71:d7:96:d9:bc:3b:28:4f:55: e2:ae:db:1e:df:f3:00:d0:49:8e:be:4e:4a:76:ea: 62:e8:b0:2f:fd:b6:ee:7e:0e:77:f7:56:46:09:04: af:fa:0a:14:80:21:d9:41:5e:84:74:d1:8c:ad:cf: cb:fc:a2:0a:68:fa:82:c1:a8:a9:28:53:0f:87:dc: a3:2b:f5:8e:c9:38:e0:0a:3f:0f:91:5e:d2:e4:c2: 50:72:48:73:0e:a7:fd:68:61:e8:79:56:17:fe:ca: 3d:68:c6:dc:3f:65:6a:a0:b6:0e:a5:2b:fc:9f:a5: 48:25:87:33:54:72:0e:0e:28:7c:1a:f5:85:4d:62: e4:9b:b9:9e:e3:3f:53:8b:ce:5a:a7:07:43:fe:e7: 37:5b:0d:55:74:2b:fc:71:86:fc:0a:ed:ce:39:54: 71:e5:ea:68:81:69:0b:dc:3d:c7:d7:e9:00:55:61: e9:7a:c1:12:52:f7:9b:43:83:bc:08:42:29:a6:9b: 96:43:42:77:8b:05:5e:7c:92:ff:ef:20:5a:29:e8: dd:cc:bc:09:59:62:c1:c1:6e:7a:b8:e3:0a:da:db: 1d:1c:82:34:78:4f:05:e3:0b:d0:f4:35:94:cd:73: 00:bc:4e:5d:76:85:5c:a8:1a:dd:c8:55:aa:c5:54: 28:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:68:85:8F:68:65:2C:A6:66:53:B1:E1:9C:31:56:56:B7:40:FB:73 X509v3 Authority Key Identifier: keyid:40:94:9C:7C:9D:D0:D3:F8:99:68:1F:F2:EB:53:E4:9C:8F:85:2B:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:56:71:91:44:62:df:46:0e:b0:85:af:7b:7f:9c:03:02:0a: e0:4f:59:ea:8f:18:ab:e1:6b:7e:4d:ac:05:3e:d1:83:9f:9c: 61:72:8f:98:58:45:6c:dd:f1:33:0c:6d:c1:ea:c8:eb:51:be: 15:95:e1:7b:ca:b8:f7:1a:79:42:0c:61:ab:04:05:2c:57:54: 1a:99:e2:0f:6e:aa:30:55:19:d4:ea:ff:63:16:1e:d0:d3:52: db:1f:c3:dc:8f:89:ab:3e:b1:35:fa:40:67:81:15:3d:6a:9b: 0a:7c:8a:76:30:2b:18:a8:ef:f2:e1:5d:57:80:d1:9c:e8:ab: 32:c9:ac:ab:1d:7c:01:a0:d9:34:49:58:72:3e:31:a3:6c:94: 23:1a:3c:d1:24:08:e6:e7:12:c7:8f:48:5e:ce:0e:f2:9d:7a: ef:0f:42:c7:c1:81:65:47:2a:ce:02:03:03:33:7a:3a:f0:38: d1:0b:e3:c6:e8:81:f5:f2:18:37:97:be:26:7c:48:f3:f3:85: d3:95:92:78:cb:d2:b2:9e:45:8c:8a:dd:ff:64:7c:6c:3a:05: 45:37:ab:fa:d3:6e:97:82:77:b9:7b:a3:35:9f:9e:20:df:61: 87:81:9c:fc:6d:6b:af:31:83:c1:a2:79:eb:c3:b8:72:93:8f: e0:42:2d:b5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIjVA3iT+GhSSxAb/1y357pgFwWIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0OUM4 Rjg1MkJBQTAeFw0yNjAzMDYxMjM3MTNaFw0yNjAzMDkxNDQxMTNaMDMxMTAvBgNV BAMTKEEyNjg4NThGNjg2NTJDQTY2NjUzQjFFMTlDMzE1NjU2Qjc0MEZCNzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAmHFir3HXltm8OyhPVeKu2x7f 8wDQSY6+Tkp26mLosC/9tu5+Dnf3VkYJBK/6ChSAIdlBXoR00Yytz8v8ogpo+oLB qKkoUw+H3KMr9Y7JOOAKPw+RXtLkwlBySHMOp/1oYeh5Vhf+yj1oxtw/ZWqgtg6l K/yfpUglhzNUcg4OKHwa9YVNYuSbuZ7jP1OLzlqnB0P+5zdbDVV0K/xxhvwK7c45 VHHl6miBaQvcPcfX6QBVYel6wRJS95tDg7wIQimmm5ZDQneLBV58kv/vIFop6N3M vAlZYsHBbnq44wra2x0cgjR4TwXjC9D0NZTNcwC8Tl12hVyoGt3IVarFVCgLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUomiFj2hlLKZmU7HhnDFWVrdA+3MwHwYDVR0j BBgwFoAUQJScfJ3Q0/iZaB/y61PknI+FK6owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 OWRhZTk3Zi0xYWQxLTRiMzQtOGZlOS0xYmM2NWIwOTA4ZjMvMC80MDk0OUM3QzlE RDBEM0Y4OTk2ODFGRjJFQjUzRTQ5QzhGODUyQkFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0OUM4Rjg1 MkJBQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODlkYWU5N2YtMWFkMS00YjM0LThm ZTktMWJjNjViMDkwOGYzLzAvNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0 OUM4Rjg1MkJBQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHxWcZFEYt9GDrCFr3t/nAMCCuBPWeqPGKvh a35NrAU+0YOfnGFyj5hYRWzd8TMMbcHqyOtRvhWV4XvKuPcaeUIMYasEBSxXVBqZ 4g9uqjBVGdTq/2MWHtDTUtsfw9yPias+sTX6QGeBFT1qmwp8inYwKxio7/LhXVeA 0ZzoqzLJrKsdfAGg2TRJWHI+MaNslCMaPNEkCObnEsePSF7ODvKdeu8PQsfBgWVH Ks4CAwMzejrwONEL48bogfXyGDeXviZ8SPPzhdOVknjL0rKeRYyK3f9kfGw6BUU3 q/rTbpeCd7l7ozWfniDfYYeBnPxta68xg8GieevDuHKTj+BCLbU= -----END CERTIFICATE-----Generated at Sat Mar 7 17:52:29 2026 by rpki-client