$ rpki-client -vvf rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft File: BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft (raw, json) Hash identifier: ROI6SgPjpo6E9+EpQRzPN7+P8W6wyI0rBVcHRSlA2Mo= Subject key identifier: 0F:C8:F7:CD:CD:79:91:44:2C:FB:A3:46:0C:E5:1F:17:9D:F7:36:42 Authority key identifier: BA:5A:38:A4:D0:FB:8A:AA:8D:D1:8E:1F:B3:9A:43:14:2B:DF:3C:67 Certificate issuer: /CN=BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67 Certificate serial: 1117201219FD9A8BABA5DA46D9A6F99FEE26E05E Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft Manifest number: 0F Signing time: Tue 12 May 2026 19:56:27 +0000 Manifest this update: Tue 12 May 2026 19:51:27 +0000 Manifest next update: Wed 13 May 2026 21:57:27 +0000 Files and hashes: 1: 3130332e3131322e3136322e302f32332d3234203d3e20313337333331.roa (hash: +/Z+l46w62+euzVttfTbUpjA36xrgfvJsPvniMmOZIM=) 2: 3130332e3133332e3232322e302f32332d3234203d3e20313337333331.roa (hash: 34SELdnrb0ReXu8mxgFx5LIh/fNfXuwnNwVvGgL+Ivc=) 3: BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.crl (hash: PiGewgaj5tZykt3yxJcYNOPpbCBSUGb8eBMLJSqXGHE=) 4: 323030313a6466343a623130303a3a2f34382d3438203d3e20313337333331.roa (hash: 6KPoXiqtvd9nuyAco4ru4jZgNuQNFI930Qn7LAylJPg=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.crl rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:17:20:12:19:fd:9a:8b:ab:a5:da:46:d9:a6:f9:9f:ee:26:e0:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67 Validity Not Before: May 12 19:51:27 2026 GMT Not After : May 13 21:57:27 2026 GMT Subject: CN=0FC8F7CDCD7991442CFBA3460CE51F179DF73642 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:a0:52:d6:93:e3:e1:08:99:a3:5c:2d:2e:a8: ac:05:0c:7b:f6:0a:d1:e4:9e:21:03:7e:b5:bc:3e: c0:8c:59:45:4b:a2:4b:45:f3:6d:ad:48:f9:0e:80: b0:e0:46:d4:c2:c9:df:d3:93:96:95:cc:69:e1:a6: c6:c8:2d:96:65:ab:a1:98:ec:24:0d:1e:ac:96:b4: 02:86:f3:3f:23:41:10:28:8e:5d:f7:41:3b:23:32: f3:d4:31:98:37:14:85:3e:de:95:8a:c9:47:cd:6c: 64:ef:d9:e9:da:d9:f0:33:9a:99:51:cc:57:b4:2f: 5d:a2:29:8c:3b:cd:1e:95:a4:be:03:80:b5:43:19: c5:b8:a2:92:d3:0c:10:43:28:61:7c:dd:b1:71:dd: 48:76:4f:a9:03:28:0a:83:f9:72:1c:9c:85:61:43: 77:02:9b:11:cb:78:a8:9c:ae:02:ac:5f:56:cf:df: 0c:29:d2:95:6b:56:a9:47:74:a3:c7:3b:00:94:94: d5:9e:86:a8:da:34:51:e2:02:0a:87:92:9e:2c:bd: 8a:92:4c:a4:14:2e:ac:c4:19:bf:77:82:93:e2:a6: 67:52:06:8c:87:e7:44:50:a7:5a:39:01:a1:4e:6a: ea:2b:f9:43:ad:fa:22:a6:49:4d:f9:fa:39:48:ad: 2d:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:C8:F7:CD:CD:79:91:44:2C:FB:A3:46:0C:E5:1F:17:9D:F7:36:42 X509v3 Authority Key Identifier: keyid:BA:5A:38:A4:D0:FB:8A:AA:8D:D1:8E:1F:B3:9A:43:14:2B:DF:3C:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:d3:79:b5:03:5c:17:20:f9:90:19:63:b7:98:ba:4b:8d:6b: aa:fb:16:45:4b:44:44:ce:43:8f:91:df:39:e1:74:5c:1e:69: 3b:2e:08:d2:66:ba:03:11:87:67:d7:5a:5c:3e:7f:63:dd:ac: 66:3e:c1:57:a8:39:83:2a:3f:f9:d0:4b:57:47:04:ca:f7:71: d4:74:94:98:20:af:c6:5a:5f:d2:96:bc:3f:d2:92:d8:f4:25: 6a:65:63:68:0a:99:c0:cc:ee:71:5b:68:c3:4c:a1:00:58:36: d8:22:64:18:98:8c:9f:d0:b0:5c:ad:87:30:1c:34:3f:7f:7b: 81:a9:33:59:20:84:fb:d7:58:79:9b:1b:57:36:a7:46:94:54: db:47:0b:b4:86:7b:8f:7e:ab:e0:2a:c6:85:f0:98:6f:03:03: 39:3d:c9:94:2c:a3:5c:d6:42:57:73:d6:dd:15:38:02:1e:ac: 00:8f:d4:b9:1a:b8:75:e4:84:1e:ec:fc:39:01:04:69:f6:8d: 58:48:91:a0:ba:9b:da:aa:d7:7f:82:dc:4f:eb:a9:b6:cf:85: 97:20:c3:2f:cc:d4:98:68:33:9c:dd:be:e5:e2:7e:19:14:d5: c6:64:94:9c:da:50:57:c8:1e:63:ee:da:62:c4:14:7e:4e:15: 89:41:47:f5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUERcgEhn9mourpdpG2ab5n+4m4F4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkE1QTM4QTREMEZCOEFBQThERDE4RTFGQjM5QTQzMTQy QkRGM0M2NzAeFw0yNjA1MTIxOTUxMjdaFw0yNjA1MTMyMTU3MjdaMDMxMTAvBgNV BAMTKDBGQzhGN0NEQ0Q3OTkxNDQyQ0ZCQTM0NjBDRTUxRjE3OURGNzM2NDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRoFLWk+PhCJmjXC0uqKwFDHv2 CtHkniEDfrW8PsCMWUVLoktF822tSPkOgLDgRtTCyd/Tk5aVzGnhpsbILZZlq6GY 7CQNHqyWtAKG8z8jQRAojl33QTsjMvPUMZg3FIU+3pWKyUfNbGTv2ena2fAzmplR zFe0L12iKYw7zR6VpL4DgLVDGcW4opLTDBBDKGF83bFx3Uh2T6kDKAqD+XIcnIVh Q3cCmxHLeKicrgKsX1bP3wwp0pVrVqlHdKPHOwCUlNWehqjaNFHiAgqHkp4svYqS TKQULqzEGb93gpPipmdSBoyH50RQp1o5AaFOauor+UOt+iKmSU35+jlIrS0lAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUD8j3zc15kUQs+6NGDOUfF533NkIwHwYDVR0j BBgwFoAUulo4pND7iqqN0Y4fs5pDFCvfPGcwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MmZkODBkOTYtZWYxYi00NGIyLTkwM2EtN2Y2ZGE5NDFhODM2LzAvQkE1QTM4QTRE MEZCOEFBQThERDE4RTFGQjM5QTQzMTQyQkRGM0M2Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9CQTVBMzhBNEQwRkI4QUFBOEREMThFMUZCMzlBNDMxNDJCREYz QzY3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMmZkODBkOTYtZWYxYi00NGIyLTkw M2EtN2Y2ZGE5NDFhODM2LzAvQkE1QTM4QTREMEZCOEFBQThERDE4RTFGQjM5QTQz MTQyQkRGM0M2Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAPTebUDXBcg+ZAZY7eYukuNa6r7FkVLRETO Q4+R3znhdFweaTsuCNJmugMRh2fXWlw+f2PdrGY+wVeoOYMqP/nQS1dHBMr3cdR0 lJggr8ZaX9KWvD/Sktj0JWplY2gKmcDM7nFbaMNMoQBYNtgiZBiYjJ/QsFythzAc ND9/e4GpM1kghPvXWHmbG1c2p0aUVNtHC7SGe49+q+AqxoXwmG8DAzk9yZQso1zW Qldz1t0VOAIerACP1LkauHXkhB7s/DkBBGn2jVhIkaC6m9qq13+C3E/rqbbPhZcg wy/M1JhoM5zdvuXifhkU1cZklJzaUFfIHmPu2mLEFH5OFYlBR/U= -----END CERTIFICATE-----Generated at Wed May 13 01:37:29 2026 by rpki-client