$ rpki-client -vvf repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.mft (raw, json) Hash identifier: qIjmSEgxkY/XgfTVEkTFZQ3iVzp/ET55Tpx8ZRk3zZI= Subject key identifier: 49:D4:00:6E:E0:F7:B7:23:E1:2C:A9:5F:9C:A7:D7:8E:FE:A0:76:9E Authority key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Certificate issuer: /CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Certificate serial: 6BE5D92055D465E2EA5BFD086C4A8CEDB403544F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft Manifest number: 0525 Signing time: Wed 15 Apr 2026 17:01:10 +0000 Manifest this update: Wed 15 Apr 2026 16:56:10 +0000 Manifest next update: Sat 18 Apr 2026 20:51:10 +0000 Files and hashes: 1: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: p7znIjGrzIeqiJgSyw1Go9JzIhUPDTiZx2kzEBcMX+M=) 2: 21AC220B77A77D0516BC73B4C29C8363DD00911B.crl (hash: CsKv3aFEBKj58B7XrIqhWxua+0BWXo9iVLx7lxoMdxc=) 3: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: J7Eqzk0rLCECjOwGjEdw1vCeBneDceSExg8FEmGDsVA=) 4: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: FqumLAE5ExkmaatbD11ff744L2iTMEhUHWhZUQWOtLU=) 5: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: IywsBHZCpESzPvpzBYMa3aM5xr+uzQrgr/hs4zyGEfk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 20:51:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:e5:d9:20:55:d4:65:e2:ea:5b:fd:08:6c:4a:8c:ed:b4:03:54:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Validity Not Before: Apr 15 16:56:10 2026 GMT Not After : Apr 18 20:51:10 2026 GMT Subject: CN=49D4006EE0F7B723E12CA95F9CA7D78EFEA0769E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d9:f2:ad:a8:77:a8:88:55:35:a6:20:5d:d4: f4:95:76:fc:20:42:53:8f:18:f3:1f:35:a1:57:86: f6:51:59:3b:d2:40:a3:d2:cd:4f:24:ac:c0:ba:63: 19:c9:cd:db:0d:95:68:09:0d:d5:9e:a3:db:c5:81: f1:a2:b9:34:7a:c3:58:7b:d2:fd:82:96:ea:cf:d1: 6c:71:e5:a9:05:f6:cc:03:00:ae:21:56:21:84:fa: 9a:53:1b:0a:9f:38:b8:e7:08:a1:b9:df:f0:15:29: 18:6c:7f:98:37:d7:c2:a0:11:3e:bd:8e:42:3e:7d: 22:1e:54:d1:74:c8:ad:20:aa:ba:b7:e2:6b:6e:45: 1f:31:e9:ff:b5:c3:57:ca:2e:ed:c4:31:7f:5a:73: 52:6f:e4:1b:36:08:f1:c1:9e:d4:21:c0:28:7e:37: 44:e2:18:0e:f0:8d:5a:1e:3f:13:e0:96:fe:ec:d3: bf:0e:b6:ba:99:eb:74:a8:3e:b4:71:41:95:1b:5e: 17:a5:b6:be:2c:b1:02:bd:bc:89:be:bb:3b:f7:12: ca:ce:2b:38:3d:54:f5:b6:a8:87:a7:0e:46:1b:06: 6d:f6:cc:5b:44:bc:fe:08:64:05:34:ff:ac:1f:16: e4:24:c1:45:e8:4b:59:d5:11:9c:a6:1c:9f:d2:1a: 14:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:D4:00:6E:E0:F7:B7:23:E1:2C:A9:5F:9C:A7:D7:8E:FE:A0:76:9E