$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: Bwy+qQRQIWWOaOVw+759hvFXSdOXh+eZoFVm1BM2UPw= Subject key identifier: A3:FD:2B:84:22:69:10:63:92:81:7F:15:76:CD:09:BD:67:A6:83:E0 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 1C5111845569351D58BBB5C8A5F93269EBB48815 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 056B Signing time: Tue 21 Apr 2026 15:12:18 +0000 Manifest this update: Tue 21 Apr 2026 15:07:18 +0000 Manifest next update: Fri 24 Apr 2026 20:33:18 +0000 Files and hashes: 1: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 2: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: JY5X7Ni0FqjOLHL/IBAcPoDotTFSEzReZjChPfIbLws=) 3: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 4: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 5: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 6: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: jqlxbCCtIQ17jMCDrut0H+/0XWK8MgcBAI0YP+tlD+g=) 7: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 8: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:51:11:84:55:69:35:1d:58:bb:b5:c8:a5:f9:32:69:eb:b4:88:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Apr 21 15:07:18 2026 GMT Not After : Apr 24 20:33:18 2026 GMT Subject: CN=A3FD2B842269106392817F1576CD09BD67A683E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:ef:bc:61:e0:f7:70:29:c5:cd:30:a7:df:c8: 91:8c:65:42:a8:9f:6e:29:7f:22:04:04:24:df:83: 24:0c:ce:9e:63:5e:6e:a7:4b:0c:41:ee:71:14:69: 41:24:e9:b0:b0:6e:ed:ae:43:96:d6:dc:ad:6b:c6: 5e:61:cb:0f:25:39:e4:d7:a8:49:e7:9b:99:53:67: 22:14:5c:bb:b0:cf:09:58:4c:3b:dc:24:7b:f7:09: ae:03:30:c8:f5:8b:33:ac:af:1e:6f:85:6b:e1:30: 1b:98:c6:03:92:bb:6e:31:06:9b:3f:b1:f8:4c:8e: 5a:c8:0b:b1:95:c5:a9:9b:cd:64:78:76:21:85:25: 57:d7:f3:df:8d:3a:f5:dc:ec:33:fb:89:66:6a:de: f2:b8:d4:53:ad:36:aa:49:c2:6d:ad:01:32:d4:8f: 04:e9:4e:a1:b9:07:df:de:b7:04:40:ef:21:d6:9b: 9b:79:01:09:2a:c0:2b:c8:5d:5c:fb:a4:8d:57:4c: 79:58:6d:5a:06:03:80:b0:f3:9d:2e:20:9c:d2:6c: 2f:df:cc:97:b6:9f:f1:c1:a8:f5:37:87:95:fd:2c: 07:c0:40:59:a6:79:57:48:65:f8:1b:ed:d8:c5:7f: 6d:ea:5b:bd:f8:32:f7:16:a1:0b:e8:41:c2:50:a7: a4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:FD:2B:84:22:69:10:63:92:81:7F:15:76:CD:09:BD:67:A6:83:E0 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:a0:99:07:92:32:44:74:3f:95:6c:52:65:a7:b6:5c:fc:f2: 56:cf:c5:67:1e:c6:5f:73:58:9c:39:4f:1b:24:45:e5:77:d9: 80:37:16:f1:4e:5b:18:af:b6:04:d6:48:5a:21:76:70:20:a4: 02:f1:9a:55:98:2f:50:36:57:d2:cc:8f:92:d7:6e:86:7d:46: 07:22:20:93:02:a5:2a:dc:a6:ed:ae:7a:7b:73:04:fa:95:d3: fc:9d:37:1a:56:44:81:df:55:35:09:33:ff:13:11:d8:98:eb: 33:11:02:9e:5f:cf:86:8a:44:10:13:5c:27:7c:4e:cd:09:7a: 5a:de:55:ec:28:bb:62:68:4f:0b:b8:50:3b:9b:0e:2e:6a:75: 13:e4:cb:cb:4b:37:b7:a2:86:db:1f:49:0b:98:c7:94:93:ee: dc:7c:23:5e:b9:e7:8e:8f:a7:ba:c0:e6:12:b2:6f:97:b3:20: 6d:60:5c:55:8b:34:e9:c4:bb:9e:9c:b5:38:99:57:e0:4d:fa: 0a:d9:99:cc:0e:e9:f5:a4:f9:7d:fb:c9:85:53:cf:60:97:1c: e0:36:8d:89:5f:e6:11:c9:73:31:10:9d:aa:75:21:b2:2f:20: b1:9c:c5:89:1f:d3:cb:84:c8:4c:56:10:fb:af:57:20:c7:8a: e0:c2:cb:f4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHFERhFVpNR1Yu7XIpfkyaeu0iBUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNjA0MjExNTA3MThaFw0yNjA0MjQyMDMzMThaMDMxMTAvBgNV BAMTKEEzRkQyQjg0MjI2OTEwNjM5MjgxN0YxNTc2Q0QwOUJENjdBNjgzRTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg77xh4PdwKcXNMKffyJGMZUKo n24pfyIEBCTfgyQMzp5jXm6nSwxB7nEUaUEk6bCwbu2uQ5bW3K1rxl5hyw8lOeTX qEnnm5lTZyIUXLuwzwlYTDvcJHv3Ca4DMMj1izOsrx5vhWvhMBuYxgOSu24xBps/ sfhMjlrIC7GVxambzWR4diGFJVfX89+NOvXc7DP7iWZq3vK41FOtNqpJwm2tATLU jwTpTqG5B9/etwRA7yHWm5t5AQkqwCvIXVz7pI1XTHlYbVoGA4Cw850uIJzSbC/f zJe2n/HBqPU3h5X9LAfAQFmmeVdIZfgb7djFf23qW734MvcWoQvoQcJQp6RFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUo/0rhCJpEGOSgX8Vds0JvWemg+AwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACygmQeSMkR0P5VsUmWntlz88lbPxWcexl9z WJw5TxskReV32YA3FvFOWxivtgTWSFohdnAgpALxmlWYL1A2V9LMj5LXboZ9Rgci IJMCpSrcpu2uentzBPqV0/ydNxpWRIHfVTUJM/8TEdiY6zMRAp5fz4aKRBATXCd8 Ts0JelreVewou2JoTwu4UDubDi5qdRPky8tLN7eihtsfSQuYx5ST7tx8I165546P p7rA5hKyb5ezIG1gXFWLNOnEu56ctTiZV+BN+grZmcwO6fWk+X37yYVTz2CXHOA2 jYlf5hHJczEQnap1IbIvILGcxYkf08uEyExWEPuvVyDHiuDCy/Q= -----END CERTIFICATE-----Generated at Wed Apr 22 11:32:19 2026 by rpki-client