$ rpki-client -vvf repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft File: 4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft (raw, json) Hash identifier: 1tSPLUeKBAJOPObjIRtT0V3gZdcGpEGp451VVTV82vw= Subject key identifier: A3:6D:53:61:FA:85:89:90:C2:56:62:F9:DB:A3:5E:6E:34:40:A8:E6 Authority key identifier: 43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57 Certificate issuer: /CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657 Certificate serial: 1098731D309FA6DC61E52C600BF620B1F45E16C5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft Manifest number: 033D Signing time: Mon 20 Apr 2026 09:22:37 +0000 Manifest this update: Mon 20 Apr 2026 09:17:37 +0000 Manifest next update: Thu 23 Apr 2026 10:15:37 +0000 Files and hashes: 1: 3130332e3137362e39372e302f32342d3234203d3e20313437313331.roa (hash: 0qCM2olgS4oE+YIGItrwN9xQiW2Tx+5S0Vcz+QMGK2k=) 2: 3130332e3137362e39362e302f32332d3233203d3e20313437313331.roa (hash: RvlNgfW0J+bVY7d2yjeoXrc2sRB1/6Dnvn34DHTz4kU=) 3: 4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl (hash: rNpw8qD1ul4lmPS+X3Icecdd7pPFtg9TVvD0xNRjmX4=) 4: 3130332e3137362e39362e302f32342d3234203d3e20313437313331.roa (hash: wEdCO3YyXLUpfkiKLdOWDdPh+9yeo9Z0D5c9ufB6gOc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 10:15:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:98:73:1d:30:9f:a6:dc:61:e5:2c:60:0b:f6:20:b1:f4:5e:16:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657 Validity Not Before: Apr 20 09:17:37 2026 GMT Not After : Apr 23 10:15:37 2026 GMT Subject: CN=A36D5361FA858990C25662F9DBA35E6E3440A8E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:3a:d1:14:40:4d:d5:3b:c5:3a:0d:6c:62:f4: d9:fd:31:79:17:b3:e8:64:71:24:18:44:dd:e1:60: f7:89:04:ab:a4:d3:32:95:17:d5:f2:cb:8e:ee:4e: 9f:46:43:1a:2b:f7:cb:3c:47:b6:7b:8b:f5:3d:94: b1:92:36:73:7f:2f:28:d1:e9:9a:a9:9e:10:ed:cb: ef:70:5b:d4:80:3f:57:64:8b:40:61:f6:15:31:b6: b8:5c:f3:be:8b:bd:ac:d3:35:65:5a:aa:eb:da:58: 1a:2a:30:2e:46:b3:b7:e7:38:4a:d2:40:27:c5:3b: 8a:d7:81:f4:f0:24:e5:54:0f:1f:b1:36:e0:39:2e: eb:97:63:cf:61:5e:2e:34:24:0d:e3:e1:f9:4c:4b: 71:90:56:36:0f:d0:e2:1c:91:58:ce:91:9e:10:b1: 12:28:81:c9:0f:92:b3:1e:24:ab:53:d0:07:f4:dd: f4:a6:e5:64:51:ab:2c:e6:b3:99:b0:3f:30:45:1a: 74:92:8d:47:a9:02:44:e5:69:49:27:73:44:5a:27: bd:88:e4:8d:20:78:4d:0b:de:29:58:e8:ff:81:4d: e1:1e:fa:b2:09:20:e4:93:50:af:a4:16:32:5f:b4: c2:1e:ff:59:bc:a6:33:fd:7d:4f:43:a2:ed:b5:f3: 5a:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:6D:53:61:FA:85:89:90:C2:56:62:F9:DB:A3:5E:6E:34:40:A8:E6 