$ rpki-client -vvf repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft File: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft (raw, json) Hash identifier: aUJrFXNCgcxAmq+AmqZWcaRgcypMqEsdr8/PlrtZajo= Subject key identifier: 4A:00:99:C3:61:89:DA:68:04:BA:2F:DC:BD:28:DF:8E:0B:9F:D7:C3 Authority key identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 Certificate issuer: /CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Certificate serial: 219FAAC2CA71CA3717BE887DB9EACEE314E53C73 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft Manifest number: 04D9 Signing time: Sun 01 Mar 2026 05:50:55 +0000 Manifest this update: Sun 01 Mar 2026 05:45:55 +0000 Manifest next update: Wed 04 Mar 2026 06:52:55 +0000 Files and hashes: 1: 3130332e3136322e302e302f32342d3234203d3e20313431363334.roa (hash: mrVcWkYKkNNL+5Z0dua06HvGJVSXAbMBn3dbcArjm/g=) 2: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl (hash: 6KzUU5iV8oV6BRPVBxwImM9SBW9m1+qU57AjVmiUtag=) 3: 3130332e3136322e312e302f32342d3234203d3e2036393339.roa (hash: U7NnTgw4+RWSqCZvvYrAIpdq9+m5qm4ziARKzADWCYw=) 4: 3130332e3136322e302e302f32332d3233203d3e20313431363334.roa (hash: BUWXw4dtky6u3IS1OVmdebvECXrPIBW5iPpOPegzgSU=) 5: 3130332e3136322e312e302f32342d3234203d3e20313431363334.roa (hash: qNe08ONmrtJrbqnJHhzOzL4yLMKznA4CGtzFIsSxWok=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 06:52:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:9f:aa:c2:ca:71:ca:37:17:be:88:7d:b9:ea:ce:e3:14:e5:3c:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Validity Not Before: Mar 1 05:45:55 2026 GMT Not After : Mar 4 06:52:55 2026 GMT Subject: CN=4A0099C36189DA6804BA2FDCBD28DF8E0B9FD7C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:dd:90:e6:fc:fd:04:46:db:89:e9:e2:84:4a: 36:7b:e8:d6:26:67:ab:f0:9a:0f:79:fb:0e:65:79: a2:9a:d5:fb:d2:02:ef:35:4e:8e:d4:63:db:ec:7a: 51:a7:65:da:14:fa:dc:4a:66:c9:7c:fc:dd:f8:f6: dd:f7:d1:e6:15:98:b9:2d:c7:87:55:90:7c:19:57: 13:ad:41:76:6c:a5:9b:4b:ad:67:6f:c1:2d:d4:8a: 39:38:02:ee:93:6d:38:9c:11:c0:f2:70:06:84:b9: ce:2e:b9:4b:2e:8b:cb:b8:0c:df:7a:f7:0a:c5:71: 3a:bf:4d:a0:e5:c3:9c:93:95:25:ca:0f:91:63:a5: da:d6:ae:42:5b:62:46:c0:5c:ce:33:fa:ac:0f:04: c5:7e:fa:40:7d:da:0e:db:41:b2:ee:0a:88:1e:6c: 8a:1c:52:2b:52:56:14:ae:34:ec:05:e9:88:8e:d5: c1:86:43:1d:05:8d:16:d3:31:13:83:6d:52:2f:ae: 1c:cb:78:ae:22:ce:41:dc:81:86:ac:f7:76:50:83: f4:91:4f:16:b7:fa:95:96:9f:ee:42:39:9f:52:04: 3a:a4:5d:1e:f1:fa:24:78:7c:f5:eb:18:29:4b:6c: 18:05:0b:2c:61:ac:e9:d2:5d:a8:0e:c5:b1:0b:c7: ec:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:00:99:C3:61:89:DA:68:04:BA:2F:DC:BD:28:DF:8E:0B:9F:D7:C3 