$ rpki-client -vvf repo-rpki.idnic.net/repo/06bedf3a-d7d1-49a6-93ed-b277f1f7a6eb/0/D85F6D41E807D8825356A681A7518FA27664A965.mft File: D85F6D41E807D8825356A681A7518FA27664A965.mft (raw, json) Hash identifier: YoigyeJfgYUeIdV0QW3dxHT/ISifCqVr/7YFuYtarEw= Subject key identifier: B7:1D:02:DE:7C:39:A5:DF:8B:B7:A7:32:9F:E6:E3:2D:70:DE:75:B6 Authority key identifier: D8:5F:6D:41:E8:07:D8:82:53:56:A6:81:A7:51:8F:A2:76:64:A9:65 Certificate issuer: /CN=D85F6D41E807D8825356A681A7518FA27664A965 Certificate serial: 48C5DDF986A3D91BE45AD61BAF2F20B0DEB5FCE6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D85F6D41E807D8825356A681A7518FA27664A965.cer Subject info access: rsync://repo-rpki.idnic.net/repo/06bedf3a-d7d1-49a6-93ed-b277f1f7a6eb/0/D85F6D41E807D8825356A681A7518FA27664A965.mft Manifest number: 01BA Signing time: Sun 01 Mar 2026 23:02:30 +0000 Manifest this update: Sun 01 Mar 2026 22:57:30 +0000 Manifest next update: Thu 05 Mar 2026 10:04:30 +0000 Files and hashes: 1: 3130332e3136372e3137312e302f32342d3234203d3e20313431393833.roa (hash: mLhBYPkwACBbxlJsTnV03pPrOs7jfGDROaGC1YIb24I=) 2: 323430373a396363303a3a2f33322d3332203d3e20313431393833.roa (hash: X3XCCURHmUEWOKsujokS9KRQ2ATuG6WfjZ6Xo/ilPmk=) 3: D85F6D41E807D8825356A681A7518FA27664A965.crl (hash: 1QLDr8WfZw2L2ll15XpztJxhgX3OiTr1aflvKvdQQ00=) 4: 3130332e3136372e3137302e302f32342d3234203d3e20313431393833.roa (hash: 2X5KoMU/cWrAj0o88iqREF+W66XbV79s9jtdMfDvn84=) 5: 3130332e3136372e3137302e302f32332d3233203d3e20313431393833.roa (hash: hFj4Uh0PGeOBka7Cx4rmARhSt9TGPmz98D01cPT+PF4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/06bedf3a-d7d1-49a6-93ed-b277f1f7a6eb/0/D85F6D41E807D8825356A681A7518FA27664A965.crl rsync://repo-rpki.idnic.net/repo/06bedf3a-d7d1-49a6-93ed-b277f1f7a6eb/0/D85F6D41E807D8825356A681A7518FA27664A965.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D85F6D41E807D8825356A681A7518FA27664A965.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 06:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:c5:dd:f9:86:a3:d9:1b:e4:5a:d6:1b:af:2f:20:b0:de:b5:fc:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D85F6D41E807D8825356A681A7518FA27664A965 Validity Not Before: Mar 1 22:57:30 2026 GMT Not After : Mar 5 10:04:30 2026 GMT Subject: CN=B71D02DE7C39A5DF8BB7A7329FE6E32D70DE75B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:1a:13:43:b7:42:b7:42:3d:24:dc:6c:56:98: ac:38:dc:9e:7b:48:8d:65:4d:d7:f2:98:9d:57:99: 62:ce:67:ed:e3:6b:e7:c8:bb:0b:e5:08:1a:50:1d: 6e:de:91:11:8a:f0:6f:7e:a8:fe:ea:c5:6b:09:81: cb:27:50:03:02:fe:23:4e:6a:07:20:a0:32:33:ea: 45:1d:7c:26:ff:2e:68:5a:dc:df:a1:2e:b9:c5:00: 80:9c:b8:a2:12:99:ea:80:75:9b:91:52:c0:ea:b5: 86:e4:30:33:0c:7c:61:86:2c:8d:2d:db:17:07:03: 72:3c:d3:3c:80:74:10:85:4e:14:80:de:75:4f:49: 09:4b:31:0c:cc:35:82:7a:1a:66:7b:61:93:ca:64: a8:e8:87:ae:29:8d:a5:b6:e0:9a:9f:97:14:6f:73: ad:35:68:9d:ae:a5:b6:9d:1d:a5:f3:e1:ed:1a:d5: b3:4b:4d:12:90:cd:e3:6e:77:d7:b3:a1:d7:92:15: f5:ab:de:8f:cd:02:18:de:40:63:cd:7f:8c:f8:75: 00:0c:f1:5f:2e:b6:b7:b3:40:52:f1:c7:ad:ac:49: 14:e0:e6:98:b6:1f:74:57:20:f6:2d:22:b0:fe:4e: d8:97:06:4b:83:ea:af:fa:f8:f1:e5:b4:18:29:5f: 68:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:1D:02:DE:7C:39:A5:DF:8B:B7:A7:32:9F:E6:E3:2D:70:DE:75:B6 X509v3 Authority Key Identifier: keyid:D8:5F:6D:41:E8:07:D8:82:53:56:A6:81:A7:51:8F:A2:76:64:A9:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/06bedf3a-d7d1-49a6-93ed-b277f1f7a6eb/0/D85F6D41E807D8825356A681A7518FA27664A965.