$ rpki-client -vvf repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/20B00D67B048DAE581FE60A498995A27878149A7.mft File: 20B00D67B048DAE581FE60A498995A27878149A7.mft (raw, json) Hash identifier: mHI188QlD9Bz7BVrlR8wVrezv/BREOGQyfcrdZdACrI= Subject key identifier: D1:0A:CE:F9:1F:6C:7C:2B:94:EF:37:EB:D6:8E:6C:59:8B:88:83:BE Authority key identifier: 20:B0:0D:67:B0:48:DA:E5:81:FE:60:A4:98:99:5A:27:87:81:49:A7 Certificate issuer: /CN=20B00D67B048DAE581FE60A498995A27878149A7 Certificate serial: 3AFFA52A4C320D3406794779A4286FF029152AA5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B00D67B048DAE581FE60A498995A27878149A7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/20B00D67B048DAE581FE60A498995A27878149A7.mft Manifest number: 0217 Signing time: Thu 19 Mar 2026 20:31:13 +0000 Manifest this update: Thu 19 Mar 2026 20:26:13 +0000 Manifest next update: Mon 23 Mar 2026 07:22:13 +0000 Files and hashes: 1: 323430313a383234303a3a2f33322d3438203d3e203338373834.roa (hash: G8PV7882jIzL7DpesLHcinlC2gFpMWki9wF55ivTArc=) 2: 323430313a383234303a3a2f33322d3438203d3e203233393438.roa (hash: G1GO2xkJddb3+Y/gyc1CuMPONDsxmL8d7VQhnKS/oUM=) 3: 20B00D67B048DAE581FE60A498995A27878149A7.crl (hash: c3OeOSPEGgkfmTWewiggExVE4Vq//BhQUyc4Nx6Ptm4=) 4: 3230322e37352e31362e302f32302d3234203d3e203338373834.roa (hash: lK1vUk86W1WWvANWItOKCTii7JITy4ro2D+rSQqdjDY=) 5: 3230322e37352e31362e302f32302d3234203d3e203233393438.roa (hash: 9Zia9o6pZwHOK52NvyDCb/uiHgQl9tsHUexz827si5o=) 6: 3230322e37352e32382e302f32332d3234203d3e20313338383731.roa (hash: gpotogkgRPqhq+iXjlc72dawBwQqgtK3y2i6zL2CYVg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/20B00D67B048DAE581FE60A498995A27878149A7.crl rsync://repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/20B00D67B048DAE581FE60A498995A27878149A7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B00D67B048DAE581FE60A498995A27878149A7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Mar 2026 07:22:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:ff:a5:2a:4c:32:0d:34:06:79:47:79:a4:28:6f:f0:29:15:2a:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20B00D67B048DAE581FE60A498995A27878149A7 Validity Not Before: Mar 19 20:26:13 2026 GMT Not After : Mar 23 07:22:13 2026 GMT Subject: CN=D10ACEF91F6C7C2B94EF37EBD68E6C598B8883BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:3d:48:7a:9a:3d:89:32:18:3b:f8:80:da:9c: 53:39:c0:e7:9c:1d:8e:bc:0e:e0:8d:69:84:3d:f9: d6:9e:cb:b0:d0:67:6a:f7:c3:ae:e7:32:03:8a:e4: f1:e0:ed:8e:ef:55:5d:35:89:31:b1:f1:56:ec:3a: d7:a9:af:b4:ac:70:2a:d6:ab:c3:f4:ba:4b:a9:c3: 78:27:1a:a6:9e:d3:09:c6:60:6c:37:64:ba:ce:2b: 0b:ad:8e:c7:d9:d1:65:9f:96:72:47:9d:15:a6:4b: 8e:86:1a:77:a6:c6:c5:5d:ab:2b:8d:00:7b:6f:43: c9:35:b4:a2:96:56:12:9b:39:16:bf:3a:9b:7b:e0: 29:7d:cd:93:ef:f8:b0:7d:f7:f0:1f:8d:12:c0:d9: 25:3a:48:dd:41:9b:3b:4d:e1:4c:9c:e2:6a:12:e2: 1d:08:6d:03:f3:5f:9d:78:56:4d:09:d9:ff:f4:fd: 43:26:b1:b8:6a:9d:c3:78:ac:06:47:89:58:40:c1: cc:23:ce:15:88:75:55:2a:24:d1:ab:88:fa:87:76: 57:36:5b:53:07:cc:19:35:e2:72:a6:26:e5:fe:3b: 44:58:e6:30:d2:d0:22:f8:ce:ee:55:7e:2b:89:40: 