$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: w/m5vO9yzdeoKsjRPjSsocXinrMYm2f3pPOlYzuEqY4= Subject key identifier: D4:65:D0:A3:0C:4F:E9:4B:E2:08:03:11:3A:EA:06:09:DC:C6:9E:6D Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 6D42EE2A887CAF8778F0C3762B37397119715676 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 026A Signing time: Sun 01 Mar 2026 11:42:00 +0000 Manifest this update: Sun 01 Mar 2026 11:37:00 +0000 Manifest next update: Wed 04 Mar 2026 12:29:00 +0000 Files and hashes: 1: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: HNI0ArO+KsvaMgGqtyRRpqs1evvFTKgd+Siy8K2ur7A=) 2: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: LIa9swo4ATreo8NGU7sHQi4UkqPnQBXJglnrkwsfXfo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 12:29:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:42:ee:2a:88:7c:af:87:78:f0:c3:76:2b:37:39:71:19:71:56:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Mar 1 11:37:00 2026 GMT Not After : Mar 4 12:29:00 2026 GMT Subject: CN=D465D0A30C4FE94BE20803113AEA0609DCC69E6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:9b:fd:62:9f:90:39:57:7c:88:77:be:6f:56: 01:f7:50:a2:d0:67:c1:58:f8:67:d3:ce:66:21:d9: a8:3a:d2:44:cc:2e:5a:3a:7a:4f:08:3b:28:c6:f7: 1b:53:e2:56:0f:99:27:27:f2:10:7c:e3:5f:58:76: 59:be:71:bf:01:2c:e9:08:db:85:56:f3:71:3c:a0: 9f:1f:f3:88:60:c5:21:95:a5:73:ec:86:3d:b5:e4: 61:5d:8b:1d:11:27:44:09:47:72:a0:57:67:0b:39: 73:0f:99:ef:1d:9e:4c:7a:af:8c:cc:07:66:32:c1: 89:0a:8c:d9:f0:50:20:4f:e4:be:7c:c5:09:47:19: 6a:90:d6:a6:22:ec:d0:c5:6e:0f:07:6d:4d:4a:57: 4b:9b:79:65:8d:77:b8:5a:16:67:ae:aa:ed:8a:b7: c3:7e:15:47:85:5f:6b:2f:58:92:03:95:0f:34:53: a4:50:a0:d7:be:5a:2f:f9:88:6c:e3:0a:f5:a6:cd: ad:e0:47:b0:8a:43:f7:6c:29:62:ec:71:98:49:a7: 92:b2:64:83:7c:d7:86:f4:81:e6:f0:85:4c:60:12: a8:af:56:97:ea:35:b7:d4:71:5a:b9:f0:ae:04:38: 4e:06:7a:0c:8e:84:67:04:1f:22:58:94:5f:7e:ac: cd:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:65:D0:A3:0C:4F:E9:4B:E2:08:03:11:3A:EA:06:09:DC:C6:9E:6D X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:8c:95:7a:4b:c2:cf:61:e4:d5:a0:5d:0d:a1:33:51:ee:e2: c5:0f:3b:7d:cc:c6:33:47:00:4a:17:58:7a:b8:61:65:d5:6a: 14:1b:55:44:8f:bd:69:81:46:b4:be:c9:e9:26:1d:5a:d0:36: 97:20:60:bd:f6:ad:20:bf:ca:43:3d:61:1c:ab:aa:93:82:9b: 8e:a2:2e:d5:00:07:d3:ba:a3:24:b7:c1:8e:cc:38:c4:45:98: 73:fa:46:a0:2f:2e:d9:29:7d:a6:3d:5b:4b:f0:c5:d2:14:51: 2d:2d:f1:0f:4a:42:ac:04:0a:a9:a9:9a:45:09:f9:33:22:de: 77:13:82:19:a5:a6:72:8c:38:5e:a5:da:f7:25:ca:2a:30:1b: 92:d1:87:83:73:27:3a:a4:e9:c5:8e:a0:84:40:29:67:09:5e: 61:d4:01:e1:98:b6:5c:a9:e9:03:52:16:ca:50:44:d5:6d:c4: ba:79:62:aa:34:cd:0a:d3:b0:44:fc:a8:96:0b:f3:60:5c:c5: ed:1c:43:9d:b7:26:35:1a:b9:ca:25:77:58:b9:37:f1:63:81: 0f:2d:26:a5:9b:51:84:92:f3:d6:06:70:fd:95:aa:68:9f:b3: ac:06:74:74:c4:3d:4e:c7:4d:2b:76:c7:12:76:6a:61:a5:71: 18:42:7f:64 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbULuKoh8r4d48MN2Kzc5cRlxVnYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNjAzMDExMTM3MDBaFw0yNjAzMDQxMjI5MDBaMDMxMTAvBgNV BAMTKEQ0NjVEMEEzMEM0RkU5NEJFMjA4MDMxMTNBRUEwNjA5RENDNjlFNkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIm/1in5A5V3yId75vVgH3UKLQ Z8FY+GfTzmYh2ag60kTMLlo6ek8IOyjG9xtT4lYPmScn8hB8419Ydlm+cb8BLOkI 24VW83E8oJ8f84hgxSGVpXPshj215GFdix0RJ0QJR3KgV2cLOXMPme8dnkx6r4zM B2YywYkKjNnwUCBP5L58xQlHGWqQ1qYi7NDFbg8HbU1KV0ubeWWNd7haFmeuqu2K t8N+FUeFX2svWJIDlQ80U6RQoNe+Wi/5iGzjCvWmza3gR7CKQ/dsKWLscZhJp5Ky ZIN814b0gebwhUxgEqivVpfqNbfUcVq58K4EOE4GegyOhGcEHyJYlF9+rM3bAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1GXQowxP6UviCAMROuoGCdzGnm0wHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALOMlXpLws9h5NWgXQ2hM1Hu4sUPO33MxjNH AEoXWHq4YWXVahQbVUSPvWmBRrS+yekmHVrQNpcgYL32rSC/ykM9YRyrqpOCm46i LtUAB9O6oyS3wY7MOMRFmHP6RqAvLtkpfaY9W0vwxdIUUS0t8Q9KQqwECqmpmkUJ +TMi3ncTghmlpnKMOF6l2vclyiowG5LRh4NzJzqk6cWOoIRAKWcJXmHUAeGYtlyp 6QNSFspQRNVtxLp5Yqo0zQrTsET8qJYL82Bcxe0cQ523JjUaucold1i5N/FjgQ8t JqWbUYSS89YGcP2Vqmifs6wGdHTEPU7HTSt2xxJ2amGlcRhCf2Q= -----END CERTIFICATE-----Generated at Mon Mar 2 17:14:11 2026 by rpki-client