$ rpki-client -vvf repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft File: DD68C98D519CC8D624F664B026AEB9B289EE819C.mft (raw, json) Hash identifier: Jyus8bSBHDrAt2Kn3rYfmo4FQRda57x5iGA5ItAXBcQ= Subject key identifier: ED:E9:1B:A9:92:2F:56:D6:DF:BA:01:F6:17:42:1D:66:16:BA:B3:41 Authority key identifier: DD:68:C9:8D:51:9C:C8:D6:24:F6:64:B0:26:AE:B9:B2:89:EE:81:9C Certificate issuer: /CN=DD68C98D519CC8D624F664B026AEB9B289EE819C Certificate serial: 59C7CB35A8BF6DF37C4CC478560E30A8E8F30BF7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft Manifest number: 021B Signing time: Sat 28 Feb 2026 02:41:58 +0000 Manifest this update: Sat 28 Feb 2026 02:36:58 +0000 Manifest next update: Tue 03 Mar 2026 10:18:58 +0000 Files and hashes: 1: 3130332e33362e35322e302f32342d3234203d3e2039333431.roa (hash: 4vYKKc9gCQNLGbY6CdycYfIML4Cvt54/Y7bjgPLGEYU=) 2: 3130332e33362e35322e302f32332d3233203d3e2039333431.roa (hash: avxCSiDbdDW7kOsh1a+dBlMPbboYpQF+S49u7QzrJXw=) 3: DD68C98D519CC8D624F664B026AEB9B289EE819C.crl (hash: MLJLKJkIovhxi3KXFAHUJk2Yo2CPP3/60xvsq5gd78o=) 4: 3130332e33362e35332e302f32342d3234203d3e2039333431.roa (hash: 9XabV5C+bxTzwQpxWRFJ2J0ODxVlFWpwxY4ZIRRll5s=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.crl rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 10:18:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:c7:cb:35:a8:bf:6d:f3:7c:4c:c4:78:56:0e:30:a8:e8:f3:0b:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DD68C98D519CC8D624F664B026AEB9B289EE819C Validity Not Before: Feb 28 02:36:58 2026 GMT Not After : Mar 3 10:18:58 2026 GMT Subject: CN=EDE91BA9922F56D6DFBA01F617421D6616BAB341 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d8:99:be:7c:7c:ea:3f:4f:2a:34:9c:a0:f6: 2b:1a:d4:06:ce:51:b8:42:5d:92:c0:e2:86:35:6a: 28:b8:b4:45:dc:3b:1e:5e:cc:9d:d5:a0:2d:56:81: dd:bb:16:b7:c1:26:e4:6c:ad:a6:bf:c6:7f:81:f0: 42:11:43:45:76:ff:c8:8b:f4:35:1e:c8:b7:08:25: 99:cf:69:ad:ff:b1:00:f0:4c:22:9e:70:07:9f:c0: fb:fa:eb:9e:fc:6d:6b:92:ff:5c:57:0b:86:9e:53: da:b8:43:a9:df:80:93:40:70:fc:ff:3f:83:e1:14: 7d:5f:b5:3c:f2:7e:96:a9:7a:8d:55:7e:51:0b:f2: 74:27:e9:a3:24:9a:3a:71:64:b7:34:2c:f2:8d:2f: a6:6f:e1:a9:33:da:12:3d:dc:86:6a:61:e9:85:7c: 82:b1:aa:94:ad:87:c5:fe:9a:f1:8f:e0:ca:80:c3: 3f:a2:a9:65:56:84:05:98:0e:f6:6c:20:5d:90:67: 7d:ec:61:47:0a:f8:bc:4a:cb:8a:cd:f1:55:7a:ea: fe:ab:17:ab:f7:16:24:11:68:54:c5:a0:e8:e3:35: 7a:49:2c:dd:35:5a:61:37:6a:9e:81:5e:d8:44:4c: ca:22:bc:fb:17:38:33:78:2e:78:ce:84:40:6f:7a: 6e:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:E9:1B:A9:92:2F:56:D6:DF:BA:01:F6:17:42:1D:66:16:BA:B3:41 X509v3 