$ rpki-client -vvf repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft File: 8CFA88063D5C0A51C1D737A5170338865A245358.mft (raw, json) Hash identifier: VX5MqdnkZ2xmqGoLfOzwysu11oDcdLWShGm2nuVlWnk= Subject key identifier: 5C:7A:10:2A:9A:CA:12:0D:30:BC:C1:CA:BC:50:A1:09:96:27:93:E8 Authority key identifier: 8C:FA:88:06:3D:5C:0A:51:C1:D7:37:A5:17:03:38:86:5A:24:53:58 Certificate issuer: /CN=8CFA88063D5C0A51C1D737A5170338865A245358 Certificate serial: 5D4B07522C6393C994A5EE1BE235D1793FC38AC0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft Manifest number: 0568 Signing time: Fri 17 Apr 2026 07:01:58 +0000 Manifest this update: Fri 17 Apr 2026 06:56:58 +0000 Manifest next update: Mon 20 Apr 2026 13:36:58 +0000 Files and hashes: 1: 3130332e3132362e3230302e302f32332d3233203d3e20313338313133.roa (hash: OX5qJy0ELn8OIpv9cwcHP0OwwrzKVk8H6b2UKzBtyEg=) 2: 3130332e3132362e3230302e302f32322d3232203d3e20313338313133.roa (hash: iKqR4sdrDvQYzAbaXB9On/A/Jy5fdaFvtV4f3tabdnk=) 3: 3130332e3132362e3230322e302f32332d3233203d3e20313338313133.roa (hash: x7tsLph+/FB0QeKJjGm8RZPvo26S0bN0rsI7VAab3d8=) 4: 8CFA88063D5C0A51C1D737A5170338865A245358.crl (hash: 1Sf5oT31wOPKDQ3vbYpzNaX2frX1Eu8fcKVYlSLVLA4=) 5: 323430343a313034303a3a2f33322d3332203d3e20313338313133.roa (hash: IwOy6L011wgRp4Z43jUYFVOd/TCfuz6IilpFz+BTytc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.crl rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 13:36:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:4b:07:52:2c:63:93:c9:94:a5:ee:1b:e2:35:d1:79:3f:c3:8a:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8CFA88063D5C0A51C1D737A5170338865A245358 Validity Not Before: Apr 17 06:56:58 2026 GMT Not After : Apr 20 13:36:58 2026 GMT Subject: CN=5C7A102A9ACA120D30BCC1CABC50A109962793E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b3:75:14:6c:e3:41:a9:bf:96:c2:d3:7c:3f: 40:27:3b:e9:8b:6e:8d:45:b1:24:8c:8f:5c:dd:67: 57:23:f7:4a:e2:84:d4:7b:94:5f:e6:46:9c:7f:36: 3d:c7:d6:37:2a:10:5a:ec:13:db:9c:2a:cd:02:a7: 6c:8c:17:b6:f5:dc:fd:dd:f5:6d:d5:f5:69:c0:28: 25:97:77:d4:64:d9:b1:01:2a:e5:25:52:5b:e0:66: f7:11:1a:42:d5:13:08:ff:ad:89:2d:20:15:b1:4b: bb:46:5f:4a:fd:13:70:d7:68:25:17:cb:72:d6:7c: 48:06:e2:3d:e9:fc:48:aa:d6:45:83:db:cf:ae:f1: ea:3e:3c:c6:6d:ae:43:b5:85:b7:37:6c:51:ae:95: f2:84:d2:fa:8f:ec:a9:0b:d2:a8:65:93:4f:d4:37: 3b:ca:cc:0b:9b:8c:54:b9:da:a5:49:9b:5c:14:ef: 6d:91:f7:f4:2e:79:54:43:bf:52:10:9b:f9:0e:c3: fa:7b:2f:94:31:1f:94:80:75:11:7d:a4:02:10:3f: e3:26:ee:83:b9:b1:39:0e:8d:b3:53:a7:4f:11:99: 0a:4f:8f:42:22:f5:b5:56:41:10:9c:47:5b:4b:e8: 16:9a:3d:bc:2b:56:a3:00:aa:20:66:69:11:6d:68: 41:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:7A:10:2A:9A:CA:12:0D:30:BC:C1:CA:BC:50:A1:09:96:27:93:E8 X509v3 Authority Key Identifier: keyid:8C:FA:88:06:3D:5C:0A:51:C1:D7:37:A5:17:03:38:86:5A:24:53:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:cf:48:0e:df:88:08:05:20:94:9b:3f:cf:81:c3:50:d1:ac: fc:fe:f9:d4:04:af:fc:7b:c9:5e:7e:21:f5:87:11:bf:f6:9b: 3b:12:1b:01:d6:65:dc:c1:be:c1:df:01:c1:50:e9:e1:cb:9e: e1:64:61:db:a9:fb:fa:0b:21:15:1d:98:f7:9a:e7:ec:e2:41: c3:4e:55:1f:c3:cd:15:33:74:16:39:d6:32:75:52:39:a1:cf: 2b:64:31:16:9e:2a:2d:0e:e4:54:cb:0a:62:6a:84:a3:f0:21: 5a:40:05:27:d1:c0:83:0f:fd:62:61:d6:11:36:e7:38:b7:7c: f1:01:6d:0d:25:34:b8:8a:2f:ec:70:58:83:ff:d8:39:0e:42: 4f:61:69:75:d2:40:4c:3c:82:56:9b:8d:af:78:6c:4b:fb:7d: 9e:a6:42:13:d8:36:4a:91:26:ef:63:5c:de:45:da:66:dc:01: 2d:42:73:e0:29:c6:10:59:8f:1b:ca:b9:77:13:7a:79:0e:82: 44:33:95:ce:0f:f0:f5:04:c2:c6:00:ff:c8:c8:f9:3f:ad:9a: 4f:4d:b9:ef:6d:84:62:10:67:59:06:9d:76:c5:43:ac:be:25: 07:ff:c1:eb:bd:e7:3b:51:bf:33:f8:75:f7:07:1b:03:be:f0: 06:3a:e2:41 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXUsHUixjk8mUpe4b4jXReT/DisAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4ODY1 QTI0NTM1ODAeFw0yNjA0MTcwNjU2NThaFw0yNjA0MjAxMzM2NThaMDMxMTAvBgNV BAMTKDVDN0ExMDJBOUFDQTEyMEQzMEJDQzFDQUJDNTBBMTA5OTYyNzkzRTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCms3UUbONBqb+WwtN8P0AnO+mL bo1FsSSMj1zdZ1cj90rihNR7lF/mRpx/Nj3H1jcqEFrsE9ucKs0Cp2yMF7b13P3d 9W3V9WnAKCWXd9Rk2bEBKuUlUlvgZvcRGkLVEwj/rYktIBWxS7tGX0r9E3DXaCUX y3LWfEgG4j3p/Eiq1kWD28+u8eo+PMZtrkO1hbc3bFGulfKE0vqP7KkL0qhlk0/U NzvKzAubjFS52qVJm1wU722R9/QueVRDv1IQm/kOw/p7L5QxH5SAdRF9pAIQP+Mm 7oO5sTkOjbNTp08RmQpPj0Ii9bVWQRCcR1tL6BaaPbwrVqMAqiBmaRFtaEHLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUXHoQKprKEg0wvMHKvFChCZYnk+gwHwYDVR0j BBgwFoAUjPqIBj1cClHB1zelFwM4hlokU1gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YTJlNWI2OS1hZGJkLTRlMmQtODQ3ZC0zNzQ4MTU1ODFkODYvMC84Q0ZBODgwNjNE NUMwQTUxQzFENzM3QTUxNzAzMzg4NjVBMjQ1MzU4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4ODY1QTI0 NTM1OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGEyZTViNjktYWRiZC00ZTJkLTg0 N2QtMzc0ODE1NTgxZDg2LzAvOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4 ODY1QTI0NTM1OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAI/PSA7fiAgFIJSbP8+Bw1DRrPz++dQEr/x7 yV5+IfWHEb/2mzsSGwHWZdzBvsHfAcFQ6eHLnuFkYdup+/oLIRUdmPea5+ziQcNO VR/DzRUzdBY51jJ1UjmhzytkMRaeKi0O5FTLCmJqhKPwIVpABSfRwIMP/WJh1hE2 5zi3fPEBbQ0lNLiKL+xwWIP/2DkOQk9haXXSQEw8glabja94bEv7fZ6mQhPYNkqR Ju9jXN5F2mbcAS1Cc+ApxhBZjxvKuXcTenkOgkQzlc4P8PUEwsYA/8jI+T+tmk9N ue9thGIQZ1kGnXbFQ6y+JQf/weu95ztRvzP4dfcHGwO+8AY64kE= -----END CERTIFICATE-----Generated at Sat Apr 18 01:07:18 2026 by rpki-client