$ rpki-client -vvf repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft File: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft (raw, json) Hash identifier: GYrgOhc/9AhC4ZDyW97gr1xzTd8FDo0ha/vKz6WMQ1o= Subject key identifier: 3F:CC:01:C1:F8:34:1C:58:58:15:C8:66:D8:E6:3D:6C:FB:C6:D1:10 Authority key identifier: 2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 Certificate issuer: /CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Certificate serial: 29C443F74B39337288D0E914DD632C2957EF6736 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft Manifest number: 04 Signing time: Fri 06 Mar 2026 07:51:12 +0000 Manifest this update: Fri 06 Mar 2026 07:46:12 +0000 Manifest next update: Mon 09 Mar 2026 16:41:12 +0000 Files and hashes: 1: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl (hash: zCZtKDDsN+BgqOx6Ba0CETIYUxd5GIl+ABuChEFpPJM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 08:48:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:c4:43:f7:4b:39:33:72:88:d0:e9:14:dd:63:2c:29:57:ef:67:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Validity Not Before: Mar 6 07:46:12 2026 GMT Not After : Mar 9 16:41:12 2026 GMT Subject: CN=3FCC01C1F8341C585815C866D8E63D6CFBC6D110 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:71:f5:84:db:3e:97:1a:5b:22:29:4c:26:54: cc:34:c8:25:e7:de:e0:5c:8e:bf:95:67:aa:69:34: 2a:06:8f:fa:c0:e9:b7:e1:0b:59:7e:5f:87:06:77: 3a:a0:e2:8d:c6:c4:b6:41:54:53:cc:f9:bb:2f:38: 95:65:d8:7d:54:ca:8d:e3:9b:be:bc:0a:51:c5:57: 35:84:19:c8:13:c2:cf:5a:67:38:b8:41:ea:df:e5: 34:33:ec:59:35:dc:59:5d:b3:cc:3c:61:4e:94:d0: 5b:15:b9:a5:a0:f1:cc:6f:49:00:4d:a3:90:94:75: e9:e7:29:76:f9:94:13:97:cc:87:2a:00:a0:91:a1: 33:5a:1b:8e:54:11:a6:27:9e:bd:bd:76:b3:f4:c6: 67:02:2a:ff:e2:9c:f9:c5:8c:54:82:37:ef:bd:54: e4:eb:d6:c9:0e:41:b4:37:35:cf:ea:d3:8f:91:74: b2:8f:29:fb:1b:65:a2:6f:b5:ee:11:7b:66:9a:aa: b5:4c:e7:65:4e:4d:9e:2a:d7:12:f9:41:41:a8:0a: c4:86:3f:8c:46:b9:72:6e:91:25:74:74:07:36:c4: fe:e5:38:0a:b7:5f:98:6c:cc:ba:5b:ad:f5:51:b7: d0:55:f4:74:23:3c:15:44:90:77:4e:0d:59:2b:1b: 65:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:CC:01:C1:F8:34:1C:58:58:15:C8:66:D8:E6:3D:6C:FB:C6:D1:10 X509v3 Authority Key Identifier: keyid:2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:b0:b3:df:ab:36:5d:54:34:61:d8:6b:b4:79:72:86:c6:a5: 82:51:27:1f:9f:54:d9:e1:90:aa:a6:8c:6d:5e:57:dc:57:92: 72:b8:a0:b2:ed:67:cf:31:c7:6a:22:93:6f:a5:94:55:ce:b2: ff:ee:53:21:4a:aa:e2:6a:8d:85:25:25:e0:95:7b:70:1b:26: 53:eb:16:c3:4a:12:26:1e:ef:c0:3c:6f:76:bb:f5:ba:44:25: 21:7f:10:4e:e9:87:3c:05:7a:39:4c:47:c4:e1:7f:af:55:b8: 6e:1e:af:b2:91:be:6e:75:28:c8:6c:de:01:00:92:a5:a3:a8: 69:57:d7:a7:10:4d:64:f3:f7:c7:d5:c1:aa:5d:41:ff:2a:31: 8c:fb:dd:bb:5a:9a:2a:ff:07:a2:af:a9:65:ec:54:4b:c9:d6: f5:98:31:da:43:4e:d4:e5:d3:74:43:ac:a2:e1:69:a1:0f:ca: 4e:71:f0:64:52:9a:e3:d4:54:0a:c6:49:80:58:f4:18:25:b5: 1f:f7:ea:ae:7d:e2:d7:d8:4d:52:d7:96:b0:7b:6a:47:54:91: b5:64:df:67:3f:b4:72:a5:a3:af:07:ed:02:cc:6f:70:e3:73: 8c:82:38:be:4b:4b:b4:9c:fe:78:b0:c7:e4:1f:45:ad:81:d2: be:9a:d2:0b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKcRD90s5M3KI0OkU3WMsKVfvZzYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlC QjExMjdGNzAeFw0yNjAzMDYwNzQ2MTJaFw0yNjAzMDkxNjQxMTJaMDMxMTAvBgNV BAMTKDNGQ0MwMUMxRjgzNDFDNTg1ODE1Qzg2NkQ4RTYzRDZDRkJDNkQxMTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDcfWE2z6XGlsiKUwmVMw0yCXn 3uBcjr+VZ6ppNCoGj/rA6bfhC1l+X4cGdzqg4o3GxLZBVFPM+bsvOJVl2H1Uyo3j m768ClHFVzWEGcgTws9aZzi4Qerf5TQz7Fk13Flds8w8YU6U0FsVuaWg8cxvSQBN o5CUdennKXb5lBOXzIcqAKCRoTNaG45UEaYnnr29drP0xmcCKv/inPnFjFSCN++9 VOTr1skOQbQ3Nc/q04+RdLKPKfsbZaJvte4Re2aaqrVM52VOTZ4q1xL5QUGoCsSG P4xGuXJukSV0dAc2xP7lOAq3X5hszLpbrfVRt9BV9HQjPBVEkHdODVkrG2V5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUP8wBwfg0HFhYFchm2OY9bPvG0RAwHwYDVR0j BBgwFoAULY//29GvkHo+ew6CGaNzGbsRJ/cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YmRlM2E0Mi02MjcyLTRiNmMtYWQ4MS1jY2NmYmU5NDg4YzAvMS8yRDhGRkZEQkQx QUY5MDdBM0U3QjBFODIxOUEzNzMxOUJCMTEyN0Y3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlCQjEx MjdGNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2JkZTNhNDItNjI3Mi00YjZjLWFk ODEtY2NjZmJlOTQ4OGMwLzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzcz MTlCQjExMjdGNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJCws9+rNl1UNGHYa7R5cobGpYJRJx+fVNnh kKqmjG1eV9xXknK4oLLtZ88xx2oik2+llFXOsv/uUyFKquJqjYUlJeCVe3AbJlPr FsNKEiYe78A8b3a79bpEJSF/EE7phzwFejlMR8Thf69VuG4er7KRvm51KMhs3gEA kqWjqGlX16cQTWTz98fVwapdQf8qMYz73btamir/B6KvqWXsVEvJ1vWYMdpDTtTl 03RDrKLhaaEPyk5x8GRSmuPUVArGSYBY9BgltR/36q594tfYTVLXlrB7akdUkbVk 32c/tHKlo68H7QLMb3Djc4yCOL5LS7Sc/niwx+QfRa2B0r6a0gs= -----END CERTIFICATE-----Generated at Sat Mar 7 17:43:40 2026 by rpki-client