$ rpki-client -vvf repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft File: D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft (raw, json) Hash identifier: v52+TOxH9/c7s9U9URbFU9/tcqYY/AQ4kJETmb5iuk4= Subject key identifier: EC:CE:87:07:CC:C8:56:C7:06:98:91:AB:32:7C:95:AC:35:FA:72:DB Authority key identifier: D2:24:8A:04:D9:94:A2:56:9A:8F:F6:45:D4:B0:25:A9:F7:CB:2F:E7 Certificate issuer: /CN=D2248A04D994A2569A8FF645D4B025A9F7CB2FE7 Certificate serial: 5AE3CF5695E407FE0DBE6B24CCC83C2E9CE5F8FD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft Manifest number: 0295 Signing time: Sun 01 Mar 2026 22:41:34 +0000 Manifest this update: Sun 01 Mar 2026 22:36:34 +0000 Manifest next update: Thu 05 Mar 2026 04:11:34 +0000 Files and hashes: 1: D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl (hash: uxwAehyWWCFP492sHWqeSOPug5MiihmAshaQAFGaCsI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 04:11:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:e3:cf:56:95:e4:07:fe:0d:be:6b:24:cc:c8:3c:2e:9c:e5:f8:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2248A04D994A2569A8FF645D4B025A9F7CB2FE7 Validity Not Before: Mar 1 22:36:34 2026 GMT Not After : Mar 5 04:11:34 2026 GMT Subject: CN=ECCE8707CCC856C7069891AB327C95AC35FA72DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:3f:9a:59:68:cd:65:03:35:bf:e9:fb:9a:eb: fa:f3:ea:7e:2c:13:b0:b9:5d:00:ad:58:1e:ce:72: f8:a2:69:fd:1f:4d:a3:49:87:cf:57:b9:97:3f:f6: 05:a5:28:b9:31:88:6e:cf:f4:9a:f9:31:60:73:cf: 4c:7e:17:4b:31:08:12:ce:02:8e:96:69:59:ff:65: f9:cd:e0:4c:6a:af:bd:bb:3a:49:4a:5f:8b:78:d7: 4f:bc:d8:53:8c:77:74:8c:54:d5:d9:f3:c7:97:28: 61:f0:a9:c8:43:98:b5:ea:92:ce:c1:c3:38:f1:21: 2f:57:63:4b:b8:92:8e:cd:bd:ae:c2:1c:6f:fd:93: c8:1e:5c:24:d2:88:dd:22:4a:d7:88:59:7e:1c:52: e7:4b:f3:e1:6b:4f:46:03:2c:c0:9c:a4:4b:4f:f2: 59:de:36:c9:c7:52:40:ed:f1:a8:a1:5f:e6:40:bc: 93:18:86:f5:94:bb:c9:be:3e:5d:7e:94:ea:70:31: 87:7a:35:b2:2b:80:20:36:63:37:9b:a4:e9:95:9f: 65:e1:ee:57:6d:78:48:49:52:66:9a:91:17:aa:7a: a3:bb:7f:bc:b8:02:75:ad:9a:30:06:a4:b1:ca:89: fd:7e:9f:bc:2e:55:a9:b3:8f:c6:1b:8f:c2:39:53: a3:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:CE:87:07:CC:C8:56:C7:06:98:91:AB:32:7C:95:AC:35:FA:72:DB X509v3 Authority Key Identifier: keyid:D2:24:8A:04:D9:94:A2:56:9A:8F:F6:45:D4:B0:25:A9:F7:CB:2F:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:03:87:4b:81:bb:99:ce:e6:33:bd:7d:12:ec:97:37:29:60: 