$ rpki-client -vvf repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft File: 2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft (raw, json) Hash identifier: 6y8AB0whH/Uja47fZVW3P9Cl+rn99KyU9GAYN0y8BNc= Subject key identifier: B4:0B:ED:CD:61:0E:A7:75:01:09:EB:AC:AC:E9:4F:4E:4A:F1:7F:7C Authority key identifier: 2D:23:11:F5:63:DF:0A:F8:EB:EF:DA:21:87:16:26:B5:DD:78:C5:BD Certificate issuer: /CN=2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD Certificate serial: 3990885AB0F59BFAB102F130B99BFF38CE8F21AD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft Manifest number: 0527 Signing time: Sat 28 Feb 2026 14:32:17 +0000 Manifest this update: Sat 28 Feb 2026 14:27:17 +0000 Manifest next update: Wed 04 Mar 2026 00:16:17 +0000 Files and hashes: 1: 3130332e35382e3136302e302f32322d3234203d3e203539323738.roa (hash: 3p6KpA6/uKsXu1iiVTHxP1H1aKBvRxURT7LJ3HzRuNw=) 2: 323430323a363938303a343030303a3a2f34382d3438203d3e203539323738.roa (hash: LrRa5/YbMQIirnwavEqQmjlSXIv4GPDAL8XSH/RPz2k=) 3: 323430323a363938303a323030303a3a2f34382d3438203d3e203539323738.roa (hash: D6GCo3ceVvJhAX1b+afxEUHTBD9rmTcpfSp7SCURViA=) 4: 3130332e3232372e3234302e302f32322d3234203d3e203539323738.roa (hash: pAsXLpsnvtFY9CiLQfO4MgBTQXdXjfq9fjmjjZL7V7Y=) 5: 323430323a363938303a333030303a3a2f34382d3438203d3e203539323738.roa (hash: 1MuWl4R2LfAc9czxG6/QjtCE9g5QKK5BETiXC4FMLHs=) 6: 323430323a363938303a313030303a3a2f34382d3438203d3e203539323738.roa (hash: Cf4F1dHsLMAEwRXj/sLvggNAyN9aUktmarNyz8vl8uk=) 7: 323430323a363938303a3a2f33322d3438203d3e203539323738.roa (hash: KRbdEJvKURW+VgG7P6m8/xbRP6/xVRqHAh+GE/ZxmJg=) 8: 2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl (hash: gz33whMobc2OtUPbLktpH/jOcYNI90yFYMzb1xIyfcU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 00:16:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:90:88:5a:b0:f5:9b:fa:b1:02:f1:30:b9:9b:ff:38:ce:8f:21:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD Validity Not Before: Feb 28 14:27:17 2026 GMT Not After : Mar 4 00:16:17 2026 GMT Subject: CN=B40BEDCD610EA7750109EBACACE94F4E4AF17F7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:bf:1f:99:56:69:19:c5:95:54:58:b0:02:04: fe:d2:85:59:5c:17:1b:ce:c5:78:46:ed:c6:02:8a: 36:ca:c7:e1:bb:c5:05:31:95:76:31:1f:ba:b2:2e: 26:aa:d7:99:e7:32:7a:ae:b4:64:b6:e4:be:43:85: aa:e5:c7:d6:3a:0c:d5:c9:5e:3b:8d:77:38:91:e7: 59:88:af:a2:2f:02:18:1b:12:a8:d4:8b:33:79:54: 41:8c:38:33:b5:78:56:a4:31:04:82:dd:86:ec:48: 82:3d:ef:4a:fa:ae:74:25:8b:bf:2f:03:df:61:ab: 3e:54:22:ef:00:65:95:60:7a:21:05:43:4f:32:dc: 43:c8:84:0b:d4:14:5f:3b:bb:57:54:dc:b8:1a:70: f1:82:32:2a:3d:a3:a5:71:ee:59:37:1a:27:0d:e1: 35:2f:56:11:1b:4e:2e:fd:c1:91:c7:96:af:9a:88: 69:9c:ab:f3:2a:c0:49:01:90:19:28:e3:d4:56:f9: 53:f8:ea:3f:66:9c:b3:1c:88:7d:60:56:6c:fa:74: f8:a5:32:cf:3f:77:83:64:b4:d0:40:d1:d4:6a:57: a2:4a:05:a0:02:e1:1b:30:cf:8f:60:90:7b:5a:84: 37:26:dc:9c:9b:7f:86:57:b4:58:48:b5:87:1e:db: 96:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:0B:ED:CD:61:0E:A7:75:01:09:EB:AC:AC:E9:4F:4E:4A:F1:7F:7C X509v3 Authority Key Identifier: keyid:2D:23:11:F5:63:DF:0A:F8:EB:EF:DA:21:87:16:26:B5:DD:78:C5:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:4d:01:ef:3e:86:1d:29:43:ed:1e:9d:b6:bb:35:b3:bc:e3: cf:97:69:a9:5b:63:8e:39:ae:91:23:d6:2d:28:dd:36:e7:d0: 16:4e:1c:75:79:72:d5:e6:a8:e5:7e:e4:cf:8f:2f:b9:b8:6c: 39:73:42:da:3c:0d:96:cc:84:38:4e:a2:5b:04:81:71:ae:cc: bb:4c:1a:19:90:bf:22:44:1a:b8:86:39:d1:9f:38:e5:a6:94: 0b:5d:8f:c4:9b:5f:ee:46:9d:06:af:6c:bd:cf:f9:21:f6:1c: 0a:32:7b:28:5c:e1:57:4b:bc:44:78:c3:02:f5:1c:0f:1a:30: 9a:4f:6a:e7:13:eb:4f:c8:76:91:8b:d0:e5:34:71:82:0e:ad: 16:e2:0a:1c:84:9e:e4:7d:d7:ef:6b:8a:a7:e9:92:e7:7a:1a: 9a:ad:96:d7:e6:db:90:e3:d8:61:4b:48:93:f2:5d:85:26:49: ea:fe:ea:1b:1b:d6:6f:89:d5:e4:48:3d:07:b8:0e:f1:d8:58: 76:63:2a:c9:f7:16:01:b3:14:d4:e4:87:77:1f:e0:60:01:d1: ab:3d:6b:b1:75:9c:c6:da:4b:ae:e6:1e:95:d9:fa:c7:aa:5d: ec:28:80:41:d1:62:4c:eb:b2:62:44:22:0b:63:83:01:79:b5: bd:3e:c0:ae -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOZCIWrD1m/qxAvEwuZv/OM6PIa0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2QjVE RDc4QzVCRDAeFw0yNjAyMjgxNDI3MTdaFw0yNjAzMDQwMDE2MTdaMDMxMTAvBgNV BAMTKEI0MEJFRENENjEwRUE3NzUwMTA5RUJBQ0FDRTk0RjRFNEFGMTdGN0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuvx+ZVmkZxZVUWLACBP7ShVlc FxvOxXhG7cYCijbKx+G7xQUxlXYxH7qyLiaq15nnMnqutGS25L5Dharlx9Y6DNXJ XjuNdziR51mIr6IvAhgbEqjUizN5VEGMODO1eFakMQSC3YbsSII970r6rnQli78v A99hqz5UIu8AZZVgeiEFQ08y3EPIhAvUFF87u1dU3LgacPGCMio9o6Vx7lk3GicN 4TUvVhEbTi79wZHHlq+aiGmcq/MqwEkBkBko49RW+VP46j9mnLMciH1gVmz6dPil Ms8/d4NktNBA0dRqV6JKBaAC4Rswz49gkHtahDcm3Jybf4ZXtFhItYce25Z/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUtAvtzWEOp3UBCeusrOlPTkrxf3wwHwYDVR0j BBgwFoAULSMR9WPfCvjr79ohhxYmtd14xb0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h ZjFjNzlmMS0yNjRlLTQyM2YtOWUwOC0wYjI5MDBkYTY5NDkvMC8yRDIzMTFGNTYz REYwQUY4RUJFRkRBMjE4NzE2MjZCNURENzhDNUJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2QjVERDc4 QzVCRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYWYxYzc5ZjEtMjY0ZS00MjNmLTll MDgtMGIyOTAwZGE2OTQ5LzAvMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2 QjVERDc4QzVCRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADFNAe8+hh0pQ+0enba7NbO848+XaalbY445 rpEj1i0o3Tbn0BZOHHV5ctXmqOV+5M+PL7m4bDlzQto8DZbMhDhOolsEgXGuzLtM GhmQvyJEGriGOdGfOOWmlAtdj8SbX+5GnQavbL3P+SH2HAoyeyhc4VdLvER4wwL1 HA8aMJpPaucT60/IdpGL0OU0cYIOrRbiChyEnuR91+9riqfpkud6Gpqtltfm25Dj 2GFLSJPyXYUmSer+6hsb1m+J1eRIPQe4DvHYWHZjKsn3FgGzFNTkh3cf4GAB0as9 a7F1nMbaS67mHpXZ+seqXewogEHRYkzrsmJEIgtjgwF5tb0+wK4= -----END CERTIFICATE-----Generated at Mon Mar 2 07:40:31 2026 by rpki-client