$ rpki-client -vvf repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft File: D68CA7C6F514D7168C00790717FB869AF68B125E.mft (raw, json) Hash identifier: wZf31CjPGBf52JqDsMfzeDta869+4ujw/E3g359YqGE= Subject key identifier: 5B:D5:C1:E3:6C:C8:4E:46:F0:8F:2E:09:AF:CB:12:A8:4C:32:ED:45 Authority key identifier: D6:8C:A7:C6:F5:14:D7:16:8C:00:79:07:17:FB:86:9A:F6:8B:12:5E Certificate issuer: /CN=D68CA7C6F514D7168C00790717FB869AF68B125E Certificate serial: 39C55EB29EDCD454661C2E371D4332CAD592D504 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft Manifest number: 02AE Signing time: Wed 15 Apr 2026 12:11:00 +0000 Manifest this update: Wed 15 Apr 2026 12:06:00 +0000 Manifest next update: Sat 18 Apr 2026 17:35:00 +0000 Files and hashes: 1: 3130332e3134322e3235342e302f32332d3234203d3e203435333035.roa (hash: lrzBfqehJUlOwQPEPsr6iJ4tqPpR4/esNBwJ2KIVmbs=) 2: 3130332e3134322e3235342e302f32342d3234203d3e20313339333831.roa (hash: xpJYN2koDz6242yH404bncg8zalibRwq73KpJsJcVB8=) 3: 3130332e3134322e3235342e302f32332d3234203d3e20313339333831.roa (hash: gV2Q8xF8XiWikE1+w9yu7jENKeKHaDELW9P6oOlSzDE=) 4: 3130332e3134322e3235352e302f32342d3234203d3e203435333035.roa (hash: I16OAIVcV3yFbOc/TMvL7PaH1iG60q5zXTLP+nVnvjI=) 5: D68CA7C6F514D7168C00790717FB869AF68B125E.crl (hash: 9fBZG5yplUmXVQC/XQ9gVSf4ErgQCAOZDfVmJCkBS1g=) 6: 323030313a6466313a363338303a3a2f34382d3438203d3e203435333035.roa (hash: LcQ4CetZUkMH7Rvj9sVRz+nMJ5rJbPUeEXrVNt9jxkA=) 7: 3130332e3134322e3235342e302f32342d3234203d3e203435333035.roa (hash: eJA0++OLa3UdGPpoOUqZv74371ixeJ+IVvYxJZnXXyk=) 8: 323030313a6466313a363338303a3a2f34382d3438203d3e20313339333831.roa (hash: vuTTJNURLP5vgJImsWTQOQLshtByIl8yIWAQC+TExAY=) 9: 3130332e3134322e3235352e302f32342d3234203d3e20313339333831.roa (hash: tArDMQ0CljWlxInpOnDNWhLbYH4HF1sjePzkXRXnEac=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.crl rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 17:35:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:c5:5e:b2:9e:dc:d4:54:66:1c:2e:37:1d:43:32:ca:d5:92:d5:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D68CA7C6F514D7168C00790717FB869AF68B125E Validity Not Before: Apr 15 12:06:00 2026 GMT Not After : Apr 18 17:35:00 2026 GMT Subject: CN=5BD5C1E36CC84E46F08F2E09AFCB12A84C32ED45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:52:e9:8c:ba:ce:93:1b:2b:3b:a5:c6:67:72: ae:5d:4e:9b:13:8a:42:4a:67:dd:2a:50:33:dd:17: d9:36:c2:16:af:c3:16:02:eb:99:63:0c:ea:8e:c3: 20:2f:c5:aa:46:3a:0a:11:77:b7:e5:52:61:c5:6d: 24:69:ef:cc:d5:1e:17:8d:96:f6:92:b6:dd:a0:0f: 9f:02:82:cc:bc:bd:bc:26:d6:ea:4a:46:fc:b9:97: 49:90:5a:8f:cb:94:95:a9:bd:95:36:1c:27:fb:60: 36:48:17:77:18:38:0a:c5:d3:78:f1:b5:e6:a0:92: 90:9b:4b:84:8d:cc:ee:6e:4c:18:d5:55:da:67:70: d3:98:43:0e:7b:f4:7c:67:d1:b3:09:9b:5f:94:1e: b4:9e:71:b8:94:af:c7:5f:75:f1:5c:38:43:2c:0c: b5:33:c6:55:86:b3:89:8d:d3:00:3c:2e:16:cf:82: 79:9f:ba:47:c4:6a:43:e8:c0:8f:62:dd:06:9a:63: 