$ rpki-client -vvf repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft File: DD68C98D519CC8D624F664B026AEB9B289EE819C.mft (raw, json) Hash identifier: alXOR/gOU0dG+Pk/swTdjN2ZqEktErJ1c3wdnLzeerI= Subject key identifier: 6C:48:9F:E1:56:3E:6A:25:7E:19:57:33:B5:4D:0C:19:06:F9:AC:D1 Authority key identifier: DD:68:C9:8D:51:9C:C8:D6:24:F6:64:B0:26:AE:B9:B2:89:EE:81:9C Certificate issuer: /CN=DD68C98D519CC8D624F664B026AEB9B289EE819C Certificate serial: 3593C4DDB266590B589D0E380F23BDD5B9258F93 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft Manifest number: 021C Signing time: Mon 02 Mar 2026 10:22:00 +0000 Manifest this update: Mon 02 Mar 2026 10:17:00 +0000 Manifest next update: Thu 05 Mar 2026 18:40:00 +0000 Files and hashes: 1: 3130332e33362e35322e302f32332d3233203d3e2039333431.roa (hash: avxCSiDbdDW7kOsh1a+dBlMPbboYpQF+S49u7QzrJXw=) 2: 3130332e33362e35332e302f32342d3234203d3e2039333431.roa (hash: 9XabV5C+bxTzwQpxWRFJ2J0ODxVlFWpwxY4ZIRRll5s=) 3: DD68C98D519CC8D624F664B026AEB9B289EE819C.crl (hash: EouxNyPef19VeuSGVsVpOHZ9NuD8oE3zl13xj99kLdM=) 4: 3130332e33362e35322e302f32342d3234203d3e2039333431.roa (hash: 4vYKKc9gCQNLGbY6CdycYfIML4Cvt54/Y7bjgPLGEYU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.crl rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 06:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:93:c4:dd:b2:66:59:0b:58:9d:0e:38:0f:23:bd:d5:b9:25:8f:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DD68C98D519CC8D624F664B026AEB9B289EE819C Validity Not Before: Mar 2 10:17:00 2026 GMT Not After : Mar 5 18:40:00 2026 GMT Subject: CN=6C489FE1563E6A257E195733B54D0C1906F9ACD1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:41:84:8d:37:01:81:7c:85:ec:78:a9:87:c2: da:f3:6a:bb:3b:21:e6:83:6c:bb:dd:8a:19:bd:ae: cb:09:d0:f1:21:60:68:87:c8:fa:8e:7f:ec:7b:9c: 01:4a:b5:b8:ae:22:75:6b:77:25:b6:61:1f:d8:ab: 91:66:cf:e6:9d:e3:cf:fa:3c:1b:a8:00:54:61:6d: eb:b5:9d:fe:12:15:91:42:1e:58:9e:69:c6:fb:7d: f3:0a:df:37:ee:c0:91:e9:aa:b7:c4:9c:ac:f3:cb: f2:c3:66:5d:e9:66:23:0f:71:3f:c3:d4:14:0e:e4: 7e:01:5c:fb:32:e7:4a:71:b5:af:b9:2d:1a:b7:41: f1:7c:33:bf:86:0d:0a:9c:7c:bb:ef:b7:98:6e:fc: fb:91:56:3e:d5:9d:65:e7:83:47:39:5c:be:71:0b: c3:4e:05:22:3d:03:9c:d5:34:d9:4d:76:36:12:60: 07:6d:44:98:cb:1d:52:14:f4:72:36:4b:d1:7d:f9: d6:c5:55:49:61:65:24:3f:b0:8c:f9:8d:3e:c2:05: 77:0b:04:db:58:90:69:99:23:78:7c:db:4f:6c:10: 15:57:4a:41:67:b4:cd:04:9e:b4:6c:d7:40:a0:1d: 59:84:29:4d:c8:b8:be:12:19:84:b8:4a:c6:39:8a: e8:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:48:9F:E1:56:3E:6A:25:7E:19:57:33:B5:4D:0C:19:06:F9:AC:D1 X509v3 