$ rpki-client -vvf repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft File: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft (raw, json) Hash identifier: f0BBnJuyY2I844nv+FkRfbnMj/jQTeQ+/ghMIVWlLko= Subject key identifier: FD:84:5A:BF:50:30:77:71:BC:8C:32:79:C2:C1:55:92:60:C4:28:64 Authority key identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F Certificate issuer: /CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Certificate serial: 40F61F9F497A9332D2EE0CEB2E8DF966E14DBD12 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft Manifest number: 0249 Signing time: Sat 18 Apr 2026 13:41:03 +0000 Manifest this update: Sat 18 Apr 2026 13:36:03 +0000 Manifest next update: Tue 21 Apr 2026 21:30:03 +0000 Files and hashes: 1: 3130332e31302e3235332e302f32342d3234203d3e203536323539.roa (hash: HvzvMBj5qU+NExWSjTWqrdpmvH/WBtBrlcSKkhbhERc=) 2: 3130332e32382e3136332e302f32342d3234203d3e203536323539.roa (hash: NAFqFIaSAImXyE9eWh33YjJ4/n4BJqvDNhOBlZ2+l28=) 3: 3130332e36352e39362e302f32332d3234203d3e203536323539.roa (hash: GJQ3NUFsB2nVnSk1uRZagjtzrc7ng31cjwY1HHOp2FQ=) 4: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl (hash: 6oxKqWmun6dvBX/FP9uzKg75euXH3SYNNVFBzp3N/fw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 20:42:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:f6:1f:9f:49:7a:93:32:d2:ee:0c:eb:2e:8d:f9:66:e1:4d:bd:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Validity Not Before: Apr 18 13:36:03 2026 GMT Not After : Apr 21 21:30:03 2026 GMT Subject: CN=FD845ABF50307771BC8C3279C2C1559260C42864 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:da:82:f1:fa:1c:48:17:ee:f0:de:60:39:f7: 30:40:1b:08:bd:14:27:32:22:b1:6f:6d:68:00:aa: ce:6a:f3:1d:7b:fb:3b:cc:64:95:7d:53:03:a9:9b: c8:1f:95:4d:92:d5:30:a7:01:04:1f:52:7d:77:2d: 17:76:f1:81:83:99:36:d8:e3:78:8c:41:b6:50:7a: 0d:da:0a:94:99:be:1d:0e:66:bf:63:e9:21:33:a1: 90:c5:72:ff:9c:51:ad:cd:9a:77:01:e2:c8:58:75: 06:95:06:84:ea:63:9f:16:90:00:88:ea:dd:16:2a: 5c:63:5f:a4:96:5b:5f:ee:e2:2e:70:e9:6c:3e:9f: 4e:4f:ff:12:bd:7c:ec:aa:02:2c:a9:44:1e:2c:01: 50:29:7e:bb:29:23:08:0e:ea:a9:ee:00:25:06:e0: ea:20:0b:af:4e:cf:54:d3:45:31:83:ee:fe:a4:8c: c2:f6:82:e4:d9:aa:a5:fb:08:a0:33:8f:49:a3:a9: fe:6c:02:82:c8:37:2f:1b:72:9a:96:db:6c:b2:e5: 07:fb:2c:4d:b5:26:5d:21:2d:b6:fe:fe:1d:03:c5: f7:32:d7:4d:18:50:1e:8f:43:ab:ca:d3:c9:4f:94: 43:d9:aa:ed:eb:81:fd:b4:0f:69:f5:c2:c9:1b:20: c1:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:84:5A:BF:50:30:77:71:BC:8C:32:79:C2:C1:55:92:60:C4:28:64 X509v3 