$ rpki-client -vvf repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft File: D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft (raw, json) Hash identifier: cnwc7qGukaOUQnEkM4szrkbVfamyLbgtKc55JL2zeRo= Subject key identifier: A3:79:6E:34:0D:56:93:CA:0D:2B:AC:68:D0:ED:01:4E:84:F5:92:C5 Authority key identifier: D2:8B:A9:D5:E3:21:93:DE:E2:9E:B4:C1:94:4F:35:FC:32:D8:B1:9B Certificate issuer: /CN=D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B Certificate serial: 03C1F390AA681D43592835B9E768D61A84DFE5A0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft Manifest number: 0120 Signing time: Sat 18 Apr 2026 20:32:22 +0000 Manifest this update: Sat 18 Apr 2026 20:27:22 +0000 Manifest next update: Wed 22 Apr 2026 02:15:22 +0000 Files and hashes: 1: D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.crl (hash: rt/Fx6sJp2Mi134YOeDQuRz20tYeLfpRosoEXWuezoU=) 2: 3130332e38342e3230312e302f32342d3234203d3e20313336303935.roa (hash: 6UTk6qTE+l33r+zdpJdYayRwLX5BpaOtu0Am/wxoORw=) 3: 3130332e38342e3230302e302f32342d3234203d3e20313336303935.roa (hash: ajCQWCbIuLR2rdyLkSz/8WmAOj/J1v9eHfGi8P7WLFg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.crl rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 20:42:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:c1:f3:90:aa:68:1d:43:59:28:35:b9:e7:68:d6:1a:84:df:e5:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B Validity Not Before: Apr 18 20:27:22 2026 GMT Not After : Apr 22 02:15:22 2026 GMT Subject: CN=A3796E340D5693CA0D2BAC68D0ED014E84F592C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:62:ea:2a:e6:5c:75:dc:ce:2a:b8:9e:f7:f2: e2:9e:c2:60:4d:a7:ad:ab:bb:18:12:2d:44:f1:d4: 32:34:1b:45:ed:64:0d:c1:49:5d:22:85:4b:26:46: 31:71:a2:f3:ca:00:80:ec:1a:8b:bf:a9:a4:dc:4f: cd:b6:4f:15:ae:28:35:3d:63:7e:ba:62:d3:68:b7: 85:5e:79:d3:28:13:2e:de:5a:e5:0f:61:e7:14:41: d2:2c:5c:3d:87:f9:f2:d0:c2:11:84:18:33:aa:b9: 55:bf:c3:4a:78:91:dc:39:b3:bd:7c:d2:ec:60:05: 36:64:5b:87:2d:32:d2:f4:c9:59:70:85:37:eb:0b: 0f:04:dd:bc:74:b8:d6:99:63:a4:ae:f8:ae:16:9f: dd:ee:20:d5:41:72:07:1c:76:c5:f7:09:b1:48:c9: 98:fb:a3:7e:87:97:76:a5:73:5c:ef:bf:44:51:36: d1:3b:7a:06:8b:11:8a:d7:a6:be:79:75:9f:44:e8: 89:f5:0c:47:dd:70:7d:b8:f5:28:7c:03:11:88:73: 1f:22:b6:e0:e2:8d:69:0c:46:17:d6:bd:b6:f6:2b: d8:96:5e:28:00:98:32:c2:d6:c2:06:c8:39:eb:3d: d5:c3:15:18:c8:54:01:95:b2:e3:ce:db:59:74:64: a0:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:79:6E:34:0D:56:93:CA:0D:2B:AC:68:D0:ED:01:4E:84:F5:92:C5 X509v3 Authority Key Identifier: keyid:D2:8B:A9:D5:E3:21:93:DE:E2:9E:B4:C1:94:4F:35:FC:32:D8:B1:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:7c:98:f0:7f:ec:ad:04:fb:e4:36:e6:65:c9:4f:4c:89:dd: 8f:90:88:de:95:c0:6d:dc:26:49:43:02:be:5a:85:8c:84:b2: ae:7f:e0:c2:e8:98:dc:bd:af:e1:92:b9:37:57:97:d2:ce:92: d0:2c:f7:10:5d:f6:a8:b6:00:49:af:b7:fa:e5:f3:14:36:0d: 5f:db:10:66:8e:9b:66:1b:3f:cc:87:d7:02:88:7a:a9:2f:1d: 4e:f4:9a:58:0a:c9:17:2c:93:63:92:11:0a:1e:82:bc:48:9e: bd:76:93:cc:67:81:cd:d8:e5:83:03:72:4c:67:8e:29:5e:af: f6:4e:cb:d6:ad:8a:46:5b:22:81:ef:0a:b8:41:a3:63:0b:14: 78:0c:ca:df:4a:f4:2d:47:77:b8:c5:da:58:0b:96:c5:09:3b: b1:30:ea:4e:62:cc:32:6a:2b:01:80:d0:a7:d2:cd:ee:dd:f8: 51:2e:dd:26:64:50:77:c5:ac:81:5f:32:18:bf:0f:3d:1c:be: f8:6e:ab:10:53:f1:43:25:0a:cd:2a:ac:bb:47:6c:96:d8:77: 84:a4:0f:6f:aa:1b:a8:69:46:32:41:70:42:a6:e6:78:ce:fc: 91:93:50:d8:f3:d1:fc:24:8a:83:25:b8:27:61:19:05:c2:e7: fd:77:be:f9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUA8HzkKpoHUNZKDW552jWGoTf5aAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDI4QkE5RDVFMzIxOTNERUUyOUVCNEMxOTQ0RjM1RkMz MkQ4QjE5QjAeFw0yNjA0MTgyMDI3MjJaFw0yNjA0MjIwMjE1MjJaMDMxMTAvBgNV BAMTKEEzNzk2RTM0MEQ1NjkzQ0EwRDJCQUM2OEQwRUQwMTRFODRGNTkyQzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Yuoq5lx13M4quJ738uKewmBN p62ruxgSLUTx1DI0G0XtZA3BSV0ihUsmRjFxovPKAIDsGou/qaTcT822TxWuKDU9 Y366YtNot4VeedMoEy7eWuUPYecUQdIsXD2H+fLQwhGEGDOquVW/w0p4kdw5s718 0uxgBTZkW4ctMtL0yVlwhTfrCw8E3bx0uNaZY6Su+K4Wn93uINVBcgccdsX3CbFI yZj7o36Hl3alc1zvv0RRNtE7egaLEYrXpr55dZ9E6In1DEfdcH249Sh8AxGIcx8i tuDijWkMRhfWvbb2K9iWXigAmDLC1sIGyDnrPdXDFRjIVAGVsuPO21l0ZKB5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUo3luNA1Wk8oNK6xo0O0BToT1ksUwHwYDVR0j BBgwFoAU0oup1eMhk97inrTBlE81/DLYsZswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y NWUyNDE1Yy03ZDRmLTQ0MjctODMyZC01OWI0Yzc5YWFlNWEvMC9EMjhCQTlENUUz MjE5M0RFRTI5RUI0QzE5NDRGMzVGQzMyRDhCMTlCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDI4QkE5RDVFMzIxOTNERUUyOUVCNEMxOTQ0RjM1RkMzMkQ4 QjE5Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjVlMjQxNWMtN2Q0Zi00NDI3LTgz MmQtNTliNGM3OWFhZTVhLzAvRDI4QkE5RDVFMzIxOTNERUUyOUVCNEMxOTQ0RjM1 RkMzMkQ4QjE5Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAB8mPB/7K0E++Q25mXJT0yJ3Y+QiN6VwG3c JklDAr5ahYyEsq5/4MLomNy9r+GSuTdXl9LOktAs9xBd9qi2AEmvt/rl8xQ2DV/b EGaOm2YbP8yH1wKIeqkvHU70mlgKyRcsk2OSEQoegrxInr12k8xngc3Y5YMDckxn jiler/ZOy9atikZbIoHvCrhBo2MLFHgMyt9K9C1Hd7jF2lgLlsUJO7Ew6k5izDJq KwGA0KfSze7d+FEu3SZkUHfFrIFfMhi/Dz0cvvhuqxBT8UMlCs0qrLtHbJbYd4Sk D2+qG6hpRjJBcEKm5njO/JGTUNjz0fwkioMluCdhGQXC5/13vvk= -----END CERTIFICATE-----Generated at Sun Apr 19 10:34:13 2026 by rpki-client