$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: vmKokdnRmYR7i+tJ6re+8v3IFRbASSlcODSLLPQJBAE= Subject key identifier: C9:54:99:22:95:77:B1:F4:8F:26:C6:8B:96:71:2E:30:6E:DD:92:79 Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 500362D39C428EA66832A011432D337C839AC49F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: EA Signing time: Sun 01 Mar 2026 08:22:37 +0000 Manifest this update: Sun 01 Mar 2026 08:17:37 +0000 Manifest next update: Wed 04 Mar 2026 16:31:37 +0000 Files and hashes: 1: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: lZifxE9wn4gNo49x/c2zuJLrTJtMPACwrpho99AjOzQ=) 2: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: I98r/YvoKJnqIbKebXKfBKywu1BzE/FQD60HTUreMMU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 16:31:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:03:62:d3:9c:42:8e:a6:68:32:a0:11:43:2d:33:7c:83:9a:c4:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Mar 1 08:17:37 2026 GMT Not After : Mar 4 16:31:37 2026 GMT Subject: CN=C95499229577B1F48F26C68B96712E306EDD9279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:4a:16:79:5d:15:c9:e9:ec:d0:8e:66:ac:8a: d1:2d:2b:8f:8d:9c:f6:d1:67:e3:56:4e:4e:c5:be: 81:62:3d:50:6d:e5:db:16:7a:ee:6f:9c:76:01:0c: 0a:5c:85:98:a2:19:fa:50:2b:d4:4a:b0:39:5e:cd: ca:24:46:d4:b8:ee:99:03:89:8a:fd:93:53:22:80: 0c:8b:01:1d:79:6e:5a:50:56:b0:5b:e8:b4:81:67: 71:ce:89:a5:e1:73:7f:08:2e:b3:41:f7:57:ec:aa: da:f6:5b:99:d3:60:35:1a:f7:6e:bb:9d:cb:bd:a2: f9:b6:68:f5:2f:41:f6:38:d7:51:8b:cf:63:1f:e3: e6:69:2e:66:0a:c7:ba:b4:9b:95:c9:b9:4b:af:68: 66:83:bf:49:6c:9c:51:5b:2d:0c:d3:3e:7e:6b:f6: 86:d3:78:8a:8a:b3:31:56:0b:11:48:34:2b:35:89: d9:28:75:41:46:e0:09:1c:06:29:fe:b8:e8:28:cf: 0a:97:ba:a3:b3:83:5b:60:4f:a4:db:40:fd:69:28: 2f:8a:05:81:bd:0f:a1:e0:43:e7:91:74:47:f4:cd: 10:04:bb:da:31:e4:53:9e:b8:03:44:ed:d6:d4:35: d0:39:65:94:c9:1c:b8:2e:8b:11:44:f1:9c:98:de: 63:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:54:99:22:95:77:B1:F4:8F:26:C6:8B:96:71:2E:30:6E:DD:92:79 X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:b0:62:c9:8e:a0:29:b8:6d:4a:a1:81:94:b1:12:d1:aa:54: fe:4a:d1:bd:4b:d6:26:ce:7f:cd:2e:a5:e0:16:a9:8c:da:a8: 48:5c:6f:b9:6d:2a:9a:8d:e9:66:07:ea:37:9f:ca:46:4e:18: 7a:37:fb:f5:64:82:25:af:5c:90:fa:a1:d7:eb:4f:69:c3:15: d7:48:c8:b4:a6:6f:ec:68:9d:68:2f:ba:dc:07:59:f7:55:db: f4:a0:77:5f:e6:8f:6b:0e:44:bc:ea:25:9f:eb:d0:40:dd:76: da:8b:6d:df:41:f8:62:6b:85:7d:77:b7:30:a6:c6:97:32:1e: db:42:f2:c5:88:f7:54:a4:6b:ed:2b:43:30:2c:31:b5:db:49: 11:c3:57:6b:1a:9a:73:ba:e3:8b:10:03:45:16:ef:93:39:50: 8f:16:db:c1:fa:90:da:91:86:27:1b:8d:5f:6c:86:76:c6:78: 44:a3:e0:39:c1:b0:2b:01:9e:b5:90:a4:c4:07:38:d1:ac:c6: b7:4f:92:e9:39:62:7f:ee:fb:65:23:7a:95:4b:c9:00:8e:67: 42:a8:f8:83:84:5c:11:c2:4b:c8:45:9c:fb:8a:f4:7c:fe:3a: ec:eb:3d:30:d4:31:a0:aa:f5:be:20:f8:2b:32:c5:18:7b:4e: 4d:23:00:a7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUANi05xCjqZoMqARQy0zfIOaxJ8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNjAzMDEwODE3MzdaFw0yNjAzMDQxNjMxMzdaMDMxMTAvBgNV BAMTKEM5NTQ5OTIyOTU3N0IxRjQ4RjI2QzY4Qjk2NzEyRTMwNkVERDkyNzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiShZ5XRXJ6ezQjmasitEtK4+N nPbRZ+NWTk7FvoFiPVBt5dsWeu5vnHYBDApchZiiGfpQK9RKsDlezcokRtS47pkD iYr9k1MigAyLAR15blpQVrBb6LSBZ3HOiaXhc38ILrNB91fsqtr2W5nTYDUa9267 ncu9ovm2aPUvQfY411GLz2Mf4+ZpLmYKx7q0m5XJuUuvaGaDv0lsnFFbLQzTPn5r 9obTeIqKszFWCxFINCs1idkodUFG4AkcBin+uOgozwqXuqOzg1tgT6TbQP1pKC+K BYG9D6HgQ+eRdEf0zRAEu9ox5FOeuANE7dbUNdA5ZZTJHLguixFE8ZyY3mO3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUyVSZIpV3sfSPJsaLlnEuMG7dknkwHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIOwYsmOoCm4bUqhgZSxEtGqVP5K0b1L1ibO f80upeAWqYzaqEhcb7ltKpqN6WYH6jefykZOGHo3+/VkgiWvXJD6odfrT2nDFddI yLSmb+xonWgvutwHWfdV2/Sgd1/mj2sORLzqJZ/r0EDddtqLbd9B+GJrhX13tzCm xpcyHttC8sWI91Ska+0rQzAsMbXbSRHDV2samnO644sQA0UW75M5UI8W28H6kNqR hicbjV9shnbGeESj4DnBsCsBnrWQpMQHONGsxrdPkuk5Yn/u+2UjepVLyQCOZ0Ko +IOEXBHCS8hFnPuK9Hz+OuzrPTDUMaCq9b4g+CsyxRh7Tk0jAKc= -----END CERTIFICATE-----Generated at Mon Mar 2 14:59:17 2026 by rpki-client