$ rpki-client -vvf rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.mft File: BAA973B32B2177C10441FFA1198AD30A3ACABB9C.mft (raw, json) Hash identifier: Dm/Deb/moBXfF+4wbFqI//C9PJ+o8bjw00LFHFBtonY= Subject key identifier: AA:27:44:04:43:54:13:17:49:C5:0E:D3:A3:4C:B8:8B:3A:56:A4:0D Authority key identifier: BA:A9:73:B3:2B:21:77:C1:04:41:FF:A1:19:8A:D3:0A:3A:CA:BB:9C Certificate issuer: /CN=BAA973B32B2177C10441FFA1198AD30A3ACABB9C Certificate serial: 21FF4119306244D4BEF0495709B4AC10F75A4962 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.mft Manifest number: 0F Signing time: Tue 12 May 2026 13:58:54 +0000 Manifest this update: Tue 12 May 2026 13:53:54 +0000 Manifest next update: Wed 13 May 2026 16:12:54 +0000 Files and hashes: 1: 3136302e32352e3137382e302f32332d3234203d3e20313533303735.roa (hash: emzicFPb20ntNDPhnqdIZfGTkDlbHTjV6qlycOCsU9Y=) 2: BAA973B32B2177C10441FFA1198AD30A3ACABB9C.crl (hash: 3BrYwIK0rNRqLY5rc6mEMQHWo741hJClhpxCPAiKyfE=) 3: 3136302e32352e3137392e302f32342d3234203d3e20313533303735.roa (hash: P41vY0hE4/fOxPq6Kkw/xasNl7gj2h7Qpzh5dZmTPvY=) 4: 3136302e32352e3137382e302f32342d3234203d3e20313533303735.roa (hash: 38K5sAQjb+p+j0jaQg6iZ50hxbINutZm4v5XssXTvIk=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.crl rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 16:12:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:ff:41:19:30:62:44:d4:be:f0:49:57:09:b4:ac:10:f7:5a:49:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BAA973B32B2177C10441FFA1198AD30A3ACABB9C Validity Not Before: May 12 13:53:54 2026 GMT Not After : May 13 16:12:54 2026 GMT Subject: CN=AA2744044354131749C50ED3A34CB88B3A56A40D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:19:48:1c:c3:5d:4a:47:af:e9:85:a5:c2:0f: 94:41:a5:4a:06:6b:dd:49:64:6f:ed:46:1e:13:80: f1:5c:12:5a:a0:a2:a4:2e:bf:2e:03:47:75:99:df: e5:03:b1:84:15:7e:49:81:36:33:cf:90:36:d2:45: c5:06:b8:0b:dc:77:84:6a:a2:24:9b:04:53:c1:36: 7d:dd:c9:ba:47:90:c3:bd:3a:24:c9:77:af:bf:c4: 86:b9:fd:f9:bd:72:e0:22:e2:47:d3:eb:65:31:8b: 3e:74:fe:74:28:3b:f4:5d:c7:a1:a1:09:b3:b7:dd: bf:63:af:bb:dc:40:b1:6c:d4:7b:0e:2c:fb:c0:2c: f7:1f:ac:26:e5:fa:87:60:82:b4:de:b5:82:de:fe: ac:02:f7:dd:08:5a:56:57:7f:cb:c0:04:94:8f:91: 51:46:5d:04:bd:1c:f6:95:92:1a:a1:18:07:be:d1: 10:f4:39:b3:19:9a:e0:5b:8b:fc:cb:02:77:8d:9b: 2c:32:a0:f2:2c:25:df:8c:80:c2:5b:71:f6:eb:66: c6:3b:ff:6d:ba:dd:d3:8f:9f:fc:20:0a:6c:6a:ca: 2e:77:9a:8d:f6:b4:2b:2c:e9:32:ed:d6:eb:7b:7c: 8c:2d:b5:11:1c:17:41:d1:4f:14:24:fd:6c:a5:c7: d5:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:27:44:04:43:54:13:17:49:C5:0E:D3:A3:4C:B8:8B:3A:56:A4:0D X509v3 Authority Key Identifier: keyid:BA:A9:73:B3:2B:21:77:C1:04:41:FF:A1:19:8A:D3:0A:3A:CA:BB:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:8a:0b:8b:c7:33:f2:22:96:8b:18:ee:e4:c4:49:36:ea:3d: 4c:f0:1e:4f:d5:5a:24:7a:bf:ec:f9:35:b5:38:27:60:09:5b: c2:01:fe:eb:92:10:01:b1:66:64:9c:44:f0:57:a7:df:cc:c6: e4:76:be:4d:77:16:4f:a2:54:f4:9f:26:a3:3c:1e:94:cb:33: 8e:56:5a:f8:58:2c:55:42:6d:ed:cd:07:05:58:27:06:c6:eb: b4:20:8c:64:29:62:d3:cb:22:42:d2:cf:c4:63:59:db:8b:e3: 46:2a:79:42:14:45:e3:25:1a:50:d0:6c:96:cd:41:8c:c8:75: 26:ea:85:ff:f3:5f:38:31:bd:05:c0:16:5a:4d:c1:96:68:7c: 02:e4:6a:8c:37:cf:0d:30:9f:e4:6c:bc:16:d2:b7:a9:db:7c: a2:25:7f:db:64:2b:dc:27:48:9a:fe:8c:59:af:04:f3:ff:cb: 27:91:50:25:6c:b5:49:a7:b2:a1:0c:29:50:c9:26:64:f5:7a: 80:f6:e6:6c:d4:9e:6a:90:a7:8a:6c:47:13:1e:8d:42:f0:97: 2f:fb:0c:a2:9d:59:69:65:74:a6:59:5f:cc:35:64:ea:c8:34: 3f:44:a8:77:54:b8:58:2a:25:1c:25:86:1e:8e:c0:c1:90:9f: 1a:0a:2e:28 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIf9BGTBiRNS+8ElXCbSsEPdaSWIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkFBOTczQjMyQjIxNzdDMTA0NDFGRkExMTk4QUQzMEEz QUNBQkI5QzAeFw0yNjA1MTIxMzUzNTRaFw0yNjA1MTMxNjEyNTRaMDMxMTAvBgNV BAMTKEFBMjc0NDA0NDM1NDEzMTc0OUM1MEVEM0EzNENCODhCM0E1NkE0MEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuGUgcw11KR6/phaXCD5RBpUoG a91JZG/tRh4TgPFcElqgoqQuvy4DR3WZ3+UDsYQVfkmBNjPPkDbSRcUGuAvcd4Rq oiSbBFPBNn3dybpHkMO9OiTJd6+/xIa5/fm9cuAi4kfT62Uxiz50/nQoO/Rdx6Gh CbO33b9jr7vcQLFs1HsOLPvALPcfrCbl+odggrTetYLe/qwC990IWlZXf8vABJSP kVFGXQS9HPaVkhqhGAe+0RD0ObMZmuBbi/zLAneNmywyoPIsJd+MgMJbcfbrZsY7 /2263dOPn/wgCmxqyi53mo32tCss6TLt1ut7fIwttREcF0HRTxQk/Wylx9UvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUqidEBENUExdJxQ7To0y4izpWpA0wHwYDVR0j BBgwFoAUuqlzsyshd8EEQf+hGYrTCjrKu5wwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODdjNDMyZTAtZGMzZS00MmNjLWJjYzAtNjI5YjE2MjA2YzlhLzAvQkFBOTczQjMy QjIxNzdDMTA0NDFGRkExMTk4QUQzMEEzQUNBQkI5Qy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC9CQUE5NzNCMzJCMjE3N0MxMDQ0MUZGQTExOThBRDMwQTNBQ0FC QjlDLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vODdjNDMyZTAtZGMzZS00MmNjLWJj YzAtNjI5YjE2MjA2YzlhLzAvQkFBOTczQjMyQjIxNzdDMTA0NDFGRkExMTk4QUQz MEEzQUNBQkI5Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKSKC4vHM/IilosY7uTESTbqPUzwHk/VWiR6 v+z5NbU4J2AJW8IB/uuSEAGxZmScRPBXp9/MxuR2vk13Fk+iVPSfJqM8HpTLM45W WvhYLFVCbe3NBwVYJwbG67QgjGQpYtPLIkLSz8RjWduL40YqeUIUReMlGlDQbJbN QYzIdSbqhf/zXzgxvQXAFlpNwZZofALkaow3zw0wn+RsvBbSt6nbfKIlf9tkK9wn SJr+jFmvBPP/yyeRUCVstUmnsqEMKVDJJmT1eoD25mzUnmqQp4psRxMejULwly/7 DKKdWWlldKZZX8w1ZOrIND9EqHdUuFgqJRwlhh6OwMGQnxoKLig= -----END CERTIFICATE-----Generated at Wed May 13 02:50:07 2026 by rpki-client