$ rpki-client -vvf repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft File: 0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft (raw, json) Hash identifier: t7x16GRPs4eyjrQorMgqQAQHKHhXFY4OODPV5WGxgSc= Subject key identifier: 1C:E1:15:1E:C1:CE:F5:AE:96:25:A0:2C:DD:BA:8A:7C:A5:AF:CB:83 Authority key identifier: 0B:B4:E9:52:78:9A:C5:02:FA:0C:FB:95:C2:E0:3F:43:44:97:BF:E3 Certificate issuer: /CN=0BB4E952789AC502FA0CFB95C2E03F434497BFE3 Certificate serial: 27AC8BBD63F121B1B510AABDA57AF63501693E60 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft Manifest number: 0117 Signing time: Thu 16 Apr 2026 23:02:23 +0000 Manifest this update: Thu 16 Apr 2026 22:57:23 +0000 Manifest next update: Mon 20 Apr 2026 05:05:23 +0000 Files and hashes: 1: 3130332e3134382e38392e302f32342d3234203d3e20313430343231.roa (hash: TZoglv4gVSEGVdYtRZ4lgIJlzz7UT43dp4O+n8rkNNY=) 2: 3130332e3134382e38382e302f32342d3234203d3e20313430343231.roa (hash: neEFe0w5kAvbktE6GbOUZcC2jhb5+07V2Dgm04kOOSQ=) 3: 0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl (hash: 2ZZocbRQNqxcha+9JRUf0F0T+iS339KEDoxmUxcyqz0=) 4: 323030313a6466323a633938303a3a2f34382d3438203d3e20313430343231.roa (hash: S9qtO6NNat29VwWXnPO9Ad1pn0XLAWnDz3QkqSTjTbI=) 5: 3130332e3134382e38382e302f32332d3233203d3e20313430343231.roa (hash: l6is4dO0R0PbZ70dLKCH7MsIvztrQYbYg8s+N5j55/w=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 05:05:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:ac:8b:bd:63:f1:21:b1:b5:10:aa:bd:a5:7a:f6:35:01:69:3e:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0BB4E952789AC502FA0CFB95C2E03F434497BFE3 Validity Not Before: Apr 16 22:57:23 2026 GMT Not After : Apr 20 05:05:23 2026 GMT Subject: CN=1CE1151EC1CEF5AE9625A02CDDBA8A7CA5AFCB83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:30:5c:d1:47:d9:27:72:f3:0f:44:9f:85:5a: 1f:9a:6f:ca:45:ad:88:8b:b4:45:a6:c2:31:38:1f: 43:ff:36:90:53:4c:6b:13:c5:cd:65:b7:e6:df:77: a7:04:b9:18:96:29:a4:b4:66:b2:b8:9a:dc:01:15: b3:c5:50:6c:2d:b9:9f:cb:ec:db:07:3c:bc:35:c9: 17:54:11:56:2e:73:6f:ab:75:73:58:ac:85:45:e0: 30:53:fe:b5:09:06:5e:03:8b:96:db:43:4f:0e:0c: 54:71:20:a3:d0:12:ee:24:5a:2a:e1:d2:e9:10:2a: 7b:b4:b8:cf:ee:e4:b0:60:ea:91:69:10:46:f1:c8: d3:51:1a:63:88:21:09:65:e6:23:4c:c9:79:69:58: 1c:6d:ca:1f:cc:02:4c:9b:89:8a:3e:1b:27:7b:83: a1:1e:ca:a6:04:3f:05:ca:1c:61:d0:b2:45:cf:64: d2:26:6c:46:7c:7d:9d:2b:49:e1:b2:55:6e:a3:65: 85:d9:bf:f4:40:51:3a:9d:30:ad:93:f4:30:0a:39: 52:23:f3:a7:09:68:5b:d6:cd:b3:75:fd:22:4f:65: 81:8a:5c:72:1f:45:f2:ad:25:03:17:b2:91:09:ca: 08:b7:72:20:ba:91:80:01:12:c3:7f:a8:65:7a:1b: 34:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:E1:15:1E:C1:CE:F5:AE:96:25:A0:2C:DD:BA:8A:7C:A5:AF:CB:83 