$ rpki-client -vvf repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft File: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft (raw, json) Hash identifier: 0v1TPux7fm+mDnuZIzum4grOluew2IOOXpAqwg+tr4o= Subject key identifier: 19:31:40:44:16:BD:54:22:44:D5:86:CD:E6:D0:6B:00:82:FD:A7:FE Authority key identifier: 2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 Certificate issuer: /CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Certificate serial: 767EA925EBCD6E29AEBEAEF19039139CBEFB0029 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft Manifest number: 02 Signing time: Sun 01 Mar 2026 16:41:12 +0000 Manifest this update: Sun 01 Mar 2026 16:36:12 +0000 Manifest next update: Wed 04 Mar 2026 19:47:12 +0000 Files and hashes: 1: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl (hash: 2MlMoeU0wWC5iOIdv0OfKYsG+BjabNkrHT0xIDhEbq8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 19:47:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:7e:a9:25:eb:cd:6e:29:ae:be:ae:f1:90:39:13:9c:be:fb:00:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Validity Not Before: Mar 1 16:36:12 2026 GMT Not After : Mar 4 19:47:12 2026 GMT Subject: CN=1931404416BD542244D586CDE6D06B0082FDA7FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:28:a3:55:a7:0e:32:98:a1:7f:65:b7:42:9e: 73:2c:90:f2:5c:38:d3:50:e6:f6:90:38:4e:37:61: df:62:ad:68:cf:44:44:38:f7:f4:ad:fb:68:0e:ca: 21:f8:26:4e:2c:9d:b6:d8:07:9a:bb:65:a3:e5:38: b1:0d:46:da:6c:8a:63:26:a6:4b:97:a8:3f:36:f5: 00:51:1e:0f:eb:3e:97:cb:12:bf:df:62:2d:41:b9: 0f:4a:50:7b:5f:8b:b7:19:ca:3b:32:2b:12:a4:35: 93:12:26:de:c4:76:65:24:aa:72:4c:7a:ab:ae:6e: fa:a8:8c:72:bf:83:c8:66:03:dc:29:2c:f8:2c:dc: 37:c0:50:12:c1:c5:b3:76:c8:7c:a2:3c:8c:00:17: 75:76:f9:9b:73:28:e8:a2:6b:54:9d:ef:69:98:64: cb:a1:a8:06:6d:7e:5c:f5:4c:c5:49:f3:2a:08:6d: 48:17:a5:1b:ff:2b:6a:e1:4f:d6:ec:4a:b2:74:d4: 59:9c:cf:93:9b:e0:1b:80:62:10:91:0c:97:c9:25: c3:89:e3:58:bd:20:c0:df:ec:bb:ac:7a:2b:b8:e7: dc:2f:c5:3a:49:ab:ab:2c:a5:2e:82:50:03:41:d5: 39:4b:d5:1c:87:bd:ce:11:4c:b0:92:24:6b:29:e9: 21:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:31:40:44:16:BD:54:22:44:D5:86:CD:E6:D0:6B:00:82:FD:A7:FE X509v3 Authority Key Identifier: keyid:2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:32:7e:19:f4:03:5b:da:17:aa:c7:b1:ea:b4:bb:ea:52:10: 9c:75:b5:f1:24:85:ae:87:b6:71:e0:b6:16:8f:bf:b1:ad:31: e1:d6:15:88:c1:1e:98:18:2f:df:33:fa:62:a2:2e:b8:92:b7: d2:38:d9:b6:7c:ac:5f:13:0e:bb:28:63:96:2e:27:b3:bd:98: ec:e8:e2:5d:14:62:de:cc:ac:7c:db:6f:64:fe:9d:4b:d6:f5: ad:5c:dc:ba:e4:6f:5c:78:c8:35:71:fc:ee:ca:77:9b:24:99: 33:f6:44:89:e3:f2:be:43:43:62:c5:a6:ea:13:d5:b3:84:66: 14:60:70:39:bb:55:1c:ba:72:78:18:36:ac:dd:a4:24:79:5e: 63:09:09:23:92:a0:de:84:4a:93:a2:40:f6:7f:5d:19:dc:ea: 29:6c:c4:b0:ae:3f:c5:0a:90:cf:0f:19:51:20:af:66:77:8f: db:87:c3:8d:f3:2e:85:8d:7c:a3:0d:a8:62:f6:60:97:36:9a: 82:3e:ed:80:f2:c8:1c:bd:b5:2a:44:c6:46:a3:92:5b:06:3f: 58:18:cf:01:bf:a5:68:c9:96:df:c2:02:ff:09:b9:1a:99:5e: 12:44:4a:19:49:4c:be:80:d4:d8:e7:45:bc:97:19:5a:46:ce: c4:38:9d:ec -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdn6pJevNbimuvq7xkDkTnL77ACkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlC QjExMjdGNzAeFw0yNjAzMDExNjM2MTJaFw0yNjAzMDQxOTQ3MTJaMDMxMTAvBgNV BAMTKDE5MzE0MDQ0MTZCRDU0MjI0NEQ1ODZDREU2RDA2QjAwODJGREE3RkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCKKNVpw4ymKF/ZbdCnnMskPJc ONNQ5vaQOE43Yd9irWjPREQ49/St+2gOyiH4Jk4snbbYB5q7ZaPlOLENRtpsimMm pkuXqD829QBRHg/rPpfLEr/fYi1BuQ9KUHtfi7cZyjsyKxKkNZMSJt7EdmUkqnJM equubvqojHK/g8hmA9wpLPgs3DfAUBLBxbN2yHyiPIwAF3V2+ZtzKOiia1Sd72mY ZMuhqAZtflz1TMVJ8yoIbUgXpRv/K2rhT9bsSrJ01Fmcz5Ob4BuAYhCRDJfJJcOJ 41i9IMDf7Luseiu459wvxTpJq6sspS6CUANB1TlL1RyHvc4RTLCSJGsp6SHPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGTFARBa9VCJE1YbN5tBrAIL9p/4wHwYDVR0j BBgwFoAULY//29GvkHo+ew6CGaNzGbsRJ/cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YmRlM2E0Mi02MjcyLTRiNmMtYWQ4MS1jY2NmYmU5NDg4YzAvMS8yRDhGRkZEQkQx QUY5MDdBM0U3QjBFODIxOUEzNzMxOUJCMTEyN0Y3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlCQjEx MjdGNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2JkZTNhNDItNjI3Mi00YjZjLWFk ODEtY2NjZmJlOTQ4OGMwLzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzcz MTlCQjExMjdGNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAUyfhn0A1vaF6rHseq0u+pSEJx1tfEkha6H tnHgthaPv7GtMeHWFYjBHpgYL98z+mKiLriSt9I42bZ8rF8TDrsoY5YuJ7O9mOzo 4l0UYt7MrHzbb2T+nUvW9a1c3Lrkb1x4yDVx/O7Kd5skmTP2RInj8r5DQ2LFpuoT 1bOEZhRgcDm7VRy6cngYNqzdpCR5XmMJCSOSoN6ESpOiQPZ/XRnc6ilsxLCuP8UK kM8PGVEgr2Z3j9uHw43zLoWNfKMNqGL2YJc2moI+7YDyyBy9tSpExkajklsGP1gY zwG/pWjJlt/CAv8JuRqZXhJEShlJTL6A1NjnRbyXGVpGzsQ4new= -----END CERTIFICATE-----Generated at Mon Mar 2 14:33:31 2026 by rpki-client