$ rpki-client -vvf repo-rpki.idnic.net/repo/877b01cf-b1c9-450f-8551-4dcb4cbd4262/0/BCDF6D8F5670257F852914E87D552983AA37A3A3.mft File: BCDF6D8F5670257F852914E87D552983AA37A3A3.mft (raw, json) Hash identifier: JIE3fc90OQr8DjcjFyd+ImvLfisqiV+1DB8CayQ0yj8= Subject key identifier: C0:DA:AB:E8:BF:1C:5C:FF:63:59:90:F7:BD:AC:ED:F7:39:9F:50:02 Authority key identifier: BC:DF:6D:8F:56:70:25:7F:85:29:14:E8:7D:55:29:83:AA:37:A3:A3 Certificate issuer: /CN=BCDF6D8F5670257F852914E87D552983AA37A3A3 Certificate serial: 33D109E26CD47E79C08B4CAFBAA82F262EC783AA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BCDF6D8F5670257F852914E87D552983AA37A3A3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/877b01cf-b1c9-450f-8551-4dcb4cbd4262/0/BCDF6D8F5670257F852914E87D552983AA37A3A3.mft Manifest number: 04C1 Signing time: Tue 21 Apr 2026 03:21:07 +0000 Manifest this update: Tue 21 Apr 2026 03:16:07 +0000 Manifest next update: Fri 24 Apr 2026 15:16:07 +0000 Files and hashes: 1: BCDF6D8F5670257F852914E87D552983AA37A3A3.crl (hash: hZvvrtJVlTkTnGz27gQkRdp9TkuDFxzyowJtV/KjknE=) 2: 3130332e3134372e37362e302f32332d3233203d3e20313339393532.roa (hash: ZtfrmcdIDZFk5FXV0vrgffSS//LC3R042y4pGOoRFVw=) 3: 3130332e3134372e37372e302f32342d3234203d3e20313339393532.roa (hash: gks4E4RAlqsYzpMbY7s86LphrkEHlbXfODEV9a6VKSU=) 4: 3130332e3134372e37362e302f32342d3234203d3e20313339393532.roa (hash: 2JYulwUxi2T/jzgAmBWLWpOPU3Z1C06NLPJ2YJd9h44=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/877b01cf-b1c9-450f-8551-4dcb4cbd4262/0/BCDF6D8F5670257F852914E87D552983AA37A3A3.crl rsync://repo-rpki.idnic.net/repo/877b01cf-b1c9-450f-8551-4dcb4cbd4262/0/BCDF6D8F5670257F852914E87D552983AA37A3A3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BCDF6D8F5670257F852914E87D552983AA37A3A3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 15:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:d1:09:e2:6c:d4:7e:79:c0:8b:4c:af:ba:a8:2f:26:2e:c7:83:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BCDF6D8F5670257F852914E87D552983AA37A3A3 Validity Not Before: Apr 21 03:16:07 2026 GMT Not After : Apr 24 15:16:07 2026 GMT Subject: CN=C0DAABE8BF1C5CFF635990F7BDACEDF7399F5002 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:74:b8:3d:31:66:25:a5:3c:a6:e9:ad:05:fa: 85:2d:6a:47:fb:4d:21:f9:be:52:77:9c:b2:8d:40: 23:4d:aa:24:0b:aa:0a:fe:04:3b:b1:0c:a3:9d:3c: 37:1d:b2:6e:c1:b1:dc:d6:87:89:bb:28:34:8d:ca: ec:4d:77:74:77:f6:3f:20:6f:25:fc:c8:34:6a:81: 1d:9c:97:25:ec:d9:4f:ef:66:fa:84:0f:d6:e9:68: 1b:f2:69:a4:37:16:cb:c5:9a:0a:b6:24:8f:bc:c0: 71:eb:cb:16:8f:61:f2:8c:f2:5d:5f:c7:58:ce:81: 8e:55:e5:81:66:75:39:9a:e0:f7:6e:29:b3:bd:ab: 26:51:fa:31:e4:2e:6e:ed:77:a8:86:62:06:46:9d: 43:37:2a:ee:e8:8a:bf:48:82:a3:75:77:4f:82:b9: 39:2e:d3:fa:70:a2:c1:d9:e4:03:b2:a3:24:94:3f: 31:97:cd:d6:7a:01:84:7b:c3:bd:a8:10:12:fa:d2: 7e:39:49:a5:b4:83:f6:c9:72:74:1a:e8:2c:38:8d: 72:17:64:f1:11:cd:48:aa:6b:d9:33:3e:d8:83:ab: 58:70:8f:6d:99:3c:55:fa:97:09:59:4e:f0:21:b0: 1e:2a:1e:99:99:ff:a5:32:83:b8:cc:54:3f:32:44: ee:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:DA:AB:E8:BF:1C:5C:FF:63:59:90:F7:BD:AC:ED:F7:39:9F:50:02 