$ rpki-client -vvf repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft File: AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft (raw, json) Hash identifier: N3JmldYZP4zUCu3c2+r+ZqQREQov35rSvubNb/vIzMM= Subject key identifier: 01:E4:E3:58:D6:0A:96:88:1C:C0:22:9B:16:7F:99:B1:37:7D:6B:D8 Authority key identifier: AF:DF:D5:D1:C4:B3:9F:2F:AA:BB:A5:BC:15:23:4C:2B:12:43:BF:FB Certificate issuer: /CN=AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB Certificate serial: 61B43A7F3574F03606D74454A422765920697ABC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft Manifest number: 0415 Signing time: Fri 17 Apr 2026 10:11:42 +0000 Manifest this update: Fri 17 Apr 2026 10:06:42 +0000 Manifest next update: Mon 20 Apr 2026 18:44:42 +0000 Files and hashes: 1: AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl (hash: 6kS7rDc+AWsV4DVgaes9iKYNKJiYdPTh9mYjsL6bVRA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 18:44:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:b4:3a:7f:35:74:f0:36:06:d7:44:54:a4:22:76:59:20:69:7a:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB Validity Not Before: Apr 17 10:06:42 2026 GMT Not After : Apr 20 18:44:42 2026 GMT Subject: CN=01E4E358D60A96881CC0229B167F99B1377D6BD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:50:83:9a:4b:0a:89:61:38:80:82:6a:f6:df: 58:0f:b2:cd:05:1d:55:8b:49:1a:7b:f5:56:e2:7b: ba:ff:e0:b9:51:12:e2:9d:b7:02:6c:07:67:3d:83: e0:47:8e:ff:93:ae:14:99:33:c9:82:90:f0:a7:df: 26:9b:bb:5e:59:a0:0b:f9:b3:5c:4f:f1:66:aa:62: 1b:56:ae:ec:fa:d7:86:0c:6e:87:9c:22:5b:a9:53: 92:2b:ea:0e:d6:2a:4a:47:b1:0d:c2:85:15:fe:bb: a0:b0:7c:dd:e0:e8:1f:12:c5:34:86:c4:98:13:bf: cb:30:ee:45:ac:59:a1:89:ef:29:d6:bf:bc:63:01: 44:76:8b:45:98:5d:5e:9b:d0:a0:4a:db:26:20:73: b2:02:bc:9f:b8:1f:6c:a7:e8:0c:13:de:53:cc:fe: 52:bf:ec:b3:81:fb:8e:6e:3d:1b:34:a5:f6:07:2e: 00:9a:34:59:2f:2b:2d:7d:9c:59:c5:d4:f0:55:43: 27:e2:b1:b3:66:de:94:64:96:e4:15:fb:18:6d:7c: 25:42:6f:d1:e4:2b:c8:0a:43:18:16:22:d0:ae:e7: e8:6c:7f:22:ee:3d:d1:2f:b4:b3:8d:df:09:da:5b: a4:8b:94:b0:1e:f6:53:43:c9:a5:7b:ee:3c:50:38: b5:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:E4:E3:58:D6:0A:96:88:1C:C0:22:9B:16:7F:99:B1:37:7D:6B:D8 X509v3 Authority Key Identifier: keyid:AF:DF:D5:D1:C4:B3:9F:2F:AA:BB:A5:BC:15:23:4C:2B:12:43:BF:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:cb:36:23:87:16:76:10:50:c1:77:3b:c4:92:27:60:70:ae: dd:6e:ef:c9:c2:a9:65:b9:0d:bf:d7:ab:73:a5:c8:8d:d4:0f: 5a:48:cf:dd:ec:55:fd:3a:f7:29:d0:eb:73:f6:c5:23:bb:af: 6a:73:e0:68:a0:67:54:e4:49:d4:a4:60:e5:24:d0:c7:cc:be: 2e:5c:88:8f:a1:87:d9:5e:c7:5b:5e:d5:41:5f:a3:5e:81:28: bb:b2:c4:be:88:36:f4:dd:d2:b1:59:c4:f0:01:24:f2:6e:03: 20:96:e2:4b:73:ca:c1:d7:a2:c3:fd:7f:00:11:57:97:bd:09: eb:66:65:94:a2:e9:46:de:22:b0:4d:74:90:ca:2d:e1:6d:ac: d2:88:21:b9:d3:54:d6:15:e1:ae:fc:7a:e3:c1:21:a0:7b:c6: b3:18:a1:f0:c4:e8:d8:f3:ad:9a:9f:d4:c2:38:ec:65:be:15: c4:e4:23:e2:11:67:b8:47:0e:c6:10:9d:ab:11:59:c0:dd:89: 8a:88:13:a4:02:33:95:0f:63:99:2e:5e:5f:54:4e:36:36:bb: 5a:c4:43:9e:49:f5:bf:4f:4a:60:c9:27:27:b8:ed:56:84:24: cf:b5:85:05:da:54:c4:e3:34:18:77:4e:d5:b4:6e:3a:b3:00: 91:0a:76:8a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYbQ6fzV08DYG10RUpCJ2WSBperwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRDMkIx MjQzQkZGQjAeFw0yNjA0MTcxMDA2NDJaFw0yNjA0MjAxODQ0NDJaMDMxMTAvBgNV BAMTKDAxRTRFMzU4RDYwQTk2ODgxQ0MwMjI5QjE2N0Y5OUIxMzc3RDZCRDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7UIOaSwqJYTiAgmr231gPss0F HVWLSRp79Vbie7r/4LlREuKdtwJsB2c9g+BHjv+TrhSZM8mCkPCn3yabu15ZoAv5 s1xP8WaqYhtWruz614YMboecIlupU5Ir6g7WKkpHsQ3ChRX+u6CwfN3g6B8SxTSG xJgTv8sw7kWsWaGJ7ynWv7xjAUR2i0WYXV6b0KBK2yYgc7ICvJ+4H2yn6AwT3lPM /lK/7LOB+45uPRs0pfYHLgCaNFkvKy19nFnF1PBVQyfisbNm3pRkluQV+xhtfCVC b9HkK8gKQxgWItCu5+hsfyLuPdEvtLON3wnaW6SLlLAe9lNDyaV77jxQOLXLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUAeTjWNYKlogcwCKbFn+ZsTd9a9gwHwYDVR0j BBgwFoAUr9/V0cSzny+qu6W8FSNMKxJDv/swDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NGZlMTgxMS1jMDNmLTQ5ZDgtOTIxNy0xM2ZmMjJhMzFlYmUvMC9BRkRGRDVEMUM0 QjM5RjJGQUFCQkE1QkMxNTIzNEMyQjEyNDNCRkZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRDMkIxMjQz QkZGQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTRmZTE4MTEtYzAzZi00OWQ4LTky MTctMTNmZjIyYTMxZWJlLzAvQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRD MkIxMjQzQkZGQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFbLNiOHFnYQUMF3O8SSJ2Bwrt1u78nCqWW5 Db/Xq3OlyI3UD1pIz93sVf069ynQ63P2xSO7r2pz4GigZ1TkSdSkYOUk0MfMvi5c iI+hh9lex1te1UFfo16BKLuyxL6INvTd0rFZxPABJPJuAyCW4ktzysHXosP9fwAR V5e9CetmZZSi6UbeIrBNdJDKLeFtrNKIIbnTVNYV4a78euPBIaB7xrMYofDE6Njz rZqf1MI47GW+FcTkI+IRZ7hHDsYQnasRWcDdiYqIE6QCM5UPY5kuXl9UTjY2u1rE Q55J9b9PSmDJJye47VaEJM+1hQXaVMTjNBh3TtW0bjqzAJEKdoo= -----END CERTIFICATE-----Generated at Fri Apr 17 23:43:13 2026 by rpki-client