$ rpki-client -vvf repo-rpki.idnic.net/repo/faa6a67d-cba3-427b-9055-5f528f2d232f/0/4A688B72A804A426A9096ECA60105A4D831C5FA8.mft File: 4A688B72A804A426A9096ECA60105A4D831C5FA8.mft (raw, json) Hash identifier: /p5K3Ywr91rFSBp7Fn6nO12+rS4doBcOCFOCT5uziog= Subject key identifier: 91:B0:28:DE:33:A8:7B:05:A5:81:00:CF:49:87:33:3A:3B:BA:B8:F2 Authority key identifier: 4A:68:8B:72:A8:04:A4:26:A9:09:6E:CA:60:10:5A:4D:83:1C:5F:A8 Certificate issuer: /CN=4A688B72A804A426A9096ECA60105A4D831C5FA8 Certificate serial: 3CBBB66290BDC4AF3DC2541A5696F74E69E96B58 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4A688B72A804A426A9096ECA60105A4D831C5FA8.cer Subject info access: rsync://repo-rpki.idnic.net/repo/faa6a67d-cba3-427b-9055-5f528f2d232f/0/4A688B72A804A426A9096ECA60105A4D831C5FA8.mft Manifest number: 0347 Signing time: Fri 17 Apr 2026 10:31:57 +0000 Manifest this update: Fri 17 Apr 2026 10:26:57 +0000 Manifest next update: Mon 20 Apr 2026 14:52:57 +0000 Files and hashes: 1: 3130332e3137352e3230362e302f32332d3234203d3e20313437313234.roa (hash: eGEsrGBto/hQncn3YcGePX27GH/UT48OX+sETIcZ17o=) 2: 4A688B72A804A426A9096ECA60105A4D831C5FA8.crl (hash: dQUiiK5o4WvXxvdYgfIHPtdCkEIBV2wcykj1oCJV66o=) 3: 3130332e3137352e3230362e302f32342d3234203d3e20313437313234.roa (hash: eQ2W59Sl25b9+tbhRBYK+eiWkdxaKDr4YfWFXlk9jXI=) 4: 3130332e3137352e3230372e302f32342d3234203d3e20313437313234.roa (hash: aQ3bZ8U/53lOgq6IbJ4jaeEks7cypqeVb0bEi+y+Pus=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/faa6a67d-cba3-427b-9055-5f528f2d232f/0/4A688B72A804A426A9096ECA60105A4D831C5FA8.crl rsync://repo-rpki.idnic.net/repo/faa6a67d-cba3-427b-9055-5f528f2d232f/0/4A688B72A804A426A9096ECA60105A4D831C5FA8.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4A688B72A804A426A9096ECA60105A4D831C5FA8.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 14:52:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:bb:b6:62:90:bd:c4:af:3d:c2:54:1a:56:96:f7:4e:69:e9:6b:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4A688B72A804A426A9096ECA60105A4D831C5FA8 Validity Not Before: Apr 17 10:26:57 2026 GMT Not After : Apr 20 14:52:57 2026 GMT Subject: CN=91B028DE33A87B05A58100CF4987333A3BBAB8F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:38:95:b1:dd:a2:8d:30:93:b6:20:43:e9:a8: ae:45:8a:14:48:31:80:cf:3b:6b:55:59:7c:79:33: db:ba:7d:99:75:45:8a:24:74:96:92:67:6a:3c:79: a9:40:b5:b5:d1:ba:fb:9f:e9:16:14:4b:25:d5:3b: cd:ea:9a:a4:0c:0d:c7:2a:e4:01:20:a1:4d:c1:d2: 55:96:28:65:14:61:d4:90:95:2c:8b:43:13:cd:d4: d8:d3:8f:7c:14:f9:51:47:65:e0:ce:48:ed:71:4e: 0d:c8:7a:7f:59:84:d8:67:31:fc:75:61:b8:de:c7: 41:ea:2f:45:43:f3:f8:45:9f:50:76:5b:98:a9:27: 36:21:ef:91:55:9b:81:93:1d:69:4d:20:e9:a5:0e: 32:b0:65:c3:c4:1c:18:46:4e:79:49:b1:c5:b3:46: 58:c2:1e:5b:1a:08:46:5e:71:3a:85:55:d0:c6:d7: a5:0a:52:38:c6:bf:eb:1c:dc:b8:4e:4b:cf:ac:50: b3:6f:0b:2c:e1:e9:0f:0a:94:48:4c:5e:d2:53:39: 87:5a:ec:d3:76:18:e2:84:f1:97:26:43:84:41:7a: d9:59:0d:6e:68:3f:bf:0b:09:b6:ed:0e:54:01:2b: 2e:99:90:c1:b2:11:a5:b6:76:90:d7:40:55:a8:9e: ea:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:B0:28:DE:33:A8:7B:05:A5:81:00:CF:49:87:33:3A:3B:BA:B8:F2 X509v3 Authority Key Identifier: keyid:4A:68:8B:72:A8:04:A4:26:A9:09:6E:CA:60:10:5A:4D:83:1C:5F:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/faa6a67d-cba3-427b-9055-5f528f2d232f/0/4A688B72A804A426A9096ECA60105A4D831C5FA8.