$ rpki-client -vvf repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft File: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft (raw, json) Hash identifier: FB1EDF/eCUEv/ppXbXaGfpW6IOKy62TQYxkh1YA0PsE= Subject key identifier: 31:C7:BF:96:55:05:5A:6A:04:2E:EC:7E:94:AF:DD:04:08:3C:8F:9E Authority key identifier: BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 Certificate issuer: /CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Certificate serial: 1D86FC11FE82A59C3A685DD7B126714AD40C8347 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft Manifest number: 023D Signing time: Wed 15 Apr 2026 18:00:59 +0000 Manifest this update: Wed 15 Apr 2026 17:55:59 +0000 Manifest next update: Sat 18 Apr 2026 21:19:59 +0000 Files and hashes: 1: 3130332e32302e38342e302f32342d3234203d3e20313530323337.roa (hash: Q4o71jeTV80A1Kcs2rXwd40dCqE8n3Drpr6hWhmrWZg=) 2: 3130332e32302e38352e302f32342d3234203d3e20313530323337.roa (hash: /Ll9XnZwq9kQ7KqFTm1tz2GQbHOFyxKz40lfWdvRTyg=) 3: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl (hash: CWRXYndcqcdJ5ZH1TgS8wFYaLdITiHOwbSUbNwmmOKY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 21:19:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:86:fc:11:fe:82:a5:9c:3a:68:5d:d7:b1:26:71:4a:d4:0c:83:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Validity Not Before: Apr 15 17:55:59 2026 GMT Not After : Apr 18 21:19:59 2026 GMT Subject: CN=31C7BF9655055A6A042EEC7E94AFDD04083C8F9E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f7:33:e5:a2:9f:10:4a:07:72:56:ac:b1:22: 95:4b:7a:57:ce:31:e2:85:1b:2f:c8:d6:bf:2f:82: e8:f4:da:ea:a8:6e:83:58:b7:a6:32:c1:71:52:14: 20:78:be:da:46:7b:6d:2a:a4:1f:0a:c6:b3:47:68: b1:ef:a6:96:a1:c0:d0:97:b5:42:c8:5b:ea:03:98: fc:56:27:70:38:92:9d:b9:52:8b:6a:84:05:e9:3f: f8:30:35:e8:5f:35:53:84:50:41:66:80:91:78:dc: fb:f0:91:e0:37:ca:61:b5:d6:61:a7:d1:9d:70:6e: 6b:30:42:2f:46:6b:b7:5e:2d:dc:76:94:54:4d:01: c8:5d:03:67:64:f6:55:bf:36:ab:69:e8:22:7e:32: 25:a4:01:c0:bb:d8:45:c2:18:55:d3:13:5d:40:d4: 87:95:62:49:10:96:51:60:01:e5:cc:b5:6d:b1:c8: 72:bd:56:68:19:dd:8f:0a:1b:75:a4:62:4d:12:58: 15:6b:9a:a6:a7:fb:d8:d3:22:25:a6:ad:63:68:4c: ee:f9:f4:04:37:95:e1:4e:70:f5:c5:8c:59:4e:67: 4d:d5:48:68:03:e1:22:d9:8c:8a:5a:5c:d6:a4:08: 2a:15:73:f4:89:de:bd:fc:a6:e7:56:cf:cc:07:62: 3c:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C7:BF:96:55:05:5A:6A:04:2E:EC:7E:94:AF:DD:04:08:3C:8F:9E X509v3 Authority Key Identifier: