$ rpki-client -vvf repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft File: 2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft (raw, json) Hash identifier: 1C13ECL/npo/7NmjGl7T2MDM6D6sZhuaaa7rElTrQC4= Subject key identifier: 25:B2:71:D8:09:E6:66:AA:11:AC:CA:DC:94:59:F7:C7:22:EA:81:CA Authority key identifier: 2C:B2:1E:F3:36:B6:AB:46:40:E4:61:96:01:E0:F6:48:8C:B8:FD:52 Certificate issuer: /CN=2CB21EF336B6AB4640E4619601E0F6488CB8FD52 Certificate serial: 644CCAB1B7819BE0CDD6BCE129B5AD1E363254C9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft Manifest number: 0398 Signing time: Thu 16 Apr 2026 10:22:15 +0000 Manifest this update: Thu 16 Apr 2026 10:17:15 +0000 Manifest next update: Sun 19 Apr 2026 20:09:15 +0000 Files and hashes: 1: 3130332e3136302e31322e302f32332d3234203d3e20313331313131.roa (hash: 2TjUbAwclmvFhuQfA5b8APF/xfL7qfTm8NzkksHu4ng=) 2: 2CB21EF336B6AB4640E4619601E0F6488CB8FD52.crl (hash: KwsgADVAqpPL+DPwb2ADsdyB+7Tt+k7otu1ySyccRao=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.crl rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Apr 2026 20:09:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:4c:ca:b1:b7:81:9b:e0:cd:d6:bc:e1:29:b5:ad:1e:36:32:54:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CB21EF336B6AB4640E4619601E0F6488CB8FD52 Validity Not Before: Apr 16 10:17:15 2026 GMT Not After : Apr 19 20:09:15 2026 GMT Subject: CN=25B271D809E666AA11ACCADC9459F7C722EA81CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:9a:1b:10:18:8a:b1:5f:89:21:fa:5b:a8:6a: fa:1e:ca:65:e8:b8:e6:88:4e:10:94:40:70:17:32: b5:27:b9:d1:4a:0c:81:bb:79:65:3c:0c:4d:16:07: de:dd:e3:66:dc:69:39:62:2b:25:7b:62:e1:a2:22: 5a:f1:36:4b:3b:0e:b2:55:ee:ea:ed:90:8a:d1:b7: cb:7e:84:c1:53:7b:98:91:44:d7:a3:11:34:ea:64: 98:34:8e:1f:0b:fa:f4:75:67:c2:a1:00:df:f6:ae: 06:25:1e:e1:dc:e4:c9:5e:27:17:14:2b:74:ac:72: 84:1e:53:fb:08:90:9f:9f:a0:14:38:a7:f0:57:27: 06:fe:58:3c:86:69:75:55:7d:91:43:d5:9d:fb:28: 37:44:f7:42:f7:2b:55:d5:8a:6a:e6:3a:71:a6:3e: 4e:89:21:e9:06:81:e4:f3:17:af:73:4e:5e:63:c0: 03:9c:06:70:9a:41:f7:f0:fc:d4:a8:15:9a:2d:44: 94:49:c1:a7:ed:7e:15:de:4d:fb:90:49:e4:d6:ec: cc:09:cc:9f:ad:b8:b3:5b:ed:04:37:61:20:b3:5c: 80:1a:11:88:8d:23:78:c3:6f:b3:c3:38:68:24:1f: 5b:89:e1:3c:08:98:49:0e:e3:2b:0a:d5:52:62:0b: 15:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:B2:71:D8:09:E6:66:AA:11:AC:CA:DC:94:59:F7:C7:22:EA:81:CA X509v3 Authority Key Identifier: keyid:2C:B2:1E:F3:36:B6:AB:46:40:E4:61:96:01:E0:F6:48:8C:B8:FD:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:d6:a2:7b:97:59:3f:d5:55:0c:ed:2e:94:b8:f8:be:6b:4c: 