$ rpki-client -vvf repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft File: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft (raw, json) Hash identifier: JfKt9mG2uP3E6To0WqmXEHRrx/Y1C4xFAd8UZk3VpC8= Subject key identifier: 65:FA:F1:79:A2:C3:F6:A4:8D:C0:5B:F8:E5:ED:DB:EA:8B:FA:3F:C1 Authority key identifier: CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C Certificate issuer: /CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Certificate serial: 3F8B68F214183970369483285D0C74269E9BC91F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft Manifest number: 0553 Signing time: Sun 01 Mar 2026 14:11:36 +0000 Manifest this update: Sun 01 Mar 2026 14:06:36 +0000 Manifest next update: Wed 04 Mar 2026 18:06:36 +0000 Files and hashes: 1: 323430333a626163303a3a2f33322d3438203d3e20313333383135.roa (hash: bj03wSoaB1PZHhqBBV4Wr4Sjs0onXCgWYauPl2mcWtw=) 2: 3130332e3133302e3133362e302f32322d3234203d3e20313333383135.roa (hash: gDwS3CZNot9PKNbXfgVaxRg3XKEAojqRRjZmWUnIieM=) 3: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl (hash: tsx5oa97jpLr3hUw+D1VFwSyQMD9UJ2avgDFmPobMc8=) 4: 323430333a353763303a3a2f33322d3438203d3e20313333383135.roa (hash: qJMxf0aJqdHPfbLPNvUiMxKhq3U6DmyX3ZCQXdLa44w=) 5: 3130332e35322e34342e302f32322d3234203d3e20313333383135.roa (hash: +hHtMHqrRgOxnxPgQ1JDtVaqmRcnzLdlLvloLKvOcZA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 18:06:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:8b:68:f2:14:18:39:70:36:94:83:28:5d:0c:74:26:9e:9b:c9:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Validity Not Before: Mar 1 14:06:36 2026 GMT Not After : Mar 4 18:06:36 2026 GMT Subject: CN=65FAF179A2C3F6A48DC05BF8E5EDDBEA8BFA3FC1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ca:d7:14:a0:23:81:df:ba:df:c2:ac:e1:71: ea:c4:0a:fd:d6:8b:6d:e7:08:5b:f1:92:f9:f2:13: 48:36:ff:11:01:c3:5d:48:11:dc:84:3a:83:93:e5: 1b:4c:90:6e:dc:3e:85:5d:1d:3e:3c:1c:9a:fd:a7: 2f:e3:a7:8b:9f:fc:40:86:7e:01:f2:ee:06:11:b9: d3:36:cf:66:d4:12:ab:89:7d:93:3d:ef:f9:d5:e3: 55:23:94:35:aa:85:31:49:a5:1e:49:04:99:67:a2: 54:87:14:37:a2:23:8e:94:b8:24:6e:56:cd:64:30: 2b:26:fc:ad:65:7a:ff:7d:6a:a7:59:6e:e4:58:2b: d2:14:b4:53:da:de:5a:66:ea:0c:9d:94:14:ac:cd: b0:6e:f0:36:f2:ad:a7:78:46:c2:3f:fe:32:e8:6c: 9c:ba:d6:5b:ef:03:e4:eb:fa:86:55:8c:c9:6c:3c: 4c:43:3c:59:c4:22:9b:2c:8c:41:f6:27:ff:dc:0a: 0a:2c:40:f9:49:c9:6b:6b:96:a4:38:bc:db:68:04: 57:35:7c:36:65:d6:4f:6c:49:4d:b0:d9:73:67:5c: d2:79:5b:96:e7:7d:53:77:26:b6:bf:31:74:ac:bc: ea:27:22:43:c4:f9:4d:e9:3e:33:00:48:84:76:a4: ff:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:FA:F1:79:A2:C3:F6:A4:8D:C0:5B:F8:E5:ED:DB:EA:8B:FA:3F:C1 