$ rpki-client -vvf repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft File: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft (raw, json) Hash identifier: VD2TC0O2/C3bgXk9/9W0KMHaxROaZn+X6v+fBPA3kv4= Subject key identifier: A5:8F:08:43:1B:B8:C3:15:81:CF:D5:CC:6B:42:93:4D:DC:E4:53:EC Authority key identifier: CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C Certificate issuer: /CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Certificate serial: 2ED6C54B3286BCA7114D9FAF2BDC59F4500EAEF3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft Manifest number: 0567 Signing time: Wed 15 Apr 2026 18:01:38 +0000 Manifest this update: Wed 15 Apr 2026 17:56:38 +0000 Manifest next update: Sat 18 Apr 2026 18:04:38 +0000 Files and hashes: 1: 323430333a626163303a3a2f33322d3438203d3e20313333383135.roa (hash: bj03wSoaB1PZHhqBBV4Wr4Sjs0onXCgWYauPl2mcWtw=) 2: 3130332e3133302e3133362e302f32322d3234203d3e20313333383135.roa (hash: gDwS3CZNot9PKNbXfgVaxRg3XKEAojqRRjZmWUnIieM=) 3: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl (hash: Uy8twoT2xJOjoOq1lZ0xP+QtPbH9uuq0GOyzZs4heGk=) 4: 3130332e35322e34342e302f32322d3234203d3e20313333383135.roa (hash: +hHtMHqrRgOxnxPgQ1JDtVaqmRcnzLdlLvloLKvOcZA=) 5: 323430333a353763303a3a2f33322d3438203d3e20313333383135.roa (hash: qJMxf0aJqdHPfbLPNvUiMxKhq3U6DmyX3ZCQXdLa44w=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 18:04:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:d6:c5:4b:32:86:bc:a7:11:4d:9f:af:2b:dc:59:f4:50:0e:ae:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Validity Not Before: Apr 15 17:56:38 2026 GMT Not After : Apr 18 18:04:38 2026 GMT Subject: CN=A58F08431BB8C31581CFD5CC6B42934DDCE453EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:f6:82:0b:de:5a:7b:af:de:46:fa:ad:84:d6: 76:9b:8c:54:45:91:1f:c8:1e:05:b6:23:81:1f:af: 99:47:ce:b0:50:69:ce:6c:8e:79:1b:dc:3b:2f:61: c2:c8:f5:41:41:2f:ab:95:bc:4e:9b:2d:43:c6:4a: c9:54:65:93:d2:d8:60:a7:41:45:d8:24:ae:52:71: de:c3:6c:5e:cf:db:9d:d2:bf:82:e2:71:fc:f3:0d: 19:25:c3:fa:d5:51:63:02:90:de:61:9a:95:b4:b4: 1f:dc:e3:1b:3f:d5:80:cc:3e:39:12:4c:dc:1d:63: 1e:9e:7e:54:f5:32:62:89:63:f7:72:11:73:6e:2a: 1d:0d:78:91:83:cb:a6:d8:cf:23:13:5b:57:b4:ea: 30:f4:97:56:30:45:83:0b:b1:54:81:63:5c:ae:9f: d6:01:2a:08:af:2b:07:bb:ab:3a:32:18:71:25:13: 54:28:2c:b0:a7:d3:c2:98:bc:9d:24:8d:a4:8e:9d: 9f:a9:19:e0:78:c0:4d:7f:71:72:87:e1:37:af:f1: 1f:0e:26:ca:f4:9e:29:b6:2e:2f:f7:7e:f0:86:5f: cc:08:4d:fd:29:c3:45:35:84:7b:cd:cd:8f:20:af: 72:44:a9:de:80:f7:20:aa:59:bd:13:32:b6:e5:b8: 23:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:8F:08:43:1B:B8:C3:15:81:CF:D5:CC:6B:42:93:4D:DC:E4:53:EC