$ rpki-client -vvf repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.mft File: DFF6098A4921B357E69571FC3EB289143D85ADBD.mft (raw, json) Hash identifier: aldGFh9dXj9KvYOBPpU2LNHDVKhjxdu7lCh2yT2kmyU= Subject key identifier: 21:06:59:CF:DB:FC:9D:E3:C2:58:4D:95:41:5F:45:13:2A:33:44:7B Authority key identifier: DF:F6:09:8A:49:21:B3:57:E6:95:71:FC:3E:B2:89:14:3D:85:AD:BD Certificate issuer: /CN=DFF6098A4921B357E69571FC3EB289143D85ADBD Certificate serial: 1A536C8139A49209AD2F66689F82BD3C058378B8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.mft Manifest number: 14 Signing time: Mon 20 Apr 2026 18:11:28 +0000 Manifest this update: Mon 20 Apr 2026 18:06:28 +0000 Manifest next update: Thu 23 Apr 2026 22:00:28 +0000 Files and hashes: 1: DFF6098A4921B357E69571FC3EB289143D85ADBD.crl (hash: mvYSdS9OktT08C9yxfZ4CtWl9OzcTyNUAq9ns0PHYcw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.crl rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 22:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:53:6c:81:39:a4:92:09:ad:2f:66:68:9f:82:bd:3c:05:83:78:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFF6098A4921B357E69571FC3EB289143D85ADBD Validity Not Before: Apr 20 18:06:28 2026 GMT Not After : Apr 23 22:00:28 2026 GMT Subject: CN=210659CFDBFC9DE3C2584D95415F45132A33447B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:20:22:bf:db:b7:57:7a:41:f4:c2:ce:c7:77: 8c:f8:e5:c4:2f:53:4c:78:16:14:77:11:8e:ad:d4: 8c:20:6f:dc:a6:2b:ce:95:70:ea:1a:2a:9a:77:51: 28:d5:81:35:e7:f9:49:8e:66:53:96:97:4c:f5:76: f1:6d:33:b1:b6:fc:9e:5b:9e:8e:a6:9a:0f:86:c5: fb:05:65:ae:66:87:f9:6d:2d:23:27:fe:fb:06:73: e6:26:6c:0c:87:13:49:11:33:b2:a1:8a:87:6d:20: 09:e9:d4:d4:34:37:81:f4:1e:d3:0b:cb:09:72:80: c9:7f:71:be:94:6d:11:5b:ed:47:06:6e:c3:1a:9b: f3:00:c9:14:e5:5a:03:38:ca:bb:04:5b:c3:d0:92: 21:9f:01:41:a8:a1:32:40:96:a0:91:c4:c6:ea:44: 17:ed:ab:76:43:bb:24:34:77:bd:68:bb:93:d4:3c: 76:ce:52:83:7f:e2:96:f7:e7:79:8e:54:34:58:4e: c0:e0:57:98:d0:ee:37:47:07:03:c0:a2:19:28:7c: b2:d4:8e:9f:16:89:0c:ca:52:cf:af:a9:c2:c9:e4: 18:c7:2b:5d:7d:37:da:8e:45:d9:35:d5:ae:27:91: 58:2c:5e:ba:dd:b4:bd:9a:58:2a:a9:0b:bf:e0:12: 1f:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:06:59:CF:DB:FC:9D:E3:C2:58:4D:95:41:5F:45:13:2A:33:44:7B X509v3 Authority Key Identifier: keyid:DF:F6:09:8A:49:21:B3:57:E6:95:71:FC:3E:B2:89:14:3D:85:AD:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/1/DFF6098A4921B357E69571FC3EB289143D85ADBD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:fe:fe:f8:21:c5:db:7e:46:6d:68:de:91:bd:10:12:75:a4: 