$ rpki-client -vvf repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft File: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft (raw, json) Hash identifier: 9jGoACRibhgW6aI99gdTR6IbADulqCG+82Ip9zYikns= Subject key identifier: 1A:87:F3:10:43:D8:BA:1B:BB:7F:CE:D8:EF:D8:88:07:F5:B2:E5:78 Authority key identifier: B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 Certificate issuer: /CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Certificate serial: 7E2BB1A583E6F230711D5A7BB7C2DF17D3E7B08E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft Manifest number: 0249 Signing time: Sun 01 Mar 2026 13:42:20 +0000 Manifest this update: Sun 01 Mar 2026 13:37:20 +0000 Manifest next update: Wed 04 Mar 2026 21:51:20 +0000 Files and hashes: 1: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl (hash: 2oCnYhpuv1/iJxEej4sl0lTk47+o1neeZN86m1XBmDA=) 2: 3130332e3138382e3235322e302f32342d3234203d3e20313439373337.roa (hash: Ecgrbu6B3OibUjb6EMgW5BudmheK1y9j1Ehe3erMDBM=) 3: 3130332e3138382e3235332e302f32342d3234203d3e20313439373337.roa (hash: Sj/j171l33JI7ePr4g2BFw5WUoQjNjQFEAH4ivYj0QM=) 4: 3130332e3138382e3235322e302f32332d3233203d3e20313439373337.roa (hash: jokIBMvTnzkYHW/XHAeX7hxaG3x1GkvBjnS33CW0bpg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 21:51:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:2b:b1:a5:83:e6:f2:30:71:1d:5a:7b:b7:c2:df:17:d3:e7:b0:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Validity Not Before: Mar 1 13:37:20 2026 GMT Not After : Mar 4 21:51:20 2026 GMT Subject: CN=1A87F31043D8BA1BBB7FCED8EFD88807F5B2E578 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ac:01:80:2b:71:85:6a:a6:a2:d4:37:1a:49: ea:ee:7c:25:44:af:82:88:1c:f8:4d:a7:1c:7f:c5: 91:1b:2a:88:ef:b9:09:7d:92:1b:c5:c5:9d:82:02: 27:74:cd:b6:35:8d:08:9c:77:dd:4a:4a:7a:dd:7c: 2c:e6:2b:ff:aa:fe:5e:16:c8:43:2f:5c:9b:48:68: 40:7a:02:0f:53:a2:81:c4:40:cd:71:9e:99:bf:17: b7:96:85:22:b0:c1:0b:da:5a:f3:d9:bb:ad:24:53: df:29:c5:c3:73:15:35:9f:77:46:bd:61:10:aa:e7: 6e:11:2c:33:11:19:01:44:04:6e:ed:2b:18:09:1c: b4:90:bb:3a:87:c6:81:2d:ec:a7:ef:66:d3:3c:af: 1e:7d:52:1d:97:75:9c:1f:a6:88:90:6a:f1:b4:24: 54:db:c3:81:03:8e:09:d5:56:b4:b5:f3:11:7a:71: ed:e2:bb:5b:c3:2e:33:96:ca:56:b4:77:ea:0b:05: 20:3a:03:6e:51:81:eb:d5:ce:0e:3c:74:60:af:67: c1:17:2f:6f:7d:04:eb:dd:40:7e:86:a3:92:da:50: 82:eb:42:21:ad:e2:ac:66:46:5d:fe:f3:8e:be:75: 66:00:1d:63:1a:4f:1b:c8:2a:76:1c:48:1a:4d:c6: 5d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:87:F3:10:43:D8:BA:1B:BB:7F:CE:D8:EF:D8:88:07:F5:B2:E5:78 X509v3 