X509v3 Authority Key Identifier: keyid:CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:1e:ce:79:9e:a3:ee:50:8b:a3:39:ef:19:72:c0:4e:e2:e7: c4:8a:c6:f1:32:c6:b8:38:b3:6f:eb:2c:58:13:60:2c:3c:f1: 70:a0:b3:a8:ac:84:b4:97:bf:b8:6c:88:94:eb:df:2f:79:26: 72:98:0b:ed:76:1e:e9:87:6f:0d:af:7f:a2:0b:66:60:74:2e: c9:69:3d:e3:a0:f9:e9:f2:43:17:e0:58:41:a8:fd:06:64:1e: 18:da:23:fd:58:fc:87:93:1c:d8:90:6f:b0:b6:25:28:84:03: ee:08:a5:3f:68:ac:bb:81:b9:e0:fb:cc:7e:12:81:84:45:ff: f0:e8:eb:99:3e:80:23:a9:b8:42:46:d1:0f:ae:64:61:0b:10: 4f:32:50:49:ec:80:bf:a0:13:0d:58:9e:69:91:92:fb:e3:b1: 46:36:dc:40:cb:ed:05:41:db:35:13:f9:cc:0f:a0:32:fd:d9: 9a:b8:72:63:6c:bb:64:16:35:26:fc:db:84:03:a9:bf:c7:9c: 06:bb:51:ea:01:f5:02:6e:65:c8:eb:a5:3b:f0:db:f1:a3:63: 33:68:ef:0f:3d:6a:c7:e7:a2:bb:66:65:f5:77:71:ea:c6:7d: 61:e0:d0:f2:9b:cb:e1:56:19:74:8a:22:29:65:1b:7d:7a:10: d2:b6:68:fa -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULtbFSzKGvKcRTZ+vK9xZ9FAOrvMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcw MzEyQUQ1QzAeFw0yNjA0MTUxNzU2MzhaFw0yNjA0MTgxODA0MzhaMDMxMTAvBgNV BAMTKEE1OEYwODQzMUJCOEMzMTU4MUNGRDVDQzZCNDI5MzRERENFNDUzRUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl9oIL3lp7r95G+q2E1nabjFRF kR/IHgW2I4Efr5lHzrBQac5sjnkb3DsvYcLI9UFBL6uVvE6bLUPGSslUZZPS2GCn QUXYJK5Scd7DbF7P253Sv4LicfzzDRklw/rVUWMCkN5hmpW0tB/c4xs/1YDMPjkS TNwdYx6eflT1MmKJY/dyEXNuKh0NeJGDy6bYzyMTW1e06jD0l1YwRYMLsVSBY1yu n9YBKgivKwe7qzoyGHElE1QoLLCn08KYvJ0kjaSOnZ+pGeB4wE1/cXKH4Tev8R8O Jsr0nim2Li/3fvCGX8wITf0pw0U1hHvNzY8gr3JEqd6A9yCqWb0TMrbluCObAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUpY8IQxu4wxWBz9XMa0KTTdzkU+wwHwYDVR0j BBgwFoAUzqA6B5iRB/VHorKrqmrU5wMSrVwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YTNhZTQ4NS1hNjU4LTRjNWMtYWJlMi0xZTdmZDhiMDM4YTAvMC9DRUEwM0EwNzk4 OTEwN0Y1NDdBMkIyQUJBQTZBRDRFNzAzMTJBRDVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcwMzEy QUQ1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmEzYWU0ODUtYTY1OC00YzVjLWFi ZTItMWU3ZmQ4YjAzOGEwLzAvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0 RTcwMzEyQUQ1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHAeznmeo+5Qi6M57xlywE7i58SKxvEyxrg4 s2/rLFgTYCw88XCgs6ishLSXv7hsiJTr3y95JnKYC+12HumHbw2vf6ILZmB0Lslp PeOg+enyQxfgWEGo/QZkHhjaI/1Y/IeTHNiQb7C2JSiEA+4IpT9orLuBueD7zH4S gYRF//Do65k+gCOpuEJG0Q+uZGELEE8yUEnsgL+gEw1YnmmRkvvjsUY23EDL7QVB 2zUT+cwPoDL92Zq4cmNsu2QWNSb824QDqb/HnAa7UeoB9QJuZcjrpTvw2/GjYzNo 7w89asfnortmZfV3cerGfWHg0PKby+FWGXSKIillG316ENK2aPo= -----END CERTIFICATE-----Generated at Thu Apr 16 06:33:38 2026 by rpki-client