$ rpki-client -vvf repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft File: 228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft (raw, json) Hash identifier: QQb1NEx0wZ14uWyBDFrPsTjnjJhDQch2gINCCmhRxPI= Subject key identifier: BB:61:AC:09:A6:FA:C3:44:18:49:42:01:EE:A3:1F:8F:27:79:3E:F9 Authority key identifier: 22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 Certificate issuer: /CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Certificate serial: 1FAEC4B4A650AC11A765502DB7C082388EEABA7D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer Subject info access: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft Manifest number: 024D Signing time: Fri 17 Apr 2026 13:11:32 +0000 Manifest this update: Fri 17 Apr 2026 13:06:32 +0000 Manifest next update: Mon 20 Apr 2026 20:42:32 +0000 Files and hashes: 1: 3131392e34372e39302e302f32342d3234203d3e203338353237.roa (hash: I3DXvvonrBchTQI06S4LkT6TVSxWcWBTNXL8OzRmw6c=) 2: 3132342e3130392e32332e302f32342d3234203d3e203538333738.roa (hash: E8p39FK+OhNYyY8SwwTjQ8JEs2K6blfiyf4IMTEJdyY=) 3: 3130332e32352e3130382e302f32342d3234203d3e20313332363334.roa (hash: fBDOlCYFIj49Ll99j2HPW9RAkablwrcxgHTldEFv/Jk=) 4: 3132342e3130392e32322e302f32342d3234203d3e20313431313037.roa (hash: B91fipTOFpAzkFwpO49IAHAPfA5wpoTEbowTI/TzKsk=) 5: 3131392e34372e39352e302f32342d3234203d3e20313439343039.roa (hash: IOQi+x8HL04tSdZdkybbwTiZjcbDVMFrGx/+Tn9mObQ=) 6: 3131392e34372e38392e302f32342d3234203d3e203338353237.roa (hash: M5eMsMOetidsRy/C8PwAw9YejdbuLdHg+PDsTMdviAE=) 7: 32372e3132342e38332e302f32342d3234203d3e20313332363334.roa (hash: 2EEYdzWr91JIl7YnldqA+u9ZlAli1CH0l6dUJ+oRlZU=) 8: 3131392e34372e38382e302f32342d3234203d3e203338353237.roa (hash: ZHYZolADCQ3Nh0kSpTOhEiQyqWLeuJaaRLk6yahYzfE=) 9: 228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl (hash: /QVMeaQUgMDdBA6wFHHvVN3ALddU4XV+rpsiK7hd3b4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 20:07:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:ae:c4:b4:a6:50:ac:11:a7:65:50:2d:b7:c0:82:38:8e:ea:ba:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Validity Not Before: Apr 17 13:06:32 2026 GMT Not After : Apr 20 20:42:32 2026 GMT Subject: CN=BB61AC09A6FAC34418494201EEA31F8F27793EF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:03:a5:8d:22:79:5f:11:75:76:ef:89:a5:dc: 4d:ad:e2:20:a1:fd:ae:0f:cf:1d:78:48:49:3b:63: 34:2b:43:6b:09:ea:1d:01:5f:42:ee:3d:e8:96:02: 0c:a6:a8:0a:83:5b:19:21:2c:34:1e:d8:cd:72:29: 33:fe:71:4c:3a:51:3d:83:99:b1:2d:9b:05:85:b5: 43:d2:c0:d9:11:e7:19:25:a6:c3:6a:79:65:31:0e: 57:75:19:c7:af:d8:4a:a0:25:f7:a0:2a:4c:81:26: 30:24:03:59:c0:ad:9f:d9:69:40:94:94:81:94:e9: 60:b4:77:6f:3f:cf:90:bb:54:b3:ad:d2:c0:b4:62: 9e:69:ec:3c:05:a0:3a:de:b3:75:c5:71:2f:18:bc: 39:20:68:ee:2e:f7:b5:ad:9b:55:13:70:d9:c8:57: 65:9a:2c:60:d2:95:c1:77:06:1a:4b:f2:94:27:7f: 0b:aa:60:b4:16:cd:d2:20:3d:ff:53:ad:6f:bb:34: