$ rpki-client -vvf repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.mft File: 2985976A4B3081770748882703E16497964D05A6.mft (raw, json) Hash identifier: Rb9hkGBNTQuS+U7jTe7iyVa8dzXi/FVRh6gFxQZuf3M= Subject key identifier: 85:2F:DB:ED:47:A7:D3:C8:F6:34:47:4E:A6:4C:8D:18:7C:5B:1D:65 Authority key identifier: 29:85:97:6A:4B:30:81:77:07:48:88:27:03:E1:64:97:96:4D:05:A6 Certificate issuer: /CN=2985976A4B3081770748882703E16497964D05A6 Certificate serial: 2BE665966BF07332C55D1521410EFCE02946E3CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2985976A4B3081770748882703E16497964D05A6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.mft Manifest number: 0241 Signing time: Mon 02 Mar 2026 03:40:44 +0000 Manifest this update: Mon 02 Mar 2026 03:35:44 +0000 Manifest next update: Thu 05 Mar 2026 08:29:44 +0000 Files and hashes: 1: 323430333a38303a3a2f33322d3332203d3e20313334363233.roa (hash: 6DmXkqMFBwmOgmu7GrU8MAR3khWhl6gAoERCQcW2kCE=) 2: 2985976A4B3081770748882703E16497964D05A6.crl (hash: 4v49944qx0siRkB5ix6LMCapp29gCriqcX+jvEr6KGk=) 3: 3130332e3139372e39322e302f32342d3234203d3e20313334363233.roa (hash: s3jB5rGy3ygjsQ7KSNEtfVl4k8P8QCufhhtVBzaX2IQ=) 4: 3130332e3139372e39352e302f32342d3234203d3e20313334363233.roa (hash: h0i6o1md9zXeZ9ZcSa+PGKss268qYszF+iOxTtMdu4E=) 5: 3130332e3139372e39332e302f32342d3234203d3e20313334363233.roa (hash: RrW5I2lzLuA+7ZMS1LEMZMinrm7Ftg4PYDdGcwSGY08=) 6: 3130332e3139372e39342e302f32342d3234203d3e20313334363233.roa (hash: fbMC3foKpfnHAAX7CqNwv+8CUIBKmVdM4iWFdYY2w+c=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.crl rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2985976A4B3081770748882703E16497964D05A6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 06:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:e6:65:96:6b:f0:73:32:c5:5d:15:21:41:0e:fc:e0:29:46:e3:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2985976A4B3081770748882703E16497964D05A6 Validity Not Before: Mar 2 03:35:44 2026 GMT Not After : Mar 5 08:29:44 2026 GMT Subject: CN=852FDBED47A7D3C8F634474EA64C8D187C5B1D65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:f3:d3:23:56:e1:b1:0e:76:72:56:91:1a:46: 5a:2f:a1:f7:2b:3b:1e:55:9d:2a:dd:09:75:b2:16: 8a:84:b5:af:b0:1b:21:0b:2b:b6:6f:3a:fe:e7:6b: b9:a3:d5:be:4f:73:69:53:39:d7:dd:09:06:4a:e3: 58:32:e1:72:65:8d:d4:00:10:6e:bf:90:5b:39:b0: 07:9b:71:fb:14:c5:3c:d9:08:cc:92:9d:00:1a:89: 37:d8:d9:1a:1e:7a:5c:73:14:61:87:3b:fa:1a:34: 94:73:4c:65:d3:b1:35:c9:03:4a:53:e3:4c:78:40: 90:87:80:e6:80:c1:10:52:62:72:c4:3f:15:5a:31: ec:63:77:6d:44:2e:1d:68:aa:00:0b:be:69:53:62: 04:79:37:fe:73:46:bb:69:b5:ec:d1:45:5d:33:64: 36:2d:34:8b:18:2e:c2:b1:04:ea:30:d6:cb:6b:13: 09:2d:92:89:4a:27:7f:86:be:e6:ba:cd:9e:24:3f: 06:02:b5:83:f8:25:09:6b:f7:36:55:52:bb:2f:3c: cf:65:88:5b:7e:3c:93:e5:fc:4d:2d:fc:3f:10:e6: e0:db:53:0c:51:57:6c:e0:7b:56:7d:0f:e1:60:2b: bd:e3:f4:44:21:68:e3:62:ae:07:0d:bb:36:55:53: a7:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:2F:DB:ED:47:A7:D3:C8:F6:34:47:4E:A6:4C:8D:18:7C:5B:1D:65 X509v3 Authority Key Identifier: keyid:29:85:97:6A:4B:30:81:77:07:48:88:27:03:E1:64:97:96:4D:05:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2985976A4B3081770748882703E16497964D05A6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:72:74:e0:1f:7a:47:4d:d5:60:04:93:fe:40:19:5c:e8:0c: 90:b6:90:15:fe:fa:a0:f6:6d:dc:4d:1d:18:b1:8f:fc:a8:e5: 1c:72:d4:8f:49:f4:d0:eb:ea:94:d8:86:91:e1:8a:9d:fc:b4: 18:3f:f6:93:50:35:ee:f9:78:f6:79:cd:0a:30:0e:cd:17:9e: b5:2f:1e:d2:bb:80:9a:12:52:df:78:92:66:bb:31:08:b7:85: 54:29:a8:f5:81:d7:48:47:b7:90:9f:86:8d:74:9a:8f:21:10: ce:c5:87:07:ab:2b:e3:62:ce:fb:73:e1:5b:98:6c:c7:c2:53: a0:3b:d1:d9:a1:3e:ee:95:cd:f9:09:6b:75:0f:c4:96:bb:50: 6d:24:14:d3:09:9a:61:91:e5:e0:91:9e:f0:bb:8c:8f:fb:19: 26:6a:7a:a2:52:0d:d2:c3:e2:e4:77:07:ea:bd:0d:e7:dc:b3: 85:72:49:14:90:e9:25:de:8a:25:5a:55:8a:1b:9a:52:ce:e0: 6f:00:d0:34:9c:0f:ff:51:50:43:34:a4:49:50:8c:e2:3b:50: fe:2a:74:f7:98:77:a2:01:36:83:61:c0:e3:25:07:62:a4:d2: f3:76:23:42:af:4e:d1:bb:71:d9:76:46:76:8c:13:24:54:52: c7:d3:5c:42 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUK+ZllmvwczLFXRUhQQ784ClG488wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjk4NTk3NkE0QjMwODE3NzA3NDg4ODI3MDNFMTY0OTc5 NjREMDVBNjAeFw0yNjAzMDIwMzM1NDRaFw0yNjAzMDUwODI5NDRaMDMxMTAvBgNV BAMTKDg1MkZEQkVENDdBN0QzQzhGNjM0NDc0RUE2NEM4RDE4N0M1QjFENjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn89MjVuGxDnZyVpEaRlovofcr Ox5VnSrdCXWyFoqEta+wGyELK7ZvOv7na7mj1b5Pc2lTOdfdCQZK41gy4XJljdQA EG6/kFs5sAebcfsUxTzZCMySnQAaiTfY2RoeelxzFGGHO/oaNJRzTGXTsTXJA0pT 40x4QJCHgOaAwRBSYnLEPxVaMexjd21ELh1oqgALvmlTYgR5N/5zRrtptezRRV0z ZDYtNIsYLsKxBOow1strEwktkolKJ3+Gvua6zZ4kPwYCtYP4JQlr9zZVUrsvPM9l iFt+PJPl/E0t/D8Q5uDbUwxRV2zge1Z9D+FgK73j9EQhaONirgcNuzZVU6dXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhS/b7Uen08j2NEdOpkyNGHxbHWUwHwYDVR0j BBgwFoAUKYWXakswgXcHSIgnA+Fkl5ZNBaYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZWQxMDBkZi0wNDQxLTQzODEtYTNmYS01ODdkYjllOWMyZjAvMC8yOTg1OTc2QTRC MzA4MTc3MDc0ODg4MjcwM0UxNjQ5Nzk2NEQwNUE2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjk4NTk3NkE0QjMwODE3NzA3NDg4ODI3MDNFMTY0OTc5NjRE MDVBNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2VkMTAwZGYtMDQ0MS00MzgxLWEz ZmEtNTg3ZGI5ZTljMmYwLzAvMjk4NTk3NkE0QjMwODE3NzA3NDg4ODI3MDNFMTY0 OTc5NjREMDVBNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAK5ydOAfekdN1WAEk/5AGVzoDJC2kBX++qD2 bdxNHRixj/yo5Rxy1I9J9NDr6pTYhpHhip38tBg/9pNQNe75ePZ5zQowDs0XnrUv HtK7gJoSUt94kma7MQi3hVQpqPWB10hHt5Cfho10mo8hEM7FhwerK+Nizvtz4VuY bMfCU6A70dmhPu6VzfkJa3UPxJa7UG0kFNMJmmGR5eCRnvC7jI/7GSZqeqJSDdLD 4uR3B+q9Defcs4VySRSQ6SXeiiVaVYobmlLO4G8A0DScD/9RUEM0pElQjOI7UP4q dPeYd6IBNoNhwOMlB2Kk0vN2I0KvTtG7cdl2RnaMEyRUUsfTXEI= -----END CERTIFICATE-----Generated at Mon Mar 2 21:13:13 2026 by rpki-client