$ rpki-client -vvf repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft File: A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft (raw, json) Hash identifier: aRFd49WvFEU4uXARVXk3RkJnpPF2gge8PM5EWIlKdKw= Subject key identifier: A3:3B:C3:15:4B:AA:50:03:4F:1A:C9:9F:66:95:7E:90:23:D1:0D:63 Authority key identifier: A2:1B:A7:0D:F8:EE:47:0F:E7:A6:03:85:B6:65:38:42:57:0E:D3:A4 Certificate issuer: /CN=A21BA70DF8EE470FE7A60385B6653842570ED3A4 Certificate serial: 67B21DD43BCFF33874B112C4DA447CBE5A54886D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft Manifest number: BC Signing time: Mon 20 Apr 2026 15:01:33 +0000 Manifest this update: Mon 20 Apr 2026 14:56:33 +0000 Manifest next update: Thu 23 Apr 2026 17:11:33 +0000 Files and hashes: 1: 3136302e32352e3234392e302f32342d3234203d3e20313336303939.roa (hash: u/+nMafNSlBh3MWibaApdEuRrXiSll2yWAqljACJnmg=) 2: A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl (hash: 41c/tDSgLQSfEJV7JR7xh6ENksKIji9CRSXIEr5TPh4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 17:11:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:b2:1d:d4:3b:cf:f3:38:74:b1:12:c4:da:44:7c:be:5a:54:88:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A21BA70DF8EE470FE7A60385B6653842570ED3A4 Validity Not Before: Apr 20 14:56:33 2026 GMT Not After : Apr 23 17:11:33 2026 GMT Subject: CN=A33BC3154BAA50034F1AC99F66957E9023D10D63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:55:ca:dd:da:1d:8a:8c:55:98:9b:14:b2:4d: 46:d8:53:2a:d1:56:e3:36:2d:74:66:99:58:00:a0: 66:c4:bb:25:18:e7:63:94:91:07:bb:39:d8:7e:bd: 95:4b:3c:7a:c1:c5:99:fc:28:48:5f:2d:91:7e:84: 71:ed:36:f8:5a:0e:e5:c6:bc:f5:72:a9:24:10:65: cd:d1:71:fb:5d:39:dd:88:c9:c6:43:ed:7e:8f:fa: 96:40:e9:d3:73:06:97:74:7d:e8:6c:29:9f:89:6c: 39:fa:a6:4d:7f:72:ee:2c:ee:3d:5a:9a:f0:82:4a: d5:a3:9c:42:2e:c6:55:f5:46:d2:13:65:89:30:7f: b3:b5:a4:56:2f:0c:19:09:02:7e:e7:c3:ad:30:9e: d2:2b:38:30:2d:89:7f:9f:4b:f0:c8:9e:3a:d5:9e: 74:13:b8:b1:95:1f:2a:cc:c5:d1:49:65:c6:52:0f: 6d:a6:20:3e:13:a7:a8:3e:03:77:72:32:ab:15:c2: 80:a1:0f:39:a0:11:1b:0e:8c:49:02:67:8d:61:af: 4b:30:77:08:db:c5:99:26:6a:dc:7e:fb:31:78:16: 11:fa:d3:7c:c1:99:c1:51:92:c3:30:48:31:f6:99: a0:fe:57:74:14:37:f6:3c:4f:33:56:0c:4f:66:4e: a9:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:3B:C3:15:4B:AA:50:03:4F:1A:C9:9F:66:95:7E:90:23:D1:0D:63 X509v3 Authority Key Identifier: keyid:A2:1B:A7:0D:F8:EE:47:0F:E7:A6:03:85:B6:65:38:42:57:0E:D3:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:91:00:33:42:c9:95:66:87:70:6a:38:64:25:29:28:94:91: 