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D85F6D41E807D8825356A681A7518FA27664A965.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/06bedf3a-d7d1-49a6-93ed-b277f1f7a6eb/0/D85F6D41E807D8825356A681A7518FA27664A965.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:c0:3d:bb:03:cc:70:fa:ad:fc:81:ed:bd:71:39:9e:63:22: 85:5c:27:e6:9c:7f:57:d5:f5:94:ce:ec:8d:e0:be:e0:b5:41: 10:2b:66:32:f0:62:07:44:c3:53:25:82:5a:66:f8:10:68:3e: 59:23:a7:d3:5f:4b:bb:6b:65:eb:92:6f:81:30:a2:b0:80:e2: 83:a5:0c:d0:d9:3a:42:a6:4a:a8:5e:12:72:f3:3d:76:07:e9: c6:f8:a4:35:58:35:cb:40:59:92:2b:d4:1c:3c:18:81:9e:b8: 56:89:ac:81:a4:79:25:c0:98:c6:89:6d:e3:c3:ee:be:6f:73: b8:ff:2c:82:c4:fc:dd:15:df:84:9a:96:7a:1e:cd:2b:a1:a5: c7:6d:c1:00:a8:0a:ac:6f:1a:ce:20:c2:90:bf:50:93:53:0e: 76:a9:fc:9a:e4:da:c7:fa:86:91:fd:33:31:e2:5f:9b:8b:89: 4e:61:7d:93:3b:5e:8e:ba:6e:6f:27:6e:f4:d3:77:d9:f3:6f: e6:34:ed:13:fb:75:8b:b8:e0:73:2e:36:ac:2c:8e:07:9a:82: 27:47:e7:f1:79:36:01:5d:a1:46:bd:e6:e7:fd:0c:f0:56:ef: 62:ff:13:ff:57:15:64:11:d3:47:1a:27:75:7a:49:b3:e2:10: 89:81:ef:46 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSMXd+Yaj2RvkWtYbry8gsN61/OYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDg1RjZENDFFODA3RDg4MjUzNTZBNjgxQTc1MThGQTI3 NjY0QTk2NTAeFw0yNjAzMDEyMjU3MzBaFw0yNjAzMDUxMDA0MzBaMDMxMTAvBgNV BAMTKEI3MUQwMkRFN0MzOUE1REY4QkI3QTczMjlGRTZFMzJENzBERTc1QjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBGhNDt0K3Qj0k3GxWmKw43J57 SI1lTdfymJ1XmWLOZ+3ja+fIuwvlCBpQHW7ekRGK8G9+qP7qxWsJgcsnUAMC/iNO agcgoDIz6kUdfCb/Lmha3N+hLrnFAICcuKISmeqAdZuRUsDqtYbkMDMMfGGGLI0t 2xcHA3I80zyAdBCFThSA3nVPSQlLMQzMNYJ6GmZ7YZPKZKjoh64pjaW24JqflxRv c601aJ2upbadHaXz4e0a1bNLTRKQzeNud9ezodeSFfWr3o/NAhjeQGPNf4z4dQAM 8V8utrezQFLxx62sSRTg5pi2H3RXIPYtIrD+TtiXBkuD6q/6+PHltBgpX2jhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUtx0C3nw5pd+Lt6cyn+bjLXDedbYwHwYDVR0j BBgwFoAU2F9tQegH2IJTVqaBp1GPonZkqWUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NmJlZGYzYS1kN2QxLTQ5YTYtOTNlZC1iMjc3ZjFmN2E2ZWIvMC9EODVGNkQ0MUU4 MDdEODgyNTM1NkE2ODFBNzUxOEZBMjc2NjRBOTY1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDg1RjZENDFFODA3RDg4MjUzNTZBNjgxQTc1MThGQTI3NjY0 QTk2NS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDZiZWRmM2EtZDdkMS00OWE2LTkz ZWQtYjI3N2YxZjdhNmViLzAvRDg1RjZENDFFODA3RDg4MjUzNTZBNjgxQTc1MThG QTI3NjY0QTk2NS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKrAPbsDzHD6rfyB7b1xOZ5jIoVcJ+acf1fV 9ZTO7I3gvuC1QRArZjLwYgdEw1Mlglpm+BBoPlkjp9NfS7trZeuSb4EworCA4oOl DNDZOkKmSqheEnLzPXYH6cb4pDVYNctAWZIr1Bw8GIGeuFaJrIGkeSXAmMaJbePD 7r5vc7j/LILE/N0V34SalnoezSuhpcdtwQCoCqxvGs4gwpC/UJNTDnap/Jrk2sf6 hpH9MzHiX5uLiU5hfZM7Xo66bm8nbvTTd9nzb+Y07RP7dYu44HMuNqwsjgeagidH 5/F5NgFdoUa95uf9DPBW72L/E/9XFWQR00caJ3V6SbPiEImB70Y= -----END CERTIFICATE-----Generated at Mon Mar 2 09:08:47 2026 by rpki-client