X509v3 Authority Key Identifier: keyid:21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:79:12:aa:3d:21:6d:62:ec:ab:d0:db:a1:af:ee:00:89:13: 7e:29:7a:d7:8b:8c:47:c4:d4:03:d7:17:0d:c9:40:ee:91:e2: 31:71:15:c6:18:8d:2f:4a:08:b9:79:91:61:9e:48:d4:e4:b2: b7:1a:8d:6f:94:de:89:54:4a:3a:54:3b:d1:8f:85:3e:e6:e3: 62:5c:f2:db:2b:6a:2e:a0:1c:a0:ab:74:c3:71:8c:dd:c3:8f: c4:5f:c6:dd:d3:e3:17:aa:b5:69:07:49:22:13:f3:20:d7:f7: 61:f0:a5:8a:ed:3e:f4:7c:36:d7:72:f5:1c:e5:21:8e:9c:67: 8e:90:6a:a1:b5:06:32:01:7a:8c:e8:d5:72:1c:0d:61:08:af: 65:8b:99:42:ad:1c:a8:b4:ea:54:df:b1:eb:52:04:f8:9c:f1: 8c:d9:a6:8f:59:ec:ae:ce:4b:10:ef:00:54:d9:2e:f2:b6:b5: 2b:94:71:48:d1:5f:e4:38:78:77:f7:10:5f:2a:1d:75:cc:2d: 09:78:fe:68:94:17:37:fb:37:2b:7e:ff:e1:69:30:c6:a6:d9: 8a:90:c7:02:30:29:f8:17:e2:d2:37:af:2b:b4:b5:25:5b:24: 8c:9d:54:94:c3:ae:b2:fc:54:24:90:6c:96:d0:6c:45:c9:e9: ab:4a:27:6d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUa+XZIFXUZeLqW/0IbEqM7bQDVE8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNE RDAwOTExQjAeFw0yNjA0MTUxNjU2MTBaFw0yNjA0MTgyMDUxMTBaMDMxMTAvBgNV BAMTKDQ5RDQwMDZFRTBGN0I3MjNFMTJDQTk1RjlDQTdENzhFRkVBMDc2OUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS2fKtqHeoiFU1piBd1PSVdvwg QlOPGPMfNaFXhvZRWTvSQKPSzU8krMC6YxnJzdsNlWgJDdWeo9vFgfGiuTR6w1h7 0v2ClurP0Wxx5akF9swDAK4hViGE+ppTGwqfOLjnCKG53/AVKRhsf5g318KgET69 jkI+fSIeVNF0yK0gqrq34mtuRR8x6f+1w1fKLu3EMX9ac1Jv5Bs2CPHBntQhwCh+ N0TiGA7wjVoePxPglv7s078OtrqZ63SoPrRxQZUbXheltr4ssQK9vIm+uzv3EsrO Kzg9VPW2qIenDkYbBm32zFtEvP4IZAU0/6wfFuQkwUXoS1nVEZymHJ/SGhRPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUSdQAbuD3tyPhLKlfnKfXjv6gdp4wHwYDVR0j BBgwFoAUIawiC3enfQUWvHO0wpyDY90AkRswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMC8yMUFDMjIwQjc3 QTc3RDA1MTZCQzczQjRDMjlDODM2M0REMDA5MTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNERDAw OTExQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5Qzgz NjNERDAwOTExQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACR5Eqo9IW1i7KvQ26Gv7gCJE34peteLjEfE 1APXFw3JQO6R4jFxFcYYjS9KCLl5kWGeSNTksrcajW+U3olUSjpUO9GPhT7m42Jc 8tsrai6gHKCrdMNxjN3Dj8Rfxt3T4xeqtWkHSSIT8yDX92HwpYrtPvR8Ntdy9Rzl IY6cZ46QaqG1BjIBeozo1XIcDWEIr2WLmUKtHKi06lTfsetSBPic8YzZpo9Z7K7O SxDvAFTZLvK2tSuUcUjRX+Q4eHf3EF8qHXXMLQl4/miUFzf7Nyt+/+FpMMam2YqQ xwIwKfgX4tI3ryu0tSVbJIydVJTDrrL8VCSQbJbQbEXJ6atKJ20= -----END CERTIFICATE-----Generated at Fri Apr 17 19:14:49 2026 by rpki-client