$ rpki-client -vvf repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft File: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft (raw, json) Hash identifier: WuzPj8CRkbDAj2Q8qPGfTOHpg4B3WyY28dFME+5fNrE= Subject key identifier: 24:8E:40:31:1D:2E:41:4C:75:9B:02:56:42:66:E5:38:29:5F:43:79 Authority key identifier: CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C Certificate issuer: /CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Certificate serial: 6B4159DD5D76EC01C898F8ABB40D2CEA05C2AEFC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft Manifest number: 0568 Signing time: Fri 17 Apr 2026 18:11:38 +0000 Manifest this update: Fri 17 Apr 2026 18:06:38 +0000 Manifest next update: Mon 20 Apr 2026 21:22:38 +0000 Files and hashes: 1: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl (hash: XS5KXV3qO+M7cTwRgY7Cif+a+RmW5eNQv1Udfzv8arM=) 2: 323430333a626163303a3a2f33322d3438203d3e20313333383135.roa (hash: bj03wSoaB1PZHhqBBV4Wr4Sjs0onXCgWYauPl2mcWtw=) 3: 3130332e3133302e3133362e302f32322d3234203d3e20313333383135.roa (hash: gDwS3CZNot9PKNbXfgVaxRg3XKEAojqRRjZmWUnIieM=) 4: 323430333a353763303a3a2f33322d3438203d3e20313333383135.roa (hash: qJMxf0aJqdHPfbLPNvUiMxKhq3U6DmyX3ZCQXdLa44w=) 5: 3130332e35322e34342e302f32322d3234203d3e20313333383135.roa (hash: +hHtMHqrRgOxnxPgQ1JDtVaqmRcnzLdlLvloLKvOcZA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 21:22:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:41:59:dd:5d:76:ec:01:c8:98:f8:ab:b4:0d:2c:ea:05:c2:ae:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Validity Not Before: Apr 17 18:06:38 2026 GMT Not After : Apr 20 21:22:38 2026 GMT Subject: CN=248E40311D2E414C759B02564266E538295F4379 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:cc:1b:33:2e:83:76:de:3f:77:80:85:6c:49: 45:8a:a2:98:ae:34:b9:8a:7d:43:f3:ca:fe:8f:49: 50:41:2f:9d:1c:64:22:25:4e:19:40:4f:67:ce:bc: 54:c4:a5:68:25:62:f5:35:d1:bb:99:88:b8:55:28: 7a:af:38:5c:c6:eb:5b:b4:16:28:9d:ff:ff:20:14: 72:dd:67:39:5f:5a:f4:2f:f3:c3:64:3a:57:51:48: b8:63:12:3b:ab:d8:d7:c3:fa:3c:52:bd:e8:c7:56: 75:40:d5:1a:bc:1d:d2:82:d5:4f:ad:e1:72:5b:9f: 8f:87:c5:52:15:bc:84:64:71:bb:85:72:4d:22:01: 2b:68:9f:2a:3d:3c:a8:89:09:8b:32:3a:26:5b:9f: 0e:9d:4c:02:24:06:70:45:ce:11:e8:d6:4f:81:1c: 6b:d0:d5:71:66:9f:d8:65:96:a4:31:90:20:7e:19: 80:ee:bc:9a:e4:76:e1:de:39:af:e6:98:c7:d4:fd: cd:d2:73:cd:50:b8:de:70:6f:45:63:1e:a9:65:13: ee:5b:a4:88:9d:5d:fe:f7:f7:15:9a:20:56:05:e0: b5:16:d6:dc:00:b1:ad:fd:1b:be:67:bc:6a:e2:ae: 01:7e:3f:5a:c0:0a:f7:0d:63:c3:7b:99:8c:5a:77: c3:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:8E:40:31:1D:2E:41:4C:75:9B:02:56:42:66:E5:38:29:5F:43:79 