$ rpki-client -vvf repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft File: BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft (raw, json) Hash identifier: jGi5GOKp7rOOlWkZgRyZ+fGlGmgruJiXbve4P3OCzYQ= Subject key identifier: CD:49:84:95:19:F6:48:A8:6F:51:A8:A0:42:92:F3:D2:C2:7A:C1:0C Authority key identifier: BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A Certificate issuer: /CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Certificate serial: 01FF3F772E0D4FD567DDEAF7AF60EBD3C68B1376 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft Manifest number: 0138 Signing time: Mon 20 Apr 2026 14:21:20 +0000 Manifest this update: Mon 20 Apr 2026 14:16:20 +0000 Manifest next update: Thu 23 Apr 2026 23:07:20 +0000 Files and hashes: 1: 3135372e32302e3137382e302f32332d3233203d3e20313532343138.roa (hash: Qnnyi7gDeduqFHoOxDm0ej6IIeZV5kqDiu4+i5De3ZI=) 2: 3135372e32302e3137382e302f32342d3234203d3e20313532343138.roa (hash: foPeH94YxJOh2Wqv5gS26d6PmcQkpAdiKm2Z3R4p/G4=) 3: BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl (hash: R8877M7EmS/Suzy+rBgEUHST1KWztuG4KqlLmYB8DLU=) 4: 3135372e32302e3137392e302f32342d3234203d3e20313532343138.roa (hash: gHM5luFeEetgfWqiMHhu+lVFx8B4n56uDW1XsI2WvsE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 23:07:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:ff:3f:77:2e:0d:4f:d5:67:dd:ea:f7:af:60:eb:d3:c6:8b:13:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Validity Not Before: Apr 20 14:16:20 2026 GMT Not After : Apr 23 23:07:20 2026 GMT Subject: CN=CD49849519F648A86F51A8A04292F3D2C27AC10C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:95:6d:be:ba:e7:c2:20:ff:f4:ce:63:af:5c: 75:99:b9:0a:29:af:9b:2c:26:1d:ee:c3:f2:a2:6e: 2e:48:97:92:76:23:d1:3d:c3:4d:3a:7b:81:32:95: a9:1d:a6:ba:6b:d4:2c:f2:9c:6d:53:25:4d:a8:00: fd:66:72:a9:3a:08:86:75:23:68:a8:16:a8:0e:d9: cd:64:68:55:e6:c9:10:a3:8e:84:f7:8d:32:2a:49: 3d:f9:5f:0c:c7:47:6f:a4:4c:a2:06:69:2b:88:cc: 8e:ee:68:f4:77:7b:89:05:76:83:7a:40:b1:9f:eb: a6:bf:4d:c5:12:c1:d4:8a:c8:42:5e:fc:80:75:9b: ec:a4:6b:ec:18:59:7c:3b:1a:80:25:70:0c:6c:8f: f7:e6:c5:e0:ad:db:18:b9:30:69:af:5c:46:c3:1b: 0b:60:ed:67:fa:48:f4:3a:9e:9a:73:bf:a1:90:f5: 1b:0d:3d:45:15:2f:d5:5d:27:14:3f:96:4b:33:86: 3c:f0:a2:ba:0a:18:d3:e2:af:85:00:2e:7b:24:e5: 72:3f:f3:47:f6:04:53:71:cc:d5:b1:ea:e1:1b:a1: 00:cb:93:5e:ab:8d:2d:d1:58:46:a4:44:2f:4c:15: 54:67:92:7d:48:e3:62:d7:29:de:3f:52:03:0e:da: 16:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:49:84:95:19:F6:48:A8:6F:51:A8:A0:42:92:F3:D2:C2:7A:C1:0C X509v3 