Authority Key Identifier: keyid:DD:68:C9:8D:51:9C:C8:D6:24:F6:64:B0:26:AE:B9:B2:89:EE:81:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:f1:4b:f6:21:1b:9d:9a:69:95:dc:3e:48:ad:58:63:14:9c: 24:7a:44:a7:19:7a:58:59:eb:ed:bd:ed:e9:32:a7:15:8e:bf: 24:a2:8a:70:5c:34:6e:0e:6d:17:b4:f7:b4:b1:95:b3:1b:f9: 06:64:60:3b:98:f0:87:07:37:94:b1:7b:d0:61:fd:4c:19:97: 8c:a3:ea:ac:d9:99:37:95:89:90:7f:1d:8d:a0:2d:e6:e1:a2: d8:d9:24:67:f4:4b:84:80:4a:9c:dc:ea:16:d7:a4:d6:2d:8f: ae:94:a3:24:f2:f1:ed:b1:9f:18:f8:a6:0d:e2:a3:fd:9c:58: 3b:e7:cc:21:9c:11:4d:32:41:a7:0a:65:3a:44:2c:ac:58:20: 5f:5e:71:cf:81:7b:3b:76:48:53:f0:ee:95:c3:d2:82:fe:d3: 19:ff:47:14:5f:e7:2d:a9:d8:f8:22:31:f5:9f:62:17:14:96: e5:58:c1:8b:2a:77:ac:4f:3a:92:1c:96:f8:6c:b9:9c:5f:6f: 1e:61:15:f5:c7:63:c9:73:bb:be:6f:b1:3b:62:f0:78:88:ce: 26:ec:e3:e5:a0:e7:42:0f:dc:69:1c:8d:29:81:be:89:a9:74: a0:2f:20:e7:66:34:8a:00:6a:69:32:27:c9:d2:a5:a4:e7:f3: 95:78:b9:08 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNZPE3bJmWQtYnQ44DyO91bklj5MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5QjI4 OUVFODE5QzAeFw0yNjAzMDIxMDE3MDBaFw0yNjAzMDUxODQwMDBaMDMxMTAvBgNV BAMTKDZDNDg5RkUxNTYzRTZBMjU3RTE5NTczM0I1NEQwQzE5MDZGOUFDRDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwQYSNNwGBfIXseKmHwtrzars7 IeaDbLvdihm9rssJ0PEhYGiHyPqOf+x7nAFKtbiuInVrdyW2YR/Yq5Fmz+ad48/6 PBuoAFRhbeu1nf4SFZFCHlieacb7ffMK3zfuwJHpqrfEnKzzy/LDZl3pZiMPcT/D 1BQO5H4BXPsy50pxta+5LRq3QfF8M7+GDQqcfLvvt5hu/PuRVj7VnWXng0c5XL5x C8NOBSI9A5zVNNlNdjYSYAdtRJjLHVIU9HI2S9F9+dbFVUlhZSQ/sIz5jT7CBXcL BNtYkGmZI3h8209sEBVXSkFntM0EnrRs10CgHVmEKU3IuL4SGYS4SsY5iujxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUbEif4VY+aiV+GVcztU0MGQb5rNEwHwYDVR0j BBgwFoAU3WjJjVGcyNYk9mSwJq65sonugZwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MDQzYTg4OS1jODYxLTRkMjktOWQ3Ny05MjNkOTI3ZTc2MzQvMC9ERDY4Qzk4RDUx OUNDOEQ2MjRGNjY0QjAyNkFFQjlCMjg5RUU4MTlDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5QjI4OUVF ODE5Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDA0M2E4ODktYzg2MS00ZDI5LTlk NzctOTIzZDkyN2U3NjM0LzAvREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5 QjI4OUVFODE5Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH/xS/YhG52aaZXcPkitWGMUnCR6RKcZelhZ 6+297ekypxWOvySiinBcNG4ObRe097SxlbMb+QZkYDuY8IcHN5Sxe9Bh/UwZl4yj 6qzZmTeViZB/HY2gLebhotjZJGf0S4SASpzc6hbXpNYtj66UoyTy8e2xnxj4pg3i o/2cWDvnzCGcEU0yQacKZTpELKxYIF9ecc+Bezt2SFPw7pXD0oL+0xn/RxRf5y2p 2PgiMfWfYhcUluVYwYsqd6xPOpIclvhsuZxfbx5hFfXHY8lzu75vsTti8HiIzibs 4+Wg50IP3GkcjSmBvompdKAvIOdmNIoAamkyJ8nSpaTn85V4uQg= -----END CERTIFICATE-----Generated at Mon Mar 2 17:09:29 2026 by rpki-client