$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: Llb0aMHdvjKDCFjaCZqug7nPnbqotrNhI7Zmcpn00kk= Subject key identifier: D0:3B:D2:B9:84:27:E6:5D:8A:DE:14:1B:D0:E0:A1:3D:DE:FD:A4:F6 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 2472E82025031B07D141737C9F79E20423272DE3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: 011D Signing time: Mon 20 Apr 2026 17:31:57 +0000 Manifest this update: Mon 20 Apr 2026 17:26:57 +0000 Manifest next update: Fri 24 Apr 2026 01:01:57 +0000 Files and hashes: 1: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c=) 2: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: tnrpYedwVBCcvAJHLXIalmyXhxqFg2kQDdDgX1P0d1U=) 3: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: kSF1VyQJjpek8Mf3gy+lWICO98IQh62K2L543jgKTUA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 01:01:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:72:e8:20:25:03:1b:07:d1:41:73:7c:9f:79:e2:04:23:27:2d:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Apr 20 17:26:57 2026 GMT Not After : Apr 24 01:01:57 2026 GMT Subject: CN=D03BD2B98427E65D8ADE141BD0E0A13DDEFDA4F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:32:b1:0e:a0:16:ba:fb:20:68:6e:e4:80:48: fd:aa:64:d9:42:bc:83:97:3f:e1:76:70:74:c8:d1: 23:1f:6c:26:96:37:2c:1a:c3:88:58:96:aa:03:bb: 23:be:2e:8f:a3:90:1c:a6:a7:b0:96:73:32:ff:63: 52:32:cb:e8:5e:99:77:de:1a:0a:40:5f:f2:8a:95: 97:bc:19:bc:9d:99:cf:7b:92:a8:01:b6:bf:c2:aa: 46:72:32:2b:73:24:a2:6b:e3:9e:73:fe:61:ca:96: 85:8b:c2:2b:9a:19:b8:c5:e2:3d:3b:29:cb:c5:f7: 8b:60:e8:9b:63:51:af:b0:bb:1f:26:ec:38:ca:79: 67:3f:de:96:a2:96:90:bf:91:8c:65:da:bd:ed:ae: 38:0b:4f:5a:d7:c7:86:06:d1:72:7d:be:98:cd:55: 32:e0:dc:5a:30:c0:71:28:30:4e:05:e9:d0:a2:a3: 69:5a:09:a2:9c:a6:a6:4d:7e:bc:c5:dc:ee:04:d9: 75:06:21:e6:46:21:3d:13:c3:90:95:60:6d:a5:34: 12:c0:f3:d2:55:ed:12:42:bf:97:6a:2c:9d:0e:52: 1f:e8:55:ee:91:8c:49:43:ba:8c:77:c6:64:d8:15: 93:4f:91:43:17:bc:68:0e:e4:80:86:84:cc:9e:ac: 22:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:3B:D2:B9:84:27:E6:5D:8A:DE:14:1B:D0:E0:A1:3D:DE:FD:A4:F6 X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:52:56:c3:69:4d:19:9c:00:b5:e8:55:ab:e7:fb:e8:88:f5: dd:c9:e6:bd:3a:15:8f:ec:4c:04:0a:52:ca:4f:93:b8:72:3a: 4a:b4:a8:f3:6f:5d:21:ac:f9:62:92:2c:05:5c:4f:3b:d7:f5: 22:18:ff:31:89:41:3a:6c:34:44:f7:e3:29:71:4c:74:22:f1: a1:a8:c1:af:1c:83:25:71:3c:a0:70:53:53:5f:7a:86:1b:e3: 5d:2c:0a:fc:69:bb:f6:2a:5f:0a:6b:ff:07:0d:90:ed:1f:e3: ad:5f:bb:cb:98:a9:ba:bd:e1:0e:75:a0:7f:1a:9c:b5:63:df: ec:76:53:67:f8:41:e8:61:04:34:4e:f4:a8:7f:40:41:e0:4a: 0a:98:b3:1b:ac:67:78:eb:79:c2:75:35:14:9b:48:65:a4:f4: 48:75:b9:ff:24:f8:78:62:e8:32:6a:29:fb:28:39:6a:2b:5f: 29:5a:42:1b:b6:70:d0:88:15:a6:00:59:04:11:5b:47:f5:f4: fc:e0:c7:c0:f9:35:c7:89:f5:e5:d9:e1:7f:e2:f7:06:60:2b: 63:cb:98:e2:b3:9b:ce:f5:84:93:03:88:35:93:f2:e8:83:b1: c9:b9:d0:2f:f8:66:18:23:17:f1:96:24:83:e2:6d:ce:da:d7: 21:4b:1c:a3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJHLoICUDGwfRQXN8n3niBCMnLeMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNjA0MjAxNzI2NTdaFw0yNjA0MjQwMTAxNTdaMDMxMTAvBgNV BAMTKEQwM0JEMkI5ODQyN0U2NUQ4QURFMTQxQkQwRTBBMTNEREVGREE0RjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrMrEOoBa6+yBobuSASP2qZNlC vIOXP+F2cHTI0SMfbCaWNywaw4hYlqoDuyO+Lo+jkBymp7CWczL/Y1Iyy+hemXfe GgpAX/KKlZe8Gbydmc97kqgBtr/CqkZyMitzJKJr455z/mHKloWLwiuaGbjF4j07 KcvF94tg6JtjUa+wux8m7DjKeWc/3pailpC/kYxl2r3trjgLT1rXx4YG0XJ9vpjN VTLg3FowwHEoME4F6dCio2laCaKcpqZNfrzF3O4E2XUGIeZGIT0Tw5CVYG2lNBLA 89JV7RJCv5dqLJ0OUh/oVe6RjElDuox3xmTYFZNPkUMXvGgO5ICGhMyerCKTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0DvSuYQn5l2K3hQb0OChPd79pPYwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFxSVsNpTRmcALXoVavn++iI9d3J5r06FY/s TAQKUspPk7hyOkq0qPNvXSGs+WKSLAVcTzvX9SIY/zGJQTpsNET34ylxTHQi8aGo wa8cgyVxPKBwU1NfeoYb410sCvxpu/YqXwpr/wcNkO0f461fu8uYqbq94Q51oH8a nLVj3+x2U2f4QehhBDRO9Kh/QEHgSgqYsxusZ3jrecJ1NRSbSGWk9Eh1uf8k+Hhi 6DJqKfsoOWorXylaQhu2cNCIFaYAWQQRW0f19Pzgx8D5NceJ9eXZ4X/i9wZgK2PL mOKzm871hJMDiDWT8uiDscm50C/4ZhgjF/GWJIPibc7a1yFLHKM= -----END CERTIFICATE-----Generated at Wed Apr 22 04:54:44 2026 by rpki-client