$ rpki-client -vvf repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft File: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft (raw, json) Hash identifier: IwPiyUKnW+Rulg75RS1i1wOKTnJ4If5xVcIcgaQ2NBA= Subject key identifier: 37:D2:DB:89:89:66:15:73:1D:11:5E:D9:B5:8F:9D:2C:91:BD:48:9E Authority key identifier: 28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC Certificate issuer: /CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Certificate serial: 6A6D2059F00997B5607F3068A33DB9CFB546902E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft Manifest number: C8 Signing time: Sun 01 Mar 2026 12:02:17 +0000 Manifest this update: Sun 01 Mar 2026 11:57:17 +0000 Manifest next update: Wed 04 Mar 2026 21:42:17 +0000 Files and hashes: 1: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl (hash: dqGz17NYfVTPtgVHrgxbtAAvzhy7vLiFGbeV3vRGaq4=) 2: 323430363a373534303a3a2f33322d3332203d3e20313431303637.roa (hash: tGZJC6gHp+rBRUU+fviXr/Qmv6Fq3jy2euNYPnmiMt4=) 3: 3130332e3135352e3139312e302f32342d3234203d3e20313431303637.roa (hash: HqTyhMmIQNWyd9Uu39hBDh2ymSKez80mYyj1XdusXb0=) 4: 3130332e3135352e3139302e302f32342d3234203d3e20313431303637.roa (hash: 4k5l0oKGlgrseypJOAcgbZ3voSGQS5pK7FIolyad81E=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 21:42:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:6d:20:59:f0:09:97:b5:60:7f:30:68:a3:3d:b9:cf:b5:46:90:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Validity Not Before: Mar 1 11:57:17 2026 GMT Not After : Mar 4 21:42:17 2026 GMT Subject: CN=37D2DB89896615731D115ED9B58F9D2C91BD489E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0a:b2:84:e4:f2:59:23:3c:12:32:45:0d:0d: b1:f4:14:77:bb:1a:2d:ae:ed:d3:b4:a0:25:85:19: df:84:99:f6:2f:c2:95:a1:4b:45:96:00:d5:49:30: e7:ae:34:5b:9e:fc:d1:a2:98:31:ff:16:1d:58:39: e7:cf:e7:56:6a:f0:b9:34:11:14:45:c5:42:a3:f6: 13:6e:f4:19:a0:a5:79:59:d2:63:bb:ce:d8:fd:e4: ca:fb:bb:c0:d9:be:07:1e:17:44:96:04:48:a0:f9: a1:bc:cf:37:5e:f6:ef:ee:9a:c4:68:81:9d:ab:da: 25:e0:cc:34:1d:f9:f9:11:d7:6d:e8:0f:7b:c8:ee: 26:f2:d5:fe:d8:30:37:30:b4:24:84:2c:8d:54:f8: 58:da:49:86:fc:fc:62:38:82:0b:8d:20:1d:86:2f: 26:7c:9b:61:e8:df:9c:ff:c0:90:32:54:2d:e0:1b: 9a:c4:fb:c6:90:c1:29:a7:6a:ab:22:03:ec:7a:4c: 43:7c:73:00:8a:66:47:21:60:c7:be:5e:01:8b:fb: 52:1b:dd:c4:d1:fa:fa:f2:5e:6a:9f:44:c4:63:e7: 32:d9:47:a4:bc:7a:87:60:3d:e0:53:3e:a0:d7:ef: 11:64:1a:93:2c:73:15:82:b2:bd:30:14:0d:63:e0: f1:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:D2:DB:89:89:66:15:73:1D:11:5E:D9:B5:8F:9D:2C:91:BD:48:9E X509v3 