$ rpki-client -vvf repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft File: BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft (raw, json) Hash identifier: Vo6T5lhG+dhvo9aCpmKRkXYy8zMxHCs0HEOHC0ObrRQ= Subject key identifier: B7:8D:E6:D0:9F:8A:37:A3:C7:50:F4:92:75:A1:43:7C:21:C4:BD:69 Authority key identifier: BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 Certificate issuer: /CN=BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244 Certificate serial: 6C9F03BB2E037D83947DB7BFE3328C3F1D1A5056 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft Manifest number: 0132 Signing time: Mon 20 Apr 2026 13:11:00 +0000 Manifest this update: Mon 20 Apr 2026 13:06:00 +0000 Manifest next update: Thu 23 Apr 2026 18:09:00 +0000 Files and hashes: 1: 3136302e32302e33392e302f32342d3234203d3e20313532373637.roa (hash: dfqwYxLH5QYhiLVnY2GmJqFlJKfkF/OcC5X4KBWCcjE=) 2: BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.crl (hash: TJXiJLx7ocACStYOJL4OA/r7Rc+xk10QQXQ1LzzVHDk=) 3: 3136302e32302e33382e302f32342d3234203d3e20313532373637.roa (hash: 83JkWRcxdUQ/IgND2nin0+HipBN6wE/MI6TAB2DlRtw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.crl rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 18:09:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:9f:03:bb:2e:03:7d:83:94:7d:b7:bf:e3:32:8c:3f:1d:1a:50:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244 Validity Not Before: Apr 20 13:06:00 2026 GMT Not After : Apr 23 18:09:00 2026 GMT Subject: CN=B78DE6D09F8A37A3C750F49275A1437C21C4BD69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a4:17:82:f6:7e:ec:68:2b:db:22:da:db:7e: f9:ed:ab:5e:75:7e:fc:a5:c2:90:a2:c4:b4:94:0e: 05:28:3b:28:ae:a3:bb:58:4c:11:d2:f1:2d:4d:3d: 0f:30:90:cf:26:10:12:b7:6a:df:70:ab:d0:19:27: e5:1a:0c:fa:8b:62:fe:a1:58:51:92:21:1d:04:a7: bd:82:02:af:e3:a2:10:dc:85:95:21:c3:a5:ab:c1: e1:3d:38:fb:8c:19:06:96:04:7d:12:33:56:5c:ea: 66:50:56:3c:fd:3c:8e:b3:8e:10:68:24:fb:86:42: f2:d2:e3:92:9d:03:37:b2:af:94:53:e6:8a:31:51: a5:e9:33:38:70:0d:9e:f9:6d:c7:32:22:5f:12:7d: ef:68:d7:0f:b0:2b:60:46:7c:ad:4b:3d:4d:aa:d3: 60:6b:bc:a1:bb:45:bc:2c:69:32:b1:29:66:6c:d4: 3e:96:12:b2:f8:db:3e:93:0e:57:85:65:69:9c:75: f2:2e:dd:50:e1:a6:1c:95:78:71:7d:ca:14:38:0c: ae:b9:22:88:0e:26:3f:03:f0:4e:61:77:36:1c:cd: 1a:7f:2c:61:67:66:a0:50:4a:27:7b:05:be:b5:b3: 30:72:c2:a6:ae:f1:b5:31:87:97:04:83:0a:c9:f7: b0:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:8D:E6:D0:9F:8A:37:A3:C7:50:F4:92:75:A1:43:7C:21:C4:BD:69 X509v3 Authority Key Identifier: keyid:BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:e9:88:a2:5e:96:42:02:e2:3a:84:05:c7:93:46:9d:6e:bb: c4:a6:48:b8:f5:39:b2:82:33:e9:01:14:65:1c:8b:6c:43:c9: 92:67:bf:8c:24:07:a7:19:82:28:dd:42:e2:51:4f:af:e9:14: 07:2c:7d:9b:11:34:02:4e:0e:46:f0:70:94:ce:37:a4:bc:c8: a8:bf:48:ac:1c:57:f8:73:c0:d6:d6:6e:f6:13:b1:94:01:19: 99:e0:e2:77:05:c9:94:f1:50:30:46:4b:53:69:a9:04:df:55: 3a:3d:12:b1:06:75:3e:d8:a8:af:b3:fa:c5:2d:ed:a3:03:9b: 63:32:ad:59:b1:41:5a:84:4d:38:ee:0c:9e:52:67:e0:78:ea: 17:e3:22:35:03:ad:8b:a9:42:d7:d9:fd:09:b5:da:f8:49:8d: da:58:c4:29:0b:43:f4:90:89:59:f8:f3:ec:f2:7e:32:d0:9e: 33:34:b3:c8:79:56:5b:47:9c:0c:c5:ae:b1:5e:c7:ab:be:2c: 16:23:52:d5:33:13:47:d3:23:7e:03:f9:c9:87:8c:2f:dd:fe: a2:9b:44:a6:ad:0c:7d:49:bd:b1:41:68:f5:6f:2f:52:f3:26: 90:65:58:46:4f:09:ea:5b:71:6c:61:6f:c2:2a:29:ba:2a:2c: 36:c3:75:49 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbJ8Duy4DfYOUfbe/4zKMPx0aUFYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkNBMEMxRUY1QTRBQjNBRUY0MjVFMTVBQjg5QTE5Q0RF NTY4ODI0NDAeFw0yNjA0MjAxMzA2MDBaFw0yNjA0MjMxODA5MDBaMDMxMTAvBgNV BAMTKEI3OERFNkQwOUY4QTM3QTNDNzUwRjQ5Mjc1QTE0MzdDMjFDNEJENjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzpBeC9n7saCvbItrbfvntq151 fvylwpCixLSUDgUoOyiuo7tYTBHS8S1NPQ8wkM8mEBK3at9wq9AZJ+UaDPqLYv6h WFGSIR0Ep72CAq/johDchZUhw6WrweE9OPuMGQaWBH0SM1Zc6mZQVjz9PI6zjhBo JPuGQvLS45KdAzeyr5RT5ooxUaXpMzhwDZ75bccyIl8Sfe9o1w+wK2BGfK1LPU2q 02BrvKG7RbwsaTKxKWZs1D6WErL42z6TDleFZWmcdfIu3VDhphyVeHF9yhQ4DK65 IogOJj8D8E5hdzYczRp/LGFnZqBQSid7Bb61szBywqau8bUxh5cEgwrJ97AFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUt43m0J+KN6PHUPSSdaFDfCHEvWkwHwYDVR0j BBgwFoAUvKDB71pKs670JeFauJoZzeVogkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZmU3ZGFjYy0yYjQ1LTQxNDEtOTc3NS1mMWJiOWYwNTIzOTYvMC9CQ0EwQzFFRjVB NEFCM0FFRjQyNUUxNUFCODlBMTlDREU1Njg4MjQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkNBMEMxRUY1QTRBQjNBRUY0MjVFMTVBQjg5QTE5Q0RFNTY4 ODI0NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGZlN2RhY2MtMmI0NS00MTQxLTk3 NzUtZjFiYjlmMDUyMzk2LzAvQkNBMEMxRUY1QTRBQjNBRUY0MjVFMTVBQjg5QTE5 Q0RFNTY4ODI0NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE/piKJelkIC4jqEBceTRp1uu8SmSLj1ObKC M+kBFGUci2xDyZJnv4wkB6cZgijdQuJRT6/pFAcsfZsRNAJODkbwcJTON6S8yKi/ SKwcV/hzwNbWbvYTsZQBGZng4ncFyZTxUDBGS1NpqQTfVTo9ErEGdT7YqK+z+sUt 7aMDm2MyrVmxQVqETTjuDJ5SZ+B46hfjIjUDrYupQtfZ/Qm12vhJjdpYxCkLQ/SQ iVn48+zyfjLQnjM0s8h5VltHnAzFrrFex6u+LBYjUtUzE0fTI34D+cmHjC/d/qKb RKatDH1JvbFBaPVvL1LzJpBlWEZPCepbcWxhb8IqKboqLDbDdUk= -----END CERTIFICATE-----Generated at Wed Apr 22 04:55:19 2026 by rpki-client