$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: N9GjjnhmC+8H3iBu9kg5hLQdAn9Zt2CAt00juT95qw8= Subject key identifier: 2D:47:47:7B:73:69:BD:58:18:12:84:4E:0B:39:C4:30:46:87:85:6B Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 742BB62A1D7093BA14DE9ED1BE929027960105DE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 024E Signing time: Sat 18 Apr 2026 17:32:05 +0000 Manifest this update: Sat 18 Apr 2026 17:27:05 +0000 Manifest next update: Tue 21 Apr 2026 17:33:05 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: dDwgQW4BK1btnAW7dkPxdZ5Fc2ULBXQbN3G5EkC3Wpk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 17:33:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:2b:b6:2a:1d:70:93:ba:14:de:9e:d1:be:92:90:27:96:01:05:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Apr 18 17:27:05 2026 GMT Not After : Apr 21 17:33:05 2026 GMT Subject: CN=2D47477B7369BD581812844E0B39C4304687856B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e1:e4:66:41:8b:aa:54:35:95:f3:62:24:84: d8:24:b3:4f:70:02:23:af:10:07:c8:4f:ed:b2:04: b8:68:c9:8d:f2:8c:85:71:45:7e:f6:9a:88:a2:7b: d3:b9:7b:12:91:d2:bd:05:7b:51:1c:96:39:75:42: f1:e4:95:f6:4e:c5:c8:82:31:cd:63:d1:c5:b4:b7: 3a:fc:98:e7:59:67:36:bc:68:8e:6c:85:b1:1a:07: 5e:af:58:cd:08:fa:1b:f0:67:14:8f:d2:e2:56:ea: 3b:58:f9:e6:53:4b:e1:d5:05:71:43:b3:81:96:36: 1c:92:4f:11:87:23:cf:17:f0:45:d3:08:d8:30:ce: 13:1f:ac:f5:35:e8:f1:73:51:c9:c9:f4:6c:0d:49: 26:c3:84:8f:9e:38:ba:17:ba:11:2d:30:1c:e8:e5: b7:97:72:02:55:0d:07:c3:4d:53:1f:db:a3:f4:89: 5c:0e:d2:8b:f2:fd:84:77:f5:90:53:90:92:af:19: ee:80:9b:50:a9:76:53:b4:a8:da:6a:b8:da:12:22: 82:54:f5:e4:f9:a2:d3:9e:fb:f5:14:00:78:27:34: 46:e9:55:ce:28:11:32:7e:ad:59:26:f6:d6:9b:8b: 41:35:08:b3:55:13:c9:12:e8:28:e0:b4:6f:31:7d: a2:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:47:47:7B:73:69:BD:58:18:12:84:4E:0B:39:C4:30:46:87:85:6B X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:1d:2f:c5:aa:cc:2b:8f:bc:2e:c4:05:a9:e2:5f:4d:d1:3a: f6:87:2c:43:b9:4f:da:3c:c1:4a:55:a1:a2:ee:a5:05:58:14: 93:b0:a5:4e:2e:85:b2:2f:1e:c1:d2:b5:65:fb:80:48:26:ff: 1c:f6:14:7f:7d:db:f1:5c:0a:59:96:1a:dd:c6:82:60:54:dc: 79:e6:fb:29:6b:4e:4f:cf:8f:d1:8f:0f:af:f0:fa:6d:c4:86: 27:15:e4:96:15:d6:1e:2e:8d:03:87:37:df:36:4c:3d:c8:d8: 57:c3:53:91:b3:5c:e4:ab:96:e9:7e:23:61:74:4e:33:81:70: a2:4d:b8:70:42:ae:d5:5c:a6:ae:73:54:17:79:7a:38:3f:66: bb:63:1f:41:60:50:0e:31:d0:1c:0f:c8:d7:97:dc:8e:3f:83: d9:4d:12:80:ff:f7:1f:64:f6:9e:f6:98:19:fb:a4:97:8f:3f: 4d:c5:7a:d5:69:13:8e:ee:58:3b:bb:6a:10:59:0d:e3:ad:7e: 23:c1:f8:74:55:d9:82:c8:85:c7:22:6d:59:15:f9:67:9c:39: 8d:a2:c9:34:07:8c:bb:2b:ae:00:cb:d0:81:5b:9b:9e:5d:41: e8:90:d4:ca:1b:bc:1e:7a:8e:ac:3d:4b:fc:c5:82:d9:71:23: 90:96:da:a8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdCu2Kh1wk7oU3p7RvpKQJ5YBBd4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNjA0MTgxNzI3MDVaFw0yNjA0MjExNzMzMDVaMDMxMTAvBgNV BAMTKDJENDc0NzdCNzM2OUJENTgxODEyODQ0RTBCMzlDNDMwNDY4Nzg1NkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD4eRmQYuqVDWV82IkhNgks09w AiOvEAfIT+2yBLhoyY3yjIVxRX72moiie9O5exKR0r0Fe1Ecljl1QvHklfZOxciC Mc1j0cW0tzr8mOdZZza8aI5shbEaB16vWM0I+hvwZxSP0uJW6jtY+eZTS+HVBXFD s4GWNhySTxGHI88X8EXTCNgwzhMfrPU16PFzUcnJ9GwNSSbDhI+eOLoXuhEtMBzo 5beXcgJVDQfDTVMf26P0iVwO0ovy/YR39ZBTkJKvGe6Am1CpdlO0qNpquNoSIoJU 9eT5otOe+/UUAHgnNEbpVc4oETJ+rVkm9tabi0E1CLNVE8kS6CjgtG8xfaL3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQULUdHe3NpvVgYEoROCznEMEaHhWswHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE0dL8WqzCuPvC7EBaniX03ROvaHLEO5T9o8 wUpVoaLupQVYFJOwpU4uhbIvHsHStWX7gEgm/xz2FH992/FcClmWGt3GgmBU3Hnm +ylrTk/Pj9GPD6/w+m3EhicV5JYV1h4ujQOHN982TD3I2FfDU5GzXOSrlul+I2F0 TjOBcKJNuHBCrtVcpq5zVBd5ejg/ZrtjH0FgUA4x0BwPyNeX3I4/g9lNEoD/9x9k 9p72mBn7pJePP03FetVpE47uWDu7ahBZDeOtfiPB+HRV2YLIhccibVkV+WecOY2i yTQHjLsrrgDL0IFbm55dQeiQ1MobvB56jqw9S/zFgtlxI5CW2qg= -----END CERTIFICATE-----Generated at Sun Apr 19 10:59:50 2026 by rpki-client