X509v3 Authority Key Identifier: keyid:BC:DF:6D:8F:56:70:25:7F:85:29:14:E8:7D:55:29:83:AA:37:A3:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/877b01cf-b1c9-450f-8551-4dcb4cbd4262/0/BCDF6D8F5670257F852914E87D552983AA37A3A3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BCDF6D8F5670257F852914E87D552983AA37A3A3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/877b01cf-b1c9-450f-8551-4dcb4cbd4262/0/BCDF6D8F5670257F852914E87D552983AA37A3A3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:6b:ce:25:53:ac:ce:83:11:53:8a:15:01:f4:05:da:ce:07: 82:8a:5e:a5:e6:36:49:fc:01:24:c5:cb:19:c5:ca:ce:67:47: c2:71:45:6b:1a:79:23:8b:b3:00:fd:eb:10:2b:27:88:e3:e4: b3:07:11:3d:7b:18:5a:a2:d8:a5:3a:20:69:aa:bf:25:89:d2: c3:56:8a:f6:89:12:51:89:d9:9c:c2:4a:99:7c:ac:16:4b:5e: 29:a8:29:b1:04:ec:52:fd:b9:87:0f:75:52:5d:d3:33:3d:15: f8:2b:36:25:39:3d:fb:fb:ab:c6:51:e8:6d:d1:e2:25:d5:a7: 66:80:56:76:53:83:50:8a:ef:d9:f1:ec:86:9f:d3:8b:e7:d7: fc:2a:1d:f9:16:e5:52:3c:4e:55:95:2d:fc:50:69:09:3c:64: fd:52:b9:8a:29:2a:16:cd:8c:96:2a:3c:ed:72:09:94:df:5e: ad:ff:6e:aa:29:f0:ea:22:29:84:a5:ec:7f:66:01:20:56:8f: 42:4d:a5:81:0d:33:26:69:e4:d1:e1:08:49:29:91:a6:cf:ec: 33:98:ae:27:27:15:f3:d0:c2:c8:9f:aa:5b:f9:8f:ec:0a:1c: 76:59:24:90:7a:b6:a8:9a:3f:60:01:73:f9:5d:d5:ca:e6:fc: 7b:75:30:0e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUM9EJ4mzUfnnAi0yvuqgvJi7Hg6owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkNERjZEOEY1NjcwMjU3Rjg1MjkxNEU4N0Q1NTI5ODNB QTM3QTNBMzAeFw0yNjA0MjEwMzE2MDdaFw0yNjA0MjQxNTE2MDdaMDMxMTAvBgNV BAMTKEMwREFBQkU4QkYxQzVDRkY2MzU5OTBGN0JEQUNFREY3Mzk5RjUwMDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4dLg9MWYlpTym6a0F+oUtakf7 TSH5vlJ3nLKNQCNNqiQLqgr+BDuxDKOdPDcdsm7BsdzWh4m7KDSNyuxNd3R39j8g byX8yDRqgR2clyXs2U/vZvqED9bpaBvyaaQ3FsvFmgq2JI+8wHHryxaPYfKM8l1f x1jOgY5V5YFmdTma4PduKbO9qyZR+jHkLm7td6iGYgZGnUM3Ku7oir9IgqN1d0+C uTku0/pwosHZ5AOyoySUPzGXzdZ6AYR7w72oEBL60n45SaW0g/bJcnQa6Cw4jXIX ZPERzUiqa9kzPtiDq1hwj22ZPFX6lwlZTvAhsB4qHpmZ/6Uyg7jMVD8yRO77AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUwNqr6L8cXP9jWZD3vazt9zmfUAIwHwYDVR0j BBgwFoAUvN9tj1ZwJX+FKRTofVUpg6o3o6MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NzdiMDFjZi1iMWM5LTQ1MGYtODU1MS00ZGNiNGNiZDQyNjIvMC9CQ0RGNkQ4RjU2 NzAyNTdGODUyOTE0RTg3RDU1Mjk4M0FBMzdBM0EzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkNERjZEOEY1NjcwMjU3Rjg1MjkxNEU4N0Q1NTI5ODNBQTM3 QTNBMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODc3YjAxY2YtYjFjOS00NTBmLTg1 NTEtNGRjYjRjYmQ0MjYyLzAvQkNERjZEOEY1NjcwMjU3Rjg1MjkxNEU4N0Q1NTI5 ODNBQTM3QTNBMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIhrziVTrM6DEVOKFQH0BdrOB4KKXqXmNkn8 ASTFyxnFys5nR8JxRWsaeSOLswD96xArJ4jj5LMHET17GFqi2KU6IGmqvyWJ0sNW ivaJElGJ2ZzCSpl8rBZLXimoKbEE7FL9uYcPdVJd0zM9FfgrNiU5Pfv7q8ZR6G3R 4iXVp2aAVnZTg1CK79nx7Iaf04vn1/wqHfkW5VI8TlWVLfxQaQk8ZP1SuYopKhbN jJYqPO1yCZTfXq3/bqop8OoiKYSl7H9mASBWj0JNpYENMyZp5NHhCEkpkabP7DOY ricnFfPQwsifqlv5j+wKHHZZJJB6tqiaP2ABc/ld1crm/Ht1MA4= -----END CERTIFICATE-----Generated at Wed Apr 22 07:28:23 2026 by rpki-client