$ rpki-client -vvf repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft File: AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft (raw, json) Hash identifier: H3Jpgo4WasfhBZEEVj3IAMx8J+zQSC/z9PuUUe4/2mM= Subject key identifier: E2:20:BA:42:1E:CB:8A:7E:0A:30:F8:48:2D:B4:89:AE:D5:4F:9A:D0 Authority key identifier: AF:68:71:CA:FD:05:C6:F6:25:9C:DC:9B:3F:E8:65:6F:CE:DE:C3:D5 Certificate issuer: /CN=AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5 Certificate serial: 0D6F61A06245149E1E017A704A626CC82EB8FD73 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft Manifest number: DC Signing time: Mon 02 Mar 2026 13:30:01 +0000 Manifest this update: Mon 02 Mar 2026 13:25:01 +0000 Manifest next update: Thu 05 Mar 2026 23:20:01 +0000 Files and hashes: 1: AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.crl (hash: eKUZB5sUKAIkDk/q1AVHnVfoo5qtLkb6gJHnE3WL7pI=) 2: 3135372e36362e34302e302f32342d3234203d3e20313532373934.roa (hash: llbK8JVFmbrLSSzLv9Ovv2C1Mqs66Yxl6xm9VnsVOAw=) 3: 3135372e36362e34312e302f32342d3234203d3e20313532373934.roa (hash: 3Egq3cRo6EJ7UqcOfpeiiHWc5fNhn+xEtBo+/Cw0jbA=) 4: 3135372e36362e34302e302f32332d3233203d3e20313532373934.roa (hash: 9Rk+bLwCtN8F40lqmzQmjy2Qn3pf5qNIMJVV2njhbNk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.crl rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:6f:61:a0:62:45:14:9e:1e:01:7a:70:4a:62:6c:c8:2e:b8:fd:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5 Validity Not Before: Mar 2 13:25:01 2026 GMT Not After : Mar 5 23:20:01 2026 GMT Subject: CN=E220BA421ECB8A7E0A30F8482DB489AED54F9AD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e8:b8:20:61:ad:da:60:fa:1e:89:ea:5f:d9: ad:6f:90:85:06:35:3a:0c:73:e2:aa:04:dc:01:a6: e3:3b:7b:60:75:7f:07:c2:e7:8c:ae:bc:cb:a7:86: ae:88:65:d9:46:89:28:ec:50:13:08:f8:f8:83:08: 96:bb:26:78:8c:95:33:aa:24:25:9e:bf:cc:07:e8: 9c:c8:53:a0:c7:61:98:ad:18:bf:12:fc:7b:e4:93: 9e:b8:b5:da:bc:d3:90:5a:d7:b1:55:28:14:84:6c: 42:ad:3d:50:f7:a8:b2:5e:c6:51:03:bd:82:54:93: 76:56:52:19:43:9e:2c:f6:5c:13:9d:75:2e:ce:d8: df:b0:e3:86:d2:fb:7e:e9:21:e2:36:1c:a3:90:fa: 35:4a:1f:9e:c8:fb:06:59:94:17:24:c5:73:cc:b9: b4:db:c8:19:67:cc:e0:85:04:48:88:8c:af:84:0d: 18:56:1f:12:9e:e2:0e:05:31:75:5c:38:53:75:cf: d5:55:dd:fe:d4:c8:79:2c:93:80:2f:94:82:8f:a5: 32:c0:2e:e7:d6:ce:1d:33:1a:51:dc:ff:9f:02:43: ff:ba:4a:99:8d:4a:26:00:43:1f:2d:cd:b2:9a:58: a5:e2:26:93:22:80:8a:6a:d8:ef:35:92:26:70:23: f3:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:20:BA:42:1E:CB:8A:7E:0A:30:F8:48:2D:B4:89:AE:D5:4F:9A:D0 X509v3 Authority Key Identifier: keyid:AF:68:71:CA:FD:05:C6:F6:25:9C:DC:9B:3F:E8:65:6F:CE:DE:C3:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:d3:0d:c5:be:fe:38:9d:16:44:9c:e6:c6:4c:b1:7b:9b:fd: c8:c4:c3:85:75:d9:16:ac:f4:21:df:e4:d5:82:96:2c:c6:f9: 41:9e:20:d7:90:bb:aa:5a:0f:a5:ac:91:66:9b:21:0b:e4:d6: 0a:34:ac:cf:13:28:14:29:46:21:99:a6:9d:34:60:1b:b4:b6: 47:bc:ea:12:ba:be:3b:cf:25:64:62:e5:46:8b:fe:eb:c9:e2: 69:60:24:44:2c:d3:fa:84:7c:87:48:9b:9d:cd:43:77:13:19: eb:15:d6:e0:a5:9f:bf:c4:34:b4:47:7e:a8:a6:75:b5:9a:bc: ed:fc:9f:5b:75:19:aa:c4:1e:db:e0:1e:6e:48:be:5f:7b:6e: c7:26:e2:0b:25:ed:0e:06:87:d4:42:2a:8b:9c:3d:a1:86:fd: a7:ef:e7:e7:5d:0c:e2:ae:5f:1f:3c:e0:4f:3b:34:be:de:f5: 5b:33:af:a7:30:9c:fa:0c:c5:ab:dc:84:f1:ff:6a:4b:bb:8f: 90:54:23:17:a4:f9:b8:72:99:c2:79:27:16:41:46:e0:39:56: c9:e8:01:b8:05:2a:b7:2a:03:79:34:eb:e2:cf:9e:c3:2d:99: 7c:a2:96:96:0d:5d:99:d4:26:a5:33:95:ee:f4:01:d8:f1:b2: da:39:9b:7d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDW9hoGJFFJ4eAXpwSmJsyC64/XMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUY2ODcxQ0FGRDA1QzZGNjI1OUNEQzlCM0ZFODY1NkZD RURFQzNENTAeFw0yNjAzMDIxMzI1MDFaFw0yNjAzMDUyMzIwMDFaMDMxMTAvBgNV BAMTKEUyMjBCQTQyMUVDQjhBN0UwQTMwRjg0ODJEQjQ4OUFFRDU0RjlBRDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK6LggYa3aYPoeiepf2a1vkIUG NToMc+KqBNwBpuM7e2B1fwfC54yuvMunhq6IZdlGiSjsUBMI+PiDCJa7JniMlTOq JCWev8wH6JzIU6DHYZitGL8S/Hvkk564tdq805Ba17FVKBSEbEKtPVD3qLJexlED vYJUk3ZWUhlDniz2XBOddS7O2N+w44bS+37pIeI2HKOQ+jVKH57I+wZZlBckxXPM ubTbyBlnzOCFBEiIjK+EDRhWHxKe4g4FMXVcOFN1z9VV3f7UyHksk4AvlIKPpTLA LufWzh0zGlHc/58CQ/+6SpmNSiYAQx8tzbKaWKXiJpMigIpq2O81kiZwI/MzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU4iC6Qh7Lin4KMPhILbSJrtVPmtAwHwYDVR0j BBgwFoAUr2hxyv0FxvYlnNybP+hlb87ew9UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 N2YyYzE5MC0zMGY1LTRmMTktYmZjYS0wYjk4N2E1MmZkNTUvMC9BRjY4NzFDQUZE MDVDNkY2MjU5Q0RDOUIzRkU4NjU2RkNFREVDM0Q1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUY2ODcxQ0FGRDA1QzZGNjI1OUNEQzlCM0ZFODY1NkZDRURF QzNENS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzdmMmMxOTAtMzBmNS00ZjE5LWJm Y2EtMGI5ODdhNTJmZDU1LzAvQUY2ODcxQ0FGRDA1QzZGNjI1OUNEQzlCM0ZFODY1 NkZDRURFQzNENS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGzTDcW+/jidFkSc5sZMsXub/cjEw4V12Ras 9CHf5NWClizG+UGeINeQu6paD6WskWabIQvk1go0rM8TKBQpRiGZpp00YBu0tke8 6hK6vjvPJWRi5UaL/uvJ4mlgJEQs0/qEfIdIm53NQ3cTGesV1uCln7/ENLRHfqim dbWavO38n1t1GarEHtvgHm5Ivl97bscm4gsl7Q4Gh9RCKoucPaGG/afv5+ddDOKu Xx884E87NL7e9Vszr6cwnPoMxavchPH/aku7j5BUIxek+bhymcJ5JxZBRuA5Vsno AbgFKrcqA3k06+LPnsMtmXyilpYNXZnUJqUzle70Adjxsto5m30= -----END CERTIFICATE-----Generated at Mon Mar 2 18:26:21 2026 by rpki-client