42:54:bc:13:d7:ba:fd:16:13:a7:7e:30:8f:be:43: 64:3d:d2:5a:0b:09:6f:bb:48:af:e2:52:b6:6a:41: 48:c6:f3:5d:6d:d4:da:79:61:be:f5:46:22:a3:07: d2:b5:99:76:34:db:1f:5d:8e:34:08:28:38:c0:d7: 94:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:D5:C1:E3:6C:C8:4E:46:F0:8F:2E:09:AF:CB:12:A8:4C:32:ED:45 X509v3 Authority Key Identifier: keyid:D6:8C:A7:C6:F5:14:D7:16:8C:00:79:07:17:FB:86:9A:F6:8B:12:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:77:6e:28:1c:41:b6:45:65:41:e4:62:ea:53:86:20:53:25: aa:a7:f2:fc:56:aa:5b:86:61:5c:75:20:1c:fa:74:c0:b0:7b: 9f:6d:52:a5:59:0f:5f:11:b5:5c:e2:79:8f:c5:45:20:19:68: 34:9f:ac:84:ae:ca:de:97:3f:fc:28:ac:3f:4f:66:cb:5c:3a: 6c:0b:30:d6:81:21:b0:c2:ca:b9:b3:ed:38:ae:0e:d5:25:0f: fc:f2:fb:0e:8f:54:e4:6c:47:0b:52:40:49:ef:67:b5:73:dc: ee:5c:84:3e:f5:53:05:e0:79:25:c0:eb:45:65:49:a7:00:a6: 6b:44:cc:7f:81:ff:a1:c4:5e:0e:c8:87:59:fa:5c:ee:c1:b9: 50:b8:de:e1:ae:04:40:7c:c3:00:00:70:28:20:fd:7a:b2:1b: cf:85:29:39:cc:f3:c3:16:f4:3e:11:44:b9:06:33:2f:6d:f4: a6:2f:9e:50:d4:8a:4f:b6:98:8d:f0:07:54:fe:89:5c:79:43: 11:23:8a:c2:c6:1f:21:32:33:65:b8:e9:cd:0c:75:3b:1c:f2: e7:08:3a:2d:21:2f:e2:40:f0:13:0c:a9:3c:c8:2d:12:a3:2c: e2:f2:9e:e9:0d:cd:ca:b5:1e:95:95:54:66:fa:6d:fe:87:29: 1a:cb:96:70 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOcVesp7c1FRmHC43HUMyytWS1QQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2OUFG NjhCMTI1RTAeFw0yNjA0MTUxMjA2MDBaFw0yNjA0MTgxNzM1MDBaMDMxMTAvBgNV BAMTKDVCRDVDMUUzNkNDODRFNDZGMDhGMkUwOUFGQ0IxMkE4NEMzMkVENDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLUumMus6TGys7pcZncq5dTpsT ikJKZ90qUDPdF9k2whavwxYC65ljDOqOwyAvxapGOgoRd7flUmHFbSRp78zVHheN lvaStt2gD58Cgsy8vbwm1upKRvy5l0mQWo/LlJWpvZU2HCf7YDZIF3cYOArF03jx teagkpCbS4SNzO5uTBjVVdpncNOYQw579Hxn0bMJm1+UHrSecbiUr8dfdfFcOEMs DLUzxlWGs4mN0wA8LhbPgnmfukfEakPowI9i3QaaY0JUvBPXuv0WE6d+MI++Q2Q9 0loLCW+7SK/iUrZqQUjG811t1Np5Yb71RiKjB9K1mXY02x9djjQIKDjA15QDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUW9XB42zITkbwjy4Jr8sSqEwy7UUwHwYDVR0j BBgwFoAU1oynxvUU1xaMAHkHF/uGmvaLEl4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZGRjMWRkOC02ZDI1LTQ3YzctYWFhNC1iZGRmMWI5ZDY3N2UvMC9ENjhDQTdDNkY1 MTRENzE2OEMwMDc5MDcxN0ZCODY5QUY2OEIxMjVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2OUFGNjhC MTI1RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWRkYzFkZDgtNmQyNS00N2M3LWFh YTQtYmRkZjFiOWQ2NzdlLzAvRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2 OUFGNjhCMTI1RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADp3bigcQbZFZUHkYupThiBTJaqn8vxWqluG YVx1IBz6dMCwe59tUqVZD18RtVzieY/FRSAZaDSfrISuyt6XP/worD9PZstcOmwL MNaBIbDCyrmz7TiuDtUlD/zy+w6PVORsRwtSQEnvZ7Vz3O5chD71UwXgeSXA60Vl SacApmtEzH+B/6HEXg7Ih1n6XO7BuVC43uGuBEB8wwAAcCgg/XqyG8+FKTnM88MW 9D4RRLkGMy9t9KYvnlDUik+2mI3wB1T+iVx5QxEjisLGHyEyM2W46c0MdTsc8ucI Oi0hL+JA8BMMqTzILRKjLOLynukNzcq1HpWVVGb6bf6HKRrLlnA= -----END CERTIFICATE-----Generated at Fri Apr 17 15:21:19 2026 by rpki-client