$ rpki-client -vvf repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft File: AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft (raw, json) Hash identifier: bPAypgsOUWOxjbHRRxcFxYNU+n8S5GuF+D7zZD+L46I= Subject key identifier: CD:D5:67:D4:FA:F4:E8:3B:AE:EE:D4:43:DC:5E:8B:C2:D9:9E:3A:C8 Authority key identifier: AF:DF:D5:D1:C4:B3:9F:2F:AA:BB:A5:BC:15:23:4C:2B:12:43:BF:FB Certificate issuer: /CN=AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB Certificate serial: 5ACC08428B0C27BB0C68B72971966F4658771E06 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft Manifest number: 0401 Signing time: Mon 02 Mar 2026 07:41:40 +0000 Manifest this update: Mon 02 Mar 2026 07:36:40 +0000 Manifest next update: Thu 05 Mar 2026 13:38:40 +0000 Files and hashes: 1: AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl (hash: lC/VDNTRUD5VcHGAw8rxRu8MdBw5X6A/V+4XzEOZ/vE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 06:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:cc:08:42:8b:0c:27:bb:0c:68:b7:29:71:96:6f:46:58:77:1e:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB Validity Not Before: Mar 2 07:36:40 2026 GMT Not After : Mar 5 13:38:40 2026 GMT Subject: CN=CDD567D4FAF4E83BAEEED443DC5E8BC2D99E3AC8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:a6:a3:b1:ef:f2:50:0c:c8:2a:e6:31:fe:a2: 3e:ec:36:d0:ee:a5:69:84:71:16:0a:f7:a8:86:cf: 92:ff:fa:63:4f:92:91:35:dd:98:15:51:c8:60:4b: 52:0c:a6:6c:06:49:2e:16:34:09:d9:5e:17:75:f5: a6:84:a1:e7:ce:ec:13:aa:41:ef:01:e1:d6:5c:81: 02:76:36:5f:9b:2b:15:cd:19:cc:bb:1c:fa:3b:be: 7a:cc:f1:aa:c2:ea:07:69:86:32:06:2a:91:1d:b4: ea:dd:0f:66:09:c0:30:c7:ef:1c:c6:ef:66:64:c5: b4:b3:43:6f:8e:ed:cf:b8:71:7d:a9:74:1e:d8:0a: 62:62:50:f7:d9:8f:f6:2a:9e:dc:3e:4f:a9:d6:98: 52:aa:6e:77:63:32:c3:e7:36:a5:a4:8a:3b:25:2d: ce:04:34:a9:8b:83:ce:fc:a1:08:56:11:c4:21:21: fb:cf:57:c0:4b:08:74:c7:73:49:51:c7:8f:0d:6d: ad:c3:0b:e4:b0:50:92:f1:29:b5:c8:c9:43:fe:e3: fa:97:59:24:fe:35:21:af:eb:2f:c0:7d:51:d9:51: 0c:dc:05:95:6c:6b:14:de:26:96:1e:33:dc:66:b6: a8:a5:db:b9:33:d9:43:fa:00:16:e5:f8:18:8c:77: cf:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:D5:67:D4:FA:F4:E8:3B:AE:EE:D4:43:DC:5E:8B:C2:D9:9E:3A:C8 X509v3 Authority Key Identifier: keyid:AF:DF:D5:D1:C4:B3:9F:2F:AA:BB:A5:BC:15:23:4C:2B:12:43:BF:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:d0:59:81:c0:9c:fe:b8:94:11:35:e0:fe:23:6a:56:be:f1: 