$ rpki-client -vvf repo-rpki.idnic.net/repo/dcf00f8a-5cbd-460f-bfc6-bd8942b6537c/0/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.mft File: 8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.mft (raw, json) Hash identifier: bqITfGTOSUGTvrgQotKpNGd/3yDsurdPDj5Z0RYIXig= Subject key identifier: 27:E3:57:EE:2B:38:6D:D0:EB:15:27:28:C0:31:77:B6:CE:05:CA:D4 Authority key identifier: 86:94:CD:BB:52:F4:AE:A8:9A:F4:6C:A5:BF:A5:A6:39:97:3D:73:02 Certificate issuer: /CN=8694CDBB52F4AEA89AF46CA5BFA5A639973D7302 Certificate serial: 03D08903D1C502F3EC7EE66FA5EC092F95CF060D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dcf00f8a-5cbd-460f-bfc6-bd8942b6537c/0/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.mft Manifest number: A7 Signing time: Sun 22 Mar 2026 17:21:51 +0000 Manifest this update: Sun 22 Mar 2026 17:16:51 +0000 Manifest next update: Wed 25 Mar 2026 18:27:51 +0000 Files and hashes: 1: 3230322e39302e3139352e302f32342d3234203d3e20313431313134.roa (hash: 1xGJ7Y9+wtKG60b+Nh0uIMBhRuIEyt2WbpPoMcvYL7o=) 2: 8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.crl (hash: Ar1a8dGxrNT10TL5WNeuw+fvNsvDUQim/OfSiYmKPAw=) 3: 3230322e39302e3139342e302f32342d3234203d3e203435333233.roa (hash: E3gl245QWUOSrRvQIfs41ST6vQLNBujKh2hLnsJBzx8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dcf00f8a-5cbd-460f-bfc6-bd8942b6537c/0/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.crl rsync://repo-rpki.idnic.net/repo/dcf00f8a-5cbd-460f-bfc6-bd8942b6537c/0/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Mar 2026 18:27:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:d0:89:03:d1:c5:02:f3:ec:7e:e6:6f:a5:ec:09:2f:95:cf:06:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8694CDBB52F4AEA89AF46CA5BFA5A639973D7302 Validity Not Before: Mar 22 17:16:51 2026 GMT Not After : Mar 25 18:27:51 2026 GMT Subject: CN=27E357EE2B386DD0EB152728C03177B6CE05CAD4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:1d:d1:9d:99:87:33:5f:06:b5:fa:d1:af:8c: db:fb:b0:d5:9f:be:cf:b0:59:d6:51:23:1c:1b:78: fe:62:93:c8:01:b6:f1:7b:d9:2f:7b:7b:e8:b0:b5: 78:74:fb:5b:6d:e5:ee:e5:08:52:62:ee:9b:26:53: 51:0c:77:1b:77:bf:d8:62:c4:b9:15:d3:ad:9b:92: cc:9e:e7:54:2d:55:79:19:4c:a0:40:3d:0c:90:ac: cf:51:6a:84:23:37:ab:33:eb:78:10:06:06:ed:e6: 5b:a1:29:1a:1b:1a:87:d7:b3:6a:24:65:ee:8d:dc: c8:a6:98:12:64:ab:0a:7e:25:2b:e6:ad:1b:9b:cb: b6:67:aa:34:a2:0c:3c:4b:99:80:80:4e:89:85:93: f7:7d:28:49:62:85:c6:8f:9b:3d:d7:c0:c0:2a:d0: 81:5f:4d:fa:1b:ca:27:9f:23:9e:92:88:79:09:c8: 28:39:ce:8b:06:b6:d2:e4:16:a2:8b:77:4b:46:af: 94:91:0e:ef:d3:56:46:6e:bb:b9:31:9f:e6:c1:16: 94:ac:d0:41:bb:92:89:ab:72:73:c2:0c:69:e3:b1: fe:c2:e9:9a:e5:a6:ba:ea:c5:b2:19:ed:48:9e:12: 09:0e:b2:41:7f:ce:ba:8c:59:96:3e:d2:13:5f:78: 86:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:E3:57:EE:2B:38:6D:D0:EB:15:27:28:C0:31:77:B6:CE:05:CA:D4 X509v3 Authority Key Identifier: keyid:86:94:CD:BB:52:F4:AE:A8:9A:F4:6C:A5:BF:A5:A6:39:97:3D:73:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dcf00f8a-5cbd-460f-bfc6-bd8942b6537c/0/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dcf00f8a-5cbd-460f-bfc6-bd8942b6537c/0/8694CDBB52F4AEA89AF46CA5BFA5A639973D7302.