$ rpki-client -vvf rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft File: AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft (raw, json) Hash identifier: i4nQ3IH0hHNHTQRyKUbs20dwwO/q0OLzPWAimNoSH1o= Subject key identifier: DB:CC:7A:C8:8C:05:D3:08:C1:34:BF:EB:63:3A:CF:26:46:55:11:FA Authority key identifier: AF:A3:29:4E:55:80:B6:82:03:BC:0D:F0:4F:D0:07:22:AA:74:F5:D0 Certificate issuer: /CN=AFA3294E5580B68203BC0DF04FD00722AA74F5D0 Certificate serial: 68807CF3426B5F47C8068C95389C709BFBADE4AE Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft Manifest number: 0F Signing time: Tue 12 May 2026 16:51:29 +0000 Manifest this update: Tue 12 May 2026 16:46:29 +0000 Manifest next update: Wed 13 May 2026 17:20:29 +0000 Files and hashes: 1: 3130332e3138392e3131382e302f32332d3233203d3e20313439383833.roa (hash: MCW/xqC9gtQy6b8F5lQvfvI/LlU0HFmKiOjV/FzQgxY=) 2: AFA3294E5580B68203BC0DF04FD00722AA74F5D0.crl (hash: oVru3LwYlj8AnYUYNX1h29cZbaRzhO855+sLzMohjnY=) 3: 3130332e3138392e3131392e302f32342d3234203d3e20313439383833.roa (hash: 2XC3UsHd4KwKUJ2Uidn6/QSZk29AP2xoMLuxzT2QDYQ=) 4: 3130332e3138392e3131382e302f32342d3234203d3e20313439383833.roa (hash: luezxLjf+gQLcjiQqhuyu+ya30sT86b3qelMWGrfE0Y=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.crl rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:80:7c:f3:42:6b:5f:47:c8:06:8c:95:38:9c:70:9b:fb:ad:e4:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AFA3294E5580B68203BC0DF04FD00722AA74F5D0 Validity Not Before: May 12 16:46:29 2026 GMT Not After : May 13 17:20:29 2026 GMT Subject: CN=DBCC7AC88C05D308C134BFEB633ACF26465511FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:aa:f2:79:29:04:27:29:8a:f2:2d:31:82:71: d7:67:75:40:09:5e:c3:91:12:8f:5b:67:1c:7b:7d: b0:1d:24:aa:d2:da:d3:62:91:db:34:85:e4:d7:0c: 76:ec:27:56:4f:a6:38:2b:6e:9f:66:cf:dc:b8:f8: 4a:b1:60:54:a9:15:d5:b2:89:1a:02:b3:a1:86:7e: cf:71:9e:20:9b:95:58:e9:27:0e:de:b6:dc:ae:09: 0d:09:bb:6b:04:16:69:29:00:44:52:ae:51:dd:26: f4:87:81:93:0d:b4:c1:d2:82:09:03:d0:fa:3b:b2: f7:d8:ea:22:a2:ca:98:41:18:4a:a9:fd:2c:a8:fd: 50:b8:e8:24:4c:3b:c5:44:b6:90:eb:f5:ef:85:53: f5:b6:d1:15:8b:ef:b0:9e:60:45:ca:b0:a2:3c:f5: fe:70:5d:00:0d:09:5f:52:3f:c0:2a:7c:23:92:a3: 81:7c:a0:dc:b2:d5:30:46:74:26:a8:1f:e2:cb:46: df:22:ae:6f:d9:a0:68:6f:c2:29:6e:a5:5e:a8:2c: 00:75:e8:e8:81:21:54:33:26:92:62:7e:8e:64:a5: ce:a2:74:0f:aa:40:bc:85:fb:43:7f:f8:d6:82:c0: ab:13:a9:60:4a:29:47:a1:08:20:c7:7a:45:14:e2: 58:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:CC:7A:C8:8C:05:D3:08:C1:34:BF:EB:63:3A:CF:26:46:55:11:FA X509v3 Authority Key Identifier: keyid:AF:A3:29:4E:55:80:B6:82:03:BC:0D:F0:4F:D0:07:22:AA:74:F5:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:89:7f:ee:ee:bd:52:70:41:37:33:e6:29:24:9c:f7:ca:4e: 6a:0a:7c:83:b4:d3:6c:bb:b4:f3:30:4d:1f:43:34:aa:5e:4a: ca:04:61:bb:45:d4:33:43:ab:a9:58:38:84:17:1c:3b:f1:15: 47:8a:4f:86:ae:36:62:cc:fc:3e:72:83:2e:74:e9:eb:dd:e3: 6e:d3:9b:0c:6e:a1:fa:c1:94:b8:34:e6:9b:88:28:5f:71:b7: bb:d9:06:a7:8d:77:01:2b:a4:bb:f6:ae:65:92:b5:a0:a7:a3: 1f:ba:2b:dc:b4:46:4d:f0:a9:d6:df:9a:65:d2:22:7a:01:6d: 31:29:1c:f6:11:5e:1f:09:7f:d9:2a:be:52:81:f9:c9:0c:ff: c1:cd:2f:ad:4a:8c:e1:2e:45:ea:d9:de:90:f4:0f:31:f3:59: f1:f2:ee:8d:13:dc:e8:65:7c:8c:ee:da:11:9b:d1:28:1f:76: be:e5:bd:fb:d4:b4:30:40:47:19:92:70:4f:11:2c:30:69:44: d7:2e:13:ae:57:38:89:eb:7d:7e:1a:68:60:42:6f:7b:01:be: f1:a9:b5:e9:23:c7:41:96:a1:c3:75:88:d0:f3:29:ef:70:1e: a3:31:00:de:ed:3a:70:66:b2:6f:23:23:65:fa:0c:89:b0:4e: 0a:5c:ab:c9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaIB880JrX0fIBoyVOJxwm/ut5K4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUZBMzI5NEU1NTgwQjY4MjAzQkMwREYwNEZEMDA3MjJB QTc0RjVEMDAeFw0yNjA1MTIxNjQ2MjlaFw0yNjA1MTMxNzIwMjlaMDMxMTAvBgNV BAMTKERCQ0M3QUM4OEMwNUQzMDhDMTM0QkZFQjYzM0FDRjI2NDY1NTExRkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMqvJ5KQQnKYryLTGCcddndUAJ XsOREo9bZxx7fbAdJKrS2tNikds0heTXDHbsJ1ZPpjgrbp9mz9y4+EqxYFSpFdWy iRoCs6GGfs9xniCblVjpJw7ettyuCQ0Ju2sEFmkpAERSrlHdJvSHgZMNtMHSggkD 0Po7svfY6iKiyphBGEqp/Syo/VC46CRMO8VEtpDr9e+FU/W20RWL77CeYEXKsKI8 9f5wXQANCV9SP8AqfCOSo4F8oNyy1TBGdCaoH+LLRt8irm/ZoGhvwilupV6oLAB1 6OiBIVQzJpJifo5kpc6idA+qQLyF+0N/+NaCwKsTqWBKKUehCCDHekUU4ljbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU28x6yIwF0wjBNL/rYzrPJkZVEfowHwYDVR0j BBgwFoAUr6MpTlWAtoIDvA3wT9AHIqp09dAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NDNhZDUyMjYtNjU2ZC00NjFkLTljZmYtYzgzYWMwNzQyZjIwLzAvQUZBMzI5NEU1 NTgwQjY4MjAzQkMwREYwNEZEMDA3MjJBQTc0RjVEMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BRkEzMjk0RTU1ODBCNjgyMDNCQzBERjA0RkQwMDcyMkFBNzRG NUQwLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNDNhZDUyMjYtNjU2ZC00NjFkLTlj ZmYtYzgzYWMwNzQyZjIwLzAvQUZBMzI5NEU1NTgwQjY4MjAzQkMwREYwNEZEMDA3 MjJBQTc0RjVEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHuJf+7uvVJwQTcz5ikknPfKTmoKfIO002y7 tPMwTR9DNKpeSsoEYbtF1DNDq6lYOIQXHDvxFUeKT4auNmLM/D5ygy506evd427T mwxuofrBlLg05puIKF9xt7vZBqeNdwErpLv2rmWStaCnox+6K9y0Rk3wqdbfmmXS InoBbTEpHPYRXh8Jf9kqvlKB+ckM/8HNL61KjOEuRerZ3pD0DzHzWfHy7o0T3Ohl fIzu2hGb0Sgfdr7lvfvUtDBARxmScE8RLDBpRNcuE65XOInrfX4aaGBCb3sBvvGp tekjx0GWocN1iNDzKe9wHqMxAN7tOnBmsm8jI2X6DImwTgpcq8k= -----END CERTIFICATE-----Generated at Wed May 13 00:31:17 2026 by rpki-client