$ rpki-client -vvf repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft File: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft (raw, json) Hash identifier: 3zClIJcCaAzOYMPH09aSUXMiN6Tk5hwDgLjEdjOwVCE= Subject key identifier: 2A:1B:4F:8E:7E:12:E6:60:CB:83:8D:86:CB:44:CF:3D:E5:87:B1:16 Authority key identifier: 2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 Certificate issuer: /CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Certificate serial: 1E053F851AE5C02DFB32BEC96A9D869125DD03FC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft Manifest number: 17 Signing time: Fri 17 Apr 2026 12:01:16 +0000 Manifest this update: Fri 17 Apr 2026 11:56:16 +0000 Manifest next update: Mon 20 Apr 2026 14:07:16 +0000 Files and hashes: 1: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl (hash: xtaz11nUo9Kop1cEwxkX2XtOn8U2/ByzGvyL0BNtG4Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 14:07:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:05:3f:85:1a:e5:c0:2d:fb:32:be:c9:6a:9d:86:91:25:dd:03:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Validity Not Before: Apr 17 11:56:16 2026 GMT Not After : Apr 20 14:07:16 2026 GMT Subject: CN=2A1B4F8E7E12E660CB838D86CB44CF3DE587B116 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:9a:4a:34:c7:03:dd:4d:5f:ec:84:45:db:36: fd:82:e3:46:b1:d9:62:9b:85:de:dc:fc:5c:6c:6d: 6d:e1:fb:82:3a:c5:2d:d9:66:07:36:ae:ad:0e:ad: af:9c:e5:90:ca:af:fc:bc:4f:1c:93:ac:d1:60:3a: e7:2c:0b:55:c8:cf:2b:45:ae:98:54:02:6d:1d:d3: 42:57:8c:0e:13:09:d3:02:22:37:af:2d:f0:55:78: 70:51:2b:c2:11:fe:e2:7a:57:9a:43:96:88:da:7f: f6:c3:39:5b:8b:1c:c8:e3:bc:00:9f:40:38:f9:14: 33:4f:26:c5:5e:87:9c:24:1d:48:f5:40:0f:05:5f: 6d:23:e4:e7:ad:97:94:45:bd:b1:81:e7:3a:b3:a6: 8f:e1:ff:58:9e:31:54:fa:e1:2a:90:3e:94:79:7d: 1f:74:16:a9:34:3e:40:dd:f4:0a:98:c5:5e:49:dd: d3:6e:34:71:a7:c5:b6:5c:54:15:b9:2e:0e:34:25: 61:46:c5:ea:ba:46:50:6e:09:1f:10:ab:c7:22:f1: 78:97:48:2d:8e:4f:89:1a:24:74:42:59:3a:58:17: 4c:75:77:3d:31:5d:8b:68:8a:f9:2c:c6:3a:ba:3f: cc:0c:17:eb:af:55:7e:5a:0f:71:38:59:ee:0e:09: ee:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:1B:4F:8E:7E:12:E6:60:CB:83:8D:86:CB:44:CF:3D:E5:87:B1:16 X509v3 Authority Key Identifier: keyid:2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:ae:b2:c7:f5:37:af:3a:47:58:73:d2:39:28:a3:1b:60:24: 38:1f:f8:7f:01:eb:ac:63:d9:3c:ff:6b:25:ba:87:85:82:19: c0:85:4e:c4:7c:98:f5:f5:fb:ee:41:4d:6d:16:da:b8:a7:a4: 94:72:9e:08:d5:6b:58:f7:a0:7a:73:79:90:1b:8f:4d:1e:1a: 74:1c:4e:fc:8d:e8:a4:4b:97:0a:c3:ed:0b:e0:43:43:12:48: c7:66:10:b7:b1:37:2c:c6:92:37:89:8d:07:c1:35:f5:95:87: 9b:a5:3f:5a:e9:19:ed:6e:4b:64:11:bb:d4:8f:ea:f2:ad:77: 88:25:50:b7:31:5c:ed:54:44:6a:8d:b9:4b:34:d1:c8:70:ba: e3:23:f7:dd:17:c6:fa:65:cb:0e:25:ef:b6:b1:23:58:28:0c: 4e:f0:b9:03:69:7e:98:71:41:a7:cb:fe:a0:d2:f7:84:21:1c: 06:8c:47:e2:0f:f8:f2:44:46:57:7c:de:72:6e:73:c9:40:b8: 56:ab:35:58:6f:63:85:c7:f2:58:27:50:00:5f:a3:85:7d:4f: 72:f1:0e:d8:5e:ee:0a:db:aa:04:b6:9f:96:7c:12:1b:16:fc: 86:77:b6:46:44:11:31:e1:50:16:73:f3:b6:b0:fe:ef:4b:c7: 90:83:62:98 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHgU/hRrlwC37Mr7Jap2GkSXdA/wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlC QjExMjdGNzAeFw0yNjA0MTcxMTU2MTZaFw0yNjA0MjAxNDA3MTZaMDMxMTAvBgNV BAMTKDJBMUI0RjhFN0UxMkU2NjBDQjgzOEQ4NkNCNDRDRjNERTU4N0IxMTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGmko0xwPdTV/shEXbNv2C40ax 2WKbhd7c/FxsbW3h+4I6xS3ZZgc2rq0Ora+c5ZDKr/y8TxyTrNFgOucsC1XIzytF rphUAm0d00JXjA4TCdMCIjevLfBVeHBRK8IR/uJ6V5pDlojaf/bDOVuLHMjjvACf QDj5FDNPJsVeh5wkHUj1QA8FX20j5Oetl5RFvbGB5zqzpo/h/1ieMVT64SqQPpR5 fR90Fqk0PkDd9AqYxV5J3dNuNHGnxbZcVBW5Lg40JWFGxeq6RlBuCR8Qq8ci8XiX SC2OT4kaJHRCWTpYF0x1dz0xXYtoivksxjq6P8wMF+uvVX5aD3E4We4OCe6BAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKhtPjn4S5mDLg42Gy0TPPeWHsRYwHwYDVR0j BBgwFoAULY//29GvkHo+ew6CGaNzGbsRJ/cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YmRlM2E0Mi02MjcyLTRiNmMtYWQ4MS1jY2NmYmU5NDg4YzAvMS8yRDhGRkZEQkQx QUY5MDdBM0U3QjBFODIxOUEzNzMxOUJCMTEyN0Y3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlCQjEx MjdGNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2JkZTNhNDItNjI3Mi00YjZjLWFk ODEtY2NjZmJlOTQ4OGMwLzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzcz MTlCQjExMjdGNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHOussf1N686R1hz0jkooxtgJDgf+H8B66xj 2Tz/ayW6h4WCGcCFTsR8mPX1++5BTW0W2rinpJRyngjVa1j3oHpzeZAbj00eGnQc TvyN6KRLlwrD7QvgQ0MSSMdmELexNyzGkjeJjQfBNfWVh5ulP1rpGe1uS2QRu9SP 6vKtd4glULcxXO1URGqNuUs00chwuuMj990Xxvplyw4l77axI1goDE7wuQNpfphx QafL/qDS94QhHAaMR+IP+PJERld83nJuc8lAuFarNVhvY4XH8lgnUABfo4V9T3Lx Dthe7grbqgS2n5Z8EhsW/IZ3tkZEETHhUBZz87aw/u9Lx5CDYpg= -----END CERTIFICATE-----Generated at Fri Apr 17 15:29:58 2026 by rpki-client