$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: cYdZ3k395hbpJEw0iD9z89/1yPyZLDdJDLJSPU01ESM= Subject key identifier: 05:75:23:5C:14:B8:CA:76:56:3B:9B:70:8A:6B:BE:3A:EB:C3:C8:DC Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 7E2EE006E63FB43E8DA6C19FA549F6C6678245EC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 04DE Signing time: Sat 28 Feb 2026 06:22:22 +0000 Manifest this update: Sat 28 Feb 2026 06:17:22 +0000 Manifest next update: Tue 03 Mar 2026 10:04:22 +0000 Files and hashes: 1: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: 6W8ZMMy/2Rw4NXG9Dsu5wwKvPmoj3k2r8IL4+wSqmIA=) 2: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0yCL5KXTraWL90iq30pQr9XlRbIvmMrP24hOvDxVdWE=) 3: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: q/CV3YIPQOm1aZYip5fIR1K9i7bDSVO+nIFF+ycG0Go=) 4: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: ceA/XjkZTjtckNNE+B0y8t16H7RYtmT+yFrD+MsXpYk=) 5: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: rkHE7dCGWjwiXKSo5AmkFhmGB4j/W88po8KuTJD9fS0=) 6: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: QKBrvi0RsDMYjSNqwszDPfOesbOlEOIHdE8u3xcyVKM=) 7: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: zCUg4ypvv2GlwnHN93OEr6YWYy+0fl7UKwqXyrw+mYs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 10:04:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:2e:e0:06:e6:3f:b4:3e:8d:a6:c1:9f:a5:49:f6:c6:67:82:45:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Feb 28 06:17:22 2026 GMT Not After : Mar 3 10:04:22 2026 GMT Subject: CN=0575235C14B8CA76563B9B708A6BBE3AEBC3C8DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:82:b3:b7:a7:9f:1b:75:58:0f:49:12:f9:4f: a9:86:48:c6:5d:36:9f:cf:c8:92:3a:4e:60:da:bf: 00:13:1d:fd:a2:1a:5a:71:92:76:66:69:54:b7:f5: 67:3a:9f:3c:86:1f:dd:c5:e4:e7:2f:22:8c:8d:d0: 24:09:30:c7:df:ee:69:63:14:01:75:37:d8:4f:e8: 23:01:f3:0a:82:54:ac:ac:50:34:99:52:d3:3e:fb: 11:28:d9:99:3a:4d:a3:cf:ba:3b:6a:47:cb:21:41: e1:10:9c:ee:3b:2a:c2:6d:6f:0a:db:29:5e:1c:63: 7b:8a:e1:f6:0b:e2:40:42:b4:3d:55:1d:3a:a1:0e: eb:5e:1e:24:ab:25:3d:f6:b9:b8:13:4c:b7:d9:bf: 02:6e:cc:a3:e5:75:1b:c4:57:d1:d8:69:84:ee:18: 12:6f:de:67:21:dc:01:a2:17:eb:81:b0:d0:de:7a: 91:30:f5:0e:98:d2:b7:d9:ab:14:d7:41:0c:14:27: d5:c7:33:b2:ea:88:66:ff:70:4d:a1:bc:d9:2c:85: c6:a0:ac:f9:a2:16:36:ae:c4:03:c4:6c:a0:65:c8: 7e:96:dc:ae:c2:ea:6c:72:1e:a3:8c:3b:90:21:26: 74:90:3f:8b:ca:47:4b:82:b6:15:63:77:66:bc:af: e6:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:75:23:5C:14:B8:CA:76:56:3B:9B:70:8A:6B:BE:3A:EB:C3:C8:DC X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:fc:4e:68:07:12:a2:2c:81:c6:4d:01:e2:4b:6f:12:1a:a8: d0:56:57:7c:13:1c:0b:23:3a:3d:99:86:04:6f:c2:60:96:6e: 51:28:46:dc:ff:0b:d2:d7:24:62:8d:d4:61:8c:17:9e:7e:d2: ea:63:8a:94:df:f0:1b:9d:4f:d4:a2:20:4a:6a:8e:97:07:9f: c1:a6:df:56:da:7c:91:24:ff:be:81:9e:ed:ac:80:74:44:26: a6:4f:51:36:f4:0c:1d:33:80:49:01:89:38:32:f6:6c:93:e8: 45:83:90:c9:e1:a2:9d:07:34:3a:99:95:11:31:77:58:75:27: 59:70:cc:72:c8:0a:02:83:27:2c:1d:36:b0:63:38:55:e1:d6: 5b:ce:6a:54:16:46:8a:71:65:6e:a3:62:96:1e:81:11:4a:59: 28:98:b3:f9:bd:19:8a:c8:e5:c3:a2:a0:0e:29:2e:59:0c:6b: fa:20:26:ee:89:87:9f:33:d7:e7:60:e0:d5:bc:55:8e:45:2d: 74:2b:b4:bc:19:e2:48:9d:08:38:94:6a:c2:39:d1:13:a6:4b: f9:c4:87:95:5d:8f:7a:95:eb:b9:fb:92:b5:08:da:cd:b9:49: 36:88:db:93:87:b0:38:8f:cf:5d:94:3d:50:ee:e0:6b:1b:e5: ac:02:df:c5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfi7gBuY/tD6NpsGfpUn2xmeCRewwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNjAyMjgwNjE3MjJaFw0yNjAzMDMxMDA0MjJaMDMxMTAvBgNV BAMTKDA1NzUyMzVDMTRCOENBNzY1NjNCOUI3MDhBNkJCRTNBRUJDM0M4REMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2grO3p58bdVgPSRL5T6mGSMZd Np/PyJI6TmDavwATHf2iGlpxknZmaVS39Wc6nzyGH93F5OcvIoyN0CQJMMff7mlj FAF1N9hP6CMB8wqCVKysUDSZUtM++xEo2Zk6TaPPujtqR8shQeEQnO47KsJtbwrb KV4cY3uK4fYL4kBCtD1VHTqhDuteHiSrJT32ubgTTLfZvwJuzKPldRvEV9HYaYTu GBJv3mch3AGiF+uBsNDeepEw9Q6Y0rfZqxTXQQwUJ9XHM7LqiGb/cE2hvNkshcag rPmiFjauxAPEbKBlyH6W3K7C6mxyHqOMO5AhJnSQP4vKR0uCthVjd2a8r+Z5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUBXUjXBS4ynZWO5twimu+OuvDyNwwHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKf8TmgHEqIsgcZNAeJLbxIaqNBWV3wTHAsj Oj2ZhgRvwmCWblEoRtz/C9LXJGKN1GGMF55+0upjipTf8BudT9SiIEpqjpcHn8Gm 31bafJEk/76Bnu2sgHREJqZPUTb0DB0zgEkBiTgy9myT6EWDkMnhop0HNDqZlREx d1h1J1lwzHLICgKDJywdNrBjOFXh1lvOalQWRopxZW6jYpYegRFKWSiYs/m9GYrI 5cOioA4pLlkMa/ogJu6Jh58z1+dg4NW8VY5FLXQrtLwZ4kidCDiUasI50ROmS/nE h5Vdj3qV67n7krUI2s25STaI25OHsDiPz12UPVDu4Gsb5awC38U= -----END CERTIFICATE-----Generated at Mon Mar 2 05:50:40 2026 by rpki-client