$ rpki-client -vvf repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.mft (raw, json) Hash identifier: bt78o04k6W5e8vsCw306uVe7PhiKIlSAIh5CxUnYlQM= Subject key identifier: E0:37:22:FF:B5:76:7E:4E:C4:C9:E7:A0:17:81:A0:1D:66:4D:F5:EA Authority key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Certificate issuer: /CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Certificate serial: 53E7C3AAFFA915A554D8B90BDEAA9C8EE477B0E5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft Manifest number: 0511 Signing time: Mon 02 Mar 2026 15:01:08 +0000 Manifest this update: Mon 02 Mar 2026 14:56:08 +0000 Manifest next update: Thu 05 Mar 2026 16:03:08 +0000 Files and hashes: 1: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: IywsBHZCpESzPvpzBYMa3aM5xr+uzQrgr/hs4zyGEfk=) 2: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: FqumLAE5ExkmaatbD11ff744L2iTMEhUHWhZUQWOtLU=) 3: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: J7Eqzk0rLCECjOwGjEdw1vCeBneDceSExg8FEmGDsVA=) 4: 21AC220B77A77D0516BC73B4C29C8363DD00911B.crl (hash: cFtwvuisoVMgoBmG6jcO/Ifgzf4yRPpWuYVz1MRrYR8=) 5: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: p7znIjGrzIeqiJgSyw1Go9JzIhUPDTiZx2kzEBcMX+M=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 06:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:e7:c3:aa:ff:a9:15:a5:54:d8:b9:0b:de:aa:9c:8e:e4:77:b0:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Validity Not Before: Mar 2 14:56:08 2026 GMT Not After : Mar 5 16:03:08 2026 GMT Subject: CN=E03722FFB5767E4EC4C9E7A01781A01D664DF5EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:a2:89:33:7b:9c:b4:f5:a6:f0:61:48:38:02: 85:9c:c7:d3:57:9f:01:7b:f7:bb:49:8d:0e:a6:6f: 3c:5e:59:9e:77:2b:f5:d0:8b:a7:15:f6:f2:cd:25: 19:1e:4d:b7:a9:2a:be:f8:09:ff:59:45:4e:5c:3a: ac:60:c0:66:0c:e7:dd:c0:fd:25:0d:c8:ac:50:0a: 59:55:48:f7:c3:28:35:96:ac:f0:bd:d8:22:a2:40: 2b:85:cc:a8:98:af:bb:e4:4a:84:ae:1c:94:ab:07: 14:db:30:d5:c0:87:d3:9d:d5:c2:d2:fb:53:a2:1f: 3a:5d:54:4f:eb:ac:fd:f2:a4:2c:3c:e1:5a:d5:15: 69:8c:04:9b:b6:73:2d:38:4b:1d:4d:03:bb:a4:5e: 38:e7:75:67:8d:10:3c:e8:f1:c2:ed:a0:61:f0:de: c6:d5:d0:ff:0a:0c:d1:d1:76:ac:0c:9c:1e:ff:22: 8b:7b:81:ae:1d:07:95:b3:87:06:ef:95:30:6e:c3: 2d:7e:d9:fa:2f:a4:ce:df:7f:58:4d:fc:80:15:4b: c3:56:b9:d0:1e:3b:5c:b3:09:12:01:71:34:e4:9d: e6:79:88:93:73:51:76:97:ca:6e:cb:8d:73:4f:af: 0f:b2:0c:19:6b:41:93:39:9e:ef:cd:fc:69:71:4f: 5b:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:37:22:FF:B5:76:7E:4E:C4:C9:E7:A0:17:81:A0:1D:66:4D:F5:EA