$ rpki-client -vvf rpki-rsync.idnic.net/repo/85cd45cb-8d9f-4359-96c0-64cf22a5b0ff/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.mft File: DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.mft (raw, json) Hash identifier: /JdoCKT7ECqjV6VornZIa8Wem2VGMA0grUzbpw++zV4= Subject key identifier: 59:69:2E:D0:4E:54:EB:3A:5D:8B:C8:DB:84:7D:68:7A:E5:42:18:80 Authority key identifier: DA:43:B5:CE:B3:84:E3:BA:7B:EE:2C:93:2D:86:2F:3C:1F:C8:1C:E6 Certificate issuer: /CN=DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6 Certificate serial: 244576E49DD1ED8A27CF58AB416C53C6339325AF Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/85cd45cb-8d9f-4359-96c0-64cf22a5b0ff/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.mft Manifest number: 0E Signing time: Tue 12 May 2026 16:31:08 +0000 Manifest this update: Tue 12 May 2026 16:26:08 +0000 Manifest next update: Wed 13 May 2026 17:32:08 +0000 Files and hashes: 1: DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.crl (hash: +Eju4rG+Rfg58Nzxvwu1VsmixQchScP1g/qD7p14Wd0=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/85cd45cb-8d9f-4359-96c0-64cf22a5b0ff/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.crl rsync://rpki-rsync.idnic.net/repo/85cd45cb-8d9f-4359-96c0-64cf22a5b0ff/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:45:76:e4:9d:d1:ed:8a:27:cf:58:ab:41:6c:53:c6:33:93:25:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6 Validity Not Before: May 12 16:26:08 2026 GMT Not After : May 13 17:32:08 2026 GMT Subject: CN=59692ED04E54EB3A5D8BC8DB847D687AE5421880 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:38:fe:48:2c:fc:a8:4d:d2:6f:df:1b:a4:a8: 44:f9:d9:69:a4:14:4e:14:35:c6:2b:64:25:2e:53: 8d:54:3a:2b:35:07:09:0f:f9:36:ef:3c:91:53:65: 07:4e:b0:9d:d2:76:b5:56:48:55:80:79:8b:66:0e: c7:14:13:34:7b:cd:35:64:84:34:88:a0:5e:10:eb: 81:8c:7c:8a:60:fc:22:e9:80:4b:7a:98:70:7c:b5: 3c:ea:a6:96:f6:26:6e:df:ab:32:2c:8a:80:46:d4: 85:08:d9:96:f8:ef:ec:b3:75:a7:15:71:f5:e4:df: 34:1d:88:b7:63:e5:b6:dc:a9:a3:13:f2:3d:37:3a: 8f:53:6c:b5:97:db:fe:6e:a7:9e:45:a3:fd:de:f0: 0b:23:d9:2b:2f:a7:9a:43:f5:d4:17:ef:f8:c0:b5: 98:14:64:50:98:2a:e3:80:a3:71:35:dd:18:39:91: 92:41:ff:1a:2b:d6:ff:40:c8:ef:ab:87:47:07:bd: f4:4c:a2:fd:38:f4:a1:da:ba:04:1f:5b:d5:21:7f: 74:bd:dd:38:16:3f:5e:52:c5:7f:60:51:98:5c:b1: e7:4f:11:f0:42:c4:92:5a:75:84:85:c4:a1:48:9d: 0a:61:c9:3c:43:46:4c:8f:b3:98:0a:8e:83:38:66: 50:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:69:2E:D0:4E:54:EB:3A:5D:8B:C8:DB:84:7D:68:7A:E5:42:18:80 X509v3 Authority Key Identifier: keyid:DA:43:B5:CE:B3:84:E3:BA:7B:EE:2C:93:2D:86:2F:3C:1F:C8:1C:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/85cd45cb-8d9f-4359-96c0-64cf22a5b0ff/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/85cd45cb-8d9f-4359-96c0-64cf22a5b0ff/0/DA43B5CEB384E3BA7BEE2C932D862F3C1FC81CE6.