$ rpki-client -vvf repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft File: D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft (raw, json) Hash identifier: Wa2ABBYiV3UAjigqgDNGDhYpZ0S6655LRDA+TAneuYE= Subject key identifier: 64:96:83:69:9F:4F:C5:4D:17:3A:1A:AB:77:6A:C7:C0:8C:BA:78:BB Authority key identifier: D2:24:8A:04:D9:94:A2:56:9A:8F:F6:45:D4:B0:25:A9:F7:CB:2F:E7 Certificate issuer: /CN=D2248A04D994A2569A8FF645D4B025A9F7CB2FE7 Certificate serial: 068CE2236203FD6476228AC6270E4A207E61DC21 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft Manifest number: 02AA Signing time: Fri 17 Apr 2026 16:31:36 +0000 Manifest this update: Fri 17 Apr 2026 16:26:36 +0000 Manifest next update: Tue 21 Apr 2026 04:14:36 +0000 Files and hashes: 1: D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl (hash: Q6fao3AluwnXpWJ44eEz4B8oXCadHY/BCXsP8ntFPNs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 04:14:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:8c:e2:23:62:03:fd:64:76:22:8a:c6:27:0e:4a:20:7e:61:dc:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2248A04D994A2569A8FF645D4B025A9F7CB2FE7 Validity Not Before: Apr 17 16:26:36 2026 GMT Not After : Apr 21 04:14:36 2026 GMT Subject: CN=649683699F4FC54D173A1AAB776AC7C08CBA78BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c2:34:81:86:69:82:4a:f7:ba:aa:b6:58:d9: 83:f7:97:6c:10:11:ad:54:5e:57:aa:fc:6e:ec:54: 24:c8:26:f7:c2:73:c3:c8:e8:93:4d:17:8c:82:b1: af:95:39:ed:fb:92:2c:ae:70:b1:b2:b1:75:af:81: 97:a2:43:11:da:e9:98:51:9c:3f:f1:6f:bc:2e:85: c5:8f:a3:bc:77:7d:a5:5c:67:98:b6:75:2d:8d:a1: 34:a4:c4:c5:3f:d8:ab:b9:56:69:f3:d7:7b:1e:0b: 0c:31:a2:c7:a1:4f:0e:57:1b:ef:dd:d0:fd:e1:1d: 2b:f1:3e:64:20:db:4d:38:54:04:1c:9f:02:84:03: 62:24:23:dc:44:e4:33:ff:e0:9b:67:69:26:26:2c: 86:b2:29:c6:de:d7:5d:5c:df:5b:dc:05:c9:e9:5f: 2f:0b:1f:49:e8:b9:90:b5:fb:4a:2d:b1:85:b5:de: 92:f5:5d:02:43:2f:ff:03:2d:d0:69:ec:8b:19:ed: c9:c4:1e:84:45:ff:bf:5e:fa:15:0f:f2:e8:6c:0e: 52:8d:84:a2:7d:95:19:43:c7:e3:0e:ba:1c:5d:44: 0b:74:8e:35:1c:b7:e4:dd:89:37:d4:54:78:b0:6a: 8f:14:f8:ca:a6:22:cd:c4:f4:0a:aa:74:e0:5c:df: 92:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:96:83:69:9F:4F:C5:4D:17:3A:1A:AB:77:6A:C7:C0:8C:BA:78:BB X509v3 Authority Key Identifier: keyid:D2:24:8A:04:D9:94:A2:56:9A:8F:F6:45:D4:B0:25:A9:F7:CB:2F:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:c9:ff:1f:70:b1:d3:ec:2b:68:72:f4:3f:dd:64:e4:3c:24: 