$ rpki-client -vvf repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft File: 5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft (raw, json) Hash identifier: 4WX87Ay5Ksp7E7/hudZTEGwad9x6gR4dOnrhfaP7VVc= Subject key identifier: B9:F5:62:2B:C8:72:EF:22:8E:7E:49:24:D2:43:A7:BF:0C:5F:49:40 Authority key identifier: 5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70 Certificate issuer: /CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270 Certificate serial: 7D2BBD4CF1817E57090A6B0BB67CA4511E428C4E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft Manifest number: 02EF Signing time: Mon 20 Apr 2026 09:01:00 +0000 Manifest this update: Mon 20 Apr 2026 08:56:00 +0000 Manifest next update: Thu 23 Apr 2026 17:45:00 +0000 Files and hashes: 1: 3130332e3137392e36362e302f32332d3234203d3e20313531303030.roa (hash: bcZ9qQT0HvAnyExnxlI05eaei51KPs6LOG2hjtNqzjc=) 2: 5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl (hash: 0XNGRpTYARw0mdnB7dIFk/Em8Nn4phiRYt+Vwzd2maA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 17:45:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:2b:bd:4c:f1:81:7e:57:09:0a:6b:0b:b6:7c:a4:51:1e:42:8c:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270 Validity Not Before: Apr 20 08:56:00 2026 GMT Not After : Apr 23 17:45:00 2026 GMT Subject: CN=B9F5622BC872EF228E7E4924D243A7BF0C5F4940 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7e:13:0b:26:63:8e:95:92:ee:97:99:11:3b: 4c:c2:93:18:83:7f:b8:f1:f2:77:b2:f2:d8:bd:d6: 3d:53:a6:70:6f:41:6f:5f:58:ba:08:c2:5e:cd:90: 3f:9e:c0:be:9b:4c:f1:50:a2:6c:85:dc:4e:54:1f: 65:a1:fe:2e:f8:2e:53:1c:02:6a:2f:ba:d2:3e:4b: e7:53:34:ab:ef:60:c0:04:c7:ad:ff:05:54:35:53: 2c:8e:cf:e1:f2:55:d8:cb:51:7d:81:d2:b4:37:61: 29:73:39:1b:41:79:88:de:ba:e3:f6:ce:f0:1e:db: 3f:72:d6:4e:42:22:e9:a5:db:79:79:85:6e:61:73: 8b:67:85:1d:d6:2d:e6:76:2e:15:9c:69:9b:d7:39: fc:6c:57:2e:70:73:37:db:cf:47:ff:2f:f8:7a:bd: e2:a9:7c:9a:78:70:78:37:3c:7f:f2:61:85:42:96: f5:63:e7:ef:2a:4d:20:61:ff:86:db:e0:b2:4d:e0: a8:bd:94:cd:d1:a2:6a:54:12:de:01:1d:94:fd:86: cf:4a:ff:6e:eb:80:ed:06:28:38:44:a2:dd:33:19: dd:d8:01:11:c9:db:03:7f:5d:a2:0d:ae:06:7e:08: 0a:3e:d4:51:c9:86:8a:f0:09:d8:8a:36:5d:af:a9: 85:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:F5:62:2B:C8:72:EF:22:8E:7E:49:24:D2:43:A7:BF:0C:5F:49:40 X509v3 Authority Key Identifier: keyid:5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:a4:23:ae:4d:7b:be:51:2f:1e:7f:8f:da:44:ed:db:20:66: d0:cf:db:0c:32:65:47:c9:0d:eb:4c:17:26:bc:36:63:75:97: 72:8a:d3:1e:73:ea:92:fb:3c:c0:da:83:6c:5e:01:a1:a1:ae: 50:a6:54:52:43:4a:43:4b:d9:1d:24:42:83:d3:0b:73:d2:55: 5a:43:60:08:25:70:e8:36:09:5a:35:fa:56:d9:ea:23:a6:08: 31:43:09:10:94:31:f2:4c:e1:50:93:df:cd:82:c0:bf:8b:5b: 6c:2c:01:e4:b1:56:20:76:d6:61:af:76:f0:1f:23:11:3d:19: 1d:b7:25:4f:2d:90:60:08:fc:19:bf:96:1b:70:7b:3e:09:64: 68:4a:a9:f0:b8:5c:3e:43:39:bc:de:ee:99:fc:63:98:8e:b5: e3:82:dd:85:4f:5c:97:3e:3c:f1:0c:d6:b2:4b:be:bb:9b:11: d2:57:cf:41:2d:86:b3:8e:b0:0c:4f:83:60:4c:db:c6:4d:52: f6:9a:0a:7b:ae:eb:57:e8:62:fc:97:ab:fe:5e:a3:c2:03:6d: bb:a1:69:c0:12:06:a9:ae:fc:21:36:ee:f6:8b:0d:85:49:15: 57:79:4c:1e:ae:9e:3c:58:2a:2a:40:ef:b0:92:01:c8:42:84: 54:31:b2:ac -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfSu9TPGBflcJCmsLtnykUR5CjE4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRF RUFDQTI3MDAeFw0yNjA0MjAwODU2MDBaFw0yNjA0MjMxNzQ1MDBaMDMxMTAvBgNV BAMTKEI5RjU2MjJCQzg3MkVGMjI4RTdFNDkyNEQyNDNBN0JGMEM1RjQ5NDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6fhMLJmOOlZLul5kRO0zCkxiD f7jx8ney8ti91j1TpnBvQW9fWLoIwl7NkD+ewL6bTPFQomyF3E5UH2Wh/i74LlMc AmovutI+S+dTNKvvYMAEx63/BVQ1UyyOz+HyVdjLUX2B0rQ3YSlzORtBeYjeuuP2 zvAe2z9y1k5CIuml23l5hW5hc4tnhR3WLeZ2LhWcaZvXOfxsVy5wczfbz0f/L/h6 veKpfJp4cHg3PH/yYYVClvVj5+8qTSBh/4bb4LJN4Ki9lM3RompUEt4BHZT9hs9K /27rgO0GKDhEot0zGd3YARHJ2wN/XaINrgZ+CAo+1FHJhorwCdiKNl2vqYXvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUufViK8hy7yKOfkkk0kOnvwxfSUAwHwYDVR0j BBgwFoAUW9NBptRq9Sz/I6XR4liUlO6sonAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZTEyNzQzZC1kNTZkLTRhNzctOTBlMi1jNTJlNmRmZTA2YzIvMC81QkQzNDFBNkQ0 NkFGNTJDRkYyM0E1RDFFMjU4OTQ5NEVFQUNBMjcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRFRUFD QTI3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2UxMjc0M2QtZDU2ZC00YTc3LTkw ZTItYzUyZTZkZmUwNmMyLzAvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0 OTRFRUFDQTI3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALOkI65Ne75RLx5/j9pE7dsgZtDP2wwyZUfJ DetMFya8NmN1l3KK0x5z6pL7PMDag2xeAaGhrlCmVFJDSkNL2R0kQoPTC3PSVVpD YAglcOg2CVo1+lbZ6iOmCDFDCRCUMfJM4VCT382CwL+LW2wsAeSxViB21mGvdvAf IxE9GR23JU8tkGAI/Bm/lhtwez4JZGhKqfC4XD5DObze7pn8Y5iOteOC3YVPXJc+ PPEM1rJLvrubEdJXz0EthrOOsAxPg2BM28ZNUvaaCnuu61foYvyXq/5eo8IDbbuh acASBqmu/CE27vaLDYVJFVd5TB6unjxYKipA77CSAchChFQxsqw= -----END CERTIFICATE-----Generated at Wed Apr 22 07:25:48 2026 by rpki-client