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:90:2e:f2:de:9c:39:8b:b4:0f:1e:e5:14:cf:cf:11:bc:ee: c6:ad:04:cf:2c:cf:11:d3:66:61:64:fa:46:5e:74:13:a5:f1: cf:ff:f1:e3:be:dd:09:c0:9d:32:5e:ac:fb:cb:5e:5d:7d:14: 83:93:f6:5c:e5:6d:7a:79:33:ff:3e:3c:18:05:a5:04:b2:90: 07:fc:3c:b8:2a:01:16:cb:b7:b6:77:7a:57:97:8e:d4:26:94: d0:62:31:40:ab:d8:39:38:ee:fc:2e:a4:8e:a2:19:dc:6e:7a: f3:08:c8:72:95:ef:ba:08:de:5d:e7:ce:ce:52:06:71:ee:3e: 73:8f:64:85:a0:b4:d1:dc:a2:2c:e9:5b:fb:d6:ae:3b:5a:d7: 41:f1:a0:3f:72:90:67:81:66:b8:ed:b3:df:fa:86:e4:0d:04: 73:55:b3:b0:0b:86:ea:d1:48:a7:64:f2:fb:d9:3f:8d:fd:b9: 9e:42:ce:79:6c:41:f0:9f:ec:ab:bd:56:c9:13:3c:99:50:90: a3:8a:1f:4e:02:39:11:a4:94:ee:d6:ef:f1:77:9c:51:a7:a7: 68:02:da:c5:a5:9c:c3:aa:1a:00:9f:c2:9b:90:ea:2a:31:a5: 3f:b9:ca:b0:9f:c1:bf:2a:21:c2:6b:1c:42:be:72:d3:d8:36: 03:90:d6:a0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJEV25J3R7Yonz1irQWxTxjOTJa8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREE0M0I1Q0VCMzg0RTNCQTdCRUUyQzkzMkQ4NjJGM0Mx RkM4MUNFNjAeFw0yNjA1MTIxNjI2MDhaFw0yNjA1MTMxNzMyMDhaMDMxMTAvBgNV BAMTKDU5NjkyRUQwNEU1NEVCM0E1RDhCQzhEQjg0N0Q2ODdBRTU0MjE4ODAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpOP5ILPyoTdJv3xukqET52Wmk FE4UNcYrZCUuU41UOis1BwkP+TbvPJFTZQdOsJ3SdrVWSFWAeYtmDscUEzR7zTVk hDSIoF4Q64GMfIpg/CLpgEt6mHB8tTzqppb2Jm7fqzIsioBG1IUI2Zb47+yzdacV cfXk3zQdiLdj5bbcqaMT8j03Oo9TbLWX2/5up55Fo/3e8Asj2Ssvp5pD9dQX7/jA tZgUZFCYKuOAo3E13Rg5kZJB/xor1v9AyO+rh0cHvfRMov049KHaugQfW9Uhf3S9 3TgWP15SxX9gUZhcsedPEfBCxJJadYSFxKFInQphyTxDRkyPs5gKjoM4ZlB1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUWWku0E5U6zpdi8jbhH1oeuVCGIAwHwYDVR0j BBgwFoAU2kO1zrOE47p77iyTLYYvPB/IHOYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODVjZDQ1Y2ItOGQ5Zi00MzU5LTk2YzAtNjRjZjIyYTViMGZmLzAvREE0M0I1Q0VC Mzg0RTNCQTdCRUUyQzkzMkQ4NjJGM0MxRkM4MUNFNi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC9EQTQzQjVDRUIzODRFM0JBN0JFRTJDOTMyRDg2MkYzQzFGQzgx Q0U2LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vODVjZDQ1Y2ItOGQ5Zi00MzU5LTk2 YzAtNjRjZjIyYTViMGZmLzAvREE0M0I1Q0VCMzg0RTNCQTdCRUUyQzkzMkQ4NjJG M0MxRkM4MUNFNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAA+QLvLenDmLtA8e5RTPzxG87satBM8szxHT ZmFk+kZedBOl8c//8eO+3QnAnTJerPvLXl19FIOT9lzlbXp5M/8+PBgFpQSykAf8 PLgqARbLt7Z3eleXjtQmlNBiMUCr2Dk47vwupI6iGdxuevMIyHKV77oI3l3nzs5S BnHuPnOPZIWgtNHcoizpW/vWrjta10HxoD9ykGeBZrjts9/6huQNBHNVs7ALhurR SKdk8vvZP439uZ5CznlsQfCf7Ku9VskTPJlQkKOKH04CORGklO7W7/F3nFGnp2gC 2sWlnMOqGgCfwpuQ6ioxpT+5yrCfwb8qIcJrHEK+ctPYNgOQ1qA= -----END CERTIFICATE-----Generated at Tue May 12 22:39:11 2026 by rpki-client