Authority Key Identifier: keyid:BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:1d:6b:91:de:2b:c5:7a:35:a4:f9:3d:a1:77:13:9a:a4:ac: 82:86:84:ea:ce:65:0f:76:ca:00:07:0a:4f:c8:30:eb:35:50: 1e:7e:78:75:e5:00:ef:80:71:e8:69:61:bd:d4:47:e9:c1:6a: 1e:b2:ab:e3:97:45:c5:ec:50:0d:ba:dc:40:42:95:44:41:39: 08:6f:ea:78:ad:92:5b:13:db:de:fe:15:48:40:0d:8f:51:8d: 46:00:c7:3a:52:91:6e:95:a4:56:63:d5:61:8f:96:84:b8:71: 9b:51:6b:3b:8b:c1:e8:9d:fb:f7:2e:dd:37:a8:5b:1a:58:6a: 08:e4:cd:12:9f:74:f4:20:32:46:6e:71:6d:43:ae:ae:d3:ca: 2c:11:85:dd:3c:01:6b:b3:24:3f:88:58:a5:d2:b8:94:98:b4: fc:af:a1:d6:ff:03:74:a2:d6:1c:a8:ab:e4:01:29:c6:8c:6e: 89:e8:15:a6:92:96:5f:73:03:7d:68:ec:0b:fe:5d:b1:60:66: 1c:e3:8c:95:0f:9e:79:ae:1c:0e:4a:10:93:7e:d3:e8:fb:b2: 6b:c3:d6:2a:5c:05:86:74:ef:b7:55:0a:d6:17:4a:a9:63:19: aa:d1:17:47:3e:fb:25:6a:d0:1b:6c:1f:f1:c5:e5:16:0c:6f: fd:4e:20:87 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAf8/dy4NT9Vn3er3r2Dr08aLE3YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYz NjE4MjMxQTAeFw0yNjA0MjAxNDE2MjBaFw0yNjA0MjMyMzA3MjBaMDMxMTAvBgNV BAMTKENENDk4NDk1MTlGNjQ4QTg2RjUxQThBMDQyOTJGM0QyQzI3QUMxMEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDilW2+uufCIP/0zmOvXHWZuQop r5ssJh3uw/Kibi5Il5J2I9E9w006e4Eylakdprpr1CzynG1TJU2oAP1mcqk6CIZ1 I2ioFqgO2c1kaFXmyRCjjoT3jTIqST35XwzHR2+kTKIGaSuIzI7uaPR3e4kFdoN6 QLGf66a/TcUSwdSKyEJe/IB1m+yka+wYWXw7GoAlcAxsj/fmxeCt2xi5MGmvXEbD Gwtg7Wf6SPQ6nppzv6GQ9RsNPUUVL9VdJxQ/lkszhjzworoKGNPir4UALnsk5XI/ 80f2BFNxzNWx6uEboQDLk16rjS3RWEakRC9MFVRnkn1I42LXKd4/UgMO2hZFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzUmElRn2SKhvUaigQpLz0sJ6wQwwHwYDVR0j BBgwFoAUvZt6icheDfZ4b1vVHUt9ljYYIxowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MzYwNjZlOC04ZTE5LTRkZTctOTQ3Yi05NGVlM2NkMDlmODUvMC9CRDlCN0E4OUM4 NUUwREY2Nzg2RjVCRDUxRDRCN0Q5NjM2MTgyMzFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYzNjE4 MjMxQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjM2MDY2ZTgtOGUxOS00ZGU3LTk0 N2ItOTRlZTNjZDA5Zjg1LzAvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdE OTYzNjE4MjMxQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJMda5HeK8V6NaT5PaF3E5qkrIKGhOrOZQ92 ygAHCk/IMOs1UB5+eHXlAO+AcehpYb3UR+nBah6yq+OXRcXsUA263EBClURBOQhv 6nitklsT297+FUhADY9RjUYAxzpSkW6VpFZj1WGPloS4cZtRazuLweid+/cu3Teo WxpYagjkzRKfdPQgMkZucW1Drq7TyiwRhd08AWuzJD+IWKXSuJSYtPyvodb/A3Si 1hyoq+QBKcaMbonoFaaSll9zA31o7Av+XbFgZhzjjJUPnnmuHA5KEJN+0+j7smvD 1ipcBYZ077dVCtYXSqljGarRF0c++yVq0BtsH/HF5RYMb/1OIIc= -----END CERTIFICATE-----Generated at Wed Apr 22 04:53:56 2026 by rpki-client