$ rpki-client -vvf rpki-rsync.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.mft File: 28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.mft (raw, json) Hash identifier: cgaTs24ogCuYwokg9jeX8AdIvh9blhHMTeS3uBdtn/M= Subject key identifier: 4B:0F:7C:91:1E:97:E1:15:33:AC:FC:6B:7A:4B:22:20:D4:A7:87:02 Authority key identifier: 28:FC:47:3B:03:79:90:E1:B1:2B:22:A9:BA:FB:19:00:D3:AC:EB:D8 Certificate issuer: /CN=28FC473B037990E1B12B22A9BAFB1900D3ACEBD8 Certificate serial: 6639F8B203E430696DCEC76BAE01A42702882E84 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.mft Manifest number: 0F Signing time: Tue 12 May 2026 11:11:59 +0000 Manifest this update: Tue 12 May 2026 11:06:59 +0000 Manifest next update: Wed 13 May 2026 13:18:59 +0000 Files and hashes: 1: 3130332e3132332e3130382e302f32342d3234203d3e20313338303636.roa (hash: IYkMg6+qZ/xVvXBkVi5WzC87htsBExZ9GFp2XLTOPIo=) 2: 28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.crl (hash: NSYgtfYVYIB6swyRnyn+zVdCZSUcmQn2/0c2ZGdM43E=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.crl rsync://rpki-rsync.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:39:f8:b2:03:e4:30:69:6d:ce:c7:6b:ae:01:a4:27:02:88:2e:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28FC473B037990E1B12B22A9BAFB1900D3ACEBD8 Validity Not Before: May 12 11:06:59 2026 GMT Not After : May 13 13:18:59 2026 GMT Subject: CN=4B0F7C911E97E11533ACFC6B7A4B2220D4A78702 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:8b:5a:94:f5:53:d1:11:f7:b9:4a:2e:cd:61: 10:03:fd:db:44:39:b5:ca:5c:8d:f3:18:6b:ab:7b: 87:69:d2:43:c5:d1:ee:67:2b:7f:d8:eb:dd:ac:d8: 22:1b:a3:93:f8:e2:89:78:d3:c7:ba:4b:55:a5:b5: 09:67:69:c6:69:96:69:a4:a0:2c:eb:46:e0:9e:55: c9:82:19:6b:a7:9c:d4:84:5f:02:96:85:d8:71:7b: 63:87:39:d3:1b:b5:a6:6d:3a:bc:f0:af:9e:22:97: 7c:fb:38:8e:68:42:a8:a8:94:69:6c:94:6f:1b:16: e9:98:5d:c5:59:c3:ec:a9:e0:ff:28:10:a4:9b:a0: 87:27:0a:d1:68:9f:21:63:39:9c:04:41:23:2b:6f: 98:b9:80:22:42:8f:31:74:f3:2c:03:13:ab:97:7b: 6d:c7:b1:25:6a:bd:d3:28:fe:76:71:8d:e4:51:06: c3:b8:1a:55:e7:cf:75:37:75:16:8b:7f:58:2b:8d: f9:b3:a0:0e:55:f3:05:2b:c4:3d:98:ed:bb:c8:1d: 57:9c:ae:8f:ec:63:cd:14:99:fe:8f:6d:c1:f3:88: c0:d4:16:db:f1:a5:c1:58:28:94:43:36:12:64:7a: 3c:b1:f3:f2:70:08:c8:9f:d1:a4:94:be:46:02:0b: f8:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:0F:7C:91:1E:97:E1:15:33:AC:FC:6B:7A:4B:22:20:D4:A7:87:02 X509v3 Authority Key Identifier: keyid:28:FC:47:3B:03:79:90:E1:B1:2B:22:A9:BA:FB:19:00:D3:AC:EB:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/28FC473B037990E1B12B22A9BAFB1900D3ACEBD8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:12:48:6f:ad:ec:30:34:dc:e1:58:3b:de:fb:33:78:4c:c4: dc:24:23:77:16:8a:96:3b:79:ab:f9:bd:fe:27:7d:4e:19:e0: 6b:e9:ee:43:c4:83:a0:55:20:c7:31:e6:26:53:b1:e8:6c:35: ec:30:c2:0f:dc:a0:01:30:d3:22:d1:26:a4:31:65:ed:71:8d: 84:97:88:16:ce:16:e3:42:bc:e9:57:db:a1:70:ab:4e:14:4b: 17:86:6f:24:7a:6c:5d:a4:49:9b:cc:9e:08:ce:d5:8c:62:ec: df:88:77:06:e2:e4:e8:b8:83:9d:97:5c:5e:21:74:b0:80:1a: 63:df:da:aa:d3:d6:8f:f8:8c:4c:ec:a3:2f:8b:d2:32:d7:96: c6:6c:5b:18:5f:9c:1d:67:9b:a8:7f:0e:25:7b:34:46:9f:28: f2:88:ce:ab:91:2f:e0:7b:60:5b:14:75:07:2c:e8:c6:5c:19: c4:a9:6d:ef:3c:37:1e:5a:e1:71:7f:10:f8:73:7d:c9:77:04: 21:6b:59:57:a8:87:42:43:8e:42:0a:8b:c5:bf:79:27:f9:03: 87:60:fe:d1:14:cf:8f:a1:61:65:e2:be:84:c7:31:f4:14:ac: fe:4d:a8:66:7e:48:35:63:1c:14:9b:f5:55:33:16:d5:cb:4b: 6f:d6:a0:e8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZjn4sgPkMGltzsdrrgGkJwKILoQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjhGQzQ3M0IwMzc5OTBFMUIxMkIyMkE5QkFGQjE5MDBE M0FDRUJEODAeFw0yNjA1MTIxMTA2NTlaFw0yNjA1MTMxMzE4NTlaMDMxMTAvBgNV BAMTKDRCMEY3QzkxMUU5N0UxMTUzM0FDRkM2QjdBNEIyMjIwRDRBNzg3MDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYi1qU9VPREfe5Si7NYRAD/dtE ObXKXI3zGGure4dp0kPF0e5nK3/Y692s2CIbo5P44ol408e6S1WltQlnacZplmmk oCzrRuCeVcmCGWunnNSEXwKWhdhxe2OHOdMbtaZtOrzwr54il3z7OI5oQqiolGls lG8bFumYXcVZw+yp4P8oEKSboIcnCtFonyFjOZwEQSMrb5i5gCJCjzF08ywDE6uX e23HsSVqvdMo/nZxjeRRBsO4GlXnz3U3dRaLf1grjfmzoA5V8wUrxD2Y7bvIHVec ro/sY80Umf6PbcHziMDUFtvxpcFYKJRDNhJkejyx8/JwCMif0aSUvkYCC/hRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUSw98kR6X4RUzrPxreksiINSnhwIwHwYDVR0j BBgwFoAUKPxHOwN5kOGxKyKpuvsZANOs69gwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODk4OGMwZjItMjgwMC00OGRhLWE4M2UtYWI1NGRmNjVjNTc0LzAvMjhGQzQ3M0Iw Mzc5OTBFMUIxMkIyMkE5QkFGQjE5MDBEM0FDRUJEOC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8yOEZDNDczQjAzNzk5MEUxQjEyQjIyQTlCQUZCMTkwMEQzQUNF QkQ4LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vODk4OGMwZjItMjgwMC00OGRhLWE4 M2UtYWI1NGRmNjVjNTc0LzAvMjhGQzQ3M0IwMzc5OTBFMUIxMkIyMkE5QkFGQjE5 MDBEM0FDRUJEOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEYSSG+t7DA03OFYO977M3hMxNwkI3cWipY7 eav5vf4nfU4Z4Gvp7kPEg6BVIMcx5iZTsehsNewwwg/coAEw0yLRJqQxZe1xjYSX iBbOFuNCvOlX26Fwq04USxeGbyR6bF2kSZvMngjO1Yxi7N+Idwbi5Oi4g52XXF4h dLCAGmPf2qrT1o/4jEzsoy+L0jLXlsZsWxhfnB1nm6h/DiV7NEafKPKIzquRL+B7 YFsUdQcs6MZcGcSpbe88Nx5a4XF/EPhzfcl3BCFrWVeoh0JDjkIKi8W/eSf5A4dg /tEUz4+hYWXivoTHMfQUrP5NqGZ+SDVjHBSb9VUzFtXLS2/WoOg= -----END CERTIFICATE-----Generated at Wed May 13 02:40:49 2026 by rpki-client