$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: 1GMBFv1U55Iha4WLIE1+1/+V+gvErslV4VF2N6CnBbQ= Subject key identifier: 2E:00:A3:4F:01:05:D8:A6:2B:85:32:C7:D9:C3:BC:2D:E1:56:C4:25 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 30B3C3100E163C9DDB9F4704AE84EFD990835B8A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 0552 Signing time: Sun 01 Mar 2026 06:42:49 +0000 Manifest this update: Sun 01 Mar 2026 06:37:49 +0000 Manifest next update: Wed 04 Mar 2026 16:01:49 +0000 Files and hashes: 1: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: /88d1fU9Jznp6RU/zirKml7FN+f9FvdPf0YePv9HIJU=) 2: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 3: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 4: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) 5: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 16:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:b3:c3:10:0e:16:3c:9d:db:9f:47:04:ae:84:ef:d9:90:83:5b:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Mar 1 06:37:49 2026 GMT Not After : Mar 4 16:01:49 2026 GMT Subject: CN=2E00A34F0105D8A62B8532C7D9C3BC2DE156C425 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8f:1c:dd:7d:ba:0d:95:f8:9f:fb:ae:0c:cc: 01:ae:57:bf:42:cf:81:b3:98:1a:e2:d6:53:4e:d4: d1:fc:7b:32:3c:b1:05:82:e9:3e:15:19:f9:d9:6e: 18:25:87:20:86:ac:26:20:25:32:37:2e:9a:2d:3f: b5:4a:ab:f2:6a:bf:42:5f:84:67:27:02:66:65:94: 19:cd:b8:54:f2:2f:b0:f0:8c:d2:0b:7e:0b:7b:d2: de:ce:11:55:89:ec:31:6f:7a:61:3a:2b:39:33:37: f1:4c:f5:6d:b7:31:a8:e2:d9:43:eb:d6:63:bf:45: 88:b9:ba:08:21:e3:ec:7c:05:c5:e7:bd:96:1b:c1: 9b:24:7a:6d:b9:ea:d4:9a:b5:96:ac:13:e0:98:11: 17:ad:04:8a:5b:39:7b:5e:89:5c:d0:32:49:98:c1: 11:3b:20:f8:5a:da:d8:ef:5d:15:79:bf:8f:06:f0: e3:f2:35:bb:88:93:a8:63:c7:40:82:b0:2a:b6:56: 5c:7a:a3:1c:13:bd:d9:b7:23:3c:5b:e0:26:3c:96: 72:7d:ab:06:f1:24:e1:9d:d9:d8:f0:99:94:35:ac: 3a:f9:41:91:cd:2c:f9:8f:f1:ed:2b:16:4e:64:d3: f7:72:14:20:4f:6f:55:d8:57:a7:3b:7b:a1:8b:e3: 99:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:00:A3:4F:01:05:D8:A6:2B:85:32:C7:D9:C3:BC:2D:E1:56:C4:25 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:a9:e3:98:dd:f7:50:8b:70:67:31:9b:af:03:95:9d:b7:34: 53:f0:05:ba:ef:95:1d:20:a5:bb:6d:08:00:3a:3b:70:b2:a4: 10:65:b8:ce:af:55:57:49:7f:35:a7:8a:0c:12:3a:ae:98:2a: d4:b9:75:da:74:35:1e:2b:b8:bd:81:c7:20:20:1e:04:1b:a3: da:b9:e9:d5:d1:1e:21:3f:6a:e0:b4:08:ac:8e:ee:e1:e2:76: 17:37:01:32:02:82:fb:9b:69:ec:9d:f4:5a:8b:76:3c:be:50: 91:2a:e4:06:ec:18:b5:64:9b:db:24:87:28:ea:0e:9a:12:1f: 56:78:36:20:17:b3:24:db:df:08:2a:42:be:65:7a:26:02:23: de:f2:4a:63:b3:7d:3c:10:1d:56:9a:8a:f0:06:a7:8c:64:4c: 38:13:5c:13:b7:cc:d6:c7:f0:8d:e4:4e:cc:7d:8a:b5:ba:c7: 88:6e:49:d0:02:ad:2e:a9:5e:a5:91:33:75:fb:e3:65:8f:dc: 4d:5d:f1:6a:16:1e:dc:cc:a3:12:30:67:11:43:30:03:01:b7: e9:a9:6c:e5:c6:cd:ec:16:ec:48:ef:0f:c7:63:0a:32:12:01: 12:b0:51:53:0b:93:7b:b8:54:48:b6:6e:87:32:2d:2e:ae:80: 7b:40:59:9d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMLPDEA4WPJ3bn0cEroTv2ZCDW4owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNjAzMDEwNjM3NDlaFw0yNjAzMDQxNjAxNDlaMDMxMTAvBgNV BAMTKDJFMDBBMzRGMDEwNUQ4QTYyQjg1MzJDN0Q5QzNCQzJERTE1NkM0MjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzjxzdfboNlfif+64MzAGuV79C z4GzmBri1lNO1NH8ezI8sQWC6T4VGfnZbhglhyCGrCYgJTI3LpotP7VKq/Jqv0Jf hGcnAmZllBnNuFTyL7DwjNILfgt70t7OEVWJ7DFvemE6KzkzN/FM9W23Maji2UPr 1mO/RYi5uggh4+x8BcXnvZYbwZskem256tSatZasE+CYERetBIpbOXteiVzQMkmY wRE7IPha2tjvXRV5v48G8OPyNbuIk6hjx0CCsCq2Vlx6oxwTvdm3Izxb4CY8lnJ9 qwbxJOGd2djwmZQ1rDr5QZHNLPmP8e0rFk5k0/dyFCBPb1XYV6c7e6GL45lRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULgCjTwEF2KYrhTLH2cO8LeFWxCUwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAOp45jd91CLcGcxm68DlZ23NFPwBbrvlR0g pbttCAA6O3CypBBluM6vVVdJfzWnigwSOq6YKtS5ddp0NR4ruL2BxyAgHgQbo9q5 6dXRHiE/auC0CKyO7uHidhc3ATICgvubaeyd9FqLdjy+UJEq5AbsGLVkm9skhyjq DpoSH1Z4NiAXsyTb3wgqQr5leiYCI97ySmOzfTwQHVaaivAGp4xkTDgTXBO3zNbH 8I3kTsx9irW6x4huSdACrS6pXqWRM3X742WP3E1d8WoWHtzMoxIwZxFDMAMBt+mp bOXGzewW7EjvD8djCjISARKwUVMLk3u4VEi2bocyLS6ugHtAWZ0= -----END CERTIFICATE-----Generated at Mon Mar 2 15:27:37 2026 by rpki-client