$ rpki-client -vvf repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft File: 67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft (raw, json) Hash identifier: VITU7IBU9swCmRSbBlnKNAprvGgtDKUOCVgdJmW9Ny4= Subject key identifier: B9:C1:B0:A7:53:FD:75:A4:87:54:F4:BF:E4:F8:00:17:B9:EA:6F:6C Authority key identifier: 67:A4:28:D3:DC:89:DD:EF:5B:E7:AC:43:FB:7C:88:17:5E:C3:87:1F Certificate issuer: /CN=67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F Certificate serial: 64AA6CFD951FF398E1E01A62AF74AB76A094962B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft Manifest number: 021B Signing time: Tue 21 Apr 2026 18:11:34 +0000 Manifest this update: Tue 21 Apr 2026 18:06:34 +0000 Manifest next update: Fri 24 Apr 2026 20:55:34 +0000 Files and hashes: 1: 67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl (hash: X/ngy/VhhvJy0iIfZopwZBgQRbrxQvgcWeZH7VWusEg=) 2: 3130332e35392e39342e302f32332d3234203d3e20313336303532.roa (hash: 8iEgHOEIqDfpr7gSt8jxyho1deCIzw83qW565uPVSgs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 20:55:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:aa:6c:fd:95:1f:f3:98:e1:e0:1a:62:af:74:ab:76:a0:94:96:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F Validity Not Before: Apr 21 18:06:34 2026 GMT Not After : Apr 24 20:55:34 2026 GMT Subject: CN=B9C1B0A753FD75A48754F4BFE4F80017B9EA6F6C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:46:81:cd:b8:54:c8:bc:95:e9:5b:e2:a4: 83:d8:e2:00:24:2e:ed:d5:e8:f1:3e:95:22:14:b3: 35:9d:3f:2d:0c:dd:26:d1:e0:a9:25:29:1b:e1:e3: 2c:33:eb:c2:f1:2d:9e:55:15:8f:7c:0f:32:ba:02: af:6c:09:ee:1c:17:eb:44:54:82:10:66:2f:80:98: df:08:4a:c5:0e:d0:3b:64:f7:2c:5b:24:ca:16:35: b6:07:69:8e:ac:05:ff:6b:f0:5c:c5:ee:ad:53:20: 04:b6:d9:b5:67:75:a0:7e:54:f8:10:0d:d8:91:bf: 20:57:db:ae:93:b3:f9:a5:d7:08:01:34:8c:0f:1e: 08:a0:c4:5a:35:31:15:ac:43:53:39:05:89:95:f6: 55:20:9c:ff:a3:e4:23:3d:59:e7:7a:87:59:04:85: 24:1e:e5:34:ed:9d:d2:78:35:74:89:13:67:f5:9c: 3f:17:25:af:46:b6:6c:22:81:82:ec:ac:8a:e4:4d: b6:80:9f:9b:e1:b0:df:2e:fe:e9:32:d5:c0:2c:b3: 8c:3a:fe:6c:75:ff:27:6f:82:2f:8b:a9:b1:d9:0e: 41:89:21:55:ce:46:5b:16:92:af:cf:c6:2a:9e:4b: e7:0b:bd:76:1f:06:a9:4c:94:46:db:0e:fd:f0:9f: d1:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:C1:B0:A7:53:FD:75:A4:87:54:F4:BF:E4:F8:00:17:B9:EA:6F:6C X509v3 Authority Key Identifier: keyid:67:A4:28:D3:DC:89:DD:EF:5B:E7:AC:43:FB:7C:88:17:5E:C3:87:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:53:75:8e:33:1a:ab:f4:b9:ac:10:73:36:20:09:4f:3a:9b: c9:90:f9:0d:6d:cd:df:fb:4d:6e:7c:c1:5b:07:ab:64:f9:99: 16:96:26:49:4e:2c:fa:12:84:7e:c6:ff:db:b4:52:2c:70:43: 1e:dd:3b:02:d4:0a:cd:60:9a:8b:96:aa:8c:77:c5:72:27:dc: 85:6f:c4:c5:a6:e7:db:ae:47:19:f3:d7:54:67:95:d2:a4:db: 64:19:2a:bb:5b:4a:1a:2b:95:e5:6d:e8:f2:51:21:3b:a8:f0: 63:bd:7b:d3:ee:0d:ff:4f:d7:2f:a7:2d:54:f3:76:9f:17:66: ea:70:c0:3e:51:a7:24:e1:d2:21:5f:b5:c4:6d:e5:e4:90:77: 36:d6:97:2c:ed:0c:86:dd:d2:97:b6:88:98:5f:44:ab:c9:31: d8:4c:97:90:55:e5:f9:02:dc:ae:d3:ff:b9:d6:d9:f8:d3:c7: 6e:93:fc:e6:77:6e:60:a2:be:40:bb:e6:cc:95:28:3d:12:7b: 02:d3:74:4b:8a:e1:eb:bf:c2:c1:fa:6b:55:b6:4f:8a:aa:99: da:70:91:17:3b:cd:80:c6:0e:57:cf:9c:17:a6:22:51:6b:61: e3:77:33:66:af:53:dc:a0:82:c8:5e:ef:d6:0b:0d:50:a7:0b: 91:5e:d4:da -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZKps/ZUf85jh4Bpir3SrdqCUliswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4MTc1 RUMzODcxRjAeFw0yNjA0MjExODA2MzRaFw0yNjA0MjQyMDU1MzRaMDMxMTAvBgNV BAMTKEI5QzFCMEE3NTNGRDc1QTQ4NzU0RjRCRkU0RjgwMDE3QjlFQTZGNkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrLEaBzbhUyLyV6VvipIPY4gAk Lu3V6PE+lSIUszWdPy0M3SbR4KklKRvh4ywz68LxLZ5VFY98DzK6Aq9sCe4cF+tE VIIQZi+AmN8ISsUO0Dtk9yxbJMoWNbYHaY6sBf9r8FzF7q1TIAS22bVndaB+VPgQ DdiRvyBX266Ts/ml1wgBNIwPHgigxFo1MRWsQ1M5BYmV9lUgnP+j5CM9Wed6h1kE hSQe5TTtndJ4NXSJE2f1nD8XJa9GtmwigYLsrIrkTbaAn5vhsN8u/uky1cAss4w6 /mx1/ydvgi+LqbHZDkGJIVXORlsWkq/PxiqeS+cLvXYfBqlMlEbbDv3wn9F7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUucGwp1P9daSHVPS/5PgAF7nqb2wwHwYDVR0j BBgwFoAUZ6Qo09yJ3e9b56xD+3yIF17Dhx8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NjZhOGYyOC05YTAzLTQzNzYtYjYxMi0zMWY1YWQxYzFlZDYvMC82N0E0MjhEM0RD ODlEREVGNUJFN0FDNDNGQjdDODgxNzVFQzM4NzFGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4MTc1RUMz ODcxRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTY2YThmMjgtOWEwMy00Mzc2LWI2 MTItMzFmNWFkMWMxZWQ2LzAvNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4 MTc1RUMzODcxRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAANTdY4zGqv0uawQczYgCU86m8mQ+Q1tzd/7 TW58wVsHq2T5mRaWJklOLPoShH7G/9u0UixwQx7dOwLUCs1gmouWqox3xXIn3IVv xMWm59uuRxnz11RnldKk22QZKrtbShorleVt6PJRITuo8GO9e9PuDf9P1y+nLVTz dp8XZupwwD5RpyTh0iFftcRt5eSQdzbWlyztDIbd0pe2iJhfRKvJMdhMl5BV5fkC 3K7T/7nW2fjTx26T/OZ3bmCivkC75syVKD0SewLTdEuK4eu/wsH6a1W2T4qqmdpw kRc7zYDGDlfPnBemIlFrYeN3M2avU9yggshe79YLDVCnC5Fe1No= -----END CERTIFICATE-----Generated at Wed Apr 22 07:25:54 2026 by rpki-client