Authority Key Identifier: keyid:B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:12:00:30:5f:71:54:50:a7:9b:5e:75:ed:fe:36:c1:3b:e8: 43:e1:5e:8c:ac:81:21:95:1f:a4:25:98:6a:0e:49:02:d2:2a: fa:b7:54:96:f1:5e:5f:58:d4:46:ef:1b:9a:6d:f9:f2:32:1c: 09:1e:9d:9f:97:22:a9:ae:f6:3d:a0:04:78:af:00:51:84:75: 9f:07:2d:b6:f0:2f:5c:3e:c5:8f:6e:38:d8:1f:3e:e4:33:34: f4:c1:66:09:71:83:63:fa:0a:e8:32:5e:8c:97:b8:de:62:01: b4:2a:e0:a7:c9:9e:eb:20:a1:da:45:95:e5:f2:1a:61:86:b0: 80:e9:27:a4:6e:ba:75:a4:14:f2:0f:41:e6:87:25:02:58:e3: 65:b1:51:07:b2:74:6e:ce:1d:1e:ba:3d:2b:b9:49:ad:77:c7: 73:59:6b:15:69:06:af:e0:1f:3d:43:ee:fc:37:b2:95:3a:79: 56:a6:4a:55:8b:fc:3a:25:fe:70:a6:76:7d:91:e0:0c:b8:48: 6f:71:d2:01:8d:cc:53:da:0f:7c:e2:fc:7f:5b:9d:f0:66:13: fa:f5:53:d1:21:49:45:f1:57:a2:51:6e:fb:ab:cd:8e:32:1a: 55:d3:b2:47:18:40:2d:6d:1d:a7:20:0a:bb:21:25:b4:b8:d4: dc:8e:d8:b4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfiuxpYPm8jBxHVp7t8LfF9PnsI4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5 ODI1NERCMjAeFw0yNjAzMDExMzM3MjBaFw0yNjAzMDQyMTUxMjBaMDMxMTAvBgNV BAMTKDFBODdGMzEwNDNEOEJBMUJCQjdGQ0VEOEVGRDg4ODA3RjVCMkU1NzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKrAGAK3GFaqai1DcaSerufCVE r4KIHPhNpxx/xZEbKojvuQl9khvFxZ2CAid0zbY1jQicd91KSnrdfCzmK/+q/l4W yEMvXJtIaEB6Ag9TooHEQM1xnpm/F7eWhSKwwQvaWvPZu60kU98pxcNzFTWfd0a9 YRCq524RLDMRGQFEBG7tKxgJHLSQuzqHxoEt7KfvZtM8rx59Uh2XdZwfpoiQavG0 JFTbw4EDjgnVVrS18xF6ce3iu1vDLjOWyla0d+oLBSA6A25RgevVzg48dGCvZ8EX L299BOvdQH6Go5LaUILrQiGt4qxmRl3+846+dWYAHWMaTxvIKnYcSBpNxl2zAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGofzEEPYuhu7f87Y79iIB/Wy5XgwHwYDVR0j BBgwFoAUtel7cfr6JP+PorGjNVjYCpglTbIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 YWVkMDk4Yi00OWIxLTRmNTMtYjc1YS0yNzNlMTFjMjUxNDkvMC9CNUU5N0I3MUZB RkEyNEZGOEZBMkIxQTMzNTU4RDgwQTk4MjU0REIyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5ODI1 NERCMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOWFlZDA5OGItNDliMS00ZjUzLWI3 NWEtMjczZTExYzI1MTQ5LzAvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4 MEE5ODI1NERCMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACsSADBfcVRQp5tede3+NsE76EPhXoysgSGV H6QlmGoOSQLSKvq3VJbxXl9Y1EbvG5pt+fIyHAkenZ+XIqmu9j2gBHivAFGEdZ8H LbbwL1w+xY9uONgfPuQzNPTBZglxg2P6CugyXoyXuN5iAbQq4KfJnusgodpFleXy GmGGsIDpJ6RuunWkFPIPQeaHJQJY42WxUQeydG7OHR66PSu5Sa13x3NZaxVpBq/g Hz1D7vw3spU6eVamSlWL/Dol/nCmdn2R4Ay4SG9x0gGNzFPaD3zi/H9bnfBmE/r1 U9EhSUXxV6JRbvurzY4yGlXTskcYQC1tHacgCrshJbS41NyO2LQ= -----END CERTIFICATE-----Generated at Mon Mar 2 06:23:18 2026 by rpki-client