$ rpki-client -vvf rpki-rsync.idnic.net/repo/aa433934-3844-4653-8fac-1858b2823d1c/0/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.mft File: 43F896EEB70F2F97883FF459CAE3ACB43742B3BC.mft (raw, json) Hash identifier: slRUOmcSeppIUp3CdI3xizWuM2mCFGTDGcl8WB1I1Q0= Subject key identifier: 4E:A0:08:C8:C1:ED:9E:26:27:F4:74:C8:A0:1E:1E:97:D6:27:5D:F9 Authority key identifier: 43:F8:96:EE:B7:0F:2F:97:88:3F:F4:59:CA:E3:AC:B4:37:42:B3:BC Certificate issuer: /CN=43F896EEB70F2F97883FF459CAE3ACB43742B3BC Certificate serial: 07D71A799A2BA270713F959F566E64FD2833F54D Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/aa433934-3844-4653-8fac-1858b2823d1c/0/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.mft Manifest number: 0F Signing time: Tue 12 May 2026 19:40:49 +0000 Manifest this update: Tue 12 May 2026 19:35:49 +0000 Manifest next update: Wed 13 May 2026 23:29:49 +0000 Files and hashes: 1: 323030313a6466333a623838303a3a2f34382d3438203d3e203137353338.roa (hash: 8so5gt5H9uGwMpnvmuPmOphhipCyfITSegbgfqUMLB8=) 2: 3130332e3135312e39342e302f32342d3234203d3e203137353338.roa (hash: zK6cRL88GJh6m3ulXU/23rYWx1uCoF/U17/Vb4bnDxI=) 3: 43F896EEB70F2F97883FF459CAE3ACB43742B3BC.crl (hash: YV6DNAKUhyX8MH4CaroFndkgNbLyknNnzR0nvy6xDZw=) 4: 3130332e3135312e39352e302f32342d3234203d3e203137353338.roa (hash: zJ5Jgen43BSfgth1+Wx2KQ4rMgZaYS8tSCDudAuawmM=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/aa433934-3844-4653-8fac-1858b2823d1c/0/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.crl rsync://rpki-rsync.idnic.net/repo/aa433934-3844-4653-8fac-1858b2823d1c/0/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:d7:1a:79:9a:2b:a2:70:71:3f:95:9f:56:6e:64:fd:28:33:f5:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43F896EEB70F2F97883FF459CAE3ACB43742B3BC Validity Not Before: May 12 19:35:49 2026 GMT Not After : May 13 23:29:49 2026 GMT Subject: CN=4EA008C8C1ED9E2627F474C8A01E1E97D6275DF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:96:84:b7:b5:9b:dd:ee:54:42:6a:5e:b7:83: b9:f0:2f:b1:fe:f3:be:88:fb:df:98:9e:e6:2f:77: 55:61:f2:26:df:1c:b8:4c:04:11:40:e2:28:3c:1c: 39:34:20:9e:bb:12:71:bc:22:7a:f5:2d:6a:f4:32: ec:b4:84:42:1f:eb:e5:73:a2:a7:5a:7c:ef:4c:74: 25:2d:63:6b:24:be:5a:77:32:71:be:69:00:3b:97: 96:3c:24:f8:51:34:92:61:1d:f9:9c:46:f4:77:23: d5:b8:ab:8d:cd:69:4d:87:c3:c1:fd:47:9b:7c:7a: e0:20:dd:22:fc:ff:82:0e:0e:49:bd:9c:71:1f:78: 43:cf:f3:db:e8:8d:b9:07:f4:80:71:a5:5d:b1:44: 8e:ff:12:a0:9d:96:ce:3b:11:64:c4:29:14:df:ca: 22:2c:f3:38:3d:30:eb:5c:16:0b:7c:e0:82:01:f7: 67:13:49:2c:2a:6e:16:1c:f6:2f:59:77:70:a2:48: 31:95:35:7c:07:39:53:32:d0:21:7d:38:17:c4:92: bc:0f:f9:11:68:70:49:7a:a4:9a:92:85:61:48:eb: cc:ac:e3:4d:03:d2:63:ed:18:69:c3:55:c9:ba:da: 60:06:cc:10:2c:83:65:7a:8c:1e:df:78:14:f3:b4: 33:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:A0:08:C8:C1:ED:9E:26:27:F4:74:C8:A0:1E:1E:97:D6:27:5D:F9 X509v3 Authority