$ rpki-client -vvf repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft File: 40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft (raw, json) Hash identifier: JdTEw0OJQE1wz6EnWEi52W1omxnI/1TQQM6YxwYV3vM= Subject key identifier: 65:8A:FC:53:E8:BE:34:93:F5:9C:45:FD:2B:9C:85:2F:67:E9:48:B7 Authority key identifier: 40:94:9C:7C:9D:D0:D3:F8:99:68:1F:F2:EB:53:E4:9C:8F:85:2B:AA Certificate issuer: /CN=40949C7C9DD0D3F899681FF2EB53E49C8F852BAA Certificate serial: 60A6909955ADE0195EDE034A5848E9676D829391 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft Manifest number: 0135 Signing time: Mon 20 Apr 2026 19:42:20 +0000 Manifest this update: Mon 20 Apr 2026 19:37:20 +0000 Manifest next update: Fri 24 Apr 2026 00:17:20 +0000 Files and hashes: 1: 40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl (hash: oU2FRZ60VmVv61zXvS0n5Nvt235O1OYISctrd6WhqXw=) 2: 3135372e36362e302e302f32332d3234203d3e20313430343737.roa (hash: yBju0MDFhL8uMJfmhps7SGNhOm4xqJV+hqct3Jk+rrI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 00:17:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:a6:90:99:55:ad:e0:19:5e:de:03:4a:58:48:e9:67:6d:82:93:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40949C7C9DD0D3F899681FF2EB53E49C8F852BAA Validity Not Before: Apr 20 19:37:20 2026 GMT Not After : Apr 24 00:17:20 2026 GMT Subject: CN=658AFC53E8BE3493F59C45FD2B9C852F67E948B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:0b:51:5c:7d:22:b6:01:fb:b3:4d:56:80:71: 99:03:f9:9f:f7:1f:2b:03:92:25:71:ca:a4:2d:15: 3a:3b:4b:3b:a6:36:2f:b1:30:b3:51:71:84:78:f1: a2:a7:bd:79:10:49:0d:95:2e:3b:60:ee:33:3a:5d: 17:cf:c8:b3:0f:b3:cb:ad:e9:c7:99:6e:82:0c:5d: 3a:6e:69:a5:a7:79:9f:9f:ac:cd:2b:11:2b:a8:2f: 1b:65:e3:29:c3:1a:30:15:75:27:56:c6:ee:9b:76: 2e:c0:fc:a3:48:a1:4a:26:4e:ee:c9:1c:f2:e1:39: bd:49:ff:e8:b9:6a:17:95:99:c3:cc:07:79:d5:9a: e9:08:7b:5a:d8:87:3c:91:cb:6f:34:bd:78:d2:0a: f3:2b:7a:64:91:3a:c9:8e:9d:f6:39:eb:ed:49:f5: 8e:39:3a:e0:5c:71:a7:f9:ee:67:12:42:9d:47:e2: 91:97:1f:12:e8:4a:0e:26:a6:8d:09:71:39:29:d9: 50:e3:80:11:f6:f9:ce:62:6f:d2:21:49:3a:0a:5f: f5:05:11:d5:a3:c4:8c:3d:52:6a:ed:7d:2f:cd:b3: 5e:ba:70:77:95:f0:6a:7d:1e:2c:b2:c6:79:56:03: 66:07:60:94:4c:a7:11:7f:4f:8f:dd:92:31:79:6d: af:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:8A:FC:53:E8:BE:34:93:F5:9C:45:FD:2B:9C:85:2F:67:E9:48:B7 X509v3 Authority Key Identifier: keyid:40:94:9C:7C:9D:D0:D3:F8:99:68:1F:F2:EB:53:E4:9C:8F:85:2B:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ee:1a:9c:c6:d3:53:c8:1c:bf:c6:f8:fb:62:96:86:2c:ae:03: bd:c5:34:5f:af:2c:47:2a:b4:07:51:f0:a2:12:c9:f9:c1:b7: 34:04:d0:e9:2c:02:08:73:3a:f1:14:bb:83:df:cc:f9:90:70: 73:61:46:85:71:b4:f3:b9:a4:4f:5b:dc:29:a6:7e:67:2b:de: 9e:0b:22:e7:4d:50:6c:67:3a:52:56:a9:dd:50:ba:66:3b:c8: 9b:3b:e6:12:85:92:53:de:4a:38:79:09:a8:0f:ed:f7:ce:fe: 34:09:f9:2b:f7:e6:73:b1:dd:86:a6:6d:5a:85:d8:dc:39:b6: e3:02:e8:ee:cc:2e:24:32:7b:27:77:da:71:98:f4:89:d7:13: 7e:a0:bd:a8:b2:a6:b4:0f:4a:84:4b:b9:83:39:be:38:01:8a: 2b:7a:f1:08:c8:e8:10:47:d8:6b:98:16:15:cb:37:25:82:d1: 78:cb:eb:6b:11:eb:8e:2f:2f:c2:66:fe:95:d5:d9:71:f8:42: 03:1c:82:49:b1:dd:1c:6f:1e:e0:35:af:ac:e7:8b:d1:3c:7b: 58:a9:0a:e6:89:81:0a:fd:b7:8a:eb:d7:23:90:a5:7f:20:13: 17:f3:3f:d9:65:ad:a4:1b:67:a9:a7:00:a3:0c:0d:a1:fe:ac: 1e:69:34:e9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYKaQmVWt4Ble3gNKWEjpZ22Ck5EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0OUM4 Rjg1MkJBQTAeFw0yNjA0MjAxOTM3MjBaFw0yNjA0MjQwMDE3MjBaMDMxMTAvBgNV BAMTKDY1OEFGQzUzRThCRTM0OTNGNTlDNDVGRDJCOUM4NTJGNjdFOTQ4QjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnC1FcfSK2AfuzTVaAcZkD+Z/3 HysDkiVxyqQtFTo7SzumNi+xMLNRcYR48aKnvXkQSQ2VLjtg7jM6XRfPyLMPs8ut 6ceZboIMXTpuaaWneZ+frM0rESuoLxtl4ynDGjAVdSdWxu6bdi7A/KNIoUomTu7J HPLhOb1J/+i5aheVmcPMB3nVmukIe1rYhzyRy280vXjSCvMremSROsmOnfY56+1J 9Y45OuBccaf57mcSQp1H4pGXHxLoSg4mpo0JcTkp2VDjgBH2+c5ib9IhSToKX/UF EdWjxIw9UmrtfS/Ns166cHeV8Gp9HiyyxnlWA2YHYJRMpxF/T4/dkjF5ba//AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZYr8U+i+NJP1nEX9K5yFL2fpSLcwHwYDVR0j BBgwFoAUQJScfJ3Q0/iZaB/y61PknI+FK6owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 OWRhZTk3Zi0xYWQxLTRiMzQtOGZlOS0xYmM2NWIwOTA4ZjMvMC80MDk0OUM3QzlE RDBEM0Y4OTk2ODFGRjJFQjUzRTQ5QzhGODUyQkFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0OUM4Rjg1 MkJBQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODlkYWU5N2YtMWFkMS00YjM0LThm ZTktMWJjNjViMDkwOGYzLzAvNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0 OUM4Rjg1MkJBQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAO4anMbTU8gcv8b4+2KWhiyuA73FNF+vLEcq tAdR8KISyfnBtzQE0OksAghzOvEUu4PfzPmQcHNhRoVxtPO5pE9b3Cmmfmcr3p4L IudNUGxnOlJWqd1QumY7yJs75hKFklPeSjh5CagP7ffO/jQJ+Sv35nOx3YambVqF 2Nw5tuMC6O7MLiQyeyd32nGY9InXE36gvaiyprQPSoRLuYM5vjgBiit68QjI6BBH 2GuYFhXLNyWC0XjL62sR644vL8Jm/pXV2XH4QgMcgkmx3RxvHuA1r6zni9E8e1ip CuaJgQr9t4rr1yOQpX8gExfzP9llraQbZ6mnAKMMDaH+rB5pNOk= -----END CERTIFICATE-----Generated at Wed Apr 22 04:52:46 2026 by rpki-client