$ rpki-client -vvf repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft File: BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft (raw, json) Hash identifier: Tk1P8RPtbrEzkoUHkl7D2XBd/c8n8Mg+39rBCF9k9Bc= Subject key identifier: D0:7D:FB:05:3C:4C:39:EB:12:1E:58:12:2F:9A:17:A3:67:5A:C7:C1 Authority key identifier: BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A Certificate issuer: /CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Certificate serial: 151AF22AA2A4D410D2D2D067F6F710163A7428CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft Manifest number: 0123 Signing time: Fri 06 Mar 2026 13:01:18 +0000 Manifest this update: Fri 06 Mar 2026 12:56:18 +0000 Manifest next update: Mon 09 Mar 2026 15:19:18 +0000 Files and hashes: 1: 3135372e32302e3137382e302f32332d3233203d3e20313532343138.roa (hash: Gr1mlE+rzWEpOTNh6WPoTj4w/1KCxiBabRIKttXDzDg=) 2: BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl (hash: EWaiV8aVZ6RAY4ZG6nyp0XF3nBa4Lt2fSz86J53ukpU=) 3: 3135372e32302e3137382e302f32342d3234203d3e20313532343138.roa (hash: t349gF8xh8M32UG8Ruer+VIkvNUKNNfdFe/xLjKGLjs=) 4: 3135372e32302e3137392e302f32342d3234203d3e20313532343138.roa (hash: Z2FYRByoR87CHEnziWjFnKQyuENb6OACYT6R1ULlqwE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 08:48:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:1a:f2:2a:a2:a4:d4:10:d2:d2:d0:67:f6:f7:10:16:3a:74:28:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Validity Not Before: Mar 6 12:56:18 2026 GMT Not After : Mar 9 15:19:18 2026 GMT Subject: CN=D07DFB053C4C39EB121E58122F9A17A3675AC7C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:93:fb:9a:4d:16:a5:57:9b:26:f8:18:af:b8: dc:7c:f5:1b:59:de:e2:da:5b:56:c6:be:a3:9b:f5: aa:1c:9a:2c:e3:58:4d:ed:64:9c:e7:32:3c:ca:b3: 4a:9d:0a:62:14:6f:57:c1:aa:65:f0:8c:9d:b7:fc: 86:cf:26:3a:23:6c:87:c3:b6:c9:9c:f8:e6:ba:92: b1:d7:3a:9b:30:0f:b5:80:d5:a1:f5:90:bb:79:26: eb:f9:18:64:53:98:45:32:3f:e5:1e:a5:e9:7e:3a: 71:b8:19:c9:11:de:12:de:e5:90:08:3f:42:29:7c: e1:46:cd:3f:88:46:99:c2:52:8e:a4:16:b1:d0:32: a6:ca:f5:96:35:47:23:c0:55:94:24:6c:6a:fd:26: cb:c7:4f:87:22:13:62:f4:0a:6c:02:e8:21:13:bb: 38:44:42:4e:97:76:96:ec:24:f0:d9:a5:46:70:f6: 29:50:18:67:35:ef:34:39:fb:48:b2:e4:66:e8:e8: c3:41:4c:68:17:ee:1c:41:71:46:5e:84:a3:10:08: c0:d8:a4:f7:88:21:48:88:7a:d2:a5:70:6e:6a:a6: 8e:1c:76:fa:e8:04:d0:6c:ce:31:15:03:6e:ad:52: 9e:8a:bc:5e:03:8e:2c:da:1e:0e:a1:d7:be:e6:79: 82:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:7D:FB:05:3C:4C:39:EB:12:1E:58:12:2F:9A:17:A3:67:5A:C7:C1 X509v3 