X509v3 Authority Key Identifier: keyid:CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:92:82:ea:54:d7:10:a0:90:bc:c6:43:49:4c:60:93:00:bc: 35:db:59:c4:50:a3:38:ee:26:8c:99:1a:58:2e:e3:0d:be:38: 38:80:49:e4:d4:f9:14:ba:03:b5:00:dc:5d:1e:bf:3a:4b:81: 50:aa:9f:a6:39:92:76:34:50:1b:e5:e8:b4:17:ca:3b:7c:9c: c5:0e:af:c8:93:e3:cf:ab:03:69:e5:e1:55:89:df:47:0e:70: 2a:45:60:a0:30:ce:77:43:a7:99:96:cd:5d:ab:ef:24:36:9f: b1:ee:28:e4:c0:b4:3f:ad:ef:9b:4c:f2:56:b2:63:3a:4e:cf: ef:89:22:b7:a3:6a:40:d4:74:77:c7:02:96:b4:01:b5:15:27: 50:b2:2f:f9:54:e9:6e:9f:95:9e:5a:bf:05:68:ce:21:8a:96: a0:07:8e:17:9a:96:05:37:be:63:c6:b3:d2:f4:ab:66:85:06: f2:40:de:6b:4f:77:f7:d2:bf:d5:b1:5b:d0:3e:4a:c7:6c:12: 95:7c:df:f4:de:57:af:ec:c2:bd:ad:e2:f9:3b:a9:37:35:cf: c8:3a:b6:73:3d:92:9d:89:cc:31:75:c2:0b:73:5c:c4:a8:ac: 3b:71:1c:8f:3f:1d:bb:55:b6:7d:06:28:fe:26:73:21:cb:b3: 9b:d1:a5:83 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUP4to8hQYOXA2lIMoXQx0Jp6byR8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcw MzEyQUQ1QzAeFw0yNjAzMDExNDA2MzZaFw0yNjAzMDQxODA2MzZaMDMxMTAvBgNV BAMTKDY1RkFGMTc5QTJDM0Y2QTQ4REMwNUJGOEU1RUREQkVBOEJGQTNGQzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBytcUoCOB37rfwqzhcerECv3W i23nCFvxkvnyE0g2/xEBw11IEdyEOoOT5RtMkG7cPoVdHT48HJr9py/jp4uf/ECG fgHy7gYRudM2z2bUEquJfZM97/nV41UjlDWqhTFJpR5JBJlnolSHFDeiI46UuCRu Vs1kMCsm/K1lev99aqdZbuRYK9IUtFPa3lpm6gydlBSszbBu8Dbyrad4RsI//jLo bJy61lvvA+Tr+oZVjMlsPExDPFnEIpssjEH2J//cCgosQPlJyWtrlqQ4vNtoBFc1 fDZl1k9sSU2w2XNnXNJ5W5bnfVN3Jra/MXSsvOonIkPE+U3pPjMASIR2pP+fAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZfrxeaLD9qSNwFv45e3b6ov6P8EwHwYDVR0j BBgwFoAUzqA6B5iRB/VHorKrqmrU5wMSrVwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YTNhZTQ4NS1hNjU4LTRjNWMtYWJlMi0xZTdmZDhiMDM4YTAvMC9DRUEwM0EwNzk4 OTEwN0Y1NDdBMkIyQUJBQTZBRDRFNzAzMTJBRDVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcwMzEy QUQ1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmEzYWU0ODUtYTY1OC00YzVjLWFi ZTItMWU3ZmQ4YjAzOGEwLzAvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0 RTcwMzEyQUQ1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG+SgupU1xCgkLzGQ0lMYJMAvDXbWcRQozju JoyZGlgu4w2+ODiASeTU+RS6A7UA3F0evzpLgVCqn6Y5knY0UBvl6LQXyjt8nMUO r8iT48+rA2nl4VWJ30cOcCpFYKAwzndDp5mWzV2r7yQ2n7HuKOTAtD+t75tM8lay YzpOz++JIrejakDUdHfHApa0AbUVJ1CyL/lU6W6flZ5avwVoziGKlqAHjhealgU3 vmPGs9L0q2aFBvJA3mtPd/fSv9WxW9A+SsdsEpV83/TeV6/swr2t4vk7qTc1z8g6 tnM9kp2JzDF1wgtzXMSorDtxHI8/HbtVtn0GKP4mcyHLs5vRpYM= -----END CERTIFICATE-----Generated at Mon Mar 2 08:32:39 2026 by rpki-client