$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: xok7/C95dDvxliGLFav/mKXsetwdR9oOjlDDxDi4IhI= Subject key identifier: 0E:6E:D0:5E:23:06:0F:FD:44:44:84:90:17:AB:9B:60:D2:26:76:BA Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 498FC409495EAD8DDFED8950250F28197C9CBFC0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: FF Signing time: Thu 16 Apr 2026 18:42:41 +0000 Manifest this update: Thu 16 Apr 2026 18:37:41 +0000 Manifest next update: Mon 20 Apr 2026 00:16:41 +0000 Files and hashes: 1: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: cpPhHqvR/mK5X6ii+hCN/lHFVodeZg1k+IRhSorFSbk=) 2: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: I98r/YvoKJnqIbKebXKfBKywu1BzE/FQD60HTUreMMU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 00:16:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:8f:c4:09:49:5e:ad:8d:df:ed:89:50:25:0f:28:19:7c:9c:bf:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Apr 16 18:37:41 2026 GMT Not After : Apr 20 00:16:41 2026 GMT Subject: CN=0E6ED05E23060FFD4444849017AB9B60D22676BA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:80:8e:95:68:41:6d:fd:ab:ba:54:8d:3d:53: c4:06:57:a4:17:bf:1a:12:a9:d0:16:4c:14:b2:0b: c2:ca:02:c8:81:9b:5e:c7:72:95:9f:b5:0e:4e:46: 31:b0:4b:71:97:ea:38:0e:e2:b8:a5:09:b7:fa:73: 9d:0f:bd:5c:b6:9f:1f:ab:93:87:05:53:13:6c:ac: 34:7f:1c:2e:40:ac:d1:94:d7:7b:e4:ab:38:9c:18: df:e1:e9:ad:08:f2:5b:f7:c1:56:4a:21:bc:db:6f: 6c:f6:98:80:f0:85:58:4e:df:29:a5:f2:b3:12:42: 34:73:7c:4e:b9:c4:41:e2:18:e8:96:59:8f:46:ab: f5:3c:60:09:f7:d1:e8:69:b9:bd:db:54:db:fd:60: c8:52:5f:1e:fb:d1:6a:d1:e7:1e:c2:ee:f7:56:3a: 2f:4c:d7:18:ce:24:ad:e6:ba:f2:de:a1:2f:b7:d5: ab:c1:ad:c6:61:e1:63:27:c7:6e:13:75:10:37:27: ee:2a:82:64:d6:a5:a7:5c:09:db:5d:ff:78:27:0a: 67:52:ff:45:45:8e:4b:8a:d7:c6:29:9e:cc:e9:55: fd:9b:f7:34:76:8a:0f:f3:f1:2d:f7:ae:fa:94:61: f1:db:08:3d:56:3e:d6:7f:af:1c:7e:7b:81:b1:f0: 47:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:6E:D0:5E:23:06:0F:FD:44:44:84:90:17:AB:9B:60:D2:26:76:BA X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:5a:48:4f:ae:75:c7:12:62:d7:a2:68:1a:58:b4:40:a4:ff: f1:4b:58:3e:5d:88:67:0a:32:f0:5a:83:47:bc:be:5b:98:f3: af:00:4e:b5:54:a6:d9:b1:91:32:75:15:20:20:65:8f:8b:d4: 17:1d:f5:c5:e9:28:29:b4:f1:dc:40:d0:80:f2:15:ee:c3:f6: d9:dc:70:d8:b1:8f:a5:ed:34:3d:fe:76:80:a6:9d:29:6f:8f: 6d:2e:29:ab:c4:f1:31:38:46:ea:5b:76:6b:1d:00:e9:89:ba: 34:0f:4d:0d:fb:d1:f9:01:04:00:c0:d1:e3:a2:22:1c:29:56: 72:62:f5:a2:8d:92:c5:05:79:25:21:74:c5:42:df:24:24:c3: ca:4c:6d:b9:0e:5b:1d:9e:da:f3:25:a3:86:a7:17:c8:e2:a0: 33:9e:de:70:46:80:45:59:09:ff:c8:1c:64:90:db:61:c9:bf: cb:be:e9:28:30:4b:9d:0a:bf:28:e9:f7:1a:2e:55:a0:f6:68: 5f:14:90:a5:54:f2:a9:d1:ab:01:14:25:02:aa:bf:10:5b:ca: 78:41:03:a2:39:cf:0f:9b:ec:a4:a0:5f:4e:16:fd:d4:71:07: 88:38:d0:5e:eb:2b:9c:05:73:cc:3c:44:87:59:82:d5:5d:40: 21:88:66:af -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSY/ECUlerY3f7YlQJQ8oGXycv8AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNjA0MTYxODM3NDFaFw0yNjA0MjAwMDE2NDFaMDMxMTAvBgNV BAMTKDBFNkVEMDVFMjMwNjBGRkQ0NDQ0ODQ5MDE3QUI5QjYwRDIyNjc2QkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEgI6VaEFt/au6VI09U8QGV6QX vxoSqdAWTBSyC8LKAsiBm17HcpWftQ5ORjGwS3GX6jgO4rilCbf6c50PvVy2nx+r k4cFUxNsrDR/HC5ArNGU13vkqzicGN/h6a0I8lv3wVZKIbzbb2z2mIDwhVhO3yml 8rMSQjRzfE65xEHiGOiWWY9Gq/U8YAn30ehpub3bVNv9YMhSXx770WrR5x7C7vdW Oi9M1xjOJK3muvLeoS+31avBrcZh4WMnx24TdRA3J+4qgmTWpadcCdtd/3gnCmdS /0VFjkuK18YpnszpVf2b9zR2ig/z8S33rvqUYfHbCD1WPtZ/rxx+e4Gx8EenAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUDm7QXiMGD/1ERISQF6ubYNImdrowHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHhaSE+udccSYteiaBpYtECk//FLWD5diGcK MvBag0e8vluY868ATrVUptmxkTJ1FSAgZY+L1Bcd9cXpKCm08dxA0IDyFe7D9tnc cNixj6XtND3+doCmnSlvj20uKavE8TE4RupbdmsdAOmJujQPTQ370fkBBADA0eOi IhwpVnJi9aKNksUFeSUhdMVC3yQkw8pMbbkOWx2e2vMlo4anF8jioDOe3nBGgEVZ Cf/IHGSQ22HJv8u+6SgwS50Kvyjp9xouVaD2aF8UkKVU8qnRqwEUJQKqvxBbynhB A6I5zw+b7KSgX04W/dRxB4g40F7rK5wFc8w8RIdZgtVdQCGIZq8= -----END CERTIFICATE-----Generated at Fri Apr 17 12:33:37 2026 by rpki-client