61:31:ad:d5:54:a0:96:47:de:8a:21:65:96:52:67:7c:ac:80: 72:83:f5:33:ef:da:32:5f:78:63:b6:9a:68:fa:94:9d:8d:c3: ac:5b:09:8d:f3:10:47:72:da:da:4e:d3:a6:c0:df:52:7a:d0: d3:a9:3f:2b:d6:9d:46:a3:8a:44:2c:cb:af:c3:32:0f:32:f3: a6:fc:b1:4b:ea:da:ce:01:55:dd:bb:a8:bd:b0:80:4b:2f:95: 4e:09:96:02:61:fb:01:de:07:0f:54:e3:7f:83:26:25:5b:65: 39:26:94:99:3f:e7:0d:12:db:34:70:6e:a6:23:97:07:e1:53: 56:6c:c0:a9:24:3d:e3:5f:83:09:c0:ec:61:ec:cc:d0:11:db: 44:20:5c:6a:d8:a5:d0:02:ef:d1:72:e0:dc:f2:fe:e5:d7:e7: 73:6f:2b:20:fb:68:fd:92:45:74:73:a3:a5:4d:8e:64:95:43: 87:79:83:05:0c:34:be:4f:b1:55:62:d8:56:ac:21:62:23:6b: e4:53:ee:1f:62:3a:4b:be:31:66:33:82:57:50:15:6e:ca:db: 81:36:72:64:e1:0f:7a:2d:b2:f2:74:53:ac:6d:43:c5:8f:b3: b2:80:a4:f5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZEzKsbeBm+DN1rzhKbWtHjYyVMkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkNCMjFFRjMzNkI2QUI0NjQwRTQ2MTk2MDFFMEY2NDg4 Q0I4RkQ1MjAeFw0yNjA0MTYxMDE3MTVaFw0yNjA0MTkyMDA5MTVaMDMxMTAvBgNV BAMTKDI1QjI3MUQ4MDlFNjY2QUExMUFDQ0FEQzk0NTlGN0M3MjJFQTgxQ0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCmhsQGIqxX4kh+luoavoeymXo uOaIThCUQHAXMrUnudFKDIG7eWU8DE0WB97d42bcaTliKyV7YuGiIlrxNks7DrJV 7urtkIrRt8t+hMFTe5iRRNejETTqZJg0jh8L+vR1Z8KhAN/2rgYlHuHc5MleJxcU K3SscoQeU/sIkJ+foBQ4p/BXJwb+WDyGaXVVfZFD1Z37KDdE90L3K1XVimrmOnGm Pk6JIekGgeTzF69zTl5jwAOcBnCaQffw/NSoFZotRJRJwaftfhXeTfuQSeTW7MwJ zJ+tuLNb7QQ3YSCzXIAaEYiNI3jDb7PDOGgkH1uJ4TwImEkO4ysK1VJiCxX7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUJbJx2AnmZqoRrMrclFn3xyLqgcowHwYDVR0j BBgwFoAULLIe8za2q0ZA5GGWAeD2SIy4/VIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i NGM2Zjc3MC02ODZhLTQ1ZWYtOGRmYi0wYzNhODdkM2Q4ZGEvMC8yQ0IyMUVGMzM2 QjZBQjQ2NDBFNDYxOTYwMUUwRjY0ODhDQjhGRDUyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkNCMjFFRjMzNkI2QUI0NjQwRTQ2MTk2MDFFMEY2NDg4Q0I4 RkQ1Mi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjRjNmY3NzAtNjg2YS00NWVmLThk ZmItMGMzYTg3ZDNkOGRhLzAvMkNCMjFFRjMzNkI2QUI0NjQwRTQ2MTk2MDFFMEY2 NDg4Q0I4RkQ1Mi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKPWonuXWT/VVQztLpS4+L5rTGExrdVUoJZH 3oohZZZSZ3ysgHKD9TPv2jJfeGO2mmj6lJ2Nw6xbCY3zEEdy2tpO06bA31J60NOp PyvWnUajikQsy6/DMg8y86b8sUvq2s4BVd27qL2wgEsvlU4JlgJh+wHeBw9U43+D JiVbZTkmlJk/5w0S2zRwbqYjlwfhU1ZswKkkPeNfgwnA7GHszNAR20QgXGrYpdAC 79Fy4Nzy/uXX53NvKyD7aP2SRXRzo6VNjmSVQ4d5gwUMNL5PsVVi2FasIWIja+RT 7h9iOku+MWYzgldQFW7K24E2cmThD3otsvJ0U6xtQ8WPs7KApPU= -----END CERTIFICATE-----Generated at Fri Apr 17 20:15:11 2026 by rpki-client