$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: RRtmxISuKaOHpa6N8iRdslVGAdHTBOuRahopPDgn3nU= Subject key identifier: F6:CD:CE:25:C2:F5:97:44:7A:F7:D1:50:C4:EC:65:FA:92:3C:DA:47 Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 784BB58BB9C92A5C303A7368BD3B70CE1A031C59 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: 0114 Signing time: Tue 21 Apr 2026 21:31:55 +0000 Manifest this update: Tue 21 Apr 2026 21:26:55 +0000 Manifest next update: Sat 25 Apr 2026 07:17:55 +0000 Files and hashes: 1: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: acduwpB/kJ4cLLhr9Sx2I0KizN7tbetDpSib3Olu02c=) 2: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: okMulqCwmQrHdU+kO0nYzAvF/vvi8wTCEKi+VdDT9lQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 13:19:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:4b:b5:8b:b9:c9:2a:5c:30:3a:73:68:bd:3b:70:ce:1a:03:1c:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Apr 21 21:26:55 2026 GMT Not After : Apr 25 07:17:55 2026 GMT Subject: CN=F6CDCE25C2F597447AF7D150C4EC65FA923CDA47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:d3:2f:38:ef:82:dd:c7:8f:ec:75:a4:06:16: 70:0a:1e:74:c2:5a:85:ca:2e:4a:d9:fa:ac:cc:52: 1c:f2:48:4b:3e:a1:aa:2e:dd:bd:51:8c:93:bc:93: 3d:52:00:67:4f:79:cc:4d:a2:ce:2d:61:83:50:2b: 50:f7:ca:d7:34:4a:04:4c:67:3b:82:05:44:ad:0a: 06:ea:58:c2:a6:cf:9d:3d:84:7c:61:20:f9:2e:8a: cf:f9:99:ee:42:80:d6:ab:d4:a3:e6:6a:e0:8f:77: d5:72:9a:a2:c7:d5:ac:dc:51:64:d7:04:ab:d7:da: 74:02:e6:a8:b2:ac:df:05:58:58:fb:e5:e6:2d:15: 6b:45:10:ef:c4:b3:aa:3f:4b:39:40:aa:e7:09:2d: e8:fd:08:54:1b:02:8e:16:81:b8:4d:c3:c7:65:cd: bb:b5:1f:11:bb:6b:ce:43:fc:8b:c3:08:c2:26:16: cf:4d:ce:70:33:7b:29:f7:82:fd:03:db:a2:06:ee: bb:e0:61:03:a0:58:2a:20:bc:15:65:6c:bd:9f:f9: 76:33:60:47:f8:43:aa:07:e6:ef:8f:82:c7:83:a3: bb:49:97:24:c5:b2:73:8e:62:5a:82:a4:33:01:00: 10:92:e7:87:2d:ee:1a:5f:41:ef:a2:5d:c1:cf:65: fc:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:CD:CE:25:C2:F5:97:44:7A:F7:D1:50:C4:EC:65:FA:92:3C:DA:47 X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:e2:57:f1:e2:04:c7:52:d3:fe:58:65:2e:72:b2:be:70:c4: d0:ef:6a:b8:d6:4a:20:23:b1:d5:89:b0:ff:ed:9b:e7:46:43: d8:0a:27:a0:86:97:53:90:3a:a2:b4:e0:60:4f:17:4d:21:80: 40:25:f1:a5:eb:03:95:98:9b:f8:11:a9:be:7c:df:c8:26:23: e7:67:9d:db:8b:10:6f:5f:f3:0b:c1:b1:19:35:53:21:9d:f4: a9:0b:49:91:10:b7:76:0c:65:20:80:bd:4e:69:ae:f6:95:a4: cc:30:2a:df:63:61:56:86:76:5a:87:8f:3e:6a:db:71:bb:f6: a2:1e:88:62:93:ee:04:5f:96:e0:58:9e:29:cd:b8:6c:1b:11: 1b:7b:4b:72:ba:be:06:d6:26:08:d5:ea:e6:84:87:b5:91:cb: 37:d0:64:cb:72:3c:f4:d2:30:f2:a7:c9:7b:54:10:24:02:aa: aa:60:12:8f:94:be:23:43:40:a1:46:c0:94:22:88:05:76:ee: 29:e6:68:7b:97:30:76:bb:8b:52:aa:cf:01:7f:4f:9d:14:ed: 5b:2b:60:5f:71:e2:46:4e:4c:39:e0:98:d6:2e:09:db:1e:ab: a6:fe:45:a1:50:aa:6d:d7:dc:01:d9:9e:1b:a8:54:d6:af:ed: 06:45:f1:50 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUeEu1i7nJKlwwOnNovTtwzhoDHFkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNjA0MjEyMTI2NTVaFw0yNjA0MjUwNzE3NTVaMDMxMTAvBgNV BAMTKEY2Q0RDRTI1QzJGNTk3NDQ3QUY3RDE1MEM0RUM2NUZBOTIzQ0RBNDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu0y8474Ldx4/sdaQGFnAKHnTC WoXKLkrZ+qzMUhzySEs+oaou3b1RjJO8kz1SAGdPecxNos4tYYNQK1D3ytc0SgRM ZzuCBUStCgbqWMKmz509hHxhIPkuis/5me5CgNar1KPmauCPd9VymqLH1azcUWTX BKvX2nQC5qiyrN8FWFj75eYtFWtFEO/Es6o/SzlAqucJLej9CFQbAo4WgbhNw8dl zbu1HxG7a85D/IvDCMImFs9NznAzeyn3gv0D26IG7rvgYQOgWCogvBVlbL2f+XYz YEf4Q6oH5u+PgseDo7tJlyTFsnOOYlqCpDMBABCS54ct7hpfQe+iXcHPZfx9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU9s3OJcL1l0R699FQxOxl+pI82kcwHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACHiV/HiBMdS0/5YZS5ysr5wxNDvarjWSiAj sdWJsP/tm+dGQ9gKJ6CGl1OQOqK04GBPF00hgEAl8aXrA5WYm/gRqb5838gmI+dn nduLEG9f8wvBsRk1UyGd9KkLSZEQt3YMZSCAvU5prvaVpMwwKt9jYVaGdlqHjz5q 23G79qIeiGKT7gRfluBYninNuGwbERt7S3K6vgbWJgjV6uaEh7WRyzfQZMtyPPTS MPKnyXtUECQCqqpgEo+UviNDQKFGwJQiiAV27inmaHuXMHa7i1KqzwF/T50U7Vsr YF9x4kZOTDngmNYuCdseq6b+RaFQqm3X3AHZnhuoVNav7QZF8VA= -----END CERTIFICATE-----Generated at Wed Apr 22 04:52:05 2026 by rpki-client