$ rpki-client -vvf repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft File: 5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft (raw, json) Hash identifier: A7jyPvUz2G6Ts9WMVxRe6WdO+RwNO4CPU8YHNbVjzCE= Subject key identifier: 9B:BA:53:45:9E:1E:26:A1:31:3D:3C:29:89:C5:26:4F:69:90:82:F2 Authority key identifier: 5A:8D:4D:EC:5F:C2:9B:E6:E2:49:04:62:F5:80:90:3D:D4:A9:84:EB Certificate issuer: /CN=5A8D4DEC5FC29BE6E2490462F580903DD4A984EB Certificate serial: 31313392F7E5A3013C3596F4F54D5CEC51BC0D7A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft Manifest number: 0124 Signing time: Mon 02 Mar 2026 13:51:10 +0000 Manifest this update: Mon 02 Mar 2026 13:46:10 +0000 Manifest next update: Thu 05 Mar 2026 20:32:10 +0000 Files and hashes: 1: 3135372e36362e3132322e302f32342d3234203d3e203633383538.roa (hash: 4USC1AQzGKvJLoaILHyi8/vcN8nVPul2782sFf1fdxE=) 2: 5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.crl (hash: 1bk/XAuWwzvGW65fOciAw0iqdmv63uAH9nkhTJruFWM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.crl rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:31:33:92:f7:e5:a3:01:3c:35:96:f4:f5:4d:5c:ec:51:bc:0d:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5A8D4DEC5FC29BE6E2490462F580903DD4A984EB Validity Not Before: Mar 2 13:46:10 2026 GMT Not After : Mar 5 20:32:10 2026 GMT Subject: CN=9BBA53459E1E26A1313D3C2989C5264F699082F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:65:f3:27:ad:40:93:f8:47:25:cf:c2:52:d4: da:5c:d7:73:08:ec:fd:8b:c0:5a:3c:1e:00:0c:8f: 35:87:37:42:d0:4a:62:31:e8:7a:34:4f:d3:2e:c1: 13:d6:bc:17:28:dd:8e:2b:6e:b3:76:b3:5c:4f:c0: 7f:25:b6:b2:8c:e5:02:9a:a7:aa:8f:07:13:7f:04: 4a:6f:7a:19:78:3d:42:ab:fb:4b:b9:51:6f:94:41: 98:c2:36:2d:e0:17:72:31:af:ff:0d:fc:79:fb:d6: 91:92:62:35:a1:9a:2e:f4:fe:96:f2:4a:ce:d0:32: 8c:9f:c0:36:a1:8e:a1:a8:f9:5c:cb:d9:92:4f:6f: 74:61:82:5c:0e:d5:0b:86:ff:f4:55:c3:9a:98:e2: d9:a6:ce:76:e6:9b:95:c9:02:ff:0d:3e:52:cb:b7: 85:cc:21:32:1e:55:2c:4a:73:d3:6c:54:ed:7c:c8: f8:1e:f7:31:6d:71:13:f0:35:ea:74:aa:34:79:8a: 55:20:55:88:1d:8c:08:ba:f7:0d:08:c4:e4:5d:75: 91:72:61:2e:85:d3:0e:80:4b:ea:6d:c7:c2:6f:ff: a6:58:fa:eb:0c:c9:f7:82:7a:27:cb:11:8c:92:b5: e7:67:7c:2c:42:e5:61:fb:f9:24:48:c3:9c:4f:57: aa:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:BA:53:45:9E:1E:26:A1:31:3D:3C:29:89:C5:26:4F:69:90:82:F2 X509v3 Authority Key Identifier: keyid:5A:8D:4D:EC:5F:C2:9B:E6:E2:49:04:62:F5:80:90:3D:D4:A9:84:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:4f:60:98:8f:a0:0f:63:b0:c3:8d:84:8a:b6:c3:8a:dc:ae: 