ae:c1:fc:4d:88:ef:d5:91:fb:a6:24:b5:7e:99:80: b9:c3:6a:9f:13:29:7a:a7:fc:ce:2d:a3:32:ad:bb: 8e:cb:21:4e:c1:64:a3:9d:fb:b2:1f:17:70:5e:01: 18:bd:cc:6c:21:bd:28:d8:9d:89:6a:f5:a7:29:17: 29:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:61:AC:09:A6:FA:C3:44:18:49:42:01:EE:A3:1F:8F:27:79:3E:F9 X509v3 Authority Key Identifier: keyid:22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:29:a8:26:d6:15:67:7b:9d:da:0f:15:db:74:9f:62:6f:77: 8c:ce:eb:df:04:3c:d9:bc:65:cf:d2:53:dd:ab:b2:a3:fa:e1: 56:f4:5b:f9:f6:a7:39:85:ac:f7:99:cf:2e:37:27:e3:3c:76: 3c:be:48:be:9d:28:ba:76:14:70:54:64:48:4b:70:ce:37:25: 31:a5:ae:82:9a:8c:36:af:73:8b:d6:bf:87:96:b2:c9:30:aa: 39:5a:5f:da:36:0b:13:30:3d:1a:8d:3a:25:f0:4f:a6:ef:ae: 62:34:c2:f7:1a:5c:b6:4c:2c:8e:e3:6e:05:3d:07:96:69:aa: b5:53:99:9c:f8:ef:89:05:24:4b:cc:67:14:fb:0f:4c:67:31: af:55:f9:d1:b3:d1:b9:5d:01:d3:c4:c0:b4:67:4f:8e:f7:f9: 1d:7d:b4:d3:eb:2d:1e:4c:73:b4:1d:1c:e8:02:93:89:e7:d2: 6d:ae:1b:db:25:32:45:91:0e:00:3f:95:d8:89:05:78:19:b1: 7a:d9:26:17:df:01:e7:36:41:bd:92:f0:7b:62:73:90:61:4a: 52:b2:ee:10:fa:5b:3b:89:69:f6:8d:10:9a:4e:b8:c4:7f:fa: 37:ac:ee:4b:8e:a4:ee:06:8c:ff:d9:53:48:00:3b:c0:20:8d: 50:d7:75:f8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUH67EtKZQrBGnZVAtt8CCOI7qun0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBD RjlBNjQ3MzAeFw0yNjA0MTcxMzA2MzJaFw0yNjA0MjAyMDQyMzJaMDMxMTAvBgNV BAMTKEJCNjFBQzA5QTZGQUMzNDQxODQ5NDIwMUVFQTMxRjhGMjc3OTNFRjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFA6WNInlfEXV274ml3E2t4iCh /a4Pzx14SEk7YzQrQ2sJ6h0BX0LuPeiWAgymqAqDWxkhLDQe2M1yKTP+cUw6UT2D mbEtmwWFtUPSwNkR5xklpsNqeWUxDld1Gcev2EqgJfegKkyBJjAkA1nArZ/ZaUCU lIGU6WC0d28/z5C7VLOt0sC0Yp5p7DwFoDres3XFcS8YvDkgaO4u97Wtm1UTcNnI V2WaLGDSlcF3BhpL8pQnfwuqYLQWzdIgPf9TrW+7NK7B/E2I79WR+6YktX6ZgLnD ap8TKXqn/M4tozKtu47LIU7BZKOd+7IfF3BeARi9zGwhvSjYnYlq9acpFykNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUu2GsCab6w0QYSUIB7qMfjyd5PvkwHwYDVR0j BBgwFoAUIo51K7+4wWs7RvPTiOztUM+aZHMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MTdlZmQyYS0wMmFiLTQyMDItOTcwZi1mNjk5ZGZmOTdkZTUvMC8yMjhFNzUyQkJG QjhDMTZCM0I0NkYzRDM4OEVDRUQ1MENGOUE2NDczLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBDRjlB NjQ3My5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzE3ZWZkMmEtMDJhYi00MjAyLTk3 MGYtZjY5OWRmZjk3ZGU1LzAvMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VE NTBDRjlBNjQ3My5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJMpqCbWFWd7ndoPFdt0n2Jvd4zO698EPNm8 Zc/SU92rsqP64Vb0W/n2pzmFrPeZzy43J+M8djy+SL6dKLp2FHBUZEhLcM43JTGl roKajDavc4vWv4eWsskwqjlaX9o2CxMwPRqNOiXwT6bvrmI0wvcaXLZMLI7jbgU9 B5ZpqrVTmZz474kFJEvMZxT7D0xnMa9V+dGz0bldAdPEwLRnT473+R19tNPrLR5M c7QdHOgCk4nn0m2uG9slMkWRDgA/ldiJBXgZsXrZJhffAec2Qb2S8Htic5BhSlKy 7hD6WzuJafaNEJpOuMR/+jes7kuOpO4GjP/ZU0gAO8AgjVDXdfg= -----END CERTIFICATE-----Generated at Fri Apr 17 19:51:56 2026 by rpki-client