Authority Key Identifier: keyid:DD:68:C9:8D:51:9C:C8:D6:24:F6:64:B0:26:AE:B9:B2:89:EE:81:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:25:c9:88:5f:a9:70:c1:66:42:36:c1:9b:cc:09:16:aa:b3: 50:5b:bd:67:37:0b:8c:20:ce:f3:47:f9:30:4e:e2:e7:a2:c7: 0b:03:ea:3e:d3:a5:80:1f:c3:00:36:02:e0:a1:9c:af:ee:ac: 49:99:1f:ce:27:72:0c:62:b7:0c:14:06:d7:32:2a:3e:e5:9d: f9:d9:c0:e5:b1:ba:1c:e4:d8:3c:fc:11:50:4a:45:d5:cb:67: 2d:de:60:ce:20:5c:a5:3d:83:2d:f6:42:ce:45:91:67:a6:8f: a2:0c:3f:c8:99:39:c5:04:a6:ab:e3:02:9a:1e:3b:a5:61:5b: a5:fe:52:f7:77:9f:7f:7c:72:ff:d3:db:f3:1b:b9:b3:f1:7b: 55:47:c9:0c:bd:10:df:2b:de:74:0a:22:cd:63:1e:d9:97:63: 96:68:08:9e:ff:94:ef:3e:df:09:ce:a7:1a:2b:7d:1f:47:11: 2c:d6:22:a4:fb:56:96:5a:a0:1c:6d:f1:1f:f5:7a:4f:aa:7f: 18:ab:94:10:93:44:b0:86:77:f3:5a:1d:ff:dc:5e:3f:d9:89: 37:75:c1:83:8c:0a:8b:23:c2:89:48:45:51:e7:13:9e:2b:4f: 79:d9:e7:85:c1:71:b4:ff:34:f8:25:53:2a:84:0a:3c:2f:ec: 8d:18:f9:f3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWcfLNai/bfN8TMR4Vg4wqOjzC/cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5QjI4 OUVFODE5QzAeFw0yNjAyMjgwMjM2NThaFw0yNjAzMDMxMDE4NThaMDMxMTAvBgNV BAMTKEVERTkxQkE5OTIyRjU2RDZERkJBMDFGNjE3NDIxRDY2MTZCQUIzNDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI2Jm+fHzqP08qNJyg9isa1AbO UbhCXZLA4oY1aii4tEXcOx5ezJ3VoC1Wgd27FrfBJuRsraa/xn+B8EIRQ0V2/8iL 9DUeyLcIJZnPaa3/sQDwTCKecAefwPv66578bWuS/1xXC4aeU9q4Q6nfgJNAcPz/ P4PhFH1ftTzyfpapeo1VflEL8nQn6aMkmjpxZLc0LPKNL6Zv4akz2hI93IZqYemF fIKxqpSth8X+mvGP4MqAwz+iqWVWhAWYDvZsIF2QZ33sYUcK+LxKy4rN8VV66v6r F6v3FiQRaFTFoOjjNXpJLN01WmE3ap6BXthETMoivPsXODN4LnjOhEBvem7DAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU7ekbqZIvVtbfugH2F0IdZha6s0EwHwYDVR0j BBgwFoAU3WjJjVGcyNYk9mSwJq65sonugZwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MDQzYTg4OS1jODYxLTRkMjktOWQ3Ny05MjNkOTI3ZTc2MzQvMC9ERDY4Qzk4RDUx OUNDOEQ2MjRGNjY0QjAyNkFFQjlCMjg5RUU4MTlDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5QjI4OUVF ODE5Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDA0M2E4ODktYzg2MS00ZDI5LTlk NzctOTIzZDkyN2U3NjM0LzAvREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5 QjI4OUVFODE5Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFclyYhfqXDBZkI2wZvMCRaqs1BbvWc3C4wg zvNH+TBO4ueixwsD6j7TpYAfwwA2AuChnK/urEmZH84ncgxitwwUBtcyKj7lnfnZ wOWxuhzk2Dz8EVBKRdXLZy3eYM4gXKU9gy32Qs5FkWemj6IMP8iZOcUEpqvjApoe O6VhW6X+Uvd3n398cv/T2/MbubPxe1VHyQy9EN8r3nQKIs1jHtmXY5ZoCJ7/lO8+ 3wnOpxorfR9HESzWIqT7VpZaoBxt8R/1ek+qfxirlBCTRLCGd/NaHf/cXj/ZiTd1 wYOMCosjwolIRVHnE54rT3nZ54XBcbT/NPglUyqECjwv7I0Y+fM= -----END CERTIFICATE-----Generated at Mon Mar 2 10:22:50 2026 by rpki-client