12:06:e7:2a:1e:b1:79:38:7f:61:2c:bd:78:c6:c8:98:7c:32: 3b:e5:27:86:49:be:72:f5:d2:92:ee:c0:64:20:a3:02:5d:02: 86:5b:ca:08:59:c9:68:58:4d:b9:2a:aa:6e:95:0d:d0:6c:2d: b5:d4:9f:c9:39:7f:97:43:12:4c:7d:f8:95:51:79:1f:8a:10: 83:f8:ff:ee:a2:9b:d6:e1:79:93:06:67:01:c4:c1:5c:71:d2: 32:c2:62:ae:dc:6a:a5:b9:4f:7a:34:ad:e5:d7:a0:ce:00:06: f8:23:ff:03:2c:42:f2:70:83:8b:55:87:ab:3f:d8:de:e4:8b: 07:72:3c:29:24:b9:f5:3e:50:f1:0e:b3:8a:c4:e1:b7:78:5d: db:65:70:83:93:d2:a5:1c:0b:63:aa:e5:6c:b0:db:89:84:d3: 3a:9d:c3:7a:17:2f:0e:0e:d5:fe:7b:e8:0c:e5:3d:9e:44:16: 8e:6c:2a:e0:67:26:c6:47:2d:10:7b:af:4d:5a:73:1a:7d:f3: 12:e3:b3:9c:72:8f:3e:1d:b7:14:3d:b8:67:a0:30:33:21:d6: 32:74:31:9a:cb:b4:12:f6:46:cb:4f:95:91:22:be:2b:35:8b: 74:df:40:92 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMTEzkvflowE8NZb09U1c7FG8DXowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUE4RDRERUM1RkMyOUJFNkUyNDkwNDYyRjU4MDkwM0RE NEE5ODRFQjAeFw0yNjAzMDIxMzQ2MTBaFw0yNjAzMDUyMDMyMTBaMDMxMTAvBgNV BAMTKDlCQkE1MzQ1OUUxRTI2QTEzMTNEM0MyOTg5QzUyNjRGNjk5MDgyRjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcZfMnrUCT+Eclz8JS1Npc13MI 7P2LwFo8HgAMjzWHN0LQSmIx6Ho0T9MuwRPWvBco3Y4rbrN2s1xPwH8ltrKM5QKa p6qPBxN/BEpvehl4PUKr+0u5UW+UQZjCNi3gF3Ixr/8N/Hn71pGSYjWhmi70/pby Ss7QMoyfwDahjqGo+VzL2ZJPb3RhglwO1QuG//RVw5qY4tmmznbmm5XJAv8NPlLL t4XMITIeVSxKc9NsVO18yPge9zFtcRPwNep0qjR5ilUgVYgdjAi69w0IxORddZFy YS6F0w6AS+ptx8Jv/6ZY+usMyfeCeifLEYyStednfCxC5WH7+SRIw5xPV6qXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUm7pTRZ4eJqExPTwpicUmT2mQgvIwHwYDVR0j BBgwFoAUWo1N7F/Cm+biSQRi9YCQPdSphOswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j ZWNmNWQ5NC03ZjFmLTQzYmYtYjdhYS0yMjBmMGMxNTZlYzAvMC81QThENERFQzVG QzI5QkU2RTI0OTA0NjJGNTgwOTAzREQ0QTk4NEVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNUE4RDRERUM1RkMyOUJFNkUyNDkwNDYyRjU4MDkwM0RENEE5 ODRFQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2VjZjVkOTQtN2YxZi00M2JmLWI3 YWEtMjIwZjBjMTU2ZWMwLzAvNUE4RDRERUM1RkMyOUJFNkUyNDkwNDYyRjU4MDkw M0RENEE5ODRFQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG1PYJiPoA9jsMONhIq2w4rcrhIG5yoesXk4 f2EsvXjGyJh8MjvlJ4ZJvnL10pLuwGQgowJdAoZbyghZyWhYTbkqqm6VDdBsLbXU n8k5f5dDEkx9+JVReR+KEIP4/+6im9bheZMGZwHEwVxx0jLCYq7caqW5T3o0reXX oM4ABvgj/wMsQvJwg4tVh6s/2N7kiwdyPCkkufU+UPEOs4rE4bd4XdtlcIOT0qUc C2Oq5Wyw24mE0zqdw3oXLw4O1f576AzlPZ5EFo5sKuBnJsZHLRB7r01acxp98xLj s5xyjz4dtxQ9uGegMDMh1jJ0MZrLtBL2RstPlZEivis1i3TfQJI= -----END CERTIFICATE-----Generated at Mon Mar 2 20:15:24 2026 by rpki-client