$ rpki-client -vvf repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft File: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft (raw, json) Hash identifier: yirXzUlddd8Wn5BKGn7DpY2AqVjpQG2GjAVM40ewTFk= Subject key identifier: F1:05:76:BD:DE:70:EB:AE:C6:D6:C3:EA:74:07:25:45:2D:4F:A0:FB Authority key identifier: BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 Certificate issuer: /CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Certificate serial: 339DBEF90AED3494D664ADC5979A48A27712874C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft Manifest number: 0229 Signing time: Sun 01 Mar 2026 07:20:57 +0000 Manifest this update: Sun 01 Mar 2026 07:15:57 +0000 Manifest next update: Wed 04 Mar 2026 14:28:57 +0000 Files and hashes: 1: 3130332e32302e38352e302f32342d3234203d3e20313530323337.roa (hash: /Ll9XnZwq9kQ7KqFTm1tz2GQbHOFyxKz40lfWdvRTyg=) 2: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl (hash: z6w84d2QZET61YNJDudJypN4G/yR4pq/pGnVLmJ5MTI=) 3: 3130332e32302e38342e302f32342d3234203d3e20313530323337.roa (hash: Q4o71jeTV80A1Kcs2rXwd40dCqE8n3Drpr6hWhmrWZg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 14:28:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:9d:be:f9:0a:ed:34:94:d6:64:ad:c5:97:9a:48:a2:77:12:87:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Validity Not Before: Mar 1 07:15:57 2026 GMT Not After : Mar 4 14:28:57 2026 GMT Subject: CN=F10576BDDE70EBAEC6D6C3EA740725452D4FA0FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:10:00:e9:42:08:b9:97:0b:54:0c:68:62:29: 67:19:6e:6b:c8:0c:36:bf:ba:b5:23:1e:bb:d6:80: 70:d1:22:ee:bd:95:ba:03:5e:3b:ca:3a:84:d0:73: e4:12:fc:31:65:94:74:42:d4:87:8d:54:31:87:ef: 68:56:81:54:9d:b0:fe:d8:d1:f3:14:15:9b:4a:89: 43:db:02:80:37:01:fb:49:64:4d:73:75:c5:9d:31: a1:4d:7a:86:89:f6:db:65:3f:af:48:ea:e0:ae:4b: 69:e5:c7:b8:53:b5:73:69:c8:c2:cb:d7:84:1d:dc: 12:58:ab:b7:94:1f:b9:0b:e3:f9:ed:72:2f:b8:68: 3d:a6:4e:8b:95:ae:34:20:47:29:b5:f7:94:fb:ee: 64:39:e1:17:24:b1:33:c5:a1:d4:24:85:d2:0f:9b: ad:74:88:e6:58:32:a2:7f:8a:e6:86:4a:fd:37:c0: b0:42:48:e9:84:81:c0:df:35:73:c8:d2:d6:27:db: f3:f4:96:ef:ba:54:29:64:10:5d:d3:66:a3:1e:1d: 5c:e0:02:f2:14:cc:70:e0:86:aa:f4:cb:d8:8f:c8: 6c:5d:aa:03:9a:a5:3c:31:e3:50:18:79:5a:e9:c8: dd:cc:3e:70:45:bf:88:5e:0c:60:82:93:23:19:f7: 47:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:05:76:BD:DE:70:EB:AE:C6:D6:C3:EA:74:07:25:45:2D:4F:A0:FB X509v3 Authority Key Identifier: keyid:BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:d5:9d:a2:2f:a9:11:2d:79:2b:d7:a8:a9:80:e1:42:51:cb: f5:5c:31:af:24:18:c5:7c:9a:a9:db:23:dd:39:bc:08:8a:6d: 97:61:67:46:9f:66:aa:bc:3a:61:a1:2b:d1:80:4e:56:d5:9b: 98:d7:2b:cb:d9:a2:78:99:2e:a4:88:3d:e3:71:e1:c0:54:93: e9:8b:31:a3:8a:c0:e4:07:26:6c:20:56:ce:bd:15:d8:8f:12: 82:4d:1d:61:73:6d:ae:d2:76:ed:f6:a8:8a:35:07:9c:35:d8: 4e:a6:0b:d3:d1:7c:45:50:fd:08:d5:2f:d2:5f:87:9d:45:30: 79:97:92:e3:95:b2:fe:3f:a7:b4:0d:bb:94:2f:07:ac:17:d9: 14:c9:34:b8:81:ef:6b:6f:b2:91:d5:86:ce:d3:d9:14:e2:92: 86:9f:1e:d6:33:fc:ac:69:a7:98:44:cc:c5:90:85:20:ed:a8: 6d:38:89:a7:46:36:6a:3e:c6:50:22:de:3c:e3:67:e6:c6:27: 13:b0:a7:1d:c6:0f:e6:7a:3d:c0:f6:6e:e8:2d:aa:89:35:de: 60:a5:58:ca:c7:ac:40:7f:d1:5c:be:3f:71:fd:05:78:f8:b8: de:3f:1b:b8:ea:92:42:12:14:3d:a0:44:ed:03:98:c3:e8:db: 8a:66:78:b9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUM52++QrtNJTWZK3Fl5pIoncSh0wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3 OURGRkZEMDAeFw0yNjAzMDEwNzE1NTdaFw0yNjAzMDQxNDI4NTdaMDMxMTAvBgNV BAMTKEYxMDU3NkJEREU3MEVCQUVDNkQ2QzNFQTc0MDcyNTQ1MkQ0RkEwRkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClEADpQgi5lwtUDGhiKWcZbmvI DDa/urUjHrvWgHDRIu69lboDXjvKOoTQc+QS/DFllHRC1IeNVDGH72hWgVSdsP7Y 0fMUFZtKiUPbAoA3AftJZE1zdcWdMaFNeoaJ9ttlP69I6uCuS2nlx7hTtXNpyMLL 14Qd3BJYq7eUH7kL4/ntci+4aD2mTouVrjQgRym195T77mQ54RcksTPFodQkhdIP m610iOZYMqJ/iuaGSv03wLBCSOmEgcDfNXPI0tYn2/P0lu+6VClkEF3TZqMeHVzg AvIUzHDghqr0y9iPyGxdqgOapTwx41AYeVrpyN3MPnBFv4heDGCCkyMZ90d9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8QV2vd5w667G1sPqdAclRS1PoPswHwYDVR0j BBgwFoAUvQynu37hRZehcfGx4+MSennf/9AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZDdhNzFiYy1mOTEwLTRiOGMtOWNmZi0wODU3ZDVmMmQzN2YvMC9CRDBDQTdCQjdF RTE0NTk3QTE3MUYxQjFFM0UzMTI3QTc5REZGRkQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3OURG RkZEMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2Q3YTcxYmMtZjkxMC00YjhjLTlj ZmYtMDg1N2Q1ZjJkMzdmLzAvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEy N0E3OURGRkZEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAInVnaIvqREteSvXqKmA4UJRy/VcMa8kGMV8 mqnbI905vAiKbZdhZ0afZqq8OmGhK9GATlbVm5jXK8vZoniZLqSIPeNx4cBUk+mL MaOKwOQHJmwgVs69FdiPEoJNHWFzba7Sdu32qIo1B5w12E6mC9PRfEVQ/QjVL9Jf h51FMHmXkuOVsv4/p7QNu5QvB6wX2RTJNLiB72tvspHVhs7T2RTikoafHtYz/Kxp p5hEzMWQhSDtqG04iadGNmo+xlAi3jzjZ+bGJxOwpx3GD+Z6PcD2bugtqok13mCl WMrHrEB/0Vy+P3H9BXj4uN4/G7jqkkISFD2gRO0DmMPo24pmeLk= -----END CERTIFICATE-----Generated at Mon Mar 2 18:29:37 2026 by rpki-client