$ rpki-client -vvf rpki-rsync.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.mft File: 5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.mft (raw, json) Hash identifier: dc4ppxRj8rtbkJ4CvkOnnK9Va+WLqmTjstSLXrOpiQo= Subject key identifier: BD:C0:99:0D:E3:36:AA:ED:A1:AE:AD:65:9E:37:8A:A4:EF:E5:39:F1 Authority key identifier: 5A:FE:24:D2:3E:36:25:48:4D:7D:9B:3E:BA:00:25:AA:9C:0E:EE:A2 Certificate issuer: /CN=5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2 Certificate serial: 3743E40170DBACFD984C48687BD90E9553D21F0A Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.mft Manifest number: 0F Signing time: Tue 12 May 2026 16:05:37 +0000 Manifest this update: Tue 12 May 2026 16:00:37 +0000 Manifest next update: Wed 13 May 2026 16:24:37 +0000 Files and hashes: 1: 3135372e32302e3233382e302f32342d3234203d3e20313532343239.roa (hash: Fy9HvcnOOuartl2MyrCM5SQFmtu1CV6p6EtA15KIkk0=) 2: 3135372e32302e3233392e302f32342d3234203d3e20313532343239.roa (hash: lTUq2TXc5o2FAnT0cBjbniSYESMJX3Ig96J0JouvM0I=) 3: 5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.crl (hash: QRcEOB5EU9NIsT1+AJOqXX7ejpWgiyBKmM8wrBugOzY=) 4: 3135372e32302e3233382e302f32332d3233203d3e20313532343239.roa (hash: j3/lM2rV4nx+Cn6dsqDo2ERknLnpkGf86BWvcy+vYVs=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.crl rsync://rpki-rsync.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 16:24:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:43:e4:01:70:db:ac:fd:98:4c:48:68:7b:d9:0e:95:53:d2:1f:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2 Validity Not Before: May 12 16:00:37 2026 GMT Not After : May 13 16:24:37 2026 GMT Subject: CN=BDC0990DE336AAEDA1AEAD659E378AA4EFE539F1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:dc:fc:0f:27:a0:44:42:2f:a6:14:a3:34:41: 3c:de:cd:25:1b:dd:59:f5:20:e1:62:d3:98:8f:10: f9:9b:7d:b6:8e:e8:0b:ad:c6:69:ac:cc:7f:67:f0: bf:4a:bb:a0:ea:d9:f6:74:14:49:60:30:31:cb:05: 0d:e5:7f:57:2a:d5:2b:66:fd:54:04:9d:64:c6:a0: 0b:10:98:bb:d1:5a:f7:96:9d:03:5d:5e:49:ce:1c: 7b:0b:98:58:67:ad:d2:f5:fb:8e:78:8e:2d:42:fc: 15:62:15:4b:fe:55:53:5f:d7:6a:52:6c:16:9e:06: 04:7f:46:1b:4c:e8:05:8d:26:6d:82:b6:17:6a:79: 53:75:6e:4d:9a:09:3f:c5:8f:5a:e3:f7:d8:80:d0: 26:95:b1:23:a7:bc:63:46:51:e1:ce:bb:c9:58:f8: cd:68:50:4e:dc:c1:e1:75:d0:39:8d:fe:cc:3c:e1: 62:11:16:63:70:cd:97:8c:c8:3f:b5:1e:93:e7:24: fc:17:70:0a:8a:4b:28:ce:9f:56:cc:b6:88:09:70: 42:cd:ba:c5:4f:7c:0f:38:0c:0f:4a:9a:11:1a:0d: 4f:e7:a1:bc:9c:26:75:e9:e6:77:6f:c3:73:2c:bd: a1:79:2d:56:72:db:43:f5:27:47:6b:dd:dc:11:4e: 32:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:C0:99:0D:E3:36:AA:ED:A1:AE:AD:65:9E:37:8A:A4:EF:E5:39:F1 X509v3 Authority Key Identifier: keyid:5A:FE:24:D2:3E:36:25:48:4D:7D:9B:3E:BA:00:25:AA:9C:0E:EE:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/5AFE24D23E3625484D7D9B3EBA0025AA9C0EEEA2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:21:4c:44:7c:01:ae:2c:a7:d5:00:8a:aa:d7:c3:a3:57:dc: 4f:cd:80:1f:ea:85:bc:4b:39:9d:f7:3e:35:97:d9:b9:bb:3e: 9f:49:ef:db:e1:d6:74:b0:15:2a:11:fb:d3:99:11:56:06:25: 5f:69:4b:1d:b4:ce:09:e9:19:ae:6e:03:64:d4:cb:db:32:5d: 0b:03:7a:85:1f:ae:f4:fe:dc:79:e7:38:29:8b:7d:59:1b:9a: 70:a2:54:0f:1f:e4:8a:9d:66:b3:4c:5e:7f:7d:56:17:81:a4: 03:a0:c0:ef:27:26:b4:13:c8:17:29:5e:e7:d6:07:16:f3:30: 2f:bc:c2:2e:85:38:83:45:5b:ac:51:c7:95:13:59:55:84:a3: 09:b1:f0:8e:91:28:06:90:de:2f:87:ca:a7:1b:41:7d:ca:56: 3a:67:db:15:cc:06:99:19:b7:43:eb:93:d4:63:0e:6f:2c:3a: 4d:86:d6:9c:84:3f:11:cc:ec:69:80:d7:db:f2:af:73:cb:f4: e7:6f:b9:97:79:8b:75:6a:09:cc:d6:50:f8:05:e5:e7:e2:b0: b5:b6:ff:28:7f:6b:af:29:75:8c:a3:fb:e8:32:e2:69:e5:aa: 1b:82:5e:a0:b2:fe:78:19:98:78:2b:50:83:b8:90:af:c8:fe: 7f:10:40:51 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUN0PkAXDbrP2YTEhoe9kOlVPSHwowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUFGRTI0RDIzRTM2MjU0ODREN0Q5QjNFQkEwMDI1QUE5 QzBFRUVBMjAeFw0yNjA1MTIxNjAwMzdaFw0yNjA1MTMxNjI0MzdaMDMxMTAvBgNV BAMTKEJEQzA5OTBERTMzNkFBRURBMUFFQUQ2NTlFMzc4QUE0RUZFNTM5RjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ3PwPJ6BEQi+mFKM0QTzezSUb 3Vn1IOFi05iPEPmbfbaO6AutxmmszH9n8L9Ku6Dq2fZ0FElgMDHLBQ3lf1cq1Stm /VQEnWTGoAsQmLvRWveWnQNdXknOHHsLmFhnrdL1+454ji1C/BViFUv+VVNf12pS bBaeBgR/RhtM6AWNJm2CthdqeVN1bk2aCT/Fj1rj99iA0CaVsSOnvGNGUeHOu8lY +M1oUE7cweF10DmN/sw84WIRFmNwzZeMyD+1HpPnJPwXcAqKSyjOn1bMtogJcELN usVPfA84DA9KmhEaDU/nobycJnXp5ndvw3MsvaF5LVZy20P1J0dr3dwRTjKhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUvcCZDeM2qu2hrq1lnjeKpO/lOfEwHwYDVR0j BBgwFoAUWv4k0j42JUhNfZs+ugAlqpwO7qIwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MThkMWM0NDktOTc4Yy00ODQ1LWI4MjMtYjU5MjVhOTA1NDI3LzAvNUFGRTI0RDIz RTM2MjU0ODREN0Q5QjNFQkEwMDI1QUE5QzBFRUVBMi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC81QUZFMjREMjNFMzYyNTQ4NEQ3RDlCM0VCQTAwMjVBQTlDMEVF RUEyLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMThkMWM0NDktOTc4Yy00ODQ1LWI4 MjMtYjU5MjVhOTA1NDI3LzAvNUFGRTI0RDIzRTM2MjU0ODREN0Q5QjNFQkEwMDI1 QUE5QzBFRUVBMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFIhTER8Aa4sp9UAiqrXw6NX3E/NgB/qhbxL OZ33PjWX2bm7Pp9J79vh1nSwFSoR+9OZEVYGJV9pSx20zgnpGa5uA2TUy9syXQsD eoUfrvT+3HnnOCmLfVkbmnCiVA8f5IqdZrNMXn99VheBpAOgwO8nJrQTyBcpXufW BxbzMC+8wi6FOINFW6xRx5UTWVWEowmx8I6RKAaQ3i+HyqcbQX3KVjpn2xXMBpkZ t0Prk9RjDm8sOk2G1pyEPxHM7GmA19vyr3PL9OdvuZd5i3VqCczWUPgF5efisLW2 /yh/a68pdYyj++gy4mnlqhuCXqCy/ngZmHgrUIO4kK/I/n8QQFE= -----END CERTIFICATE-----Generated at Wed May 13 09:27:40 2026 by rpki-client