$ rpki-client -vvf repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft File: FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft (raw, json) Hash identifier: oJ1+oI1eWAZK0VyYe1f+JKZWuFIhBYl6ITHmb0F7Hdw= Subject key identifier: 79:AE:45:EF:B5:12:C0:71:50:C2:E9:1C:19:93:EC:BE:E1:84:8A:65 Authority key identifier: FD:7C:5A:44:A3:CA:AF:7C:D1:40:CF:D1:C6:16:22:BA:5E:A2:E6:23 Certificate issuer: /CN=FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623 Certificate serial: 0652D270F9B22E40E8F9D658D3E945E5CF010668 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft Manifest number: 0153 Signing time: Tue 21 Apr 2026 00:42:35 +0000 Manifest this update: Tue 21 Apr 2026 00:37:35 +0000 Manifest next update: Fri 24 Apr 2026 09:04:35 +0000 Files and hashes: 1: FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.crl (hash: OdhiKRkAiNANSCqH5xiYi4CNFlLPvB6NN6XxEjsWSQA=) 2: 3135372e32302e3132362e302f32332d3234203d3e20313532343130.roa (hash: JACumO3VAE1t5FuWuqXfdX1npziOW8EOlg7XX4OQbh8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.crl rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 09:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:52:d2:70:f9:b2:2e:40:e8:f9:d6:58:d3:e9:45:e5:cf:01:06:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623 Validity Not Before: Apr 21 00:37:35 2026 GMT Not After : Apr 24 09:04:35 2026 GMT Subject: CN=79AE45EFB512C07150C2E91C1993ECBEE1848A65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:03:a5:9e:81:c8:66:ad:7d:a6:64:9e:11:7c: 07:62:95:ce:02:57:36:70:ee:b9:45:9d:14:fb:37: 7d:93:57:a4:19:9b:70:3e:7b:ac:8d:b0:24:fe:fb: 28:5b:b9:de:c1:81:4d:0b:e3:64:24:d1:1f:1c:a0: c4:27:19:e7:8f:e2:80:0c:4e:12:eb:e1:f3:d5:51: 4e:6b:08:ac:3b:e0:f7:d6:7e:fa:7c:22:72:c8:6d: a5:1d:c0:cf:20:72:ff:19:72:d9:f3:1e:6d:15:e0: f1:27:2e:c3:bf:b9:94:6e:7d:30:c4:95:17:96:fb: 87:f5:07:39:1a:0e:bc:9f:e6:8b:4d:67:37:a7:1a: d1:35:6e:c5:51:63:7b:ac:ee:2d:fa:d5:8f:28:3c: 73:6c:e0:30:90:c5:cd:ba:86:53:ce:67:36:2c:55: e5:ab:24:13:02:41:85:bb:60:24:99:74:9c:37:9f: ee:67:ab:86:2f:89:ee:f8:f6:68:18:05:1d:c7:93: 14:e8:ba:a2:9f:67:01:aa:7a:87:59:c6:70:f3:3d: 02:59:10:bb:15:4e:8b:b2:a4:3d:aa:0a:ce:74:1d: f0:4a:53:f0:20:cc:19:4c:fa:74:c0:09:c0:64:20: 58:80:ce:fc:24:2a:a1:84:f9:1d:5b:06:0d:01:cd: f3:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:AE:45:EF:B5:12:C0:71:50:C2:E9:1C:19:93:EC:BE:E1:84:8A:65 X509v3 Authority Key Identifier: keyid:FD:7C:5A:44:A3:CA:AF:7C:D1:40:CF:D1:C6:16:22:BA:5E:A2:E6:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:82:a1:f3:a4:d1:e9:66:e9:29:6c:5d:6c:d2:84:6b:da:e3: f7:06:e4:2c:6f:8a:c3:ef:4b:02:4f:a5:44:88:d1:73:22:97: c2:01:17:e9:77:60:ce:9c:9d:0a:2b:ce:34:d0:f3:9e:c5:76: b8:9c:02:b9:62:f7:95:7f:9b:0d:22:7d:85:fc:c1:ca:8e:35: d2:ce:fd:8b:85:69:94:e8:13:69:3a:1f:a8:4e:9b:5d:fc:2a: 46:d2:70:a6:e3:a4:3f:9e:2b:5e:9b:0e:25:95:7f:af:e8:43: 55:2e:cb:30:29:97:74:b5:23:dd:16:d9:c1:80:2f:6b:38:40: 9e:40:db:44:ad:43:af:5d:05:f9:60:93:bc:87:9a:0c:39:a9: da:b3:40:c1:e3:74:61:76:6c:d9:f6:20:c9:c7:a2:84:cc:f2: 60:52:a8:64:89:1e:4f:a3:ad:e0:69:dc:88:cc:cf:fa:b7:62: 5e:6f:79:b5:45:d7:5c:40:9b:49:cb:e6:8c:f7:8f:a7:8f:a2: 09:32:e1:b6:38:e3:7f:42:88:49:30:77:d2:bc:e4:04:2e:08: 85:f4:df:8d:02:a9:e3:07:d6:4f:27:9d:1f:70:fc:3f:05:7f: 4e:de:5f:0b:dd:7b:c4:19:ec:83:4b:0e:03:68:d4:af:f0:d9: 4a:fc:d2:f4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBlLScPmyLkDo+dZY0+lF5c8BBmgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkQ3QzVBNDRBM0NBQUY3Q0QxNDBDRkQxQzYxNjIyQkE1 RUEyRTYyMzAeFw0yNjA0MjEwMDM3MzVaFw0yNjA0MjQwOTA0MzVaMDMxMTAvBgNV BAMTKDc5QUU0NUVGQjUxMkMwNzE1MEMyRTkxQzE5OTNFQ0JFRTE4NDhBNjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPA6WegchmrX2mZJ4RfAdilc4C VzZw7rlFnRT7N32TV6QZm3A+e6yNsCT++yhbud7BgU0L42Qk0R8coMQnGeeP4oAM ThLr4fPVUU5rCKw74PfWfvp8InLIbaUdwM8gcv8ZctnzHm0V4PEnLsO/uZRufTDE lReW+4f1BzkaDryf5otNZzenGtE1bsVRY3us7i361Y8oPHNs4DCQxc26hlPOZzYs VeWrJBMCQYW7YCSZdJw3n+5nq4Yvie749mgYBR3HkxTouqKfZwGqeodZxnDzPQJZ ELsVTouypD2qCs50HfBKU/AgzBlM+nTACcBkIFiAzvwkKqGE+R1bBg0BzfO3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUea5F77USwHFQwukcGZPsvuGEimUwHwYDVR0j BBgwFoAU/XxaRKPKr3zRQM/RxhYiul6i5iMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h MGY3OGJkNC1jMTliLTRkNDAtYWE1NC1lZDhkN2JjNzcyY2EvMC9GRDdDNUE0NEEz Q0FBRjdDRDE0MENGRDFDNjE2MjJCQTVFQTJFNjIzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRkQ3QzVBNDRBM0NBQUY3Q0QxNDBDRkQxQzYxNjIyQkE1RUEy RTYyMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTBmNzhiZDQtYzE5Yi00ZDQwLWFh NTQtZWQ4ZDdiYzc3MmNhLzAvRkQ3QzVBNDRBM0NBQUY3Q0QxNDBDRkQxQzYxNjIy QkE1RUEyRTYyMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABiCofOk0elm6SlsXWzShGva4/cG5CxvisPv SwJPpUSI0XMil8IBF+l3YM6cnQorzjTQ857FdricArli95V/mw0ifYX8wcqONdLO /YuFaZToE2k6H6hOm138KkbScKbjpD+eK16bDiWVf6/oQ1UuyzApl3S1I90W2cGA L2s4QJ5A20StQ69dBflgk7yHmgw5qdqzQMHjdGF2bNn2IMnHooTM8mBSqGSJHk+j reBp3IjMz/q3Yl5vebVF11xAm0nL5oz3j6ePogky4bY4439CiEkwd9K85AQuCIX0 340CqeMH1k8nnR9w/D8Ff07eXwvde8QZ7INLDgNo1K/w2Ur80vQ= -----END CERTIFICATE-----Generated at Wed Apr 22 04:52:05 2026 by rpki-client