$ rpki-client -vvf repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft File: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft (raw, json) Hash identifier: PyZPH50lVOfLtRQCusIP6HsTAdBxXpN8s7wcwOO//0M= Subject key identifier: 69:FE:E8:27:91:95:67:A3:02:07:47:08:7F:25:8F:8D:DF:10:53:13 Authority key identifier: 2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 Certificate issuer: /CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Certificate serial: 015ED1A9FD9DDC00049D88080DF0A267682AACDD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft Manifest number: 19 Signing time: Tue 21 Apr 2026 21:31:14 +0000 Manifest this update: Tue 21 Apr 2026 21:26:14 +0000 Manifest next update: Sat 25 Apr 2026 08:12:14 +0000 Files and hashes: 1: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl (hash: MAuX6NN/YRZYKRoHC/mZf5Vfo5uDki0L1pSacdu1kdg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 13:19:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:5e:d1:a9:fd:9d:dc:00:04:9d:88:08:0d:f0:a2:67:68:2a:ac:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Validity Not Before: Apr 21 21:26:14 2026 GMT Not After : Apr 25 08:12:14 2026 GMT Subject: CN=69FEE827919567A3020747087F258F8DDF105313 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:72:f1:b8:a6:19:55:a1:78:18:11:64:f7:2f: 21:31:d8:68:1b:58:97:9f:e6:05:cc:9e:0c:3e:18: c8:52:3f:45:51:5e:bb:00:a7:6a:d8:f1:52:cb:28: dc:d1:50:3f:f3:10:bd:14:9f:14:e7:17:a1:f5:d9: e8:ae:2c:c2:53:76:47:06:cc:e4:7b:ac:b7:5d:b8: 42:91:0f:cd:76:52:48:39:de:09:26:5d:bb:de:0f: 3d:0c:cd:a3:34:56:81:23:ed:35:83:d3:10:bf:3f: c9:af:07:6d:8a:b4:0f:bb:dc:ed:7c:7c:44:90:65: ac:dd:88:bf:99:82:33:32:44:f6:66:a8:f3:2b:b4: d8:59:43:75:0c:74:4f:62:4e:97:50:35:44:95:2f: ea:ad:2b:c4:d6:d4:5a:99:c7:94:9e:66:ad:a1:fb: b4:a0:ca:ed:63:c2:08:ea:82:ba:29:f7:c7:3a:3d: 79:13:5e:94:93:9f:cd:fe:db:42:c9:51:e7:a8:73: ca:ea:d5:0a:05:a2:11:e5:57:35:db:b2:3f:11:4e: 44:b6:e8:ac:2f:5f:b5:6c:d8:5c:4c:7d:7a:82:45: 24:8d:3e:df:93:c6:be:78:8c:30:c4:bc:ed:aa:cd: 58:d6:70:b3:09:68:44:56:fc:6f:a3:ce:0e:78:63: b3:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:FE:E8:27:91:95:67:A3:02:07:47:08:7F:25:8F:8D:DF:10:53:13 X509v3 Authority Key Identifier: keyid:2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:2d:b4:92:8c:34:a9:36:ce:69:aa:e7:3e:55:ef:80:b8:6c: 8b:21:05:0f:8d:d0:f3:4b:ea:3e:60:59:30:a2:22:1f:0b:2c: 23:ea:32:04:34:a9:40:3f:c2:88:3a:68:ac:63:4c:04:af:83: 0c:64:4a:b0:21:aa:73:58:21:9c:60:3a:45:12:b3:7e:09:f0: 2f:e1:5d:56:66:a2:73:19:f8:02:69:90:20:ea:6b:2e:6e:0f: 2b:21:e0:20:10:67:87:10:25:e2:fa:32:4e:5c:c3:b1:ab:35: 08:55:b7:48:6d:64:b2:15:b0:aa:ba:76:88:3d:81:3f:14:34: 59:47:e2:6a:a4:ce:37:1a:08:3b:eb:fb:c4:88:07:fc:b0:62: d9:e4:79:7c:fe:57:fa:6a:ab:2c:8b:fa:5f:f2:f5:b4:a9:4f: 03:b8:29:8d:26:63:91:b0:75:51:05:f5:99:c7:d1:75:92:c0: c7:11:fe:65:b5:c7:77:87:92:5c:d0:04:46:fc:ef:84:54:d1: 38:44:80:95:1a:96:d1:e7:ae:b4:fc:93:45:95:08:b6:82:1f: 4f:30:55:99:5c:e6:aa:8e:45:3b:d9:36:e1:0e:bf:79:9a:e1: af:ae:1a:ed:39:b2:d8:a8:e3:85:94:69:46:5b:6b:9d:80:a7: 5b:63:f9:ca -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAV7Rqf2d3AAEnYgIDfCiZ2gqrN0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlC QjExMjdGNzAeFw0yNjA0MjEyMTI2MTRaFw0yNjA0MjUwODEyMTRaMDMxMTAvBgNV BAMTKDY5RkVFODI3OTE5NTY3QTMwMjA3NDcwODdGMjU4RjhEREYxMDUzMTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwcvG4phlVoXgYEWT3LyEx2Ggb WJef5gXMngw+GMhSP0VRXrsAp2rY8VLLKNzRUD/zEL0UnxTnF6H12eiuLMJTdkcG zOR7rLdduEKRD812Ukg53gkmXbveDz0MzaM0VoEj7TWD0xC/P8mvB22KtA+73O18 fESQZazdiL+ZgjMyRPZmqPMrtNhZQ3UMdE9iTpdQNUSVL+qtK8TW1FqZx5SeZq2h +7Sgyu1jwgjqgrop98c6PXkTXpSTn83+20LJUeeoc8rq1QoFohHlVzXbsj8RTkS2 6KwvX7Vs2FxMfXqCRSSNPt+Txr54jDDEvO2qzVjWcLMJaERW/G+jzg54Y7M5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUaf7oJ5GVZ6MCB0cIfyWPjd8QUxMwHwYDVR0j BBgwFoAULY//29GvkHo+ew6CGaNzGbsRJ/cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YmRlM2E0Mi02MjcyLTRiNmMtYWQ4MS1jY2NmYmU5NDg4YzAvMS8yRDhGRkZEQkQx QUY5MDdBM0U3QjBFODIxOUEzNzMxOUJCMTEyN0Y3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlCQjEx MjdGNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2JkZTNhNDItNjI3Mi00YjZjLWFk ODEtY2NjZmJlOTQ4OGMwLzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzcz MTlCQjExMjdGNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAA8ttJKMNKk2zmmq5z5V74C4bIshBQ+N0PNL 6j5gWTCiIh8LLCPqMgQ0qUA/wog6aKxjTASvgwxkSrAhqnNYIZxgOkUSs34J8C/h XVZmonMZ+AJpkCDqay5uDysh4CAQZ4cQJeL6Mk5cw7GrNQhVt0htZLIVsKq6dog9 gT8UNFlH4mqkzjcaCDvr+8SIB/ywYtnkeXz+V/pqqyyL+l/y9bSpTwO4KY0mY5Gw dVEF9ZnH0XWSwMcR/mW1x3eHklzQBEb874RU0ThEgJUaltHnrrT8k0WVCLaCH08w VZlc5qqORTvZNuEOv3ma4a+uGu05stio44WUaUZba52Ap1tj+co= -----END CERTIFICATE-----Generated at Wed Apr 22 04:52:45 2026 by rpki-client