X509v3 Authority Key Identifier: keyid:21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:fc:a8:9f:78:9f:49:ac:97:b8:69:fc:9e:7c:00:d1:86:9c: 48:cf:e9:8e:81:1e:96:a4:9b:3a:ff:df:d5:a8:42:71:7d:62: 64:12:ff:a1:80:d6:70:83:58:ff:f0:09:d4:88:04:c4:44:cc: 13:55:9e:13:20:d3:7f:36:c3:ec:1b:be:1d:52:78:e1:5b:df: c5:51:6a:33:96:ac:1b:8e:d3:b5:86:eb:81:a6:b0:3c:68:cf: a2:0b:c2:d5:73:db:51:5b:cf:b9:17:c5:ef:b6:e4:eb:42:4b: 69:40:39:ac:cb:2f:24:15:1f:98:9f:58:11:04:a2:1a:40:68: 99:d3:c7:73:fb:37:28:48:3e:a9:2d:d4:9c:33:bc:a0:1e:f3: e1:d6:a7:67:c1:2c:2f:8b:da:80:7f:0e:03:0a:09:7d:e3:f9: 7f:6f:99:c9:02:09:c1:c1:96:44:10:3b:e8:f1:88:bd:17:ca: 16:da:0b:db:7b:2d:ef:5e:b1:75:16:88:31:15:53:55:70:02: 7e:b9:23:b7:c6:71:81:41:26:a4:af:a1:0b:da:64:4e:10:82: 58:df:2a:02:2d:96:11:0d:06:1e:98:9a:14:c8:4b:11:a1:d9: 21:01:2d:00:df:8b:17:26:c3:d3:a9:1d:99:0c:55:83:08:0b: a9:69:5f:fc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUU+fDqv+pFaVU2LkL3qqcjuR3sOUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNE RDAwOTExQjAeFw0yNjAzMDIxNDU2MDhaFw0yNjAzMDUxNjAzMDhaMDMxMTAvBgNV BAMTKEUwMzcyMkZGQjU3NjdFNEVDNEM5RTdBMDE3ODFBMDFENjY0REY1RUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqookze5y09abwYUg4AoWcx9NX nwF797tJjQ6mbzxeWZ53K/XQi6cV9vLNJRkeTbepKr74Cf9ZRU5cOqxgwGYM593A /SUNyKxQCllVSPfDKDWWrPC92CKiQCuFzKiYr7vkSoSuHJSrBxTbMNXAh9Od1cLS +1OiHzpdVE/rrP3ypCw84VrVFWmMBJu2cy04Sx1NA7ukXjjndWeNEDzo8cLtoGHw 3sbV0P8KDNHRdqwMnB7/Iot7ga4dB5WzhwbvlTBuwy1+2fovpM7ff1hN/IAVS8NW udAeO1yzCRIBcTTkneZ5iJNzUXaXym7LjXNPrw+yDBlrQZM5nu/N/GlxT1uBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU4Dci/7V2fk7EyeegF4GgHWZN9eowHwYDVR0j BBgwFoAUIawiC3enfQUWvHO0wpyDY90AkRswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMC8yMUFDMjIwQjc3 QTc3RDA1MTZCQzczQjRDMjlDODM2M0REMDA5MTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNERDAw OTExQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5Qzgz NjNERDAwOTExQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEv8qJ94n0msl7hp/J58ANGGnEjP6Y6BHpak mzr/39WoQnF9YmQS/6GA1nCDWP/wCdSIBMREzBNVnhMg0382w+wbvh1SeOFb38VR ajOWrBuO07WG64GmsDxoz6ILwtVz21Fbz7kXxe+25OtCS2lAOazLLyQVH5ifWBEE ohpAaJnTx3P7NyhIPqkt1JwzvKAe8+HWp2fBLC+L2oB/DgMKCX3j+X9vmckCCcHB lkQQO+jxiL0XyhbaC9t7Le9esXUWiDEVU1VwAn65I7fGcYFBJqSvoQvaZE4Qgljf KgItlhENBh6YmhTISxGh2SEBLQDfixcmw9OpHZkMVYMIC6lpX/w= -----END CERTIFICATE-----Generated at Mon Mar 2 17:42:41 2026 by rpki-client