$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: /ZnCcb7mQ+EdCGmJ0z14iBTA/JSYo8/6JPrdVMQCjmw= Subject key identifier: 87:D4:85:DA:CC:B3:AB:D6:0F:C8:E2:8D:A2:A9:75:5F:EB:3A:D4:04 Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 595A06B45D5CA85B4BB9981DAD1131DE1C75D694 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 027F Signing time: Fri 17 Apr 2026 16:02:03 +0000 Manifest this update: Fri 17 Apr 2026 15:57:03 +0000 Manifest next update: Mon 20 Apr 2026 19:11:03 +0000 Files and hashes: 1: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: EUJ+NidSX8z/L4F41jQi2ipTbQ98l0LbApy2kNhUwcs=) 2: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: HNI0ArO+KsvaMgGqtyRRpqs1evvFTKgd+Siy8K2ur7A=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 19:11:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:5a:06:b4:5d:5c:a8:5b:4b:b9:98:1d:ad:11:31:de:1c:75:d6:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Apr 17 15:57:03 2026 GMT Not After : Apr 20 19:11:03 2026 GMT Subject: CN=87D485DACCB3ABD60FC8E28DA2A9755FEB3AD404 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:17:69:0d:0c:b8:34:8c:5b:e5:ed:8b:94:c6: ab:6e:c1:4f:0a:73:79:e8:81:2e:01:df:d3:ec:c7: 65:45:f6:ed:28:c6:1a:da:14:2c:fe:70:4a:cc:68: 53:6f:9b:33:9a:76:0e:71:79:f2:11:b2:6d:79:6e: 54:5d:38:19:d2:c9:14:0e:a4:19:91:bb:6e:65:11: 98:29:bc:40:7e:a8:dc:20:74:70:01:8d:91:73:b9: 02:62:0b:41:20:3c:ef:7f:f0:2b:25:ab:70:2b:31: b9:f0:be:97:44:f3:00:d4:f7:7c:fe:40:f9:e4:b6: ea:2b:eb:9e:f3:fe:ac:d5:2d:be:f6:53:bf:07:95: ba:67:57:78:6d:6c:00:4f:ff:29:0d:ec:b4:f5:d2: b6:34:4b:70:85:d3:eb:39:40:ce:1d:6f:30:83:75: 0b:b1:9c:71:de:0c:5d:32:21:8d:0d:60:a4:38:3e: ed:83:65:72:7b:da:bd:67:4b:88:1d:1b:83:b7:96: 08:c6:bc:38:63:41:82:c5:c3:4a:f1:e5:46:4f:db: 52:cf:48:a1:c7:20:09:ac:5a:ac:d5:49:3a:cb:30: 20:bb:6f:79:1c:5b:56:ba:84:ce:30:b5:b4:ea:b7: a5:66:df:81:79:8c:3b:69:94:1b:83:e0:c2:81:c8: b9:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:D4:85:DA:CC:B3:AB:D6:0F:C8:E2:8D:A2:A9:75:5F:EB:3A:D4:04 X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:4d:6b:2e:28:f3:55:13:05:e6:f9:0a:d0:c5:9c:a8:fd:c5: 7a:53:c2:99:98:3f:f5:eb:bd:bb:49:64:d2:0b:b8:23:c0:63: 0d:aa:be:e8:fc:e4:8f:45:a7:e2:57:2f:02:87:41:2d:0f:58: b6:1d:17:5c:f4:93:a9:98:5c:f5:c9:c8:88:2a:2a:94:f1:03: ee:23:4d:7e:84:73:88:e3:0e:e5:f9:08:ca:31:02:d1:25:dd: 6f:49:d6:41:11:97:68:c1:bd:65:af:65:1b:ae:be:f3:2f:ff: 9e:de:f5:56:3f:87:32:89:c9:05:29:31:b2:04:28:ea:27:66: 84:0b:49:51:72:ac:8e:02:77:d7:9c:ed:bb:2d:aa:95:00:6e: 41:83:8c:e7:14:9d:67:db:c1:56:98:8a:7f:11:e2:78:50:e8: 78:8d:95:38:79:8c:6d:53:3c:c4:14:51:8d:0f:40:de:6d:eb: 11:34:c0:51:d2:f5:e3:84:96:76:cc:d5:ef:0b:b5:5d:67:73: 4b:fe:f3:eb:06:ea:ad:71:b4:c6:81:dd:76:95:eb:09:59:96: ab:2f:5c:a6:86:b8:11:c5:46:c8:47:08:f7:d3:ca:1f:38:9d: 39:f4:26:37:b4:f4:c3:c9:72:71:33:42:69:18:e9:6c:6f:79: db:b4:a5:a0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWVoGtF1cqFtLuZgdrREx3hx11pQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNjA0MTcxNTU3MDNaFw0yNjA0MjAxOTExMDNaMDMxMTAvBgNV BAMTKDg3RDQ4NURBQ0NCM0FCRDYwRkM4RTI4REEyQTk3NTVGRUIzQUQ0MDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAF2kNDLg0jFvl7YuUxqtuwU8K c3nogS4B39Psx2VF9u0oxhraFCz+cErMaFNvmzOadg5xefIRsm15blRdOBnSyRQO pBmRu25lEZgpvEB+qNwgdHABjZFzuQJiC0EgPO9/8Cslq3ArMbnwvpdE8wDU93z+ QPnktuor657z/qzVLb72U78HlbpnV3htbABP/ykN7LT10rY0S3CF0+s5QM4dbzCD dQuxnHHeDF0yIY0NYKQ4Pu2DZXJ72r1nS4gdG4O3lgjGvDhjQYLFw0rx5UZP21LP SKHHIAmsWqzVSTrLMCC7b3kcW1a6hM4wtbTqt6Vm34F5jDtplBuD4MKByLnpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUh9SF2syzq9YPyOKNoql1X+s61AQwHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADRNay4o81UTBeb5CtDFnKj9xXpTwpmYP/Xr vbtJZNILuCPAYw2qvuj85I9Fp+JXLwKHQS0PWLYdF1z0k6mYXPXJyIgqKpTxA+4j TX6Ec4jjDuX5CMoxAtEl3W9J1kERl2jBvWWvZRuuvvMv/57e9VY/hzKJyQUpMbIE KOonZoQLSVFyrI4Cd9ec7bstqpUAbkGDjOcUnWfbwVaYin8R4nhQ6HiNlTh5jG1T PMQUUY0PQN5t6xE0wFHS9eOElnbM1e8LtV1nc0v+8+sG6q1xtMaB3XaV6wlZlqsv XKaGuBHFRshHCPfTyh84nTn0Jje09MPJcnEzQmkY6Wxvedu0paA= -----END CERTIFICATE-----Generated at Sat Apr 18 00:42:02 2026 by rpki-client