$ rpki-client -vvf repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft File: 432AE9E2B00941EF8925409E82CA40508A4688B1.mft (raw, json) Hash identifier: Ba8pIoVoyG++a3vcMd7bBx2TiQVAdYZf0hdKqeUQOVE= Subject key identifier: CF:36:0E:BE:43:D9:2C:7C:CB:15:84:22:42:BE:F6:5A:B3:84:E4:3C Authority key identifier: 43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 Certificate issuer: /CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Certificate serial: 3791B3F5F0A730853600C89334F062F1FE830B53 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft Manifest number: 0175 Signing time: Mon 20 Apr 2026 17:42:11 +0000 Manifest this update: Mon 20 Apr 2026 17:37:11 +0000 Manifest next update: Fri 24 Apr 2026 01:52:11 +0000 Files and hashes: 1: 3135372e31302e3136302e302f32332d3234203d3e20313336303532.roa (hash: xTPoIlaNmn7dCA4oz4xbGajx7u9U25QUsQJawDHmNA8=) 2: 432AE9E2B00941EF8925409E82CA40508A4688B1.crl (hash: 3OUFX/P+I0d0ORuin6qtNSULug1VtxG1ft82dHv737w=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.crl rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 01:52:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:91:b3:f5:f0:a7:30:85:36:00:c8:93:34:f0:62:f1:fe:83:0b:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Validity Not Before: Apr 20 17:37:11 2026 GMT Not After : Apr 24 01:52:11 2026 GMT Subject: CN=CF360EBE43D92C7CCB15842242BEF65AB384E43C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:9b:49:d2:0e:bf:3b:69:58:f6:31:ff:ac:b0: 64:39:84:83:fe:57:df:64:6f:cb:fb:93:2d:a2:57: 33:4e:d5:7b:88:5c:55:24:c0:ef:18:13:19:b0:be: cf:86:3f:46:23:2e:3e:e2:d9:9e:6c:87:21:4a:ae: 4a:6e:ce:c1:8c:da:ec:75:17:2e:1f:01:52:81:a1: 80:38:4d:6b:54:a2:66:d8:3e:8b:86:84:11:51:67: 5e:9b:81:7e:d5:43:01:62:25:17:5b:e3:06:9f:94: 89:e2:d3:46:29:3e:5b:0b:14:6a:f7:f0:7c:b4:bc: c3:cf:dc:b2:c0:d4:7d:26:6f:63:2d:0c:05:a1:66: 89:94:a7:6f:25:77:36:b8:f1:3a:9a:4f:9c:ce:1c: 8a:9e:17:cf:6d:ef:82:b9:51:b6:80:91:b6:11:09: bf:c3:f7:08:89:2c:7c:ff:b0:1b:22:d4:9f:66:8a: af:4e:14:23:91:c0:7b:3e:98:6c:27:27:79:d2:75: c9:ff:09:c3:8e:52:7a:40:1b:e7:5e:59:5e:6c:ac: d5:ba:df:eb:2a:93:70:a4:17:24:c2:66:a2:fb:b1: 85:a0:2a:86:a4:e6:df:cd:94:af:7c:1c:2a:f4:0f: d5:34:d1:99:7f:ef:85:66:68:46:79:8c:71:09:60: 53:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:36:0E:BE:43:D9:2C:7C:CB:15:84:22:42:BE:F6:5A:B3:84:E4:3C X509v3 Authority Key Identifier: keyid:43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:0a:49:b9:68:5e:b8:75:df:69:ac:78:36:f6:c6:98:fd:5a: a0:be:71:f8:36:80:81:ae:8e:17:be:47:6d:ee:6c:41:5d:02: 9b:76:e6:25:74:db:83:d4:c8:72:dc:74:7f:52:4a:22:7c:ff: fa:ad:4e:2b:c2:c0:d1:93:0d:ee:80:69:17:1e:d8:ea:7d:04: fd:f5:c5:f8:5e:2c:ff:a4:5a:8d:a8:4b:55:e4:8d:e1:17:a7: f8:9a:b5:f2:fc:ba:cd:da:d8:5c:5d:51:47:79:aa:a3:cd:c2: c2:f0:a3:c7:30:44:a7:b3:ee:14:34:4e:8b:67:69:65:2e:8e: 67:cd:54:22:c1:2c:34:64:89:7a:e0:72:a5:74:17:16:93:fe: 3f:b1:db:f7:c1:d4:90:41:7d:8f:4d:bf:59:be:54:4b:df:af: e3:d3:f8:2e:8c:6c:2b:f8:8c:17:b1:b2:56:c3:c7:a9:3b:96: bf:33:52:8a:ac:cc:fe:2f:48:3e:5d:09:7c:d9:ac:47:81:12: da:6c:bf:e0:9a:c7:f4:7d:d6:b3:c2:9a:a6:e9:d0:98:51:6b: f1:18:53:90:dd:65:91:11:eb:27:06:e9:f6:26:03:5a:53:4a: ef:0d:79:55:59:c5:99:80:43:81:63:89:ae:9b:e1:84:e4:ae: f1:1d:d0:5f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUN5Gz9fCnMIU2AMiTNPBi8f6DC1MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQwNTA4 QTQ2ODhCMTAeFw0yNjA0MjAxNzM3MTFaFw0yNjA0MjQwMTUyMTFaMDMxMTAvBgNV BAMTKENGMzYwRUJFNDNEOTJDN0NDQjE1ODQyMjQyQkVGNjVBQjM4NEU0M0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDem0nSDr87aVj2Mf+ssGQ5hIP+ V99kb8v7ky2iVzNO1XuIXFUkwO8YExmwvs+GP0YjLj7i2Z5shyFKrkpuzsGM2ux1 Fy4fAVKBoYA4TWtUombYPouGhBFRZ16bgX7VQwFiJRdb4waflIni00YpPlsLFGr3 8Hy0vMPP3LLA1H0mb2MtDAWhZomUp28ldza48TqaT5zOHIqeF89t74K5UbaAkbYR Cb/D9wiJLHz/sBsi1J9miq9OFCORwHs+mGwnJ3nSdcn/CcOOUnpAG+deWV5srNW6 3+sqk3CkFyTCZqL7sYWgKoak5t/NlK98HCr0D9U00Zl/74VmaEZ5jHEJYFNJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzzYOvkPZLHzLFYQiQr72WrOE5DwwHwYDVR0j BBgwFoAUQyrp4rAJQe+JJUCegspAUIpGiLEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YzJmYzFkNC0zN2E2LTQ5NDMtYjRjNi02ZDhlOWI0ZTU1OTEvMC80MzJBRTlFMkIw MDk0MUVGODkyNTQwOUU4MkNBNDA1MDhBNDY4OEIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQwNTA4QTQ2 ODhCMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWMyZmMxZDQtMzdhNi00OTQzLWI0 YzYtNmQ4ZTliNGU1NTkxLzAvNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQw NTA4QTQ2ODhCMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALgKSbloXrh132mseDb2xpj9WqC+cfg2gIGu jhe+R23ubEFdApt25iV024PUyHLcdH9SSiJ8//qtTivCwNGTDe6AaRce2Op9BP31 xfheLP+kWo2oS1XkjeEXp/iatfL8us3a2FxdUUd5qqPNwsLwo8cwRKez7hQ0Totn aWUujmfNVCLBLDRkiXrgcqV0FxaT/j+x2/fB1JBBfY9Nv1m+VEvfr+PT+C6MbCv4 jBexslbDx6k7lr8zUoqszP4vSD5dCXzZrEeBEtpsv+Cax/R91rPCmqbp0JhRa/EY U5DdZZER6ycG6fYmA1pTSu8NeVVZxZmAQ4Fjia6b4YTkrvEd0F8= -----END CERTIFICATE-----Generated at Wed Apr 22 04:53:53 2026 by rpki-client