8b:59:77:0f:85:6e:ba:98:ce:3a:98:9f:89:15:bd:a8:4c:7b: 1a:37:6c:6a:b1:b4:69:53:56:6f:da:5b:75:ba:ca:14:86:3a: bd:5a:01:84:a5:51:a2:3c:87:4b:d3:d0:4b:b8:6d:86:2d:5a: 92:dc:d1:8a:db:30:aa:f8:bf:0a:72:8d:9d:c5:85:88:69:e5: 4d:19:86:54:a1:e7:f9:b9:8d:14:80:0a:72:f3:7a:fa:62:92: 08:6c:95:fe:ea:71:81:4f:0b:d7:cf:d6:21:39:d3:22:8e:35: 1c:b5:f9:1c:f1:6f:8d:9b:96:22:5d:5a:77:0a:a7:25:46:4c: e6:c7:1a:e2:02:f5:b5:2d:8c:4b:9d:9d:16:d5:3b:61:5c:6b: 0c:2d:e4:cb:ce:b4:a3:3d:da:2f:cc:ff:d4:08:cd:ac:4d:f4: 6e:79:e4:ff:8b:20:cf:c3:27:1e:6b:1d:ff:ca:a8:ce:64:1d: b9:d7:57:51:b3:93:ae:09:ae:8e:4b:63:11:00:c5:44:23:29: f9:af:af:23:34:de:70:36:f9:69:d3:06:75:62:a0:05:52:93: 6c:7a:c1:57:f0:cf:d2:34:95:31:46:57:6a:1e:3b:25:da:40: 52:09:80:6e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBoziI2ID/WR2IorGJw5KIH5h3CEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1QTlG N0NCMkZFNzAeFw0yNjA0MTcxNjI2MzZaFw0yNjA0MjEwNDE0MzZaMDMxMTAvBgNV BAMTKDY0OTY4MzY5OUY0RkM1NEQxNzNBMUFBQjc3NkFDN0MwOENCQTc4QkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9wjSBhmmCSve6qrZY2YP3l2wQ Ea1UXleq/G7sVCTIJvfCc8PI6JNNF4yCsa+VOe37kiyucLGysXWvgZeiQxHa6ZhR nD/xb7wuhcWPo7x3faVcZ5i2dS2NoTSkxMU/2Ku5Vmnz13seCwwxosehTw5XG+/d 0P3hHSvxPmQg2004VAQcnwKEA2IkI9xE5DP/4JtnaSYmLIayKcbe111c31vcBcnp Xy8LH0nouZC1+0otsYW13pL1XQJDL/8DLdBp7IsZ7cnEHoRF/79e+hUP8uhsDlKN hKJ9lRlDx+MOuhxdRAt0jjUct+TdiTfUVHiwao8U+MqmIs3E9AqqdOBc35IBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZJaDaZ9PxU0XOhqrd2rHwIy6eLswHwYDVR0j BBgwFoAU0iSKBNmUolaaj/ZF1LAlqffLL+cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTNjYzJjMS0xNDZjLTQ4YTktYjAwMy03YmQ4MzgyMjA4NGQvMC9EMjI0OEEwNEQ5 OTRBMjU2OUE4RkY2NDVENEIwMjVBOUY3Q0IyRkU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1QTlGN0NC MkZFNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWEzY2MyYzEtMTQ2Yy00OGE5LWIw MDMtN2JkODM4MjIwODRkLzAvRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1 QTlGN0NCMkZFNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFbJ/x9wsdPsK2hy9D/dZOQ8JItZdw+FbrqY zjqYn4kVvahMexo3bGqxtGlTVm/aW3W6yhSGOr1aAYSlUaI8h0vT0Eu4bYYtWpLc 0YrbMKr4vwpyjZ3FhYhp5U0ZhlSh5/m5jRSACnLzevpikghslf7qcYFPC9fP1iE5 0yKONRy1+Rzxb42bliJdWncKpyVGTObHGuIC9bUtjEudnRbVO2Fcawwt5MvOtKM9 2i/M/9QIzaxN9G555P+LIM/DJx5rHf/KqM5kHbnXV1Gzk64Jro5LYxEAxUQjKfmv ryM03nA2+WnTBnVioAVSk2x6wVfwz9I0lTFGV2oeOyXaQFIJgG4= -----END CERTIFICATE-----Generated at Sun Apr 19 11:39:05 2026 by rpki-client