$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: wo2KMAzp1D/WMPL3/upN88Teg+f9hQHjdZbFnC6ZFgU= Subject key identifier: 0B:30:7F:A7:50:53:2A:93:89:AE:84:11:13:C8:20:3D:05:88:EF:42 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 4631E7DFA4E4C7750F20422B69E3750702DCCB53 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 0239 Signing time: Mon 02 Mar 2026 09:52:02 +0000 Manifest this update: Mon 02 Mar 2026 09:47:02 +0000 Manifest next update: Thu 05 Mar 2026 20:49:02 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: W0BC/1wBX5Iq8l5ao4BTqE/9D5ZT4u2TGb4IasSlDfY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 06:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:31:e7:df:a4:e4:c7:75:0f:20:42:2b:69:e3:75:07:02:dc:cb:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Mar 2 09:47:02 2026 GMT Not After : Mar 5 20:49:02 2026 GMT Subject: CN=0B307FA750532A9389AE841113C8203D0588EF42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:38:21:33:b8:c9:2c:e7:46:1e:f3:65:9e:e8: 40:1a:f0:59:9b:37:c1:7e:e0:a1:0b:ad:df:57:06: 1f:65:8e:ba:74:c7:0d:74:15:3e:cc:16:b1:40:e8: 0f:8a:37:7d:c9:ca:d5:8e:53:ff:f6:c0:7a:60:75: 9a:bc:52:d8:6c:7b:39:76:6c:bb:17:99:14:15:b8: a1:73:be:84:e2:b4:bd:0d:00:53:6f:c4:6b:96:06: 0f:6b:89:c7:72:97:72:ad:57:84:c0:33:72:fa:0e: ff:a5:27:9e:20:0b:c9:e3:ac:46:48:c5:a5:76:70: 6b:2f:55:f9:61:4b:72:5d:1f:0a:ad:d3:4d:ca:0a: 2d:ef:f7:3c:c3:0c:9a:e0:79:27:f9:4a:40:5d:07: 94:c4:19:37:45:57:a8:1f:1e:4f:90:5f:0e:05:8c: 04:85:83:da:77:f4:1d:a6:20:55:f2:4c:6a:57:e5: 8b:37:b3:86:51:ce:36:c8:d6:e4:fb:6b:83:37:48: 09:98:ab:da:ca:f5:c1:1f:7b:d7:ac:99:17:f9:4d: 10:91:d6:0b:d8:37:b1:2d:38:95:7d:c4:e1:02:27: 0b:58:5b:32:fb:e6:21:07:3b:4e:dd:55:fd:bb:e9: 79:1b:db:ee:42:e4:53:70:4e:00:0d:18:58:0f:52: 7c:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:30:7F:A7:50:53:2A:93:89:AE:84:11:13:C8:20:3D:05:88:EF:42 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:9a:fd:28:e4:c4:f3:7a:52:2b:6c:f9:a6:04:2e:7c:7a:8a: 21:90:ba:77:5a:d5:e9:d1:dc:5d:69:84:bc:07:46:05:75:75: 46:b9:82:37:1d:a4:cc:fc:a2:07:b9:c8:9b:ce:b6:3f:55:e9: 42:d3:cd:d8:2c:7c:74:65:d6:e5:ad:df:b1:07:fc:ab:49:0f: 8c:04:17:2a:77:94:96:d2:7a:19:d9:f5:bc:c8:2f:6c:f6:df: 4b:86:33:1c:e8:e3:e0:f8:32:aa:7f:ae:3c:3e:20:01:ba:41: fa:a3:95:01:f3:64:f7:26:ee:cb:42:48:78:5c:42:15:48:43: 63:70:3a:db:2e:6d:d6:38:d1:d5:8d:85:e5:87:b7:b0:ee:e4: 5e:47:c9:df:cb:60:20:ab:58:bf:75:e5:a3:d4:09:fe:0e:49: d7:fd:73:84:66:37:d2:4d:be:d8:84:07:1a:d3:83:b2:0b:98: 1f:fa:b0:57:9e:2b:69:1c:46:5b:cb:9a:52:51:92:d1:de:59: 9d:ba:e4:3c:61:84:00:b4:57:69:1f:d1:cc:35:ba:0b:cb:59: 5c:ff:75:28:ae:87:a4:67:8b:da:ce:f1:d7:d1:9d:61:d3:c2: 67:3f:75:de:fe:f5:69:c3:23:97:a6:c4:ca:89:b8:de:13:05: 1b:15:be:69 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURjHn36Tkx3UPIEIraeN1BwLcy1MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNjAzMDIwOTQ3MDJaFw0yNjAzMDUyMDQ5MDJaMDMxMTAvBgNV BAMTKDBCMzA3RkE3NTA1MzJBOTM4OUFFODQxMTEzQzgyMDNEMDU4OEVGNDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTOCEzuMks50Ye82We6EAa8Fmb N8F+4KELrd9XBh9ljrp0xw10FT7MFrFA6A+KN33JytWOU//2wHpgdZq8Uthsezl2 bLsXmRQVuKFzvoTitL0NAFNvxGuWBg9ricdyl3KtV4TAM3L6Dv+lJ54gC8njrEZI xaV2cGsvVflhS3JdHwqt003KCi3v9zzDDJrgeSf5SkBdB5TEGTdFV6gfHk+QXw4F jASFg9p39B2mIFXyTGpX5Ys3s4ZRzjbI1uT7a4M3SAmYq9rK9cEfe9esmRf5TRCR 1gvYN7EtOJV9xOECJwtYWzL75iEHO07dVf276Xkb2+5C5FNwTgANGFgPUnz1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCzB/p1BTKpOJroQRE8ggPQWI70IwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALqa/SjkxPN6Uits+aYELnx6iiGQunda1enR 3F1phLwHRgV1dUa5gjcdpMz8oge5yJvOtj9V6ULTzdgsfHRl1uWt37EH/KtJD4wE Fyp3lJbSehnZ9bzIL2z230uGMxzo4+D4Mqp/rjw+IAG6QfqjlQHzZPcm7stCSHhc QhVIQ2NwOtsubdY40dWNheWHt7Du5F5Hyd/LYCCrWL915aPUCf4OSdf9c4RmN9JN vtiEBxrTg7ILmB/6sFeeK2kcRlvLmlJRktHeWZ265DxhhAC0V2kf0cw1ugvLWVz/ dSiuh6Rni9rO8dfRnWHTwmc/dd7+9WnDI5emxMqJuN4TBRsVvmk= -----END CERTIFICATE-----Generated at Mon Mar 2 17:14:12 2026 by rpki-client