X509v3 Authority Key Identifier: keyid:0B:B4:E9:52:78:9A:C5:02:FA:0C:FB:95:C2:E0:3F:43:44:97:BF:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:23:da:ac:5a:a7:22:93:8d:d0:aa:55:5d:f2:55:4b:85:3b: ed:8a:80:4a:a5:85:56:8d:91:a8:ac:a2:c8:f8:3e:5f:8e:fa: 30:b1:7e:3a:91:90:0f:98:58:a7:af:67:1a:20:70:1f:20:6b: 35:a6:53:57:f3:dd:0b:cc:9a:46:39:1e:e3:9f:d9:3a:7b:74: 86:3e:77:d3:a1:ae:27:d9:63:fd:97:4b:33:73:cf:cd:73:e6: ee:c5:dd:12:89:35:cc:e1:e7:c5:d0:97:d0:1f:5e:a9:85:69: ec:a0:68:c6:13:e6:39:c6:e0:de:5c:3d:a8:4f:93:c1:a8:fd: b5:df:8a:bc:2b:d2:d1:2f:1f:ab:04:fe:0a:6e:f3:0d:ed:04: c9:e5:4c:85:fd:6e:a3:85:f0:40:c0:a9:ff:16:46:94:b7:da: 39:d2:f0:cb:fb:36:24:4e:ed:00:d7:d9:d4:ca:48:47:04:57: 8b:ab:85:f5:ef:3c:0c:87:90:78:3a:21:84:1b:70:4a:e8:a0: 26:0b:ee:8e:84:de:dc:bc:dd:39:0a:1c:9a:2d:54:34:71:3d: 31:1b:ec:a4:af:37:a2:ac:67:97:0e:3f:51:3f:e2:cb:f0:db: 9f:3e:23:74:f2:cb:5a:b1:1b:bf:cb:5a:77:8d:78:07:e3:e9: 14:6e:15:16 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJ6yLvWPxIbG1EKq9pXr2NQFpPmAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNGNDM0 NDk3QkZFMzAeFw0yNjA0MTYyMjU3MjNaFw0yNjA0MjAwNTA1MjNaMDMxMTAvBgNV BAMTKDFDRTExNTFFQzFDRUY1QUU5NjI1QTAyQ0REQkE4QTdDQTVBRkNCODMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3MFzRR9kncvMPRJ+FWh+ab8pF rYiLtEWmwjE4H0P/NpBTTGsTxc1lt+bfd6cEuRiWKaS0ZrK4mtwBFbPFUGwtuZ/L 7NsHPLw1yRdUEVYuc2+rdXNYrIVF4DBT/rUJBl4Di5bbQ08ODFRxIKPQEu4kWirh 0ukQKnu0uM/u5LBg6pFpEEbxyNNRGmOIIQll5iNMyXlpWBxtyh/MAkybiYo+Gyd7 g6EeyqYEPwXKHGHQskXPZNImbEZ8fZ0rSeGyVW6jZYXZv/RAUTqdMK2T9DAKOVIj 86cJaFvWzbN1/SJPZYGKXHIfRfKtJQMXspEJygi3ciC6kYABEsN/qGV6GzTvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHOEVHsHO9a6WJaAs3bqKfKWvy4MwHwYDVR0j BBgwFoAUC7TpUniaxQL6DPuVwuA/Q0SXv+MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YjcyZWNhNC03M2FkLTRlMGItYTZhNi03YTY1Njk4YjczYmUvMC8wQkI0RTk1Mjc4 OUFDNTAyRkEwQ0ZCOTVDMkUwM0Y0MzQ0OTdCRkUzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNGNDM0NDk3 QkZFMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGI3MmVjYTQtNzNhZC00ZTBiLWE2 YTYtN2E2NTY5OGI3M2JlLzAvMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNG NDM0NDk3QkZFMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHQj2qxapyKTjdCqVV3yVUuFO+2KgEqlhVaN kaisosj4Pl+O+jCxfjqRkA+YWKevZxogcB8gazWmU1fz3QvMmkY5HuOf2Tp7dIY+ d9OhrifZY/2XSzNzz81z5u7F3RKJNczh58XQl9AfXqmFaeygaMYT5jnG4N5cPahP k8Go/bXfirwr0tEvH6sE/gpu8w3tBMnlTIX9bqOF8EDAqf8WRpS32jnS8Mv7NiRO 7QDX2dTKSEcEV4urhfXvPAyHkHg6IYQbcErooCYL7o6E3ty83TkKHJotVDRxPTEb 7KSvN6KsZ5cOP1E/4svw258+I3Tyy1qxG7/LWneNeAfj6RRuFRY= -----END CERTIFICATE-----Generated at Fri Apr 17 12:41:19 2026 by rpki-client