$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft File: 821049BBD22C335A50850F16AB159C0C6BCC28E5.mft (raw, json) Hash identifier: pIZ+B5SOUZVbzBiI3rEKUcjr6/m+6824PEEP4uykCFU= Subject key identifier: F2:3F:99:0D:D8:CA:61:85:A8:D6:6C:B4:0F:55:72:B6:51:8E:9D:35 Authority key identifier: 82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 Certificate issuer: /CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Certificate serial: 7E40409471258259B1B9E742626D771AEAA5C004 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft Manifest number: 0289 Signing time: Sun 01 Mar 2026 12:51:51 +0000 Manifest this update: Sun 01 Mar 2026 12:46:51 +0000 Manifest next update: Wed 04 Mar 2026 13:05:51 +0000 Files and hashes: 1: 3130332e32312e39322e302f32342d3234203d3e20313331373338.roa (hash: ndyvXGLmi+s4jvx/l0C4JrK1SIn52emjpfzG2w+2lsw=) 2: 3130332e32312e39332e302f32342d3234203d3e20313331373338.roa (hash: Hx5e9eX/0MDiWg+S8NREaCwOHPQ1Onm3jq45DAvThoc=) 3: 3130332e32312e39342e302f32342d3234203d3e20313331373338.roa (hash: KCUnGn0DyBychM59+lv18yYznYr1wdm5Tf5W0sYTxbE=) 4: 3130332e32312e39352e302f32342d3234203d3e203435323935.roa (hash: WHp6+633q2Em0ghmTjJeCMByUXIoDLeS8IvSNmEh0gE=) 5: 821049BBD22C335A50850F16AB159C0C6BCC28E5.crl (hash: jPQ46Uxfp9wEjLa0D3vLucV1kJBsCiQZ9Zg9lQvi3XY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 13:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:40:40:94:71:25:82:59:b1:b9:e7:42:62:6d:77:1a:ea:a5:c0:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Validity Not Before: Mar 1 12:46:51 2026 GMT Not After : Mar 4 13:05:51 2026 GMT Subject: CN=F23F990DD8CA6185A8D66CB40F5572B6518E9D35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b2:1d:e7:c0:7e:7e:b8:c8:db:7b:06:97:ce: 7e:1a:ca:bf:e1:4c:cb:1e:d7:67:a8:da:59:86:b8: 75:07:94:78:f9:82:8d:c2:6d:fe:1a:a4:2b:b1:e2: 66:f4:5a:84:62:34:70:d4:c3:0a:8b:dc:5f:3d:81: 2f:a7:e1:12:bf:a3:0d:c1:e8:ac:dd:a4:10:bf:50: 0c:1a:2c:9b:e0:4e:9f:58:de:99:83:df:79:08:2e: 1e:83:07:9a:b2:eb:3e:60:1a:2e:27:a7:52:01:29: a1:83:00:4f:16:24:53:bd:7c:d6:88:5c:c8:1a:a7: a4:67:a4:89:cb:c5:dc:45:d4:f2:b5:29:f5:c7:22: b7:55:84:f7:21:3b:de:29:6c:b0:ca:0f:28:75:91: ca:ec:89:47:c2:bb:52:fb:5c:0a:20:8b:f5:2a:e1: 8c:d8:12:25:11:1f:bd:49:06:8f:be:99:3f:5f:54: 2f:13:06:4b:6b:55:d7:9d:50:d5:70:d8:ed:14:39: 24:95:31:07:ce:0b:87:e6:11:b9:01:0b:ce:eb:cf: 75:5e:84:18:a7:fe:aa:6b:00:ee:33:57:f5:65:3b: 54:62:3c:f6:6d:84:ec:76:01:f2:a1:12:75:80:a8: a8:ea:ec:d7:a4:07:78:9b:4e:01:70:5a:6e:24:54: 7d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:3F:99:0D:D8:CA:61:85:A8:D6:6C:B4:0F:55:72:B6:51:8E:9D:35 