1c:e7:50:4f:c8:7c:13:55:3a:09:1d:03:fa:90:3a:af:7c:5c: 4c:02:99:0d:ea:93:28:61:0f:af:de:b5:f4:ef:c8:ea:d1:89: c0:8d:47:7c:3b:34:2d:b1:3b:81:13:ad:7f:53:12:8e:12:ba: ee:a0:70:0a:51:7e:34:0e:96:8e:cf:b4:03:3d:0a:26:2c:db: ee:c5:ff:f3:e2:18:fd:5c:eb:2a:76:55:f6:18:f9:9f:0a:d1: d3:d2:1f:b7:fc:dc:27:b9:bb:07:40:8e:39:a0:7f:c8:9b:14: 30:94:af:8f:fb:6a:6c:79:22:6b:76:e6:14:7f:d9:6c:d6:22: 2f:8e:cc:65:aa:1d:01:83:ea:14:18:67:2e:17:fc:61:97:a7: c2:97:6d:61:d0:a0:82:80:45:ac:01:29:00:d0:d3:a1:a5:14: 4d:a7:9e:92:bb:d8:f0:80:a1:ab:b0:74:06:5d:aa:5e:71:71: ed:ab:6a:a2:dd:bb:2c:61:94:f3:c2:da:77:4c:c6:96:59:59: 54:dd:77:7b:15:72:16:c4:76:99:f1:89:b5:ee:82:3b:43:ff: 37:b8:3e:88:63:9f:ce:63:20:a6:9e:90:e5:78:ea:0e:e8:db: f4:08:60:19 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGlNsgTmkkgmtL2Zon4K9PAWDeLgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREZGNjA5OEE0OTIxQjM1N0U2OTU3MUZDM0VCMjg5MTQz RDg1QURCRDAeFw0yNjA0MjAxODA2MjhaFw0yNjA0MjMyMjAwMjhaMDMxMTAvBgNV BAMTKDIxMDY1OUNGREJGQzlERTNDMjU4NEQ5NTQxNUY0NTEzMkEzMzQ0N0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoICK/27dXekH0ws7Hd4z45cQv U0x4FhR3EY6t1Iwgb9ymK86VcOoaKpp3USjVgTXn+UmOZlOWl0z1dvFtM7G2/J5b no6mmg+GxfsFZa5mh/ltLSMn/vsGc+YmbAyHE0kRM7KhiodtIAnp1NQ0N4H0HtML ywlygMl/cb6UbRFb7UcGbsMam/MAyRTlWgM4yrsEW8PQkiGfAUGooTJAlqCRxMbq RBftq3ZDuyQ0d71ou5PUPHbOUoN/4pb353mOVDRYTsDgV5jQ7jdHBwPAohkofLLU jp8WiQzKUs+vqcLJ5BjHK119N9qORdk11a4nkVgsXrrdtL2aWCqpC7/gEh+dAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIQZZz9v8nePCWE2VQV9FEyozRHswHwYDVR0j BBgwFoAU3/YJikkhs1fmlXH8PrKJFD2Frb0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YmUyOTkwMi1lMGY0LTQyOWEtOWEyNi00MzliOWJmZWU0ODkvMS9ERkY2MDk4QTQ5 MjFCMzU3RTY5NTcxRkMzRUIyODkxNDNEODVBREJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvREZGNjA5OEE0OTIxQjM1N0U2OTU3MUZDM0VCMjg5MTQzRDg1 QURCRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmJlMjk5MDItZTBmNC00MjlhLTlh MjYtNDM5YjliZmVlNDg5LzEvREZGNjA5OEE0OTIxQjM1N0U2OTU3MUZDM0VCMjg5 MTQzRDg1QURCRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAn+/vghxdt+Rm1o3pG9EBJ1pBznUE/IfBNV OgkdA/qQOq98XEwCmQ3qkyhhD6/etfTvyOrRicCNR3w7NC2xO4ETrX9TEo4Suu6g cApRfjQOlo7PtAM9CiYs2+7F//PiGP1c6yp2VfYY+Z8K0dPSH7f83Ce5uwdAjjmg f8ibFDCUr4/7amx5Imt25hR/2WzWIi+OzGWqHQGD6hQYZy4X/GGXp8KXbWHQoIKA RawBKQDQ06GlFE2nnpK72PCAoauwdAZdql5xce2raqLduyxhlPPC2ndMxpZZWVTd d3sVchbEdpnxibXugjtD/ze4Pohjn85jIKaekOV46g7o2/QIYBk= -----END CERTIFICATE-----Generated at Wed Apr 22 04:49:21 2026 by rpki-client