$ rpki-client -vvf repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft File: D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft (raw, json) Hash identifier: KGTSk6/8z82yrXydS8s/PYwVsmYDm/qVstfyERbHqxg= Subject key identifier: 34:D7:74:DE:9D:9F:E1:F0:24:4D:EC:1F:0A:77:5E:DF:A0:77:B2:80 Authority key identifier: D9:D0:73:0D:B5:12:95:FE:C5:BD:48:0C:DD:42:B5:E8:51:7C:8F:DB Certificate issuer: /CN=D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB Certificate serial: 039D778FF58F433338B11767379456B988894599 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft Manifest number: 0299 Signing time: Tue 21 Apr 2026 03:42:23 +0000 Manifest this update: Tue 21 Apr 2026 03:37:23 +0000 Manifest next update: Fri 24 Apr 2026 11:02:23 +0000 Files and hashes: 1: 3130332e3138332e3235302e302f32332d3234203d3e2034383030.roa (hash: pN4ghT04j5zTe3lEB7yWGrreTGcCSMxjpmVgBxWJn+Y=) 2: D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl (hash: in4Gl3Ajpds+pJZmsp7024LZnXl5j+55XHDSAT588mA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 11:02:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:9d:77:8f:f5:8f:43:33:38:b1:17:67:37:94:56:b9:88:89:45:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB Validity Not Before: Apr 21 03:37:23 2026 GMT Not After : Apr 24 11:02:23 2026 GMT Subject: CN=34D774DE9D9FE1F0244DEC1F0A775EDFA077B280 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:51:ef:e6:b6:a6:98:39:d1:2c:4a:4b:12:39: ea:df:0a:ce:9a:e3:9e:02:be:e6:33:46:1c:5d:b3: 39:6d:58:8e:04:f7:a3:46:08:fc:c6:1b:9c:8b:ba: 12:c6:d0:46:77:97:59:7e:8d:83:8d:b0:83:32:95: da:94:3b:a0:70:dc:19:cb:d4:ce:15:98:8f:e8:38: b6:11:3d:17:6a:f8:e0:8e:01:66:3b:7e:f5:73:6e: 23:de:dc:51:16:3e:18:16:84:65:2f:3f:f9:5a:de: 37:74:9d:bc:38:cd:64:5d:41:63:be:ad:72:0b:65: e2:d2:8d:ee:58:78:ea:c2:45:14:8d:5e:b7:c5:f2: bc:be:db:17:3a:2f:bc:72:de:e1:13:66:cc:60:4d: 25:9a:5a:9c:cf:d4:07:58:9b:29:7a:16:10:57:d4: f0:d0:6c:36:de:49:b3:ce:13:a2:bf:bf:04:39:02: 98:af:f8:94:c6:f6:cf:0d:05:6e:c4:4d:a3:40:a7: d6:07:87:1b:ff:7e:e9:dd:7b:f6:9d:6c:50:d9:70: ab:ff:0e:09:8b:59:f5:48:7a:58:03:19:6f:36:81: 74:a4:72:52:6d:68:db:3f:b4:54:7a:d4:b1:69:8d: e9:58:5e:3c:1c:c8:46:b8:7b:f8:39:fb:f6:bb:72: 5f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:D7:74:DE:9D:9F:E1:F0:24:4D:EC:1F:0A:77:5E:DF:A0:77:B2:80 X509v3 Authority Key Identifier: keyid:D9:D0:73:0D:B5:12:95:FE:C5:BD:48:0C:DD:42:B5:E8:51:7C:8F:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:04:18:92:55:59:48:ea:53:f0:ae:0f:bb:4d:71:de:9d:f4: b9:d6:91:1d:5d:bd:c5:1e:f8:2f:bf:5f:fb:8f:2a:99:39:a6: f6:f6:4e:c7:42:49:06:1a:54:a7:8e:7a:3b:06:0c:ac:be:29: 51:ea:af:a7:bb:80:53:ec:29:0b:9c:9e:b3:08:3e:d4:26:a6: 9d:d5:3f:87:54:3a:91:ea:72:30:3c:a3:68:69:9d:b4:f2:a2: a0:ef:32:7c:e6:9c:f6:8e:4b:a6:9b:b9:a1:ba:73:45:c1:9f: 5b:65:c2:61:5c:89:11:78:00:7e:74:3f:1d:fb:6a:f8:dc:d4: 04:af:bb:41:7f:9b:83:ee:bf:c2:d6:26:b4:10:04:13:d6:4e: ac:83:1f:28:21:8b:2f:88:23:94:2f:89:67:44:ae:80:07:09: 6c:a6:87:df:71:af:16:7e:df:4b:8d:e5:4f:63:2e:b2:5d:ea: 8a:82:d3:66:dc:00:3d:a7:fd:e0:09:9b:21:a0:e8:e3:87:ed: 8a:70:b2:b5:be:d3:b5:42:63:4b:db:ab:b5:44:a1:83:99:ec: ee:6f:4f:8c:e0:c9:cf:94:da:2e:cb:9d:32:a2:a7:24:e0:87: 1d:d4:a9:ea:36:7d:7a:a1:e6:76:e0:15:d7:a4:9b:2e:3c:e4: 78:5f:bc:e2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUA513j/WPQzM4sRdnN5RWuYiJRZkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1RTg1 MTdDOEZEQjAeFw0yNjA0MjEwMzM3MjNaFw0yNjA0MjQxMTAyMjNaMDMxMTAvBgNV BAMTKDM0RDc3NERFOUQ5RkUxRjAyNDRERUMxRjBBNzc1RURGQTA3N0IyODAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEUe/mtqaYOdEsSksSOerfCs6a 454CvuYzRhxdszltWI4E96NGCPzGG5yLuhLG0EZ3l1l+jYONsIMyldqUO6Bw3BnL 1M4VmI/oOLYRPRdq+OCOAWY7fvVzbiPe3FEWPhgWhGUvP/la3jd0nbw4zWRdQWO+ rXILZeLSje5YeOrCRRSNXrfF8ry+2xc6L7xy3uETZsxgTSWaWpzP1AdYmyl6FhBX 1PDQbDbeSbPOE6K/vwQ5Apiv+JTG9s8NBW7ETaNAp9YHhxv/funde/adbFDZcKv/ DgmLWfVIelgDGW82gXSkclJtaNs/tFR61LFpjelYXjwcyEa4e/g5+/a7cl/LAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNNd03p2f4fAkTewfCnde36B3soAwHwYDVR0j BBgwFoAU2dBzDbUSlf7FvUgM3UK16FF8j9swDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YWUyYjhiMy1kZWM4LTQxY2YtYTE2ZC1lMTE3MTU2MWQ3MjUvMC9EOUQwNzMwREI1 MTI5NUZFQzVCRDQ4MENERDQyQjVFODUxN0M4RkRCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1RTg1MTdD OEZEQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWFlMmI4YjMtZGVjOC00MWNmLWEx NmQtZTExNzE1NjFkNzI1LzAvRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1 RTg1MTdDOEZEQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACgEGJJVWUjqU/CuD7tNcd6d9LnWkR1dvcUe +C+/X/uPKpk5pvb2TsdCSQYaVKeOejsGDKy+KVHqr6e7gFPsKQucnrMIPtQmpp3V P4dUOpHqcjA8o2hpnbTyoqDvMnzmnPaOS6abuaG6c0XBn1tlwmFciRF4AH50Px37 avjc1ASvu0F/m4Puv8LWJrQQBBPWTqyDHyghiy+II5QviWdEroAHCWymh99xrxZ+ 30uN5U9jLrJd6oqC02bcAD2n/eAJmyGg6OOH7YpwsrW+07VCY0vbq7VEoYOZ7O5v T4zgyc+U2i7LnTKipyTghx3Uqeo2fXqh5nbgFdekmy485HhfvOI= -----END CERTIFICATE-----Generated at Wed Apr 22 07:24:10 2026 by rpki-client