keyid:BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:47:ae:bd:92:52:96:36:5c:41:c1:95:22:17:42:97:eb:3a: f4:09:24:92:28:5e:e2:ef:bb:18:9a:ef:c1:48:07:7b:82:ac: 00:7a:93:7e:0f:8d:ca:df:e3:63:20:51:00:8f:a5:2e:cb:fd: 24:68:72:d7:ad:b7:bf:ba:73:92:83:fe:79:d8:e2:8c:3a:4f: a9:94:4b:2d:76:80:0f:b4:5b:42:8b:2b:c7:17:f0:2e:ed:d1: 5b:b3:0e:04:a5:27:ed:2e:a6:f7:96:68:e9:b2:59:71:a3:23: 81:18:74:21:c1:33:23:3f:a8:8d:b2:9a:65:37:77:7a:41:8f: d8:90:8d:ef:2e:f7:a8:74:01:ce:60:09:a6:e3:06:2c:46:09: 6d:0a:e0:66:7d:ac:4f:21:a5:14:eb:c6:a9:47:98:ff:95:38: d1:79:76:42:51:4b:70:31:aa:50:00:d4:69:5e:48:66:dd:50: 24:04:93:eb:27:bd:89:19:ad:4d:7d:d5:40:b2:7f:fc:c9:40: 6b:06:35:fa:76:27:06:80:ea:66:51:68:07:12:f7:a2:89:83: 19:5e:42:62:a2:d4:aa:b8:c6:e0:35:c3:48:1d:de:46:4f:f1: 8d:b5:74:8d:ae:cc:61:ad:1f:5b:fd:36:32:11:17:22:ad:c1: 22:20:01:f1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHYb8Ef6CpZw6aF3XsSZxStQMg0cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3 OURGRkZEMDAeFw0yNjA0MTUxNzU1NTlaFw0yNjA0MTgyMTE5NTlaMDMxMTAvBgNV BAMTKDMxQzdCRjk2NTUwNTVBNkEwNDJFRUM3RTk0QUZERDA0MDgzQzhGOUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP9zPlop8QSgdyVqyxIpVLelfO MeKFGy/I1r8vguj02uqoboNYt6YywXFSFCB4vtpGe20qpB8KxrNHaLHvppahwNCX tULIW+oDmPxWJ3A4kp25UotqhAXpP/gwNehfNVOEUEFmgJF43PvwkeA3ymG11mGn 0Z1wbmswQi9Ga7deLdx2lFRNAchdA2dk9lW/Nqtp6CJ+MiWkAcC72EXCGFXTE11A 1IeVYkkQllFgAeXMtW2xyHK9VmgZ3Y8KG3WkYk0SWBVrmqan+9jTIiWmrWNoTO75 9AQ3leFOcPXFjFlOZ03VSGgD4SLZjIpaXNakCCoVc/SJ3r38pudWz8wHYjxfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMce/llUFWmoELux+lK/dBAg8j54wHwYDVR0j BBgwFoAUvQynu37hRZehcfGx4+MSennf/9AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZDdhNzFiYy1mOTEwLTRiOGMtOWNmZi0wODU3ZDVmMmQzN2YvMC9CRDBDQTdCQjdF RTE0NTk3QTE3MUYxQjFFM0UzMTI3QTc5REZGRkQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3OURG RkZEMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2Q3YTcxYmMtZjkxMC00YjhjLTlj ZmYtMDg1N2Q1ZjJkMzdmLzAvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEy N0E3OURGRkZEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAApHrr2SUpY2XEHBlSIXQpfrOvQJJJIoXuLv uxia78FIB3uCrAB6k34Pjcrf42MgUQCPpS7L/SRoctett7+6c5KD/nnY4ow6T6mU Sy12gA+0W0KLK8cX8C7t0VuzDgSlJ+0upveWaOmyWXGjI4EYdCHBMyM/qI2ymmU3 d3pBj9iQje8u96h0Ac5gCabjBixGCW0K4GZ9rE8hpRTrxqlHmP+VONF5dkJRS3Ax qlAA1GleSGbdUCQEk+snvYkZrU191UCyf/zJQGsGNfp2JwaA6mZRaAcS96KJgxle QmKi1Kq4xuA1w0gd3kZP8Y21dI2uzGGtH1v9NjIRFyKtwSIgAfE= -----END CERTIFICATE-----Generated at Fri Apr 17 20:04:20 2026 by rpki-client