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4A688B72A804A426A9096ECA60105A4D831C5FA8.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/faa6a67d-cba3-427b-9055-5f528f2d232f/0/4A688B72A804A426A9096ECA60105A4D831C5FA8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:c7:6c:0f:c2:51:04:d1:76:65:d1:cd:a0:b5:5f:99:68:ab: e5:15:9f:0b:e8:4d:dc:f5:f4:2d:cd:6f:d8:48:32:49:b3:d1: 56:73:c7:7c:b5:3a:2b:2d:15:e0:c4:3c:00:24:37:dd:89:0e: 27:ae:f9:29:3e:94:23:4b:e6:e3:78:c7:34:d3:43:90:84:7f: eb:c4:1f:2c:9f:58:50:ea:ff:96:fb:f5:b2:a4:95:61:3c:11: f2:9e:ab:26:05:a3:72:71:87:88:4a:3d:9c:34:48:4a:3a:bc: 78:92:a8:37:bd:fa:bc:9b:18:23:b8:36:13:50:a5:65:ae:74: b1:80:bf:45:cf:45:ab:ea:16:cc:83:fe:55:78:d2:57:f2:82: 65:97:5a:b2:46:cf:74:ff:e6:5b:51:ac:2b:d4:7a:98:36:7b: f1:63:69:d9:07:e1:79:c0:2f:25:09:a3:0c:31:63:d8:c7:d5: b7:cc:97:d1:58:1a:39:8b:9c:84:2a:04:05:cf:4b:4e:36:f2: 05:58:08:07:12:18:41:94:7b:47:0d:0e:ce:7e:ac:d9:b4:37: 6b:6b:7b:ae:44:79:bd:0d:5b:2d:91:a7:89:10:21:43:74:f9: 2b:58:6e:17:6e:50:45:64:9e:2c:27:69:04:6c:72:f3:96:bb: 60:6f:be:a1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPLu2YpC9xK89wlQaVpb3Tmnpa1gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEE2ODhCNzJBODA0QTQyNkE5MDk2RUNBNjAxMDVBNEQ4 MzFDNUZBODAeFw0yNjA0MTcxMDI2NTdaFw0yNjA0MjAxNDUyNTdaMDMxMTAvBgNV BAMTKDkxQjAyOERFMzNBODdCMDVBNTgxMDBDRjQ5ODczMzNBM0JCQUI4RjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmOJWx3aKNMJO2IEPpqK5FihRI MYDPO2tVWXx5M9u6fZl1RYokdJaSZ2o8ealAtbXRuvuf6RYUSyXVO83qmqQMDccq 5AEgoU3B0lWWKGUUYdSQlSyLQxPN1NjTj3wU+VFHZeDOSO1xTg3Ien9ZhNhnMfx1 Ybjex0HqL0VD8/hFn1B2W5ipJzYh75FVm4GTHWlNIOmlDjKwZcPEHBhGTnlJscWz RljCHlsaCEZecTqFVdDG16UKUjjGv+sc3LhOS8+sULNvCyzh6Q8KlEhMXtJTOYda 7NN2GOKE8ZcmQ4RBetlZDW5oP78LCbbtDlQBKy6ZkMGyEaW2dpDXQFWonurfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUkbAo3jOoewWlgQDPSYczOju6uPIwHwYDVR0j BBgwFoAUSmiLcqgEpCapCW7KYBBaTYMcX6gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m YWE2YTY3ZC1jYmEzLTQyN2ItOTA1NS01ZjUyOGYyZDIzMmYvMC80QTY4OEI3MkE4 MDRBNDI2QTkwOTZFQ0E2MDEwNUE0RDgzMUM1RkE4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEE2ODhCNzJBODA0QTQyNkE5MDk2RUNBNjAxMDVBNEQ4MzFD NUZBOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZmFhNmE2N2QtY2JhMy00MjdiLTkw NTUtNWY1MjhmMmQyMzJmLzAvNEE2ODhCNzJBODA0QTQyNkE5MDk2RUNBNjAxMDVB NEQ4MzFDNUZBOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADfHbA/CUQTRdmXRzaC1X5loq+UVnwvoTdz1 9C3Nb9hIMkmz0VZzx3y1OistFeDEPAAkN92JDieu+Sk+lCNL5uN4xzTTQ5CEf+vE HyyfWFDq/5b79bKklWE8EfKeqyYFo3Jxh4hKPZw0SEo6vHiSqDe9+rybGCO4NhNQ pWWudLGAv0XPRavqFsyD/lV40lfygmWXWrJGz3T/5ltRrCvUepg2e/FjadkH4XnA LyUJowwxY9jH1bfMl9FYGjmLnIQqBAXPS0428gVYCAcSGEGUe0cNDs5+rNm0N2tr e65Eeb0NWy2Rp4kQIUN0+StYbhduUEVkniwnaQRscvOWu2BvvqE= -----END CERTIFICATE-----Generated at Sat Apr 18 06:07:41 2026 by rpki-client