X509v3 Authority Key Identifier: keyid:43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:6e:96:e1:c3:ee:3b:6d:67:24:bf:a3:7b:be:d5:30:0a:d5: 65:8e:2d:d7:74:5c:0d:91:f3:18:a3:c8:3e:63:44:1a:91:7d: 5c:ab:60:3a:c0:57:e0:6d:1a:00:5b:37:33:e2:d6:48:0e:26: 26:c0:06:91:e7:65:4b:2a:a6:f6:64:1e:c3:ff:8e:db:4a:63: 9a:06:b1:ca:35:99:55:dc:3e:1e:a7:fe:7e:e1:c3:23:31:2f: 6f:97:b0:3d:ac:7b:c7:e3:96:c6:31:69:3d:cc:e5:2a:73:11: 17:95:05:b7:0b:0a:70:65:52:27:7e:18:fd:d7:b4:3f:8d:e7: f0:31:e0:39:89:16:69:83:f6:78:a8:be:f7:ca:e1:96:d8:b1: 94:fc:3b:55:b0:fa:7f:3f:03:aa:b4:77:88:36:fe:a4:f4:2b: d4:8f:a8:7a:4a:2d:ec:6b:90:f1:3e:18:1d:5c:77:f5:df:28: f9:df:8b:a1:b7:7e:ac:a5:26:e8:46:9e:da:ff:d0:33:f4:59: 4b:44:57:34:86:45:21:4f:2e:da:41:9e:27:41:fa:46:08:d1: c7:c0:9b:f9:de:8d:27:b2:61:3b:4f:53:95:37:7f:c3:2b:44: 3a:01:7b:7e:4a:6b:0f:67:85:1e:85:a3:aa:41:a5:01:35:73: 70:6f:48:99 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUEJhzHTCfptxh5SxgC/YgsfReFsUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVF MzdCQjY1NzAeFw0yNjA0MjAwOTE3MzdaFw0yNjA0MjMxMDE1MzdaMDMxMTAvBgNV BAMTKEEzNkQ1MzYxRkE4NTg5OTBDMjU2NjJGOURCQTM1RTZFMzQ0MEE4RTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1OtEUQE3VO8U6DWxi9Nn9MXkX s+hkcSQYRN3hYPeJBKuk0zKVF9Xyy47uTp9GQxor98s8R7Z7i/U9lLGSNnN/LyjR 6ZqpnhDty+9wW9SAP1dki0Bh9hUxtrhc876LvazTNWVaquvaWBoqMC5Gs7fnOErS QCfFO4rXgfTwJOVUDx+xNuA5LuuXY89hXi40JA3j4flMS3GQVjYP0OIckVjOkZ4Q sRIogckPkrMeJKtT0Af03fSm5WRRqyzms5mwPzBFGnSSjUepAkTlaUknc0RaJ72I 5I0geE0L3ilY6P+BTeEe+rIJIOSTUK+kFjJftMIe/1m8pjP9fU9Dou2181qxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUo21TYfqFiZDCVmL526NebjRAqOYwHwYDVR0j BBgwFoAUQzfp/5Ggy2XOHrj662EI9eN7tlcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YzM0ZGMzZi0zMDhmLTRkZTEtYTM2NS03MDFiZDljZjEwMDQvMC80MzM3RTlGRjkx QTBDQjY1Q0UxRUI4RkFFQjYxMDhGNUUzN0JCNjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVFMzdC QjY1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWMzNGRjM2YtMzA4Zi00ZGUxLWEz NjUtNzAxYmQ5Y2YxMDA0LzAvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4 RjVFMzdCQjY1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACFuluHD7jttZyS/o3u+1TAK1WWOLdd0XA2R 8xijyD5jRBqRfVyrYDrAV+BtGgBbNzPi1kgOJibABpHnZUsqpvZkHsP/jttKY5oG sco1mVXcPh6n/n7hwyMxL2+XsD2se8fjlsYxaT3M5SpzEReVBbcLCnBlUid+GP3X tD+N5/Ax4DmJFmmD9niovvfK4ZbYsZT8O1Ww+n8/A6q0d4g2/qT0K9SPqHpKLexr kPE+GB1cd/XfKPnfi6G3fqylJuhGntr/0DP0WUtEVzSGRSFPLtpBnidB+kYI0cfA m/nejSeyYTtPU5U3f8MrRDoBe35Kaw9nhR6Fo6pBpQE1c3BvSJk= -----END CERTIFICATE-----Generated at Wed Apr 22 07:25:50 2026 by rpki-client