$ rpki-client -vvf repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft File: D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft (raw, json) Hash identifier: TWhSx3M1ttIip//kR4EWjF/ZmAsud4FdVMlHxe4qHl4= Subject key identifier: FE:D1:12:44:FC:70:26:B3:71:C2:A6:0C:3C:6C:42:11:85:E8:E5:2E Authority key identifier: D2:8B:A9:D5:E3:21:93:DE:E2:9E:B4:C1:94:4F:35:FC:32:D8:B1:9B Certificate issuer: /CN=D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B Certificate serial: 0BA83CF176662121DA8C08D24C3E4775CC92ACD3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft Manifest number: 010B Signing time: Sun 01 Mar 2026 06:12:21 +0000 Manifest this update: Sun 01 Mar 2026 06:07:21 +0000 Manifest next update: Wed 04 Mar 2026 11:18:21 +0000 Files and hashes: 1: 3130332e38342e3230302e302f32342d3234203d3e20313336303935.roa (hash: ajCQWCbIuLR2rdyLkSz/8WmAOj/J1v9eHfGi8P7WLFg=) 2: D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.crl (hash: l6TdLqoCeiR1oBz/oNnzZBzQOPbEQEYxOLrUng8b/AM=) 3: 3130332e38342e3230312e302f32342d3234203d3e20313336303935.roa (hash: 6UTk6qTE+l33r+zdpJdYayRwLX5BpaOtu0Am/wxoORw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.crl rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 11:18:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:a8:3c:f1:76:66:21:21:da:8c:08:d2:4c:3e:47:75:cc:92:ac:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B Validity Not Before: Mar 1 06:07:21 2026 GMT Not After : Mar 4 11:18:21 2026 GMT Subject: CN=FED11244FC7026B371C2A60C3C6C421185E8E52E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:50:1b:1d:6e:3a:9c:7b:6f:fa:4d:75:41:bc: ae:f0:44:6b:81:6b:bc:7e:3a:a6:f1:fb:4a:c5:58: b4:2a:6e:4b:d6:28:f3:57:5a:c2:7d:ce:32:78:31: 04:e2:b2:56:22:87:82:6c:be:3f:86:2e:05:34:20: cf:d4:0c:3a:a6:af:be:d7:b0:c7:17:18:dd:6e:6e: f6:6e:a2:40:f6:49:b0:a1:45:0b:9e:33:0d:52:5f: b0:5f:af:48:ed:bc:b5:54:08:fe:67:cb:24:86:ec: 3f:42:fa:28:33:0e:ac:32:df:4b:33:fd:d3:1b:b4: 64:74:1b:40:b6:b7:67:8e:fa:a4:10:99:73:59:0a: a8:3f:7a:56:e9:2d:84:c7:d1:11:f2:a7:ea:e4:82: 34:49:41:cd:80:eb:95:1a:6e:b9:95:0a:a6:92:d6: 4b:05:30:a4:6f:ed:5c:4a:a7:9d:c6:71:15:ab:bb: f4:dd:3b:a8:ed:aa:be:b5:2b:0b:50:fc:c9:61:18: b1:2e:6c:f2:78:43:0e:cd:5c:75:fe:8d:0d:71:35: 58:4e:83:7d:dd:4e:6d:f4:e4:88:50:3e:79:a6:d7: 00:e4:6b:3c:52:d0:d0:ed:da:e0:f0:af:86:65:b1: 72:5b:0c:dc:4e:d3:29:c7:58:8e:10:f8:ef:69:d8: 14:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:D1:12:44:FC:70:26:B3:71:C2:A6:0C:3C:6C:42:11:85:E8:E5:2E X509v3 Authority Key Identifier: keyid:D2:8B:A9:D5:E3:21:93:DE:E2:9E:B4:C1:94:4F:35:FC:32:D8:B1:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:41:16:d9:22:7d:d6:35:c4:38:49:85:bd:5f:7e:b7:b5:68: 5d:f2:6e:3a:38:7a:75:3f:46:19:83:bc:82:1b:72:f4:df:37: 08:b8:62:f9:88:6c:5a:d6:74:42:77:68:4e:55:57:65:e6:1c: 61:74:6e:48:35:4d:e9:1e:98:e2:ff:01:df:a5:c5:ae:0b:ee: 11:2e:8e:81:52:2e:1a:b5:e9:03:c7:9f:2d:0f:7c:f5:35:fc: 61:09:4c:59:00:c8:9e:38:99:5a:64:c8:e1:8a:86:4c:2d:02: e7:0c:ba:5c:43:3e:3b:37:7b:12:76:75:3f:54:cf:8a:a8:9c: 8f:15:dd:01:bd:45:72:7f:f0:d0:de:c3:96:d8:aa:83:ce:78: 11:65:fc:52:0b:eb:b1:91:39:14:d6:29:22:2c:04:31:2c:c1: fb:a2:70:1d:67:b2:8f:71:79:6c:fb:19:d3:4f:58:a7:f0:7d: 37:68:c9:a1:d6:ea:bb:89:49:8e:b9:c3:41:86:83:be:df:21: e7:d9:39:e2:e1:25:6d:89:e9:96:07:5e:59:76:a6:c9:db:b7: 35:58:9e:00:06:ef:a4:ee:69:49:e7:82:6b:e4:bd:92:97:b2: 06:a2:1e:66:e0:4b:86:13:84:9c:7d:e1:fe:3b:12:ba:a5:a1: 1c:fd:85:01 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUC6g88XZmISHajAjSTD5HdcySrNMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDI4QkE5RDVFMzIxOTNERUUyOUVCNEMxOTQ0RjM1RkMz MkQ4QjE5QjAeFw0yNjAzMDEwNjA3MjFaFw0yNjAzMDQxMTE4MjFaMDMxMTAvBgNV BAMTKEZFRDExMjQ0RkM3MDI2QjM3MUMyQTYwQzNDNkM0MjExODVFOEU1MkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUBsdbjqce2/6TXVBvK7wRGuB a7x+Oqbx+0rFWLQqbkvWKPNXWsJ9zjJ4MQTislYih4Jsvj+GLgU0IM/UDDqmr77X sMcXGN1ubvZuokD2SbChRQueMw1SX7Bfr0jtvLVUCP5nyySG7D9C+igzDqwy30sz /dMbtGR0G0C2t2eO+qQQmXNZCqg/elbpLYTH0RHyp+rkgjRJQc2A65UabrmVCqaS 1ksFMKRv7VxKp53GcRWru/TdO6jtqr61KwtQ/MlhGLEubPJ4Qw7NXHX+jQ1xNVhO g33dTm305IhQPnmm1wDkazxS0NDt2uDwr4ZlsXJbDNxO0ynHWI4Q+O9p2BTNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/tESRPxwJrNxwqYMPGxCEYXo5S4wHwYDVR0j BBgwFoAU0oup1eMhk97inrTBlE81/DLYsZswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y NWUyNDE1Yy03ZDRmLTQ0MjctODMyZC01OWI0Yzc5YWFlNWEvMC9EMjhCQTlENUUz MjE5M0RFRTI5RUI0QzE5NDRGMzVGQzMyRDhCMTlCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDI4QkE5RDVFMzIxOTNERUUyOUVCNEMxOTQ0RjM1RkMzMkQ4 QjE5Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjVlMjQxNWMtN2Q0Zi00NDI3LTgz MmQtNTliNGM3OWFhZTVhLzAvRDI4QkE5RDVFMzIxOTNERUUyOUVCNEMxOTQ0RjM1 RkMzMkQ4QjE5Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADpBFtkifdY1xDhJhb1ffre1aF3ybjo4enU/ RhmDvIIbcvTfNwi4YvmIbFrWdEJ3aE5VV2XmHGF0bkg1TekemOL/Ad+lxa4L7hEu joFSLhq16QPHny0PfPU1/GEJTFkAyJ44mVpkyOGKhkwtAucMulxDPjs3exJ2dT9U z4qonI8V3QG9RXJ/8NDew5bYqoPOeBFl/FIL67GRORTWKSIsBDEswfuicB1nso9x eWz7GdNPWKfwfTdoyaHW6ruJSY65w0GGg77fIefZOeLhJW2J6ZYHXll2psnbtzVY ngAG76TuaUnngmvkvZKXsgaiHmbgS4YThJx94f47ErqloRz9hQE= -----END CERTIFICATE-----Generated at Mon Mar 2 11:40:13 2026 by rpki-client