$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: QXCsAyLdvIZMmKAJ8fKK4IE2fRBRjSmQJXnRGI7yJaM= Subject key identifier: F3:A5:95:CD:20:E1:E5:70:75:68:E1:33:6D:CA:44:11:69:50:01:DF Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 242DD4571327146E338C716AC4C7F448F3B6D335 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 04F3 Signing time: Fri 17 Apr 2026 11:54:16 +0000 Manifest this update: Fri 17 Apr 2026 11:49:16 +0000 Manifest next update: Mon 20 Apr 2026 18:35:16 +0000 Files and hashes: 1: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: ceA/XjkZTjtckNNE+B0y8t16H7RYtmT+yFrD+MsXpYk=) 2: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: rkHE7dCGWjwiXKSo5AmkFhmGB4j/W88po8KuTJD9fS0=) 3: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0yCL5KXTraWL90iq30pQr9XlRbIvmMrP24hOvDxVdWE=) 4: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: q/CV3YIPQOm1aZYip5fIR1K9i7bDSVO+nIFF+ycG0Go=) 5: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: QKBrvi0RsDMYjSNqwszDPfOesbOlEOIHdE8u3xcyVKM=) 6: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: zCUg4ypvv2GlwnHN93OEr6YWYy+0fl7UKwqXyrw+mYs=) 7: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: KMgpV5IHgQzjX5dFzAJ/bnXL/5H5V3MzrKMN877hVgQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 18:35:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:2d:d4:57:13:27:14:6e:33:8c:71:6a:c4:c7:f4:48:f3:b6:d3:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Apr 17 11:49:16 2026 GMT Not After : Apr 20 18:35:16 2026 GMT Subject: CN=F3A595CD20E1E5707568E1336DCA4411695001DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:5e:93:4e:8a:c7:58:16:2c:cb:b7:f0:1f:02: 65:e9:7a:47:ba:7b:40:40:01:94:18:0b:6e:ba:29: 48:c2:f8:aa:98:4f:d7:e7:c5:78:f9:8f:0a:1f:40: af:f8:9a:f9:54:32:05:85:b5:06:28:8c:3b:73:ed: 91:65:f7:81:5c:15:3f:ee:70:2d:34:97:db:5f:29: 43:26:15:ae:69:80:f5:00:3e:ad:8f:35:35:fb:5f: 72:70:65:8a:f2:4c:5a:6c:45:f9:04:61:a0:cd:f6: 19:89:1c:59:ce:78:0a:d2:5f:1a:ec:41:45:c6:32: 61:61:03:5d:8a:72:ad:bb:c1:08:ed:71:13:8c:29: 7a:43:74:b2:b4:42:7d:4e:33:03:f9:e2:b2:87:14: 03:a0:ea:d6:b1:ff:a6:85:43:d5:29:91:84:93:c1: f9:fa:84:14:a8:70:ad:68:ca:3a:81:df:ba:51:4a: 02:f8:97:ae:16:be:46:e3:0c:96:f7:d2:83:16:24: 27:e7:73:5f:82:d9:7c:04:5a:8d:20:49:4b:b3:2e: f7:5a:c7:3d:f8:98:d2:90:86:19:7e:dc:02:5e:60: 71:9f:0e:68:f1:8a:85:18:6e:c8:33:29:06:cf:3f: 1b:db:a1:32:c2:07:c7:3b:55:a5:39:49:82:18:fe: 80:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:A5:95:CD:20:E1:E5:70:75:68:E1:33:6D:CA:44:11:69:50:01:DF X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:19:7c:9a:7c:f0:d8:b5:ac:69:5d:b8:fa:31:3e:2d:a7:e6: 0e:a4:00:62:49:18:dc:f5:fa:72:53:f0:48:73:6f:61:1b:8e: 68:91:8d:02:6d:76:d2:f7:bd:b2:95:58:c3:b0:f0:e3:d8:18: 00:23:e1:2e:c4:af:81:8f:cc:af:6a:43:2d:8e:36:12:4f:45: 39:dd:6f:27:76:db:98:31:a6:56:6f:ab:c0:99:4e:0a:e3:f6: f6:a2:46:b0:a2:59:76:ed:6c:c7:ba:4e:c3:94:c4:5c:12:09: 13:e9:f2:5e:69:62:07:00:37:38:90:d8:9a:06:91:59:77:6e: 83:19:b0:21:c2:40:6d:f7:9d:38:b8:7e:12:97:ef:d1:47:3d: 1a:12:2b:6a:9f:c1:47:64:d9:36:f3:ec:3c:86:0d:3d:17:d9: d9:16:92:9d:c8:71:ff:c3:0e:65:ed:5b:de:60:6d:f9:f9:29: cc:bf:15:fe:fc:77:18:db:91:7e:17:94:86:a9:0d:54:78:4e: f4:8f:ab:b1:19:5c:67:f6:44:e3:0e:27:c4:1e:59:37:5d:4c: 50:eb:3e:47:d0:42:2b:39:d3:55:d4:cb:79:f6:b0:a2:12:e0: 2a:f5:d2:00:5b:ea:e5:2b:54:f4:91:c5:03:6d:12:a3:4d:62: e3:19:d1:9c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJC3UVxMnFG4zjHFqxMf0SPO20zUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNjA0MTcxMTQ5MTZaFw0yNjA0MjAxODM1MTZaMDMxMTAvBgNV BAMTKEYzQTU5NUNEMjBFMUU1NzA3NTY4RTEzMzZEQ0E0NDExNjk1MDAxREYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSXpNOisdYFizLt/AfAmXpeke6 e0BAAZQYC266KUjC+KqYT9fnxXj5jwofQK/4mvlUMgWFtQYojDtz7ZFl94FcFT/u cC00l9tfKUMmFa5pgPUAPq2PNTX7X3JwZYryTFpsRfkEYaDN9hmJHFnOeArSXxrs QUXGMmFhA12Kcq27wQjtcROMKXpDdLK0Qn1OMwP54rKHFAOg6tax/6aFQ9UpkYST wfn6hBSocK1oyjqB37pRSgL4l64WvkbjDJb30oMWJCfnc1+C2XwEWo0gSUuzLvda xz34mNKQhhl+3AJeYHGfDmjxioUYbsgzKQbPPxvboTLCB8c7VaU5SYIY/oARAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU86WVzSDh5XB1aOEzbcpEEWlQAd8wHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALMZfJp88Ni1rGlduPoxPi2n5g6kAGJJGNz1 +nJT8Ehzb2EbjmiRjQJtdtL3vbKVWMOw8OPYGAAj4S7Er4GPzK9qQy2ONhJPRTnd byd225gxplZvq8CZTgrj9vaiRrCiWXbtbMe6TsOUxFwSCRPp8l5pYgcANziQ2JoG kVl3boMZsCHCQG33nTi4fhKX79FHPRoSK2qfwUdk2Tbz7DyGDT0X2dkWkp3Icf/D DmXtW95gbfn5Kcy/Ff78dxjbkX4XlIapDVR4TvSPq7EZXGf2ROMOJ8QeWTddTFDr PkfQQis501XUy3n2sKIS4Cr10gBb6uUrVPSRxQNtEqNNYuMZ0Zw= -----END CERTIFICATE-----Generated at Sun Apr 19 13:43:19 2026 by rpki-client