$ rpki-client -vvf rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.mft File: A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.mft (raw, json) Hash identifier: vSs+RotzPmj/Bs4hZgF1NCTGLzDbJKL9peTF3MaFtkw= Subject key identifier: AA:E1:FC:9B:71:39:A6:70:E8:E7:88:B2:F1:B2:84:8D:22:B2:80:4D Authority key identifier: A8:9E:28:00:8F:43:B7:04:C2:FD:C3:EA:D3:FA:F0:83:0E:6C:1A:EF Certificate issuer: /CN=A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF Certificate serial: 45C703111933293AF30E8C57BD23BB57D4DF41C8 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.mft Manifest number: 0E Signing time: Tue 12 May 2026 06:37:36 +0000 Manifest this update: Tue 12 May 2026 06:32:36 +0000 Manifest next update: Wed 13 May 2026 07:42:36 +0000 Files and hashes: 1: 3130332e3139362e3131382e302f32332d3234203d3e20313530323131.roa (hash: cw9vNPqzj+nbF/8UED+AX3JWM0AiWyBHrefZED5PbbE=) 2: 3130332e3139362e3131382e302f32342d3234203d3e20313530323131.roa (hash: rH0EBEYwFNkXIM8Mj3asy0ipU8+X9tTfzMeEAFrvYrM=) 3: 3130332e3139362e3131392e302f32342d3234203d3e20313530323131.roa (hash: 7Xohzs3qzHwElj+iGxc/XgWir/J3Steo6jFstKpP8Y0=) 4: A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.crl (hash: W17JkVhXbQSzMB74KRwrvAM4MWydzL6jLb3fEq9k1BU=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.crl rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:42:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:c7:03:11:19:33:29:3a:f3:0e:8c:57:bd:23:bb:57:d4:df:41:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF Validity Not Before: May 12 06:32:36 2026 GMT Not After : May 13 07:42:36 2026 GMT Subject: CN=AAE1FC9B7139A670E8E788B2F1B2848D22B2804D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:c3:8a:a5:5e:9b:02:8b:db:82:66:e0:b6:8f: 8d:d0:1f:63:44:a9:94:cc:45:c2:76:da:8c:fc:33: 58:6f:c2:ab:51:21:b1:6c:dc:08:5d:7d:17:67:63: 6e:76:5e:a6:2d:c9:71:c0:94:0c:e1:2b:d2:f4:cb: cc:98:71:db:15:e2:3d:20:57:c6:55:81:97:33:78: 63:2f:62:04:98:f6:ed:fe:ab:f7:4b:51:79:51:63: e3:ad:ba:f6:c1:ad:73:a3:21:d0:97:34:1e:d5:e3: dc:f8:2f:e9:74:eb:40:aa:f1:98:3a:63:a0:25:50: f3:35:30:ae:18:6e:98:d7:60:7f:38:d6:ba:8d:84: 87:42:6c:ab:83:0c:8d:a2:88:a8:57:3e:de:08:1d: 43:96:8b:a9:80:66:1d:0e:80:35:a4:b5:6d:83:f6: bb:57:54:86:59:10:6b:2a:7e:79:95:4e:6d:20:45: a1:a0:6d:17:ce:d1:24:bf:29:12:45:2d:c4:88:86: 8a:4b:48:99:36:5d:5f:ad:5f:2e:d3:6a:41:b2:b2: 94:d2:00:1f:ec:65:49:91:a6:34:73:65:1d:04:51: af:27:87:dc:32:dc:4f:33:ff:6e:2c:69:ac:cb:58: fb:6f:c6:be:4f:5a:04:c3:80:0c:2d:c3:92:31:22: c8:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:E1:FC:9B:71:39:A6:70:E8:E7:88:B2:F1:B2:84:8D:22:B2:80:4D X509v3 Authority Key Identifier: keyid:A8:9E:28:00:8F:43:B7:04:C2:FD:C3:EA:D3:FA:F0:83:0E:6C:1A:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:08:c3:72:79:61:ad:b8:51:5d:e5:76:ed:e3:68:9c:17:c2: cd:c3:16:2b:b4:dd:38:ff:cb:04:ae:f3:8b:ed:71:71:00:29: dd:b1:e7:a3:d2:6f:c8:98:b6:ea:40:6a:e5:4b:dc:54:4c:e9: 4b:20:92:f5:fc:0c:70:00:fd:f4:41:9b:81:5a:f2:2d:dd:ea: fa:f0:b7:22:10:fa:94:0e:b8:23:72:6f:f7:1c:6c:24:a0:ab: 8f:ef:cc:4a:92:6a:fe:44:1e:cc:76:af:0f:ae:98:50:0f:9c: 72:f0:3b:74:a1:2c:6f:e7:64:8d:26:2b:87:dd:57:cb:3e:43: 18:3f:ed:a0:2c:61:a3:9d:08:be:36:42:1c:6a:18:5f:96:ce: 0e:09:94:57:81:70:3a:4d:3f:0a:cf:78:1d:61:78:b9:d4:6a: 3d:38:f1:3e:44:c4:ca:f0:66:d2:ac:28:b7:a1:e4:22:0c:ff: d0:6a:2a:d3:c6:2b:53:10:87:17:1f:9e:fb:ca:0c:2e:b4:f1: 22:06:1c:92:5c:31:12:3c:d0:b0:02:94:28:fe:dd:02:cf:d3: b2:5f:52:04:46:49:34:40:64:89:f8:ec:dc:35:9e:a0:b0:be: c5:54:b0:a2:99:7d:88:32:dc:ae:29:0b:9f:c3:79:7f:31:41: bf:28:7a:97 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURccDERkzKTrzDoxXvSO7V9TfQcgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTg5RTI4MDA4RjQzQjcwNEMyRkRDM0VBRDNGQUYwODMw RTZDMUFFRjAeFw0yNjA1MTIwNjMyMzZaFw0yNjA1MTMwNzQyMzZaMDMxMTAvBgNV BAMTKEFBRTFGQzlCNzEzOUE2NzBFOEU3ODhCMkYxQjI4NDhEMjJCMjgwNEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVw4qlXpsCi9uCZuC2j43QH2NE qZTMRcJ22oz8M1hvwqtRIbFs3AhdfRdnY252XqYtyXHAlAzhK9L0y8yYcdsV4j0g V8ZVgZczeGMvYgSY9u3+q/dLUXlRY+OtuvbBrXOjIdCXNB7V49z4L+l060Cq8Zg6 Y6AlUPM1MK4YbpjXYH841rqNhIdCbKuDDI2iiKhXPt4IHUOWi6mAZh0OgDWktW2D 9rtXVIZZEGsqfnmVTm0gRaGgbRfO0SS/KRJFLcSIhopLSJk2XV+tXy7TakGyspTS AB/sZUmRpjRzZR0EUa8nh9wy3E8z/24saazLWPtvxr5PWgTDgAwtw5IxIsjzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUquH8m3E5pnDo54iy8bKEjSKygE0wHwYDVR0j BBgwFoAUqJ4oAI9DtwTC/cPq0/rwgw5sGu8wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YTY0MGFiZTYtOGRlZS00YmQxLTgxNGMtMmFmMzFhM2Q5Y2RmLzAvQTg5RTI4MDA4 RjQzQjcwNEMyRkRDM0VBRDNGQUYwODMwRTZDMUFFRi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BODlFMjgwMDhGNDNCNzA0QzJGREMzRUFEM0ZBRjA4MzBFNkMx QUVGLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYTY0MGFiZTYtOGRlZS00YmQxLTgx NGMtMmFmMzFhM2Q5Y2RmLzAvQTg5RTI4MDA4RjQzQjcwNEMyRkRDM0VBRDNGQUYw ODMwRTZDMUFFRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHsIw3J5Ya24UV3ldu3jaJwXws3DFiu03Tj/ ywSu84vtcXEAKd2x56PSb8iYtupAauVL3FRM6UsgkvX8DHAA/fRBm4Fa8i3d6vrw tyIQ+pQOuCNyb/ccbCSgq4/vzEqSav5EHsx2rw+umFAPnHLwO3ShLG/nZI0mK4fd V8s+Qxg/7aAsYaOdCL42QhxqGF+Wzg4JlFeBcDpNPwrPeB1heLnUaj048T5ExMrw ZtKsKLeh5CIM/9BqKtPGK1MQhxcfnvvKDC608SIGHJJcMRI80LAClCj+3QLP07Jf UgRGSTRAZIn47Nw1nqCwvsVUsKKZfYgy3K4pC5/DeX8xQb8oepc= -----END CERTIFICATE-----Generated at Tue May 12 23:20:54 2026 by rpki-client