X509v3 Authority Key Identifier: keyid:82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:d2:32:f0:70:e7:f6:c2:41:99:df:a1:83:8e:45:a3:b7:1d: 8b:da:59:88:2d:4f:17:99:97:5a:00:dc:8f:22:1a:4e:33:ec: 9d:a2:2a:c3:09:d7:65:71:87:55:0b:15:c4:f4:6f:17:00:99: ef:18:b1:6a:dd:ae:b5:7e:2f:4c:b6:33:d2:d2:7e:d2:f8:1f: c6:a0:f6:bd:2c:30:1f:b5:f2:21:6e:44:bb:77:c0:5b:db:60: 46:89:25:b8:a3:66:9d:5f:56:fe:4d:23:db:f8:d7:8f:7e:1c: b2:c5:08:2c:64:31:ee:ea:4c:19:9f:fd:1e:01:c6:4d:0c:d5: be:37:9e:0f:7b:c5:14:3b:2e:23:74:23:d0:cc:d8:31:de:f6: 94:1c:7f:5c:6d:7a:44:eb:bc:e0:ef:2b:5c:06:e0:cb:90:de: d2:7d:32:68:ac:37:73:2a:d5:12:79:ec:45:1f:d6:de:96:c6: 09:27:86:01:79:92:0f:b7:aa:47:5c:ef:01:72:74:62:72:83: d6:f6:fc:fc:7c:65:91:f2:3c:5c:28:ca:39:c2:fa:3f:5d:59: 88:79:79:22:3d:62:a3:a4:59:37:98:fb:08:0f:3a:7f:1e:3c: d4:b9:4f:eb:12:b0:b0:6c:00:68:93:88:38:08:2e:9f:86:a8: a1:6e:59:45 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfkBAlHElglmxuedCYm13GuqlwAQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2 QkNDMjhFNTAeFw0yNjAzMDExMjQ2NTFaFw0yNjAzMDQxMzA1NTFaMDMxMTAvBgNV BAMTKEYyM0Y5OTBERDhDQTYxODVBOEQ2NkNCNDBGNTU3MkI2NTE4RTlEMzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5sh3nwH5+uMjbewaXzn4ayr/h TMse12eo2lmGuHUHlHj5go3Cbf4apCux4mb0WoRiNHDUwwqL3F89gS+n4RK/ow3B 6KzdpBC/UAwaLJvgTp9Y3pmD33kILh6DB5qy6z5gGi4np1IBKaGDAE8WJFO9fNaI XMgap6RnpInLxdxF1PK1KfXHIrdVhPchO94pbLDKDyh1kcrsiUfCu1L7XAogi/Uq 4YzYEiURH71JBo++mT9fVC8TBktrVdedUNVw2O0UOSSVMQfOC4fmEbkBC87rz3Ve hBin/qprAO4zV/VlO1RiPPZthOx2AfKhEnWAqKjq7NekB3ibTgFwWm4kVH3ZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8j+ZDdjKYYWo1my0D1VytlGOnTUwHwYDVR0j BBgwFoAUghBJu9IsM1pQhQ8WqxWcDGvMKOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZGU4ZTE4ZC1hMDQ3LTQ1OTAtOWU1Ni00NjRhNzNlMjNjNmMvMC84MjEwNDlCQkQy MkMzMzVBNTA4NTBGMTZBQjE1OUMwQzZCQ0MyOEU1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2QkND MjhFNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGUxOGQtYTA0Ny00NTkwLTll NTYtNDY0YTczZTIzYzZjLzAvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlD MEM2QkNDMjhFNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAHSMvBw5/bCQZnfoYOORaO3HYvaWYgtTxeZ l1oA3I8iGk4z7J2iKsMJ12Vxh1ULFcT0bxcAme8YsWrdrrV+L0y2M9LSftL4H8ag 9r0sMB+18iFuRLt3wFvbYEaJJbijZp1fVv5NI9v4149+HLLFCCxkMe7qTBmf/R4B xk0M1b43ng97xRQ7LiN0I9DM2DHe9pQcf1xtekTrvODvK1wG4MuQ3tJ9MmisN3Mq 1RJ57EUf1t6WxgknhgF5kg+3qkdc7wFydGJyg9b2/Px8ZZHyPFwoyjnC+j9dWYh5 eSI9YqOkWTeY+wgPOn8ePNS5T+sSsLBsAGiTiDgILp+GqKFuWUU= -----END CERTIFICATE-----Generated at Mon Mar 2 15:39:04 2026 by rpki-client