X509v3 Authority Key Identifier: keyid:CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:56:4d:4c:12:24:48:ef:3b:e4:67:90:6d:e5:55:b7:32:b4: 4d:65:25:64:e3:cd:e2:cb:e5:bc:bb:c4:6d:25:b7:ab:ab:7a: 01:f4:2f:6e:95:29:1b:c2:eb:18:17:36:f0:94:9f:be:0b:ff: 35:79:b8:04:90:ba:f7:9a:83:78:ab:b1:e1:e8:5f:50:31:7f: 62:06:26:75:99:a7:91:b0:fc:92:1c:90:fe:d4:b5:fa:a2:d1: d3:47:6f:ef:5e:ab:b0:4e:15:65:2c:78:53:21:1d:0d:29:90: 9e:77:79:eb:ad:71:f1:38:00:56:f9:58:bd:90:b4:e5:f3:65: 8f:f2:4b:33:c0:a1:a0:01:5e:30:8b:d9:4c:8f:be:14:6e:c9: 86:4f:aa:3d:45:c7:dc:a4:2f:52:8a:f5:5c:5e:60:32:70:d7: 36:5b:1d:ca:ca:14:41:06:e8:f9:6a:36:5b:5e:79:43:f1:a2: 3b:11:82:43:7c:92:ea:62:fc:c1:25:67:f9:6d:ad:ea:6e:d0: dd:90:5a:ad:fa:c0:33:02:3c:38:0e:d7:ab:92:5f:8c:7f:88: e4:4f:fe:55:01:2f:dc:0d:e4:73:ca:42:67:54:3c:78:3e:e4: 00:9e:03:28:4d:27:e5:a8:7e:f4:0b:ff:48:8f:12:0a:ca:5a: ba:73:92:73 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUa0FZ3V127AHImPirtA0s6gXCrvwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcw MzEyQUQ1QzAeFw0yNjA0MTcxODA2MzhaFw0yNjA0MjAyMTIyMzhaMDMxMTAvBgNV BAMTKDI0OEU0MDMxMUQyRTQxNEM3NTlCMDI1NjQyNjZFNTM4Mjk1RjQzNzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyzBszLoN23j93gIVsSUWKopiu NLmKfUPzyv6PSVBBL50cZCIlThlAT2fOvFTEpWglYvU10buZiLhVKHqvOFzG61u0 Fiid//8gFHLdZzlfWvQv88NkOldRSLhjEjur2NfD+jxSvejHVnVA1Rq8HdKC1U+t 4XJbn4+HxVIVvIRkcbuFck0iAStonyo9PKiJCYsyOiZbnw6dTAIkBnBFzhHo1k+B HGvQ1XFmn9hllqQxkCB+GYDuvJrkduHeOa/mmMfU/c3Sc81QuN5wb0VjHqllE+5b pIidXf739xWaIFYF4LUW1twAsa39G75nvGrirgF+P1rACvcNY8N7mYxad8OjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUJI5AMR0uQUx1mwJWQmblOClfQ3kwHwYDVR0j BBgwFoAUzqA6B5iRB/VHorKrqmrU5wMSrVwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YTNhZTQ4NS1hNjU4LTRjNWMtYWJlMi0xZTdmZDhiMDM4YTAvMC9DRUEwM0EwNzk4 OTEwN0Y1NDdBMkIyQUJBQTZBRDRFNzAzMTJBRDVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcwMzEy QUQ1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmEzYWU0ODUtYTY1OC00YzVjLWFi ZTItMWU3ZmQ4YjAzOGEwLzAvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0 RTcwMzEyQUQ1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABVWTUwSJEjvO+RnkG3lVbcytE1lJWTjzeLL 5by7xG0lt6uregH0L26VKRvC6xgXNvCUn74L/zV5uASQuveag3irseHoX1Axf2IG JnWZp5Gw/JIckP7Utfqi0dNHb+9eq7BOFWUseFMhHQ0pkJ53eeutcfE4AFb5WL2Q tOXzZY/ySzPAoaABXjCL2UyPvhRuyYZPqj1Fx9ykL1KK9VxeYDJw1zZbHcrKFEEG 6PlqNlteeUPxojsRgkN8kupi/MElZ/ltrepu0N2QWq36wDMCPDgO16uSX4x/iORP /lUBL9wN5HPKQmdUPHg+5ACeAyhNJ+WofvQL/0iPEgrKWrpzknM= -----END CERTIFICATE-----Generated at Fri Apr 17 22:44:35 2026 by rpki-client