$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: KfKCDwpzC+JVHUVmgO4HLJA84zuyJdeP63dOgmkrO8I= Subject key identifier: A5:4E:D7:71:6D:B1:16:D2:EE:28:DD:0E:89:E4:40:9F:0E:25:B2:8D Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 6CA4FFDBAB3EC7A6D27B8E7A090EDFF6E77C040C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 0554 Signing time: Sun 01 Mar 2026 02:12:22 +0000 Manifest this update: Sun 01 Mar 2026 02:07:22 +0000 Manifest next update: Wed 04 Mar 2026 03:03:22 +0000 Files and hashes: 1: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 2: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: JY5X7Ni0FqjOLHL/IBAcPoDotTFSEzReZjChPfIbLws=) 3: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 4: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 5: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: Bja+/RwPM8EB+1Kdh9fDKUFHfPGTfiz1P0GUGRKxycQ=) 6: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 7: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 8: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 03:03:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:a4:ff:db:ab:3e:c7:a6:d2:7b:8e:7a:09:0e:df:f6:e7:7c:04:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Mar 1 02:07:22 2026 GMT Not After : Mar 4 03:03:22 2026 GMT Subject: CN=A54ED7716DB116D2EE28DD0E89E4409F0E25B28D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c9:57:ba:32:3b:8e:c0:51:fc:0e:b3:52:80: da:8d:1b:b2:d8:b4:e5:ed:f3:a7:c8:86:10:20:26: 2b:7a:f7:d4:4e:a0:6b:8f:86:f0:23:b1:4f:ef:33: 1e:72:e0:7d:4a:97:a6:c3:f4:dc:cc:2e:20:ab:e0: b3:6d:a2:68:5e:66:52:be:f1:08:57:4b:68:00:ec: 95:7d:7b:aa:b4:8c:4d:e2:51:ff:99:2f:e1:85:b1: 4c:6b:70:f7:39:6a:c0:76:81:34:bc:c2:fc:fe:64: 91:b6:90:3f:80:2e:d6:89:55:a7:4f:fc:55:31:86: 6f:6d:41:61:99:88:9e:3d:14:6a:de:5b:03:3b:6c: 6c:9f:c6:4f:e6:c4:70:12:5f:5b:5b:38:fc:74:61: bf:0d:e4:3a:a8:0b:0c:c2:91:ed:5c:55:71:32:49: 1a:fc:b1:cd:34:4b:d9:fe:91:97:dc:01:ba:3b:5a: 0e:59:40:4e:de:b6:1a:39:19:03:7e:44:3c:8c:ca: 62:ce:0b:94:b6:1d:2d:12:b1:3f:0a:71:80:ed:74: e0:55:b6:e2:23:54:9a:60:55:64:82:ae:83:03:9d: d8:dc:c0:ae:7d:1f:31:27:98:08:21:a5:77:5b:e3: 47:08:bf:42:f4:95:2d:75:d2:c4:e4:75:e0:1f:27: 72:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:4E:D7:71:6D:B1:16:D2:EE:28:DD:0E:89:E4:40:9F:0E:25:B2:8D X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:20:45:1f:68:92:d5:e8:a8:f2:f1:61:4c:a6:25:b2:4f:f1: b9:c6:44:c2:35:70:db:fc:38:83:39:40:d1:8a:76:77:c4:3d: c6:7e:f2:13:8c:1c:fa:93:0b:14:5a:4a:f5:47:23:c0:47:a4: 7f:f9:0e:4f:96:c8:78:3b:2c:65:ef:c3:b9:0c:89:03:31:e8: c3:2a:e2:75:7c:77:b5:12:09:31:09:89:53:b9:75:58:2c:0b: 53:b4:06:ff:7c:dd:51:0d:49:4a:98:9f:c8:4e:22:4a:4a:96: af:71:5a:ec:74:21:99:57:58:ef:54:f7:ed:7a:0f:1b:34:aa: 66:25:d1:43:54:01:df:66:aa:0c:62:7f:86:ab:b0:0a:1a:e6: 2c:ad:58:42:6f:1a:05:43:1f:c0:a3:63:24:0d:a1:37:c8:df: 79:cd:43:76:d5:3f:10:9b:cd:96:0f:43:37:79:96:ae:d9:cb: c8:d2:37:18:8c:77:d1:61:66:f3:52:85:75:0b:f6:3f:eb:1a: 46:d1:bc:e2:13:20:d5:6a:a7:c3:5e:f4:f4:1f:cd:65:d9:01: 9f:55:64:59:2b:74:5e:7b:8e:e4:b8:1e:bd:9c:6d:ee:e1:c2: d4:4f:71:b3:51:43:e9:7e:65:d3:e7:d5:bf:84:83:db:d5:37: 49:9f:d8:14 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbKT/26s+x6bSe456CQ7f9ud8BAwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNjAzMDEwMjA3MjJaFw0yNjAzMDQwMzAzMjJaMDMxMTAvBgNV BAMTKEE1NEVENzcxNkRCMTE2RDJFRTI4REQwRTg5RTQ0MDlGMEUyNUIyOEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzyVe6MjuOwFH8DrNSgNqNG7LY tOXt86fIhhAgJit699ROoGuPhvAjsU/vMx5y4H1Kl6bD9NzMLiCr4LNtomheZlK+ 8QhXS2gA7JV9e6q0jE3iUf+ZL+GFsUxrcPc5asB2gTS8wvz+ZJG2kD+ALtaJVadP /FUxhm9tQWGZiJ49FGreWwM7bGyfxk/mxHASX1tbOPx0Yb8N5DqoCwzCke1cVXEy SRr8sc00S9n+kZfcAbo7Wg5ZQE7etho5GQN+RDyMymLOC5S2HS0SsT8KcYDtdOBV tuIjVJpgVWSCroMDndjcwK59HzEnmAghpXdb40cIv0L0lS110sTkdeAfJ3JjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUpU7XcW2xFtLuKN0OieRAnw4lso0wHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAwgRR9oktXoqPLxYUymJbJP8bnGRMI1cNv8 OIM5QNGKdnfEPcZ+8hOMHPqTCxRaSvVHI8BHpH/5Dk+WyHg7LGXvw7kMiQMx6MMq 4nV8d7USCTEJiVO5dVgsC1O0Bv983VENSUqYn8hOIkpKlq9xWux0IZlXWO9U9+16 Dxs0qmYl0UNUAd9mqgxif4arsAoa5iytWEJvGgVDH8CjYyQNoTfI33nNQ3bVPxCb zZYPQzd5lq7Zy8jSNxiMd9FhZvNShXUL9j/rGkbRvOITINVqp8Ne9PQfzWXZAZ9V ZFkrdF57juS4Hr2cbe7hwtRPcbNRQ+l+ZdPn1b+Eg9vVN0mf2BQ= -----END CERTIFICATE-----Generated at Mon Mar 2 20:01:56 2026 by rpki-client