06:94:9c:4e:cb:ea:4e:2e:fb:d8:aa:d1:43:29:a7:c9:c1:29: d3:a3:6b:c3:6d:ab:c4:9e:e5:d4:f9:b7:aa:ab:76:62:d1:a3: b5:59:d6:ea:93:23:4c:28:73:d4:cd:84:af:f8:a1:af:b5:8e: 3c:de:fd:35:9e:9c:64:90:4f:c0:59:55:b0:3f:09:5b:82:7b: 29:94:ea:ba:70:18:ef:84:b5:ba:31:84:f7:37:9c:e8:ec:f2: 09:fd:dd:07:fe:db:4f:05:d5:1b:0b:4a:07:38:8c:21:38:f2: 70:bd:f7:5d:9f:27:e8:21:b0:18:aa:3e:b9:88:24:25:4a:46: 4e:27:07:a1:0b:28:da:26:4f:6a:23:16:bb:50:51:df:0b:26: 4c:f1:68:cc:cc:e5:75:15:cf:eb:69:5d:24:8e:3e:26:21:68: d4:92:20:5d:4a:0a:67:2b:e9:50:55:51:ee:f8:a6:ee:3a:fb: 11:b7:74:a3:67:9e:11:83:86:71:b4:1b:a7:5c:9a:2c:56:46: 43:40:77:16:1e:4c:43:99:0b:98:f9:59:14:95:fb:62:8f:72: e9:80:c2:1e:0d:68:13:9b:6f:5e:a3:aa:2b:7b:9e:06:bc:32: 03:4d:86:fc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWuPPVpXkB/4NvmskzMg8Lpzl+P0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1QTlG N0NCMkZFNzAeFw0yNjAzMDEyMjM2MzRaFw0yNjAzMDUwNDExMzRaMDMxMTAvBgNV BAMTKEVDQ0U4NzA3Q0NDODU2QzcwNjk4OTFBQjMyN0M5NUFDMzVGQTcyREIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTP5pZaM1lAzW/6fua6/rz6n4s E7C5XQCtWB7Ocviiaf0fTaNJh89XuZc/9gWlKLkxiG7P9Jr5MWBzz0x+F0sxCBLO Ao6WaVn/ZfnN4Exqr727OklKX4t410+82FOMd3SMVNXZ88eXKGHwqchDmLXqks7B wzjxIS9XY0u4ko7Nva7CHG/9k8geXCTSiN0iSteIWX4cUudL8+FrT0YDLMCcpEtP 8lneNsnHUkDt8aihX+ZAvJMYhvWUu8m+Pl1+lOpwMYd6NbIrgCA2YzebpOmVn2Xh 7ldteEhJUmaakReqeqO7f7y4AnWtmjAGpLHKif1+n7wuVamzj8Ybj8I5U6MlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU7M6HB8zIVscGmJGrMnyVrDX6ctswHwYDVR0j BBgwFoAU0iSKBNmUolaaj/ZF1LAlqffLL+cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTNjYzJjMS0xNDZjLTQ4YTktYjAwMy03YmQ4MzgyMjA4NGQvMC9EMjI0OEEwNEQ5 OTRBMjU2OUE4RkY2NDVENEIwMjVBOUY3Q0IyRkU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1QTlGN0NC MkZFNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWEzY2MyYzEtMTQ2Yy00OGE5LWIw MDMtN2JkODM4MjIwODRkLzAvRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1 QTlGN0NCMkZFNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALoDh0uBu5nO5jO9fRLslzcpYAaUnE7L6k4u +9iq0UMpp8nBKdOja8Ntq8Se5dT5t6qrdmLRo7VZ1uqTI0woc9TNhK/4oa+1jjze /TWenGSQT8BZVbA/CVuCeymU6rpwGO+EtboxhPc3nOjs8gn93Qf+208F1RsLSgc4 jCE48nC9912fJ+ghsBiqPrmIJCVKRk4nB6ELKNomT2ojFrtQUd8LJkzxaMzM5XUV z+tpXSSOPiYhaNSSIF1KCmcr6VBVUe74pu46+xG3dKNnnhGDhnG0G6dcmixWRkNA dxYeTEOZC5j5WRSV+2KPcumAwh4NaBObb16jqit7nga8MgNNhvw= -----END CERTIFICATE-----Generated at Mon Mar 2 13:04:15 2026 by rpki-client