Authority Key Identifier: keyid:28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cb:92:6b:fa:0c:42:b8:51:d2:2b:e8:6f:4f:88:a9:f4:18:08: 1d:cc:d8:a1:71:6b:8f:db:ea:82:1f:8e:32:2d:fa:e9:ee:24: e3:9a:de:df:fc:a4:c9:20:ae:ba:e0:6d:51:c6:6d:d8:a2:65: f9:b6:c9:9e:95:e3:4d:46:20:e3:07:17:e3:66:22:cc:a8:9a: c9:68:77:ec:a0:ca:c7:4d:fa:50:e8:7b:9c:0d:4c:bc:8f:f6: 20:c9:78:da:f9:b3:c6:22:5f:62:b2:a5:7c:3f:b4:39:df:81: a1:d9:7d:b0:f4:f7:41:95:92:17:e1:44:3f:0f:b2:21:a1:b8: 34:9a:9e:52:42:04:38:05:75:1a:82:83:35:40:22:8f:87:11: 32:69:8e:99:b3:c8:38:af:4f:85:81:65:e4:b9:d8:9e:07:51: 98:8f:73:b1:c7:22:80:5a:f8:38:9c:9d:e2:34:59:47:93:f5: 75:4c:ae:3b:5e:d8:39:92:9b:b0:87:73:7a:76:62:62:81:14: 0e:e3:0f:e9:f8:21:ff:62:4a:ee:b1:2e:76:87:93:de:63:e9: 39:32:2b:de:ff:46:85:1a:18:d6:ea:4b:9c:74:2a:94:38:99: 22:25:f8:49:cf:db:f5:f8:dc:1a:1a:23:09:38:23:4f:93:4f: f0:ed:c4:c6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUam0gWfAJl7VgfzBooz25z7VGkC4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZD NTdFOUJFQzAeFw0yNjAzMDExMTU3MTdaFw0yNjAzMDQyMTQyMTdaMDMxMTAvBgNV BAMTKDM3RDJEQjg5ODk2NjE1NzMxRDExNUVEOUI1OEY5RDJDOTFCRDQ4OUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHCrKE5PJZIzwSMkUNDbH0FHe7 Gi2u7dO0oCWFGd+EmfYvwpWhS0WWANVJMOeuNFue/NGimDH/Fh1YOefP51Zq8Lk0 ERRFxUKj9hNu9BmgpXlZ0mO7ztj95Mr7u8DZvgceF0SWBEig+aG8zzde9u/umsRo gZ2r2iXgzDQd+fkR123oD3vI7iby1f7YMDcwtCSELI1U+FjaSYb8/GI4gguNIB2G LyZ8m2Ho35z/wJAyVC3gG5rE+8aQwSmnaqsiA+x6TEN8cwCKZkchYMe+XgGL+1Ib 3cTR+vryXmqfRMRj5zLZR6S8eodgPeBTPqDX7xFkGpMscxWCsr0wFA1j4PFTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUN9LbiYlmFXMdEV7ZtY+dLJG9SJ4wHwYDVR0j BBgwFoAUKLMFxmM2xDOrYBum8LNS5sV+m+wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YjZlOWI1MS1iZDg3LTQ5MDUtOWJmNC1hODQ4YTQ0ZTViYTUvMC8yOEIzMDVDNjYz MzZDNDMzQUI2MDFCQTZGMEIzNTJFNkM1N0U5QkVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZDNTdF OUJFQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGI2ZTliNTEtYmQ4Ny00OTA1LTli ZjQtYTg0OGE0NGU1YmE1LzAvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUy RTZDNTdFOUJFQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMuSa/oMQrhR0ivob0+IqfQYCB3M2KFxa4/b 6oIfjjIt+unuJOOa3t/8pMkgrrrgbVHGbdiiZfm2yZ6V401GIOMHF+NmIsyomslo d+ygysdN+lDoe5wNTLyP9iDJeNr5s8YiX2KypXw/tDnfgaHZfbD090GVkhfhRD8P siGhuDSanlJCBDgFdRqCgzVAIo+HETJpjpmzyDivT4WBZeS52J4HUZiPc7HHIoBa +DicneI0WUeT9XVMrjte2DmSm7CHc3p2YmKBFA7jD+n4If9iSu6xLnaHk95j6Tky K97/RoUaGNbqS5x0KpQ4mSIl+EnP2/X43BoaIwk4I0+TT/DtxMY= -----END CERTIFICATE-----Generated at Mon Mar 2 08:20:13 2026 by rpki-client