$ rpki-client -vvf repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft File: 4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft (raw, json) Hash identifier: RdVEbwXSxcc1AIuidAScGGqO6QPh7GojxE9Uxn2BKwI= Subject key identifier: B7:B8:5C:2B:02:45:02:B1:A4:62:01:1D:87:59:C6:A6:E7:46:B2:97 Authority key identifier: 44:43:E4:32:39:D3:F5:B9:67:4F:2F:5B:5A:37:71:14:34:C4:8A:F2 Certificate issuer: /CN=4443E43239D3F5B9674F2F5B5A37711434C48AF2 Certificate serial: 7F9A48540322AC09476577B9D7D247B3E3181356 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4443E43239D3F5B9674F2F5B5A37711434C48AF2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft Manifest number: 010A Signing time: Mon 20 Apr 2026 04:12:14 +0000 Manifest this update: Mon 20 Apr 2026 04:07:14 +0000 Manifest next update: Thu 23 Apr 2026 12:18:14 +0000 Files and hashes: 1: 3130332e3134332e3233322e302f32332d3233203d3e20313339343038.roa (hash: Sds95Ss3ilJlMKDO38Rkj40VQdzRD9GgP564MrRxXGU=) 2: 323430353a356534303a3a2f33322d3332203d3e20313339343038.roa (hash: sRyhu6fDfcemdhV/NAA1n4G4NdnybRSnokvW0ioWtBY=) 3: 3130332e3134332e3233322e302f32342d3234203d3e20313339343038.roa (hash: IGC+YzF7hbNTh+lU4Xp4ZN99v7lUHzjLqU8mpRmWZMw=) 4: 3130332e3134332e3233332e302f32342d3234203d3e20313339343038.roa (hash: mDFd08tPILLw1T3gAXQau9nwubN6g+t2GLdqlL1NiMc=) 5: 4443E43239D3F5B9674F2F5B5A37711434C48AF2.crl (hash: iptafzpocFy3aNFWZ2gtsiAB74pKgvFVrWjdrQd5trA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.crl rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4443E43239D3F5B9674F2F5B5A37711434C48AF2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 12:18:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:9a:48:54:03:22:ac:09:47:65:77:b9:d7:d2:47:b3:e3:18:13:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4443E43239D3F5B9674F2F5B5A37711434C48AF2 Validity Not Before: Apr 20 04:07:14 2026 GMT Not After : Apr 23 12:18:14 2026 GMT Subject: CN=B7B85C2B024502B1A462011D8759C6A6E746B297 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d2:53:e6:2b:1c:9c:dd:b7:23:29:b0:f9:71: 33:75:df:51:fa:7d:da:ad:b4:87:c3:e5:ee:c3:cf: cd:de:b2:30:85:86:95:82:44:51:70:61:8a:9c:90: d3:3a:be:0d:a6:d9:52:d9:0a:3b:75:61:dc:f5:50: cd:e2:80:05:d8:18:6b:ce:c5:91:b2:10:f2:c5:d4: b1:ac:42:de:df:4c:fa:51:ee:d0:83:23:34:39:da: d0:2f:96:09:23:c2:86:fa:e9:55:25:84:64:f1:44: a6:61:16:65:d5:e4:aa:28:e9:1f:cb:07:d8:c0:c6: cc:4d:88:f0:59:3a:cc:d9:2f:9e:55:75:09:88:f9: 5f:67:58:d7:3b:b7:49:20:85:6a:8e:51:64:ee:86: 33:e8:91:79:c2:ca:b6:65:17:3e:8a:5d:ac:d2:63: 10:a0:aa:7f:01:ea:b5:85:3a:4e:c4:57:e7:bc:0d: 93:4c:69:2e:5f:6c:1e:50:75:d7:c5:75:05:53:9e: 7d:5e:b3:6a:69:ae:2d:f3:39:c7:40:30:4f:06:30: 06:51:02:1f:c7:62:67:34:9b:87:65:01:fd:01:28: 6d:52:3d:02:60:55:d5:29:95:d9:c0:04:ff:f7:44: 6e:e3:1e:7b:37:6d:1e:df:85:8b:05:78:cc:40:9c: f4:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:B8:5C:2B:02:45:02:B1:A4:62:01:1D:87:59:C6:A6:E7:46:B2:97 X509v3 Authority Key Identifier: keyid:44:43:E4:32:39:D3:F5:B9:67:4F:2F:5B:5A:37:71:14:34:C4:8A:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4443E43239D3F5B9674F2F5B5A37711434C48AF2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:14:8a:1a:88:58:62:b6:46:9a:29:e7:fd:8c:69:a8:ee:01: b3:e1:5d:f2:0a:aa:c6:de:00:c4:63:f8:e2:37:19:97:9d:74: d9:08:cb:59:ad:23:a1:8f:98:94:94:96:e4:b6:1f:e2:44:22: b1:52:6d:db:e1:50:d4:05:7f:6d:28:9f:91:2f:55:83:32:70: 35:00:f5:39:55:81:7b:14:37:a8:51:65:b3:7c:b1:4a:a2:4d: 7c:ed:92:a0:f7:24:36:c2:89:13:1b:00:86:14:19:37:8c:33: 53:0d:53:2c:5f:04:55:11:69:b9:00:be:93:fa:2f:ff:67:e3: b2:81:7f:ea:cb:68:b2:41:7d:dd:d1:99:01:4c:43:b1:c6:37: d9:1d:6a:d0:a4:fc:19:68:bd:00:9c:6c:41:7a:4b:b2:78:84: 32:46:bb:40:0a:fa:8b:b0:6a:45:00:43:b8:ba:68:15:e2:94: 14:57:27:5e:5c:9d:00:42:98:56:47:d8:39:52:19:bc:e7:e5: d6:92:32:ce:9c:89:23:7f:f0:87:63:a4:59:d2:93:a5:9b:f3: 15:90:82:4f:9b:4f:34:75:85:57:68:fc:f1:55:29:58:30:49: 61:f5:07:c3:29:ff:5a:32:d4:87:7e:c3:ff:09:b9:47:36:3c: 85:4a:11:09 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUf5pIVAMirAlHZXe519JHs+MYE1YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDQ0M0U0MzIzOUQzRjVCOTY3NEYyRjVCNUEzNzcxMTQz NEM0OEFGMjAeFw0yNjA0MjAwNDA3MTRaFw0yNjA0MjMxMjE4MTRaMDMxMTAvBgNV BAMTKEI3Qjg1QzJCMDI0NTAyQjFBNDYyMDExRDg3NTlDNkE2RTc0NkIyOTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy0lPmKxyc3bcjKbD5cTN131H6 fdqttIfD5e7Dz83esjCFhpWCRFFwYYqckNM6vg2m2VLZCjt1Ydz1UM3igAXYGGvO xZGyEPLF1LGsQt7fTPpR7tCDIzQ52tAvlgkjwob66VUlhGTxRKZhFmXV5Koo6R/L B9jAxsxNiPBZOszZL55VdQmI+V9nWNc7t0kghWqOUWTuhjPokXnCyrZlFz6KXazS YxCgqn8B6rWFOk7EV+e8DZNMaS5fbB5QddfFdQVTnn1es2ppri3zOcdAME8GMAZR Ah/HYmc0m4dlAf0BKG1SPQJgVdUpldnABP/3RG7jHns3bR7fhYsFeMxAnPTJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUt7hcKwJFArGkYgEdh1nGpudGspcwHwYDVR0j BBgwFoAUREPkMjnT9blnTy9bWjdxFDTEivIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k NmM4YjNhOS00ZWZmLTQ2MGQtYjAxZC02YmE1ZDk5ZGFkYjkvMC80NDQzRTQzMjM5 RDNGNUI5Njc0RjJGNUI1QTM3NzExNDM0QzQ4QUYyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDQ0M0U0MzIzOUQzRjVCOTY3NEYyRjVCNUEzNzcxMTQzNEM0 OEFGMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDZjOGIzYTktNGVmZi00NjBkLWIw MWQtNmJhNWQ5OWRhZGI5LzAvNDQ0M0U0MzIzOUQzRjVCOTY3NEYyRjVCNUEzNzcx MTQzNEM0OEFGMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJUUihqIWGK2Rpop5/2MaajuAbPhXfIKqsbe AMRj+OI3GZeddNkIy1mtI6GPmJSUluS2H+JEIrFSbdvhUNQFf20on5EvVYMycDUA 9TlVgXsUN6hRZbN8sUqiTXztkqD3JDbCiRMbAIYUGTeMM1MNUyxfBFURabkAvpP6 L/9n47KBf+rLaLJBfd3RmQFMQ7HGN9kdatCk/BlovQCcbEF6S7J4hDJGu0AK+ouw akUAQ7i6aBXilBRXJ15cnQBCmFZH2DlSGbzn5daSMs6ciSN/8IdjpFnSk6Wb8xWQ gk+bTzR1hVdo/PFVKVgwSWH1B8Mp/1oy1Id+w/8JuUc2PIVKEQk= -----END CERTIFICATE-----Generated at Wed Apr 22 07:24:29 2026 by rpki-client