X509v3 Authority Key Identifier: keyid:20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:28:ef:ed:4c:de:94:6d:ee:38:f9:c4:5e:7b:50:8c:3e:69: 3d:1e:ef:cf:3e:b4:8c:8d:d8:5e:bb:09:93:09:2a:ea:7a:2e: 22:e4:c7:6e:83:cd:5a:1b:ad:5e:23:09:47:ac:02:9e:a8:c1: 99:01:4b:f7:6c:8a:0d:84:27:5a:ba:5a:6a:84:9f:b9:49:08: 35:94:9d:89:75:8b:84:e7:bf:63:43:c8:e9:e3:6c:c5:a4:6f: 3c:fd:48:fd:e4:8c:1a:12:3f:52:f0:de:b4:f9:ad:54:4a:d7: c6:13:ea:1d:8c:43:ea:f5:65:8c:6f:aa:08:5f:68:67:cf:8d: 77:d6:85:34:e0:b9:f1:a8:b2:14:24:33:d0:10:ba:fe:c7:a1: 4e:4a:4c:1d:82:05:47:44:fa:09:55:f6:06:48:44:f5:f0:ea: 89:6f:10:aa:17:d6:8b:bb:0c:91:13:60:81:e8:c6:92:2a:06: e1:a2:0a:ef:75:a1:9a:4f:1b:86:88:82:21:99:9f:ef:b4:54: da:8d:d1:da:dd:b0:7a:cc:1a:e1:50:2b:20:21:32:f0:37:2f: f9:0e:52:88:a9:6f:2f:c6:9b:db:75:96:39:26:f9:2e:bc:cd: 2e:82:71:65:3b:d2:31:ea:a6:c7:a6:db:0a:fd:75:ae:e4:07: fe:53:3a:06 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIZ+qwspxyjcXvoh9uerO4xTlPHMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlFQ0Qy ODlBQkZGOTAeFw0yNjAzMDEwNTQ1NTVaFw0yNjAzMDQwNjUyNTVaMDMxMTAvBgNV BAMTKDRBMDA5OUMzNjE4OURBNjgwNEJBMkZEQ0JEMjhERjhFMEI5RkQ3QzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC13ZDm/P0ERtuJ6eKESjZ76NYm Z6vwmg95+w5leaKa1fvSAu81To7UY9vselGnZdoU+txKZsl8/N349t330eYVmLkt x4dVkHwZVxOtQXZspZtLrWdvwS3Uijk4Au6TbTicEcDycAaEuc4uuUsui8u4DN96 9wrFcTq/TaDlw5yTlSXKD5FjpdrWrkJbYkbAXM4z+qwPBMV++kB92g7bQbLuCoge bIocUitSVhSuNOwF6YiO1cGGQx0FjRbTMRODbVIvrhzLeK4izkHcgYas93ZQg/SR Txa3+pWWn+5COZ9SBDqkXR7x+iR4fPXrGClLbBgFCyxhrOnSXagOxbELx+ytAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUSgCZw2GJ2mgEui/cvSjfjguf18MwHwYDVR0j BBgwFoAUILFclfozUUAtYOlorR2ezSiav/kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MTQxOTNjNC00YWJkLTRlMmMtYTFkMC0xYjVjZTMyZTQyMGIvMC8yMEIxNUM5NUZB MzM1MTQwMkQ2MEU5NjhBRDFEOUVDRDI4OUFCRkY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlFQ0QyODlB QkZGOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDE0MTkzYzQtNGFiZC00ZTJjLWEx ZDAtMWI1Y2UzMmU0MjBiLzAvMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlF Q0QyODlBQkZGOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAI8o7+1M3pRt7jj5xF57UIw+aT0e788+tIyN 2F67CZMJKup6LiLkx26DzVobrV4jCUesAp6owZkBS/dsig2EJ1q6WmqEn7lJCDWU nYl1i4Tnv2NDyOnjbMWkbzz9SP3kjBoSP1Lw3rT5rVRK18YT6h2MQ+r1ZYxvqghf aGfPjXfWhTTgufGoshQkM9AQuv7HoU5KTB2CBUdE+glV9gZIRPXw6olvEKoX1ou7 DJETYIHoxpIqBuGiCu91oZpPG4aIgiGZn++0VNqN0drdsHrMGuFQKyAhMvA3L/kO Uoipby/Gm9t1ljkm+S68zS6CcWU70jHqpsem2wr9da7kB/5TOgY= -----END CERTIFICATE-----Generated at Mon Mar 2 02:28:21 2026 by rpki-client