$ rpki-client -vvf repo-rpki.idnic.net/repo/d8ce2008-84b7-4bef-94b9-bb3fdb17b238/0/65E29AACDF8556B440C4D7180F51C447FFE5238F.mft File: 65E29AACDF8556B440C4D7180F51C447FFE5238F.mft (raw, json) Hash identifier: sjjKaf3oSkhCkC/NIZSnWHo6Y6n4PYs3nnmV1kf/9Ac= Subject key identifier: 32:8A:46:F3:57:48:AF:2F:A0:1D:D5:B4:4F:E4:19:D4:91:15:40:59 Authority key identifier: 65:E2:9A:AC:DF:85:56:B4:40:C4:D7:18:0F:51:C4:47:FF:E5:23:8F Certificate issuer: /CN=65E29AACDF8556B440C4D7180F51C447FFE5238F Certificate serial: 64E59ADF7F7A9C6FA415359C8AFF47A43499F540 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/65E29AACDF8556B440C4D7180F51C447FFE5238F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d8ce2008-84b7-4bef-94b9-bb3fdb17b238/0/65E29AACDF8556B440C4D7180F51C447FFE5238F.mft Manifest number: 021A Signing time: Thu 16 Apr 2026 12:21:36 +0000 Manifest this update: Thu 16 Apr 2026 12:16:36 +0000 Manifest next update: Sun 19 Apr 2026 17:30:36 +0000 Files and hashes: 1: 3130332e35382e3139392e302f32342d3234203d3e20313530343937.roa (hash: iDhsHzDkVNr/vSSmI9ZIctObh09TpaY2vp55/txIX4E=) 2: 3130332e35382e3139382e302f32342d3234203d3e20313530343937.roa (hash: 7IHy7S58PrSgI+9s9OhKwDaIOEZSZJD9pKdINBx6ktw=) 3: 3130332e35382e3139382e302f32342d3234203d3e20313531353237.roa (hash: jJN+a1uyK5er9vytVlfqMqFHVNtiQSwDgGPE7xDkxVU=) 4: 3130332e35382e3139392e302f32342d3234203d3e20313531353237.roa (hash: dHvA0l4MoAsHbnDeUczCGz/tbqjQXH0AlY+9WKNokS8=) 5: 65E29AACDF8556B440C4D7180F51C447FFE5238F.crl (hash: 37FVlrvSNX2SMcfsUiB7fRil2jipVC/c1YLyiMGehlg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d8ce2008-84b7-4bef-94b9-bb3fdb17b238/0/65E29AACDF8556B440C4D7180F51C447FFE5238F.crl rsync://repo-rpki.idnic.net/repo/d8ce2008-84b7-4bef-94b9-bb3fdb17b238/0/65E29AACDF8556B440C4D7180F51C447FFE5238F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/65E29AACDF8556B440C4D7180F51C447FFE5238F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Apr 2026 17:30:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:e5:9a:df:7f:7a:9c:6f:a4:15:35:9c:8a:ff:47:a4:34:99:f5:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65E29AACDF8556B440C4D7180F51C447FFE5238F Validity Not Before: Apr 16 12:16:36 2026 GMT Not After : Apr 19 17:30:36 2026 GMT Subject: CN=328A46F35748AF2FA01DD5B44FE419D491154059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:67:92:a1:28:2f:c8:4b:c4:5c:9d:fb:39:cd: 51:8d:01:64:12:f0:0b:90:b9:33:b2:75:66:08:bd: 5f:9f:fc:1b:8c:cf:62:b3:db:06:cf:12:da:bd:f7: 7b:60:73:da:ab:e7:86:69:d9:85:6d:37:be:06:7b: 91:b7:74:3f:2b:77:b4:80:ba:bf:d9:3f:d4:3b:89: 48:e8:48:e9:bf:73:e1:26:4a:56:b2:01:91:1e:b6: 42:b7:65:46:b9:73:c7:0c:e4:3c:e3:85:5a:b0:41: 72:32:9d:11:d6:f4:32:3c:c0:af:b6:35:92:6b:8f: e9:f9:5d:1c:2f:2f:86:1f:e0:ae:ec:55:40:e0:19: 44:9e:23:21:99:44:29:3b:fa:6f:a2:b8:54:cb:be: c9:af:ec:f2:3f:ae:b0:23:c3:b8:82:30:fb:91:e7: 08:cd:8d:ac:1b:2b:1e:21:0d:39:6c:21:f8:c1:0c: 62:ba:4b:23:7f:2b:1e:36:bc:02:54:ef:00:59:d2: b2:fb:4c:57:7d:48:79:a2:56:e3:7d:f5:9e:19:38: f5:0e:3a:61:0b:10:ac:f2:c4:e2:7e:86:50:9a:12: 7d:74:18:1c:04:a4:42:2e:b8:f3:88:be:d9:df:08: e2:f5:94:b3:ed:a5:d6:69:3e:5f:a1:f1:d5:a3:15: e8:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:8A:46:F3:57:48:AF:2F:A0:1D:D5:B4:4F:E4:19:D4:91:15:40:59 X509v3 Authority Key Identifier: keyid:65:E2:9A:AC:DF:85:56:B4:40:C4:D7:18:0F:51:C4:47:FF:E5:23:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d8ce2008-84b7-4bef-94b9-bb3fdb17b238/0/65E29AACDF8556B440C4D7180F51C447FFE5238F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/65E29AACDF8556B440C4D7180F51C447FFE5238F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d8ce2008-84b7-4bef-94b9-bb3fdb17b238/0/65E29AACDF8556B440C4D7180F51C447FFE5238F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption be:92:e4:7d:95:e3:30:10:ba:26:96:8e:8d:aa:2a:86:d1:10: f0:5f:b0:4c:f6:21:98:88:17:8b:8e:0b:6f:ce:e2:95:f3:38: 5d:7c:b0:71:88:c4:99:8c:db:7d:9f:af:28:ce:1d:e6:60:4a: 6a:08:b7:b2:c6:8c:b2:d7:a2:24:2e:67:18:06:30:3d:db:1f: ef:90:fa:50:45:c8:89:2b:da:bd:9e:9f:cd:26:66:ce:89:55: 24:b2:3c:37:93:bf:82:ef:5b:b1:19:d4:59:29:be:f5:4a:3d: 4e:de:01:dd:75:cc:63:32:0c:16:18:ae:f6:5e:73:88:35:49: 6b:0e:57:9b:eb:cf:1e:e0:ee:74:5a:3b:1a:94:c9:71:f4:0a: 45:e2:37:4c:c4:a2:a5:39:12:ed:ae:bc:09:e3:8d:6f:bc:c2: d4:b8:fa:1c:bb:5a:2d:6d:21:f9:31:ec:52:de:7f:50:31:eb: 35:9e:73:5d:44:39:6c:8c:4e:f5:a1:32:1d:15:f8:fa:97:aa: 6a:8f:fb:e1:b9:ba:45:b2:99:5c:58:85:1a:67:9a:fa:3d:cb: 8c:02:f1:f4:50:58:ea:d1:35:23:2c:a6:ee:58:7b:99:03:e8: e1:aa:f9:cc:29:e2:ca:70:29:47:03:25:a7:f3:71:50:ad:64: 8c:d6:cf:52 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZOWa3396nG+kFTWciv9HpDSZ9UAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjVFMjlBQUNERjg1NTZCNDQwQzRENzE4MEY1MUM0NDdG RkU1MjM4RjAeFw0yNjA0MTYxMjE2MzZaFw0yNjA0MTkxNzMwMzZaMDMxMTAvBgNV BAMTKDMyOEE0NkYzNTc0OEFGMkZBMDFERDVCNDRGRTQxOUQ0OTExNTQwNTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJZ5KhKC/IS8Rcnfs5zVGNAWQS 8AuQuTOydWYIvV+f/BuMz2Kz2wbPEtq993tgc9qr54Zp2YVtN74Ge5G3dD8rd7SA ur/ZP9Q7iUjoSOm/c+EmSlayAZEetkK3ZUa5c8cM5DzjhVqwQXIynRHW9DI8wK+2 NZJrj+n5XRwvL4Yf4K7sVUDgGUSeIyGZRCk7+m+iuFTLvsmv7PI/rrAjw7iCMPuR 5wjNjawbKx4hDTlsIfjBDGK6SyN/Kx42vAJU7wBZ0rL7TFd9SHmiVuN99Z4ZOPUO OmELEKzyxOJ+hlCaEn10GBwEpEIuuPOIvtnfCOL1lLPtpdZpPl+h8dWjFeiTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMopG81dIry+gHdW0T+QZ1JEVQFkwHwYDVR0j BBgwFoAUZeKarN+FVrRAxNcYD1HER//lI48wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k OGNlMjAwOC04NGI3LTRiZWYtOTRiOS1iYjNmZGIxN2IyMzgvMC82NUUyOUFBQ0RG ODU1NkI0NDBDNEQ3MTgwRjUxQzQ0N0ZGRTUyMzhGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjVFMjlBQUNERjg1NTZCNDQwQzRENzE4MEY1MUM0NDdGRkU1 MjM4Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDhjZTIwMDgtODRiNy00YmVmLTk0 YjktYmIzZmRiMTdiMjM4LzAvNjVFMjlBQUNERjg1NTZCNDQwQzRENzE4MEY1MUM0 NDdGRkU1MjM4Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAL6S5H2V4zAQuiaWjo2qKobREPBfsEz2IZiI F4uOC2/O4pXzOF18sHGIxJmM232fryjOHeZgSmoIt7LGjLLXoiQuZxgGMD3bH++Q +lBFyIkr2r2en80mZs6JVSSyPDeTv4LvW7EZ1FkpvvVKPU7eAd11zGMyDBYYrvZe c4g1SWsOV5vrzx7g7nRaOxqUyXH0CkXiN0zEoqU5Eu2uvAnjjW+8wtS4+hy7Wi1t Ifkx7FLef1Ax6zWec11EOWyMTvWhMh0V+PqXqmqP++G5ukWymVxYhRpnmvo9y4wC 8fRQWOrRNSMspu5Ye5kD6OGq+cwp4spwKUcDJafzcVCtZIzWz1I= -----END CERTIFICATE-----Generated at Fri Apr 17 18:25:16 2026 by rpki-client