2a:c3:29:f5:3a:81:09:46:63:8d:e4:8d:aa:5b:0e:6a:73:a7: 24:51:26:ad:e7:b4:03:62:a5:68:eb:71:80:1a:9f:8e:67:4c: d1:d1:15:de:e3:58:62:7b:09:72:14:76:b2:77:ef:98:b9:c1: 19:e7:5f:8c:10:e0:65:93:c6:ff:1a:5f:76:07:76:b5:b1:1c: 6c:00:66:eb:37:ca:88:8f:0a:98:8c:8c:26:2b:56:10:4c:65: 89:de:3f:ca:0b:76:0a:9e:33:4e:36:4d:3b:2b:36:89:cc:7c: 41:2f:3f:f3:8d:0d:85:d6:04:aa:fd:98:c8:d0:e6:9f:12:48: 28:16:0c:3f:1d:3c:31:88:67:ee:9f:69:75:71:48:30:41:9c: 2b:6e:69:73:9e:56:de:19:ff:1a:ab:17:d7:cc:0e:f3:f0:8a: 7a:04:ca:d2:c7:e6:a9:bf:e0:be:d4:a3:64:f9:72:b3:97:ff: ce:a9:e1:87:ed:11:0e:17:17:9d:28:30:c9:b9:33:80:07:a1: c9:cd:66:85:1f:b4:40:4c:91:fb:d5:02:b0:c5:95:18:30:d7: c2:a2:ab:13:08:e3:ab:66:b9:f2:3e:16:f4:df:80:64:f3:c9: e1:3c:e8:d2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWswIQosMJ7sMaLcpcZZvRlh3HgYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRDMkIx MjQzQkZGQjAeFw0yNjAzMDIwNzM2NDBaFw0yNjAzMDUxMzM4NDBaMDMxMTAvBgNV BAMTKENERDU2N0Q0RkFGNEU4M0JBRUVFRDQ0M0RDNUU4QkMyRDk5RTNBQzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDepqOx7/JQDMgq5jH+oj7sNtDu pWmEcRYK96iGz5L/+mNPkpE13ZgVUchgS1IMpmwGSS4WNAnZXhd19aaEoefO7BOq Qe8B4dZcgQJ2Nl+bKxXNGcy7HPo7vnrM8arC6gdphjIGKpEdtOrdD2YJwDDH7xzG 72ZkxbSzQ2+O7c+4cX2pdB7YCmJiUPfZj/Yqntw+T6nWmFKqbndjMsPnNqWkijsl Lc4ENKmLg878oQhWEcQhIfvPV8BLCHTHc0lRx48Nba3DC+SwUJLxKbXIyUP+4/qX WST+NSGv6y/AfVHZUQzcBZVsaxTeJpYeM9xmtqil27kz2UP6ABbl+BiMd89JAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzdVn1Pr06Duu7tRD3F6LwtmeOsgwHwYDVR0j BBgwFoAUr9/V0cSzny+qu6W8FSNMKxJDv/swDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NGZlMTgxMS1jMDNmLTQ5ZDgtOTIxNy0xM2ZmMjJhMzFlYmUvMC9BRkRGRDVEMUM0 QjM5RjJGQUFCQkE1QkMxNTIzNEMyQjEyNDNCRkZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRDMkIxMjQz QkZGQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTRmZTE4MTEtYzAzZi00OWQ4LTky MTctMTNmZjIyYTMxZWJlLzAvQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRD MkIxMjQzQkZGQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAD3QWYHAnP64lBE14P4jala+8SrDKfU6gQlG Y43kjapbDmpzpyRRJq3ntANipWjrcYAan45nTNHRFd7jWGJ7CXIUdrJ375i5wRnn X4wQ4GWTxv8aX3YHdrWxHGwAZus3yoiPCpiMjCYrVhBMZYneP8oLdgqeM042TTsr NonMfEEvP/ONDYXWBKr9mMjQ5p8SSCgWDD8dPDGIZ+6faXVxSDBBnCtuaXOeVt4Z /xqrF9fMDvPwinoEytLH5qm/4L7Uo2T5crOX/86p4YftEQ4XF50oMMm5M4AHocnN ZoUftEBMkfvVArDFlRgw18KiqxMI46tmufI+FvTfgGTzyeE86NI= -----END CERTIFICATE-----Generated at Mon Mar 2 17:10:38 2026 by rpki-client