$ rpki-client -vvf rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.mft File: 43D0943D0AD49FD34D79A7F436D9F7AF552F6702.mft (raw, json) Hash identifier: lCpxMFq7LF50oV7xCGa0O9c/DjZm3trgnrouBXFbNsY= Subject key identifier: 30:FD:B2:DD:B7:E1:50:E8:36:08:5F:FF:AB:6C:25:75:C6:69:2D:18 Authority key identifier: 43:D0:94:3D:0A:D4:9F:D3:4D:79:A7:F4:36:D9:F7:AF:55:2F:67:02 Certificate issuer: /CN=43D0943D0AD49FD34D79A7F436D9F7AF552F6702 Certificate serial: 4A5EA00E3E8BA50F205E8C2C9C62457ED34867D3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.mft Manifest number: 0F Signing time: Tue 12 May 2026 16:20:58 +0000 Manifest this update: Tue 12 May 2026 16:15:58 +0000 Manifest next update: Wed 13 May 2026 16:31:58 +0000 Files and hashes: 1: 43D0943D0AD49FD34D79A7F436D9F7AF552F6702.crl (hash: qwxoNiL+txEfg/tlnURQKh2WUuiW4MQvadLVLpWb0FM=) 2: 3130332e3136312e3131362e302f32342d3234203d3e203538333738.roa (hash: lOYan/tTMeCFnrAywnM0SljREMtkE1qDoXn8AuN63bo=) 3: 3130332e3136312e3131372e302f32342d3234203d3e20313430333936.roa (hash: j4dDYSTdl5zyq2E6gFmPn2O8HAKj+mVFK8qjYvnr4Tk=) 4: 3130332e3136312e3131372e302f32342d3234203d3e203538333738.roa (hash: UF6agt0uAGTYKvSykXC4qalAzD3vwK1cnzV5myQ1GUY=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.crl rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:5e:a0:0e:3e:8b:a5:0f:20:5e:8c:2c:9c:62:45:7e:d3:48:67:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43D0943D0AD49FD34D79A7F436D9F7AF552F6702 Validity Not Before: May 12 16:15:58 2026 GMT Not After : May 13 16:31:58 2026 GMT Subject: CN=30FDB2DDB7E150E836085FFFAB6C2575C6692D18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:5b:7e:43:63:b8:24:bb:d1:53:5a:62:3e:14: ff:56:cc:ae:e2:54:e4:48:93:b2:e0:23:1e:b1:33: 64:8b:3a:73:10:8d:4f:6d:f7:80:3c:71:87:57:6b: ec:78:1b:05:e0:aa:74:48:4b:df:fc:0f:1c:1a:84: 1f:41:8a:86:d5:e9:36:d1:6a:67:97:a7:a6:c6:50: b3:ed:00:25:f9:8d:48:e5:dc:97:7f:77:1f:12:58: a8:59:ea:66:10:3b:4c:aa:6d:4f:b4:08:df:b3:19: db:2b:03:20:54:47:1b:87:42:c3:91:22:ba:67:55: 47:c9:99:f7:1c:4b:c3:d6:e4:d0:54:d5:1c:7f:7e: 0d:83:48:72:4f:8a:d0:be:7a:ae:d1:31:99:97:ba: 43:71:61:b8:22:af:44:a7:2c:b7:79:82:f7:69:07: 45:43:58:ec:ce:29:20:f8:d2:16:ee:0a:0a:89:01: 04:3c:c4:2e:52:6a:f9:2a:af:c4:ce:ab:27:73:45: be:07:92:44:26:d9:75:e7:a6:da:08:70:aa:d0:ed: bf:66:2c:df:f3:93:41:43:e5:c5:90:12:c1:4a:6a: b1:9a:fe:d5:44:fd:51:16:9d:cd:d1:7e:4d:77:cb: ce:d9:47:18:20:3c:81:16:8c:81:54:33:90:8b:76: fc:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:FD:B2:DD:B7:E1:50:E8:36:08:5F:FF:AB:6C:25:75:C6:69:2D:18 X509v3 Authority Key Identifier: keyid:43:D0:94:3D:0A:D4:9F:D3:4D:79:A7:F4:36:D9:F7:AF:55:2F:67:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:26:2e:c2:35:a7:bb:b1:79:98:54:83:12:ca:c9:6e:2d:be: 6b:9a:b0:56:60:a2:22:98:35:bd:dd:62:ef:34:28:66:b4:91: b5:e0:a0:65:48:08:ab:99:74:14:fb:51:86:d2:84:31:8d:a2: 43:fe:95:60:68:33:38:27:dc:1e:b2:aa:f3:47:eb:fc:5d:88: 1a:ad:21:ca:51:55:31:aa:a6:7b:f6:37:d6:58:4d:71:76:45: 33:a9:66:d8:98:d6:a4:2b:e6:fe:ad:f3:77:94:68:aa:8b:15: ce:27:9f:6c:62:03:65:18:73:a8:c5:6b:1c:f2:1e:99:53:30: 8d:ca:40:e4:88:43:6c:61:85:83:1c:92:09:30:2c:7e:eb:35: 4e:0e:20:0c:5b:a4:7d:79:83:e4:a6:13:2a:f5:74:5c:a1:c2: da:1d:ea:40:e5:51:5f:c5:77:96:c6:78:26:57:4f:af:b0:f0: 24:52:a5:aa:ca:ec:90:64:1b:51:3b:fb:28:9e:90:72:76:a2: 9c:a4:87:81:3e:af:87:a2:46:e6:9d:08:b3:fd:da:a7:d0:ba: c4:33:c8:5f:0b:7f:0e:59:35:19:48:b9:66:b7:35:6d:90:68: e4:dc:fc:8b:dc:72:8d:45:5c:17:e4:ec:14:5b:6e:9d:f2:ee: db:63:a0:99 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSl6gDj6LpQ8gXowsnGJFftNIZ9MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDNEMDk0M0QwQUQ0OUZEMzRENzlBN0Y0MzZEOUY3QUY1 NTJGNjcwMjAeFw0yNjA1MTIxNjE1NThaFw0yNjA1MTMxNjMxNThaMDMxMTAvBgNV BAMTKDMwRkRCMkREQjdFMTUwRTgzNjA4NUZGRkFCNkMyNTc1QzY2OTJEMTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeW35DY7gku9FTWmI+FP9WzK7i VORIk7LgIx6xM2SLOnMQjU9t94A8cYdXa+x4GwXgqnRIS9/8DxwahB9BiobV6TbR ameXp6bGULPtACX5jUjl3Jd/dx8SWKhZ6mYQO0yqbU+0CN+zGdsrAyBURxuHQsOR IrpnVUfJmfccS8PW5NBU1Rx/fg2DSHJPitC+eq7RMZmXukNxYbgir0SnLLd5gvdp B0VDWOzOKSD40hbuCgqJAQQ8xC5Savkqr8TOqydzRb4HkkQm2XXnptoIcKrQ7b9m LN/zk0FD5cWQEsFKarGa/tVE/VEWnc3Rfk13y87ZRxggPIEWjIFUM5CLdvxpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMP2y3bfhUOg2CF//q2wldcZpLRgwHwYDVR0j BBgwFoAUQ9CUPQrUn9NNeaf0Ntn3r1UvZwIwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YjczNTA3ZjMtZjhjMC00MTBiLWIxOWUtNTdlNDhiZjMyMzA1LzAvNDNEMDk0M0Qw QUQ0OUZEMzRENzlBN0Y0MzZEOUY3QUY1NTJGNjcwMi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80M0QwOTQzRDBBRDQ5RkQzNEQ3OUE3RjQzNkQ5RjdBRjU1MkY2 NzAyLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYjczNTA3ZjMtZjhjMC00MTBiLWIx OWUtNTdlNDhiZjMyMzA1LzAvNDNEMDk0M0QwQUQ0OUZEMzRENzlBN0Y0MzZEOUY3 QUY1NTJGNjcwMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAI4mLsI1p7uxeZhUgxLKyW4tvmuasFZgoiKY Nb3dYu80KGa0kbXgoGVICKuZdBT7UYbShDGNokP+lWBoMzgn3B6yqvNH6/xdiBqt IcpRVTGqpnv2N9ZYTXF2RTOpZtiY1qQr5v6t83eUaKqLFc4nn2xiA2UYc6jFaxzy HplTMI3KQOSIQ2xhhYMckgkwLH7rNU4OIAxbpH15g+SmEyr1dFyhwtod6kDlUV/F d5bGeCZXT6+w8CRSparK7JBkG1E7+yiekHJ2opykh4E+r4eiRuadCLP92qfQusQz yF8Lfw5ZNRlIuWa3NW2QaOTc/Ivcco1FXBfk7BRbbp3y7ttjoJk= -----END CERTIFICATE-----Generated at Tue May 12 22:20:17 2026 by rpki-client