80:f9:df:3a:db:03:ef:2f:4e:0d:34:51:32:33:c2: 4f:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:0A:CE:F9:1F:6C:7C:2B:94:EF:37:EB:D6:8E:6C:59:8B:88:83:BE X509v3 Authority Key Identifier: keyid:20:B0:0D:67:B0:48:DA:E5:81:FE:60:A4:98:99:5A:27:87:81:49:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/20B00D67B048DAE581FE60A498995A27878149A7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B00D67B048DAE581FE60A498995A27878149A7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/20B00D67B048DAE581FE60A498995A27878149A7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:77:64:bb:da:98:c9:9e:b1:43:cd:7a:03:ba:79:bc:10:03: a6:f8:fd:9b:31:39:e8:93:9f:84:8d:30:c3:8d:63:83:25:f3: f4:59:92:fe:51:ab:94:54:75:2a:8c:1a:2c:1e:d4:4a:06:61: b0:bc:d2:81:c5:82:4a:c1:86:7c:84:16:88:99:32:79:a3:f7: fb:10:2a:84:d7:c1:45:e0:13:a0:66:05:bf:1f:35:da:fb:fc: 63:60:96:b3:da:2a:58:c4:e4:35:c6:78:a0:a2:99:00:60:16: f0:e1:2e:9c:7a:f1:c5:c5:3c:c5:9e:56:fb:bb:41:be:b6:fe: ca:2c:50:06:bd:b4:7b:13:87:cf:3a:63:c0:ab:c4:21:cd:bb: 11:77:d3:44:e7:77:b0:6b:64:61:11:d7:de:db:1f:43:37:b4: 93:58:99:3e:d5:3f:95:84:52:3b:0e:2c:58:71:2b:58:e5:fa: d1:04:f0:f1:7e:eb:44:4c:4e:96:5a:a1:32:36:0e:ec:8a:a3: 55:2c:9b:12:02:bf:a6:c5:ac:53:1d:f9:f8:9a:21:38:76:09: 03:a5:27:d1:d5:d8:57:7f:3f:78:55:13:99:2b:36:c9:e1:fa: 40:a0:8c:28:6d:bd:cb:74:5c:a5:ad:ca:ea:9c:33:70:4d:bc: 48:33:7b:d4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOv+lKkwyDTQGeUd5pChv8CkVKqUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBCMDBENjdCMDQ4REFFNTgxRkU2MEE0OTg5OTVBMjc4 NzgxNDlBNzAeFw0yNjAzMTkyMDI2MTNaFw0yNjAzMjMwNzIyMTNaMDMxMTAvBgNV BAMTKEQxMEFDRUY5MUY2QzdDMkI5NEVGMzdFQkQ2OEU2QzU5OEI4ODgzQkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEPUh6mj2JMhg7+IDanFM5wOec HY68DuCNaYQ9+daey7DQZ2r3w67nMgOK5PHg7Y7vVV01iTGx8VbsOtepr7SscCrW q8P0ukupw3gnGqae0wnGYGw3ZLrOKwutjsfZ0WWflnJHnRWmS46GGnemxsVdqyuN AHtvQ8k1tKKWVhKbORa/Opt74Cl9zZPv+LB99/AfjRLA2SU6SN1BmztN4Uyc4moS 4h0IbQPzX514Vk0J2f/0/UMmsbhqncN4rAZHiVhAwcwjzhWIdVUqJNGriPqHdlc2 W1MHzBk14nKmJuX+O0RY5jDS0CL4zu5VfiuJQID53zrbA+8vTg00UTIzwk81AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0QrO+R9sfCuU7zfr1o5sWYuIg74wHwYDVR0j BBgwFoAUILANZ7BI2uWB/mCkmJlaJ4eBSacwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j NDU0NzEwNC05MzllLTQwZTMtOGZjOC00MjUyMjY0MjA0NGIvMC8yMEIwMEQ2N0Iw NDhEQUU1ODFGRTYwQTQ5ODk5NUEyNzg3ODE0OUE3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBCMDBENjdCMDQ4REFFNTgxRkU2MEE0OTg5OTVBMjc4Nzgx NDlBNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYzQ1NDcxMDQtOTM5ZS00MGUzLThm YzgtNDI1MjI2NDIwNDRiLzAvMjBCMDBENjdCMDQ4REFFNTgxRkU2MEE0OTg5OTVB Mjc4NzgxNDlBNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAZ3ZLvamMmesUPNegO6ebwQA6b4/ZsxOeiT n4SNMMONY4Ml8/RZkv5Rq5RUdSqMGiwe1EoGYbC80oHFgkrBhnyEFoiZMnmj9/sQ KoTXwUXgE6BmBb8fNdr7/GNglrPaKljE5DXGeKCimQBgFvDhLpx68cXFPMWeVvu7 Qb62/sosUAa9tHsTh886Y8CrxCHNuxF300Tnd7BrZGER197bH0M3tJNYmT7VP5WE UjsOLFhxK1jl+tEE8PF+60RMTpZaoTI2DuyKo1UsmxICv6bFrFMd+fiaITh2CQOl J9HV2Fd/P3hVE5krNsnh+kCgjChtvct0XKWtyuqcM3BNvEgze9Q= -----END CERTIFICATE-----Generated at Sun Mar 22 02:14:26 2026 by rpki-client