Key Identifier: keyid:43:F8:96:EE:B7:0F:2F:97:88:3F:F4:59:CA:E3:AC:B4:37:42:B3:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/aa433934-3844-4653-8fac-1858b2823d1c/0/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/aa433934-3844-4653-8fac-1858b2823d1c/0/43F896EEB70F2F97883FF459CAE3ACB43742B3BC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:1b:6e:cd:29:9a:36:00:6f:d6:6c:e7:15:f4:4c:5b:64:5d: 18:30:df:20:f2:91:b5:c4:4f:78:e6:67:10:dc:3e:49:48:85: 64:d4:2c:a4:ee:ab:9b:b4:2b:8d:ef:95:63:b1:51:61:b9:7e: da:87:4a:dc:c6:4a:16:c9:c3:2a:93:ca:99:a5:1e:0d:6e:8c: 98:9d:32:84:6f:e5:c9:6d:bd:00:9a:6b:62:a0:9e:30:c1:58: ac:52:30:1d:b7:2b:10:a0:c2:2d:ec:c5:ae:12:e1:d7:f1:ca: f3:3a:fd:39:2c:cd:5b:61:72:b9:ad:d9:d7:ba:a5:35:c7:7c: ad:be:fc:8e:8e:1b:7f:33:84:40:1d:83:59:2a:ca:9b:d6:b9: 47:8c:bd:39:0b:72:5c:9c:a2:50:4c:b0:4f:9e:89:26:8e:c7: 21:33:74:b5:f5:2e:5f:d8:e1:b6:a1:0e:63:28:5e:22:fd:48: e7:90:3e:80:90:1a:bf:08:87:53:50:44:67:08:6d:ce:21:39: ed:69:1d:45:8c:26:6e:f3:16:ed:f6:3e:ac:ad:c5:4c:e9:78: 6f:04:50:d7:65:35:b0:78:a1:eb:ea:b3:c5:27:79:ed:90:23: 6c:52:58:a6:1c:34:68:b3:d0:b0:4b:a4:e7:22:b9:29:49:3d: d8:ad:80:92 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUB9caeZoronBxP5WfVm5k/Sgz9U0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDNGODk2RUVCNzBGMkY5Nzg4M0ZGNDU5Q0FFM0FDQjQz NzQyQjNCQzAeFw0yNjA1MTIxOTM1NDlaFw0yNjA1MTMyMzI5NDlaMDMxMTAvBgNV BAMTKDRFQTAwOEM4QzFFRDlFMjYyN0Y0NzRDOEEwMUUxRTk3RDYyNzVERjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+loS3tZvd7lRCal63g7nwL7H+ 876I+9+YnuYvd1Vh8ibfHLhMBBFA4ig8HDk0IJ67EnG8Inr1LWr0Muy0hEIf6+Vz oqdafO9MdCUtY2skvlp3MnG+aQA7l5Y8JPhRNJJhHfmcRvR3I9W4q43NaU2Hw8H9 R5t8euAg3SL8/4IODkm9nHEfeEPP89vojbkH9IBxpV2xRI7/EqCdls47EWTEKRTf yiIs8zg9MOtcFgt84IIB92cTSSwqbhYc9i9Zd3CiSDGVNXwHOVMy0CF9OBfEkrwP +RFocEl6pJqShWFI68ys400D0mPtGGnDVcm62mAGzBAsg2V6jB7feBTztDP/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUTqAIyMHtniYn9HTIoB4el9YnXfkwHwYDVR0j BBgwFoAUQ/iW7rcPL5eIP/RZyuOstDdCs7wwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YWE0MzM5MzQtMzg0NC00NjUzLThmYWMtMTg1OGIyODIzZDFjLzAvNDNGODk2RUVC NzBGMkY5Nzg4M0ZGNDU5Q0FFM0FDQjQzNzQyQjNCQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80M0Y4OTZFRUI3MEYyRjk3ODgzRkY0NTlDQUUzQUNCNDM3NDJC M0JDLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYWE0MzM5MzQtMzg0NC00NjUzLThm YWMtMTg1OGIyODIzZDFjLzAvNDNGODk2RUVCNzBGMkY5Nzg4M0ZGNDU5Q0FFM0FD QjQzNzQyQjNCQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJ4bbs0pmjYAb9Zs5xX0TFtkXRgw3yDykbXE T3jmZxDcPklIhWTULKTuq5u0K43vlWOxUWG5ftqHStzGShbJwyqTypmlHg1ujJid MoRv5cltvQCaa2KgnjDBWKxSMB23KxCgwi3sxa4S4dfxyvM6/TkszVthcrmt2de6 pTXHfK2+/I6OG38zhEAdg1kqypvWuUeMvTkLclycolBMsE+eiSaOxyEzdLX1Ll/Y 4bahDmMoXiL9SOeQPoCQGr8Ih1NQRGcIbc4hOe1pHUWMJm7zFu32PqytxUzpeG8E UNdlNbB4oevqs8Unee2QI2xSWKYcNGiz0LBLpOciuSlJPditgJI= -----END CERTIFICATE-----Generated at Wed May 13 02:26:34 2026 by rpki-client