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:78:44:c1:6b:8b:57:87:ce:22:f9:fa:e0:4a:cf:ee:07:ee: c6:ee:8e:f8:a4:e1:f0:89:d6:e6:41:a3:04:b2:41:38:aa:d0: 34:c9:07:c4:81:3c:c6:74:b2:b8:7b:27:b3:5e:e6:54:e3:e5: 7d:7e:cb:19:1f:d5:15:9a:3d:32:39:1c:8e:8f:7b:1b:78:64: 9e:bf:2e:67:ff:b0:6b:42:c1:c3:0e:31:01:17:e2:5a:65:8d: c6:ee:f1:bc:20:87:72:22:de:66:b6:3f:2a:7b:a3:21:a7:6a: 62:65:52:e4:bd:92:e4:52:93:04:75:bb:55:1b:a5:29:10:2f: 07:61:21:0f:3e:46:ea:f5:4d:19:48:2b:df:82:6b:2c:1d:b1: f1:65:99:99:3e:f8:88:1c:28:fa:32:66:9d:80:8b:21:37:21: d0:98:64:9d:99:40:d3:78:9b:af:5b:a4:2e:d6:12:39:dd:d9: b7:c8:0d:dd:1f:8a:88:da:be:27:f2:46:74:4e:32:cb:fa:04: c1:94:73:12:92:3a:29:dc:5b:80:89:34:bc:43:78:89:34:69: f0:9d:0d:4a:73:70:f3:43:b1:06:de:b5:db:9f:f6:ed:12:98: 44:b1:d9:d8:d3:7d:a4:5f:9c:be:12:8f:b2:41:2e:78:bc:12: c1:ec:76:08 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUA9CJA9HFAvPsfuZvpewJL5XPBg0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODY5NENEQkI1MkY0QUVBODlBRjQ2Q0E1QkZBNUE2Mzk5 NzNENzMwMjAeFw0yNjAzMjIxNzE2NTFaFw0yNjAzMjUxODI3NTFaMDMxMTAvBgNV BAMTKDI3RTM1N0VFMkIzODZERDBFQjE1MjcyOEMwMzE3N0I2Q0UwNUNBRDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUHdGdmYczXwa1+tGvjNv7sNWf vs+wWdZRIxwbeP5ik8gBtvF72S97e+iwtXh0+1tt5e7lCFJi7psmU1EMdxt3v9hi xLkV062bksye51QtVXkZTKBAPQyQrM9RaoQjN6sz63gQBgbt5luhKRobGofXs2ok Ze6N3MimmBJkqwp+JSvmrRuby7ZnqjSiDDxLmYCATomFk/d9KElihcaPmz3XwMAq 0IFfTfobyiefI56SiHkJyCg5zosGttLkFqKLd0tGr5SRDu/TVkZuu7kxn+bBFpSs 0EG7komrcnPCDGnjsf7C6ZrlprrqxbIZ7UieEgkOskF/zrqMWZY+0hNfeIa1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUJ+NX7is4bdDrFScowDF3ts4FytQwHwYDVR0j BBgwFoAUhpTNu1L0rqia9Gylv6WmOZc9cwIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k Y2YwMGY4YS01Y2JkLTQ2MGYtYmZjNi1iZDg5NDJiNjUzN2MvMC84Njk0Q0RCQjUy RjRBRUE4OUFGNDZDQTVCRkE1QTYzOTk3M0Q3MzAyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODY5NENEQkI1MkY0QUVBODlBRjQ2Q0E1QkZBNUE2Mzk5NzNE NzMwMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGNmMDBmOGEtNWNiZC00NjBmLWJm YzYtYmQ4OTQyYjY1MzdjLzAvODY5NENEQkI1MkY0QUVBODlBRjQ2Q0E1QkZBNUE2 Mzk5NzNENzMwMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEd4RMFri1eHziL5+uBKz+4H7sbujvik4fCJ 1uZBowSyQTiq0DTJB8SBPMZ0srh7J7Ne5lTj5X1+yxkf1RWaPTI5HI6Pext4ZJ6/ Lmf/sGtCwcMOMQEX4lpljcbu8bwgh3Ii3ma2Pyp7oyGnamJlUuS9kuRSkwR1u1Ub pSkQLwdhIQ8+Rur1TRlIK9+CaywdsfFlmZk++IgcKPoyZp2AiyE3IdCYZJ2ZQNN4 m69bpC7WEjnd2bfIDd0fiojavifyRnROMsv6BMGUcxKSOincW4CJNLxDeIk0afCd DUpzcPNDsQbetduf9u0SmESx2djTfaRfnL4Sj7JBLni8EsHsdgg= -----END CERTIFICATE-----Generated at Tue Mar 24 17:52:14 2026 by rpki-client