3a:5d:f1:20:ff:4c:8a:58:46:8b:c9:0a:e9:64:a6:01:d5:f8: ba:88:e3:2c:64:cc:a3:7f:fb:55:fb:ac:4e:35:b3:58:d1:e9: 0b:5b:d1:ee:b2:f0:db:0a:68:b0:ff:6f:42:45:c3:ea:7b:cd: b4:b6:58:2f:ed:1b:1f:19:45:47:c1:8b:e8:cc:a9:0c:f4:d2: f3:aa:c2:74:30:b9:5c:3f:2e:f7:62:b0:00:37:fd:72:07:00: 0d:77:98:fd:6b:3d:ec:10:65:4c:93:41:f4:5c:7e:48:a0:d0: 2a:65:9d:7b:da:7c:6c:44:c8:53:a7:f0:61:fd:62:12:18:28: 13:cb:fb:d4:19:74:04:93:7d:f9:6d:95:fd:de:01:b7:0a:16: 3b:f9:a0:52:be:89:6f:92:2c:5a:9e:3c:74:75:7d:0d:bb:60: 0b:d0:a8:63:2f:0c:c4:35:f3:91:c8:23:f4:3b:28:98:96:9f: 02:60:bd:6b:14:50:48:be:66:4a:30:9c:bc:84:a2:9f:bc:26: 92:9e:7e:38:22:43:0f:e2:7d:33:8f:8c:2e:54:1b:09:c1:63: d1:02:93:90:f1:9a:fc:81:42:78:4b:20:4e:39:f2:d3:fe:e5: e2:2e:57:5e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZ7Id1DvP8zh0sRLE2kR8vlpUiG0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4NDI1 NzBFRDNBNDAeFw0yNjA0MjAxNDU2MzNaFw0yNjA0MjMxNzExMzNaMDMxMTAvBgNV BAMTKEEzM0JDMzE1NEJBQTUwMDM0RjFBQzk5RjY2OTU3RTkwMjNEMTBENjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Vcrd2h2KjFWYmxSyTUbYUyrR VuM2LXRmmVgAoGbEuyUY52OUkQe7Odh+vZVLPHrBxZn8KEhfLZF+hHHtNvhaDuXG vPVyqSQQZc3RcftdOd2IycZD7X6P+pZA6dNzBpd0fehsKZ+JbDn6pk1/cu4s7j1a mvCCStWjnEIuxlX1RtITZYkwf7O1pFYvDBkJAn7nw60wntIrODAtiX+fS/DInjrV nnQTuLGVHyrMxdFJZcZSD22mID4Tp6g+A3dyMqsVwoChDzmgERsOjEkCZ41hr0sw dwjbxZkmatx++zF4FhH603zBmcFRksMwSDH2maD+V3QUN/Y8TzNWDE9mTqmNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUozvDFUuqUANPGsmfZpV+kCPRDWMwHwYDVR0j BBgwFoAUohunDfjuRw/npgOFtmU4QlcO06QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MTQwNTU0NS1jMzVkLTRkZTEtOTYxOC00NGI1ZjQxN2EzMDMvMS9BMjFCQTcwREY4 RUU0NzBGRTdBNjAzODVCNjY1Mzg0MjU3MEVEM0E0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4NDI1NzBF RDNBNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDE0MDU1NDUtYzM1ZC00ZGUxLTk2 MTgtNDRiNWY0MTdhMzAzLzEvQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4 NDI1NzBFRDNBNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJ+RADNCyZVmh3BqOGQlKSiUkTpd8SD/TIpY RovJCulkpgHV+LqI4yxkzKN/+1X7rE41s1jR6Qtb0e6y8NsKaLD/b0JFw+p7zbS2 WC/tGx8ZRUfBi+jMqQz00vOqwnQwuVw/LvdisAA3/XIHAA13mP1rPewQZUyTQfRc fkig0CplnXvafGxEyFOn8GH9YhIYKBPL+9QZdASTffltlf3eAbcKFjv5oFK+iW+S LFqePHR1fQ27YAvQqGMvDMQ185HII/Q7KJiWnwJgvWsUUEi+ZkownLyEop+8JpKe fjgiQw/ifTOPjC5UGwnBY9ECk5DxmvyBQnhLIE458tP+5eIuV14= -----END CERTIFICATE-----Generated at Wed Apr 22 04:54:47 2026 by rpki-client