Authority Key Identifier: keyid:BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:a9:c9:a4:2d:20:ad:ee:f0:06:c1:11:e4:cf:6a:8c:ab:74: 7a:03:41:07:ca:ca:8e:44:d0:e9:ce:04:ce:a8:53:02:f2:ac: d7:29:5f:7c:69:d7:a0:34:cb:16:cb:9b:ac:33:5f:03:cb:ea: b4:08:3c:ca:1c:dc:c8:44:f5:62:12:b1:28:bd:17:ce:5a:a6: d1:86:d1:6d:9f:96:e0:2b:14:97:83:ad:4b:8c:81:11:f3:de: e0:0c:0a:c0:5d:cc:81:98:7e:99:34:4a:be:59:fc:91:14:bf: ad:50:ac:3d:0a:d0:bf:b9:9c:4a:35:a1:af:d4:0f:22:13:21: de:ca:7d:93:4f:11:c9:9d:d1:1b:a5:f5:2d:d6:2d:c3:54:47: b1:df:a9:c1:d1:40:78:6e:d6:05:03:fa:97:3e:13:10:9c:e2: d5:5b:b5:35:80:e2:8b:b7:9b:46:1a:dd:b8:9f:25:3b:a1:b3: 10:98:22:44:de:e9:c3:c2:43:10:42:be:d8:d3:ba:dc:b3:8e: 2e:d2:a5:22:d6:72:f3:af:02:de:48:1b:48:5f:6b:c7:54:b9: b9:46:74:eb:0f:e8:ff:e3:6d:b9:8f:d9:d5:f5:ab:6f:4f:b6: 83:c2:f0:19:ab:09:a9:c3:63:3c:8b:2b:8e:b6:ab:7c:e0:21: 0c:0c:40:95 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFRryKqKk1BDS0tBn9vcQFjp0KM8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYz NjE4MjMxQTAeFw0yNjAzMDYxMjU2MThaFw0yNjAzMDkxNTE5MThaMDMxMTAvBgNV BAMTKEQwN0RGQjA1M0M0QzM5RUIxMjFFNTgxMjJGOUExN0EzNjc1QUM3QzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7k/uaTRalV5sm+BivuNx89RtZ 3uLaW1bGvqOb9aocmizjWE3tZJznMjzKs0qdCmIUb1fBqmXwjJ23/IbPJjojbIfD tsmc+Oa6krHXOpswD7WA1aH1kLt5Juv5GGRTmEUyP+Uepel+OnG4GckR3hLe5ZAI P0IpfOFGzT+IRpnCUo6kFrHQMqbK9ZY1RyPAVZQkbGr9JsvHT4ciE2L0CmwC6CET uzhEQk6XdpbsJPDZpUZw9ilQGGc17zQ5+0iy5Gbo6MNBTGgX7hxBcUZehKMQCMDY pPeIIUiIetKlcG5qpo4cdvroBNBszjEVA26tUp6KvF4DjizaHg6h177meYKHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0H37BTxMOesSHlgSL5oXo2dax8EwHwYDVR0j BBgwFoAUvZt6icheDfZ4b1vVHUt9ljYYIxowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MzYwNjZlOC04ZTE5LTRkZTctOTQ3Yi05NGVlM2NkMDlmODUvMC9CRDlCN0E4OUM4 NUUwREY2Nzg2RjVCRDUxRDRCN0Q5NjM2MTgyMzFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYzNjE4 MjMxQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjM2MDY2ZTgtOGUxOS00ZGU3LTk0 N2ItOTRlZTNjZDA5Zjg1LzAvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdE OTYzNjE4MjMxQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGGpyaQtIK3u8AbBEeTPaoyrdHoDQQfKyo5E 0OnOBM6oUwLyrNcpX3xp16A0yxbLm6wzXwPL6rQIPMoc3MhE9WISsSi9F85aptGG 0W2fluArFJeDrUuMgRHz3uAMCsBdzIGYfpk0Sr5Z/JEUv61QrD0K0L+5nEo1oa/U DyITId7KfZNPEcmd0Rul9S3WLcNUR7HfqcHRQHhu1gUD+pc+ExCc4tVbtTWA4ou3 m0Ya3bifJTuhsxCYIkTe6cPCQxBCvtjTutyzji7SpSLWcvOvAt5IG0hfa8dUublG dOsP6P/jbbmP2dX1q29PtoPC8BmrCanDYzyLK462q3zgIQwMQJU= -----END CERTIFICATE-----Generated at Sat Mar 7 17:50:31 2026 by rpki-client