Authority Key Identifier: keyid:3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:f4:f5:a4:c6:89:47:9c:3f:9d:b7:fe:89:76:a0:3b:1e:7b: 8d:e3:29:f9:c6:45:8e:63:e7:d0:ed:cd:bb:af:a6:df:08:53: c1:01:aa:4a:10:cd:58:dd:00:24:a2:7e:5a:95:aa:9f:11:ca: d9:0e:c8:14:46:df:6e:55:ac:61:af:81:26:1e:6c:4d:eb:4b: d5:09:ac:7f:ec:ab:35:27:5d:3f:31:09:d4:03:66:42:88:36: 48:e6:7a:01:66:46:4e:cf:95:64:72:5d:0b:73:93:9c:fa:38: 82:81:19:94:9a:1d:02:31:18:77:bf:43:b3:bd:e3:58:4d:60: da:3a:c9:a2:82:dc:d5:13:13:86:66:98:83:05:36:6f:5a:b9: e0:6e:34:9f:4b:80:eb:55:64:f6:67:a2:b0:e2:01:e3:79:bd: 42:f5:46:59:aa:f9:de:93:a3:2d:47:3b:d1:f4:eb:88:e2:b6: 4c:fd:3a:79:be:8b:dd:28:36:06:11:f8:59:cb:3e:b5:1b:73: 92:c2:dd:19:80:15:c1:55:25:03:76:0a:90:f7:6f:02:74:90: 1c:14:b0:90:f8:a5:11:7e:ff:0b:15:90:68:03:57:6c:46:ff: 4c:12:a4:e5:fe:9f:66:c7:67:c2:5f:05:25:a8:6e:fc:fb:d9: 2a:07:dd:e4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQPYfn0l6kzLS7gzrLo35ZuFNvRIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4 NUMzNUU0RjAeFw0yNjA0MTgxMzM2MDNaFw0yNjA0MjEyMTMwMDNaMDMxMTAvBgNV BAMTKEZEODQ1QUJGNTAzMDc3NzFCQzhDMzI3OUMyQzE1NTkyNjBDNDI4NjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD2oLx+hxIF+7w3mA59zBAGwi9 FCcyIrFvbWgAqs5q8x17+zvMZJV9UwOpm8gflU2S1TCnAQQfUn13LRd28YGDmTbY 43iMQbZQeg3aCpSZvh0OZr9j6SEzoZDFcv+cUa3NmncB4shYdQaVBoTqY58WkACI 6t0WKlxjX6SWW1/u4i5w6Ww+n05P/xK9fOyqAiypRB4sAVApfrspIwgO6qnuACUG 4OogC69Oz1TTRTGD7v6kjML2guTZqqX7CKAzj0mjqf5sAoLINy8bcpqW22yy5Qf7 LE21Jl0hLbb+/h0Dxfcy100YUB6PQ6vK08lPlEPZqu3rgf20D2n1wskbIMGnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/YRav1Awd3G8jDJ5wsFVkmDEKGQwHwYDVR0j BBgwFoAUPXifr19+vmk4xMcj3NLu14XDXk8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZDk3MDAzMi0wOGVhLTQ4OTAtYmRiYS02MzA5YTQ5NzkxN2QvMC8zRDc4OUZBRjVG N0VCRTY5MzhDNEM3MjNEQ0QyRUVENzg1QzM1RTRGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4NUMz NUU0Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGQ5NzAwMzItMDhlYS00ODkwLWJk YmEtNjMwOWE0OTc5MTdkLzAvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVF RDc4NUMzNUU0Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAX09aTGiUecP523/ol2oDsee43jKfnGRY5j 59Dtzbuvpt8IU8EBqkoQzVjdACSiflqVqp8RytkOyBRG325VrGGvgSYebE3rS9UJ rH/sqzUnXT8xCdQDZkKINkjmegFmRk7PlWRyXQtzk5z6OIKBGZSaHQIxGHe/Q7O9 41hNYNo6yaKC3NUTE4ZmmIMFNm9aueBuNJ9LgOtVZPZnorDiAeN5vUL1Rlmq+d6T oy1HO9H064jitkz9Onm+i90oNgYR+FnLPrUbc5LC3RmAFcFVJQN2CpD3bwJ0kBwU sJD4pRF+/wsVkGgDV2xG/0wSpOX+n2bHZ8JfBSWobvz72SoH3eQ= -----END CERTIFICATE-----Generated at Sun Apr 19 10:17:20 2026 by rpki-client