$ rpki-client -vvf repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft File: 25D788BD2A450C01354B9AB70826895FDFF56208.mft (raw, json) Hash identifier: dbRCxdqEWSwceawJy+Xt74riE4JSP0rWPnpnuo/2CLo= Subject key identifier: 54:BE:59:34:99:50:F9:82:D4:BE:37:60:55:AB:98:FB:ED:F3:1B:06 Authority key identifier: 25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 Certificate issuer: /CN=25D788BD2A450C01354B9AB70826895FDFF56208 Certificate serial: 20990D3A90E94750FBEC0673E84FEA4CD9D1AC3D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject info access: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft Manifest number: 03A3 Signing time: Sat 28 Feb 2026 17:01:10 +0000 Manifest this update: Sat 28 Feb 2026 16:56:10 +0000 Manifest next update: Wed 04 Mar 2026 04:26:10 +0000 Files and hashes: 1: 3130332e39312e32342e302f32322d3234203d3e20313432333739.roa (hash: AU2BjjxLKOB7x1afsJypIVoDqfBt5Pa++/i1Uy3JBXs=) 2: 3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa (hash: g29pf8GRD5KEsQ3xMiXcjqqLaCsv5cRFguqUqUNSeQU=) 3: 323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa (hash: BfvR/So226bitOLhPr9CHxhxgb1Q7qOXOhbe2UXDXlU=) 4: 3132332e3235332e3234382e302f32332d3234203d3e20313432333739.roa (hash: T9vPzFVrVbtfkOIbIR0gBtReDHG4KgAtDeHT2T3EGwQ=) 5: 25D788BD2A450C01354B9AB70826895FDFF56208.crl (hash: YCj35EQp3uvTuXTlKcy2MYeMNVyqYMzwNtrbbmTe2o0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 04:26:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:99:0d:3a:90:e9:47:50:fb:ec:06:73:e8:4f:ea:4c:d9:d1:ac:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25D788BD2A450C01354B9AB70826895FDFF56208 Validity Not Before: Feb 28 16:56:10 2026 GMT Not After : Mar 4 04:26:10 2026 GMT Subject: CN=54BE59349950F982D4BE376055AB98FBEDF31B06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:54:e9:36:aa:ac:ad:17:bd:35:af:79:fa:58: 26:e9:11:a6:7f:b5:45:aa:ac:11:2b:3d:58:e5:e0: d1:86:6f:10:13:81:74:0c:06:d8:9f:5a:4e:49:e8: 35:4f:1e:cf:58:e7:ed:15:bf:da:cc:1e:62:08:79: 29:5b:24:22:41:77:a9:46:73:c4:14:8f:aa:51:77: 3d:ff:33:02:13:89:f7:60:ab:1c:c5:7c:24:bb:b0: 2d:ba:04:03:06:61:6c:48:b9:68:37:81:ba:d9:2f: 13:0f:4d:98:35:21:e0:fe:b2:47:96:2e:fa:e5:f5: df:25:da:cf:50:8d:4f:6b:22:c5:cc:32:e9:7a:cf: 6e:46:c6:7e:cf:92:97:3e:03:33:2c:50:b1:79:42: 71:11:bf:00:8d:8a:74:70:ea:ab:85:f3:4f:c3:78: 25:a3:bd:94:3b:f4:fa:b9:91:6b:21:da:b8:1e:17: c4:c0:e7:7d:b3:19:a2:39:46:ed:fd:d8:b7:2d:19: 81:01:c8:0f:23:fd:f9:d1:f8:f9:ea:8a:92:96:7d: 49:b1:c3:48:c7:60:59:02:f8:88:95:e9:00:11:18: ac:18:22:00:89:77:fc:52:3b:45:ac:cf:9e:99:cd: 26:49:1c:b5:76:1c:7b:f5:db:2b:04:d3:68:df:b5: 32:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:BE:59:34:99:50:F9:82:D4:BE:37:60:55:AB:98:FB:ED:F3:1B:06 X509v3 Authority Key Identifier: keyid:25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:62:d5:23:0b:09:da:cb:22:88:69:a3:30:e3:f6:f4:d7:b6: 96:ed:85:db:1f:37:ba:d4:c8:90:a2:92:a7:24:52:0d:05:42: ea:47:7b:3d:08:ae:7d:70:09:79:97:76:23:56:41:63:ad:2d: d0:23:27:55:f3:cd:ac:69:da:7f:4f:50:2b:b1:18:76:a0:58: a1:13:4f:7b:ca:d9:4c:29:cd:c7:ca:ff:5a:6c:80:22:50:8e: 92:60:ad:b1:81:38:d7:95:1d:fc:e6:bb:94:36:a9:e3:85:9e: d7:99:27:69:94:b0:96:a4:6c:d5:1b:b9:20:4d:99:f8:c0:b4: 9c:8c:87:82:72:2d:22:46:9c:7e:bf:6c:1d:7b:58:7a:ee:c8: a5:cb:c4:af:28:2a:a7:a2:c9:f9:dd:48:9a:43:b5:20:5d:ce: 2b:49:f1:e2:04:f0:4c:30:b1:e6:b9:5a:47:cc:b3:db:f8:7b: 90:c7:7e:c2:81:59:10:80:a0:ac:32:d2:bb:03:7c:b7:d3:a2: dc:a3:b4:eb:74:7c:58:93:72:25:ff:ad:bf:86:1b:75:77:0e: 0c:2c:f3:ed:20:fc:30:ad:5e:39:c9:2e:13:29:9b:47:61:6d: a2:4e:63:da:f3:51:3f:39:86:75:52:e8:26:c6:06:c5:13:5c: d8:c0:1f:1b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIJkNOpDpR1D77AZz6E/qTNnRrD0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZE RkY1NjIwODAeFw0yNjAyMjgxNjU2MTBaFw0yNjAzMDQwNDI2MTBaMDMxMTAvBgNV BAMTKDU0QkU1OTM0OTk1MEY5ODJENEJFMzc2MDU1QUI5OEZCRURGMzFCMDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3VOk2qqytF701r3n6WCbpEaZ/ tUWqrBErPVjl4NGGbxATgXQMBtifWk5J6DVPHs9Y5+0Vv9rMHmIIeSlbJCJBd6lG c8QUj6pRdz3/MwITifdgqxzFfCS7sC26BAMGYWxIuWg3gbrZLxMPTZg1IeD+skeW Lvrl9d8l2s9QjU9rIsXMMul6z25Gxn7Pkpc+AzMsULF5QnERvwCNinRw6quF80/D eCWjvZQ79Pq5kWsh2rgeF8TA532zGaI5Ru392LctGYEByA8j/fnR+PnqipKWfUmx w0jHYFkC+IiV6QARGKwYIgCJd/xSO0Wsz56ZzSZJHLV2HHv12ysE02jftTKFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUVL5ZNJlQ+YLUvjdgVauY++3zGwYwHwYDVR0j BBgwFoAUJdeIvSpFDAE1S5q3CCaJX9/1YggwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NmE3NjY1YS1iNTBiLTRhNDUtYThmOS0wZDY5YmQ3ZDc0M2QvMC8yNUQ3ODhCRDJB NDUwQzAxMzU0QjlBQjcwODI2ODk1RkRGRjU2MjA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZERkY1 NjIwOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDZhNzY2NWEtYjUwYi00YTQ1LWE4 ZjktMGQ2OWJkN2Q3NDNkLzAvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5 NUZERkY1NjIwOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFZi1SMLCdrLIohpozDj9vTXtpbthdsfN7rU yJCikqckUg0FQupHez0Irn1wCXmXdiNWQWOtLdAjJ1Xzzaxp2n9PUCuxGHagWKET T3vK2UwpzcfK/1psgCJQjpJgrbGBONeVHfzmu5Q2qeOFnteZJ2mUsJakbNUbuSBN mfjAtJyMh4JyLSJGnH6/bB17WHruyKXLxK8oKqeiyfndSJpDtSBdzitJ8eIE8Eww sea5WkfMs9v4e5DHfsKBWRCAoKwy0rsDfLfTotyjtOt0fFiTciX/rb+GG3V3Dgws 8+0g/DCtXjnJLhMpm0dhbaJOY9rzUT85hnVS6CbGBsUTXNjAHxs= -----END CERTIFICATE-----Generated at Mon Mar 2 11:09:53 2026 by rpki-client