$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft File: 821049BBD22C335A50850F16AB159C0C6BCC28E5.mft (raw, json) Hash identifier: BLuXgTsQANgnlbb8sMIJWhwtstkO1l9WGPmYrXoe5pQ= Subject key identifier: D3:FA:44:7F:E6:54:0B:A9:9C:02:EC:B9:A1:0E:60:03:2E:D0:96:6D Authority key identifier: 82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 Certificate issuer: /CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Certificate serial: 06FB6B9A02C6DCAA32050C261BAA3145FF9D6E71 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft Manifest number: 029D Signing time: Thu 16 Apr 2026 11:41:54 +0000 Manifest this update: Thu 16 Apr 2026 11:36:54 +0000 Manifest next update: Sun 19 Apr 2026 11:45:54 +0000 Files and hashes: 1: 3130332e32312e39332e302f32342d3234203d3e20313331373338.roa (hash: Hx5e9eX/0MDiWg+S8NREaCwOHPQ1Onm3jq45DAvThoc=) 2: 821049BBD22C335A50850F16AB159C0C6BCC28E5.crl (hash: EtWXYHqPOnrJ2lVqT7g+8OJ5WMyLHhAnDO+tNrHtHSA=) 3: 3130332e32312e39352e302f32342d3234203d3e203435323935.roa (hash: WHp6+633q2Em0ghmTjJeCMByUXIoDLeS8IvSNmEh0gE=) 4: 3130332e32312e39342e302f32342d3234203d3e20313331373338.roa (hash: KCUnGn0DyBychM59+lv18yYznYr1wdm5Tf5W0sYTxbE=) 5: 3130332e32312e39322e302f32342d3234203d3e20313331373338.roa (hash: ndyvXGLmi+s4jvx/l0C4JrK1SIn52emjpfzG2w+2lsw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Apr 2026 11:45:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:fb:6b:9a:02:c6:dc:aa:32:05:0c:26:1b:aa:31:45:ff:9d:6e:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Validity Not Before: Apr 16 11:36:54 2026 GMT Not After : Apr 19 11:45:54 2026 GMT Subject: CN=D3FA447FE6540BA99C02ECB9A10E60032ED0966D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f2:1f:e7:81:81:6b:1a:3f:be:79:24:07:67: 86:0f:36:33:88:b2:b1:2c:75:2f:24:20:f3:a1:40: 00:35:18:d8:51:ff:db:eb:33:29:36:ed:0f:e4:57: 46:42:dd:14:df:60:da:f0:c5:7f:16:31:46:7f:27: db:9b:a6:2d:7f:45:1f:0a:c5:73:33:c5:b5:4e:f6: 4e:c6:5f:b5:d6:85:f4:05:c3:b7:a7:af:5c:b3:bc: 5b:bf:b8:30:f8:47:18:59:89:70:7a:13:af:2b:bd: 8f:57:fa:7a:7c:7d:ca:a3:4d:d5:2d:78:7b:01:68: b1:31:8a:9f:5d:ff:c9:20:f9:13:37:90:47:62:13: 17:66:0c:92:41:18:e5:69:8c:6f:92:56:01:fe:dd: 4c:54:25:b0:b3:be:6f:9a:48:0e:5c:c3:72:23:47: 69:d2:64:9f:26:fa:f2:57:99:1e:f1:13:3a:0e:d7: 84:cf:b4:ab:e2:1a:cc:47:62:33:b8:76:ba:c4:1a: 1c:56:d1:02:4a:93:8d:6f:77:91:58:a5:d0:36:c2: a9:04:5e:74:6a:2d:c7:2f:92:58:bf:88:74:2c:3d: 0a:2d:5d:e3:37:f0:7f:09:e7:5e:bf:a5:d6:c4:b7: 17:07:61:6b:3e:f6:cc:82:7a:be:f1:85:b8:00:45: ff:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:FA:44:7F:E6:54:0B:A9:9C:02:EC:B9:A1:0E:60:03:2E:D0:96:6D