$ rpki-client -vvf repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft File: D68CA7C6F514D7168C00790717FB869AF68B125E.mft (raw, json) Hash identifier: E1kD8e2STmCBe/k5Yh9Y86TORETmPz3zL29smv04MV4= Subject key identifier: 57:4F:EA:F7:AC:59:09:A7:22:A5:1A:78:1A:41:21:A4:46:F4:18:C3 Authority key identifier: D6:8C:A7:C6:F5:14:D7:16:8C:00:79:07:17:FB:86:9A:F6:8B:12:5E Certificate issuer: /CN=D68CA7C6F514D7168C00790717FB869AF68B125E Certificate serial: 40E24C3C20CD499D64E67EFD3E4450B1E4AFA6D0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft Manifest number: 0298 Signing time: Sat 28 Feb 2026 15:20:58 +0000 Manifest this update: Sat 28 Feb 2026 15:15:58 +0000 Manifest next update: Wed 04 Mar 2026 01:23:58 +0000 Files and hashes: 1: 323030313a6466313a363338303a3a2f34382d3438203d3e20313339333831.roa (hash: vuTTJNURLP5vgJImsWTQOQLshtByIl8yIWAQC+TExAY=) 2: 3130332e3134322e3235342e302f32342d3234203d3e20313339333831.roa (hash: xpJYN2koDz6242yH404bncg8zalibRwq73KpJsJcVB8=) 3: D68CA7C6F514D7168C00790717FB869AF68B125E.crl (hash: pRxK7mPm38lDzvy++xdXUAQf1oQWJsqBcD+cVOsbwa8=) 4: 323030313a6466313a363338303a3a2f34382d3438203d3e203435333035.roa (hash: G7BNKn0aQeDATXJ1JamzPIxZOqsRSSDm9xJMQAbHt5c=) 5: 3130332e3134322e3235342e302f32332d3234203d3e20313339333831.roa (hash: gV2Q8xF8XiWikE1+w9yu7jENKeKHaDELW9P6oOlSzDE=) 6: 3130332e3134322e3235342e302f32332d3234203d3e203435333035.roa (hash: 09EcthFcc0U294qSUk1qjMUpfEmQzlaHp9ePt/3ow3Q=) 7: 3130332e3134322e3235352e302f32342d3234203d3e20313339333831.roa (hash: tArDMQ0CljWlxInpOnDNWhLbYH4HF1sjePzkXRXnEac=) 8: 3130332e3134322e3235342e302f32342d3234203d3e203435333035.roa (hash: ebXS+Tyb8iuyOHa8yQE2FE8hZAgaawDNcd7a/TUN4jY=) 9: 3130332e3134322e3235352e302f32342d3234203d3e203435333035.roa (hash: fW5qne1R9fTa45nGDciUROmSkAV8mbUeGR9m/oXMOAw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.crl rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 01:23:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:e2:4c:3c:20:cd:49:9d:64:e6:7e:fd:3e:44:50:b1:e4:af:a6:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D68CA7C6F514D7168C00790717FB869AF68B125E Validity Not Before: Feb 28 15:15:58 2026 GMT Not After : Mar 4 01:23:58 2026 GMT Subject: CN=574FEAF7AC5909A722A51A781A4121A446F418C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f6:09:45:7c:5e:5e:f2:81:23:c5:74:84:6a: 3b:b9:c7:ef:a5:bf:39:19:8a:ce:18:a6:df:a0:6c: 7a:69:96:5f:cc:06:09:09:79:e5:a3:b8:a7:18:93: fa:5d:21:df:37:be:b0:03:15:89:7d:ab:84:d7:25: d4:fe:08:d2:38:d9:0f:96:58:9b:2f:7b:c4:cc:e0: a8:c5:c2:c5:07:08:d1:fc:65:d1:ed:75:fd:4f:3d: ab:5f:a6:69:3e:f3:03:70:de:0b:b1:99:6d:d5:29: c7:d4:07:9b:63:5b:d6:63:32:10:a0:27:43:09:c5: 80:4d:fb:ff:fc:43:2e:34:76:1d:72:4c:b8:ba:40: aa:1e:05:3a:3e:b4:f9:25:18:40:85:2b:7c:8a:4d: 45:47:ba:89:75:da:da:24:37:91:e3:53:13:1f:f4: 44:4c:c7:2a:41:d2:f9:6d:8c:3f:67:bc:d4:5f:2a: e9:9d:7d:39:bd:b9:f0:2d:6c:97:2c:23:ef:1d:d9: ec:6a:34:5e:16:11:4e:b1:7d:a7:d9:d0:b3:0d:81: 20:a3:3d:a8:4f:65:66:15:a8:f6:3e:72:11:9c:58: 9f:14:e3:4e:3b:2e:22:b9:4e:ad:fc:0b:83:76:4f: 77:dd:48:93:91:8a:76:23:02:22:63:11:36:92:ce: b9:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:4F:EA:F7:AC:59:09:A7:22:A5:1A:78:1A:41:21:A4:46:F4:18:C3 X509v3 Authority Key Identifier: keyid:D6:8C:A7:C6:F5:14:D7:16:8C:00:79:07:17:FB:86:9A:F6:8B:12:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:c7:46:43:5f:e5:51:d0:1f:3a:4d:cc:93:14:71:e3:2b:da: d1:bb:9e:cc:8c:80:a0:14:21:12:b0:15:ab:94:6c:3d:60:34: 0a:ab:39:ed:99:95:42:70:18:f4:90:22:b2:83:8a:37:1e:39: d5:cd:57:08:27:46:b7:d0:e8:95:91:3d:8d:15:33:75:36:6b: ab:d4:95:40:00:19:e3:12:a8:82:e4:99:41:a7:60:f1:fd:31: af:c1:8f:69:9c:da:c6:dd:84:93:72:5d:ee:e4:2a:21:db:4e: 39:c7:91:7a:56:64:4d:0e:b0:7c:9f:ea:6b:b4:89:1b:45:8f: b9:7a:7b:bd:a2:64:cc:2f:03:9c:20:e0:ce:77:3d:93:61:7c: 18:01:5d:49:4c:df:0e:2b:e3:7a:6d:4b:b4:75:38:9f:a0:fc: 02:7e:b0:64:a1:af:e7:3d:61:3d:6b:52:7f:ab:46:b5:11:f2: 6e:29:81:c8:3c:27:f9:4a:9e:c9:60:9a:7a:83:be:5d:29:79: 3b:2c:6e:63:41:72:6e:0c:c8:00:f4:5d:08:75:25:bf:4c:04: 14:0f:81:aa:83:fe:f4:e0:16:f9:40:84:89:0f:53:17:4f:b2: 46:6d:fc:23:66:a3:93:5a:70:aa:7c:8a:30:b0:99:ad:db:45: d0:ef:de:e2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQOJMPCDNSZ1k5n79PkRQseSvptAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2OUFG NjhCMTI1RTAeFw0yNjAyMjgxNTE1NThaFw0yNjAzMDQwMTIzNThaMDMxMTAvBgNV BAMTKDU3NEZFQUY3QUM1OTA5QTcyMkE1MUE3ODFBNDEyMUE0NDZGNDE4QzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ9glFfF5e8oEjxXSEaju5x++l vzkZis4Ypt+gbHppll/MBgkJeeWjuKcYk/pdId83vrADFYl9q4TXJdT+CNI42Q+W WJsve8TM4KjFwsUHCNH8ZdHtdf1PPatfpmk+8wNw3guxmW3VKcfUB5tjW9ZjMhCg J0MJxYBN+//8Qy40dh1yTLi6QKoeBTo+tPklGECFK3yKTUVHuol12tokN5HjUxMf 9ERMxypB0vltjD9nvNRfKumdfTm9ufAtbJcsI+8d2exqNF4WEU6xfafZ0LMNgSCj PahPZWYVqPY+chGcWJ8U4047LiK5Tq38C4N2T3fdSJORinYjAiJjETaSzrkhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUV0/q96xZCacipRp4GkEhpEb0GMMwHwYDVR0j BBgwFoAU1oynxvUU1xaMAHkHF/uGmvaLEl4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZGRjMWRkOC02ZDI1LTQ3YzctYWFhNC1iZGRmMWI5ZDY3N2UvMC9ENjhDQTdDNkY1 MTRENzE2OEMwMDc5MDcxN0ZCODY5QUY2OEIxMjVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2OUFGNjhC MTI1RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWRkYzFkZDgtNmQyNS00N2M3LWFh YTQtYmRkZjFiOWQ2NzdlLzAvRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2 OUFGNjhCMTI1RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE7HRkNf5VHQHzpNzJMUceMr2tG7nsyMgKAU IRKwFauUbD1gNAqrOe2ZlUJwGPSQIrKDijceOdXNVwgnRrfQ6JWRPY0VM3U2a6vU lUAAGeMSqILkmUGnYPH9Ma/Bj2mc2sbdhJNyXe7kKiHbTjnHkXpWZE0OsHyf6mu0 iRtFj7l6e72iZMwvA5wg4M53PZNhfBgBXUlM3w4r43ptS7R1OJ+g/AJ+sGShr+c9 YT1rUn+rRrUR8m4pgcg8J/lKnslgmnqDvl0peTssbmNBcm4MyAD0XQh1Jb9MBBQP gaqD/vTgFvlAhIkPUxdPskZt/CNmo5NacKp8ijCwma3bRdDv3uI= -----END CERTIFICATE-----Generated at Mon Mar 2 06:04:15 2026 by rpki-client