X509v3 Authority Key Identifier: keyid:82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:67:c2:3f:9f:23:02:58:68:81:00:30:99:1b:f5:a5:21:2c: 8b:8d:02:5f:f1:c3:9c:f7:80:5f:ce:10:83:e7:53:8f:8c:6f: 98:5e:c5:31:95:7e:9a:91:4b:56:60:95:96:f1:ea:05:bf:26: b4:29:7a:aa:a0:f9:74:9e:f3:34:eb:8e:09:46:d1:a0:fb:e5: 10:13:62:9e:be:91:a1:e4:f1:5e:e4:94:ed:b3:d7:e9:3e:61: be:02:7e:1a:e9:d3:61:5e:38:80:44:34:06:e0:8c:f4:9a:57: 25:f2:31:c8:4d:25:84:35:b4:13:44:6c:27:7b:8a:a4:d8:c1: e0:7f:24:65:2b:25:94:b8:6a:f5:61:c6:e3:83:cf:d2:f9:88: 32:9b:6e:20:c8:09:1f:65:2b:09:20:94:d8:82:5b:0d:a3:1b: ee:59:03:e2:c6:89:b5:76:0b:4b:34:fc:82:fc:85:e2:ea:5d: ab:ca:ef:ef:91:d5:fe:c6:f3:7f:e9:15:8a:9a:e8:ba:c6:d2: c0:22:b8:7d:1c:e7:d1:1c:13:be:30:1f:11:16:69:f6:7c:1b: 8b:69:95:b6:24:9b:8d:2d:2b:0e:51:2b:d7:28:fd:47:dc:80: 0f:e4:3b:21:12:2b:b1:4a:b7:ba:73:d3:37:2a:16:b0:34:03: 68:14:ab:a7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBvtrmgLG3KoyBQwmG6oxRf+dbnEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2 QkNDMjhFNTAeFw0yNjA0MTYxMTM2NTRaFw0yNjA0MTkxMTQ1NTRaMDMxMTAvBgNV BAMTKEQzRkE0NDdGRTY1NDBCQTk5QzAyRUNCOUExMEU2MDAzMkVEMDk2NkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo8h/ngYFrGj++eSQHZ4YPNjOI srEsdS8kIPOhQAA1GNhR/9vrMyk27Q/kV0ZC3RTfYNrwxX8WMUZ/J9ubpi1/RR8K xXMzxbVO9k7GX7XWhfQFw7enr1yzvFu/uDD4RxhZiXB6E68rvY9X+np8fcqjTdUt eHsBaLExip9d/8kg+RM3kEdiExdmDJJBGOVpjG+SVgH+3UxUJbCzvm+aSA5cw3Ij R2nSZJ8m+vJXmR7xEzoO14TPtKviGsxHYjO4drrEGhxW0QJKk41vd5FYpdA2wqkE XnRqLccvkli/iHQsPQotXeM38H8J516/pdbEtxcHYWs+9syCer7xhbgARf99AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0/pEf+ZUC6mcAuy5oQ5gAy7Qlm0wHwYDVR0j BBgwFoAUghBJu9IsM1pQhQ8WqxWcDGvMKOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZGU4ZTE4ZC1hMDQ3LTQ1OTAtOWU1Ni00NjRhNzNlMjNjNmMvMC84MjEwNDlCQkQy MkMzMzVBNTA4NTBGMTZBQjE1OUMwQzZCQ0MyOEU1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2QkND MjhFNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGUxOGQtYTA0Ny00NTkwLTll NTYtNDY0YTczZTIzYzZjLzAvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlD MEM2QkNDMjhFNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIhnwj+fIwJYaIEAMJkb9aUhLIuNAl/xw5z3 gF/OEIPnU4+Mb5hexTGVfpqRS1ZglZbx6gW/JrQpeqqg+XSe8zTrjglG0aD75RAT Yp6+kaHk8V7klO2z1+k+Yb4Cfhrp02FeOIBENAbgjPSaVyXyMchNJYQ1tBNEbCd7 iqTYweB/JGUrJZS4avVhxuODz9L5iDKbbiDICR9lKwkglNiCWw2jG+5ZA+LGibV2 C0s0/IL8heLqXavK7++R1f7G83/pFYqa6LrG0sAiuH0c59EcE74wHxEWafZ8G4tp lbYkm40tKw5RK9co/UfcgA/kOyESK7FKt7pz0zcqFrA0A2gUq6c= -----END CERTIFICATE-----Generated at Sat Apr 18 04:02:11 2026 by rpki-client