$ rpki-client -vvf rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.mft File: 59406D6B894D2596F895003DEE4D8D96CC43B39F.mft (raw, json) Hash identifier: Y4tf17fGzRSt5p355YJGiXF5VOKAGqRWUxVzzjcqL/o= Subject key identifier: 30:C8:CF:67:C2:FC:8A:7A:53:05:ED:6F:B5:CD:2F:D9:09:CF:09:15 Authority key identifier: 59:40:6D:6B:89:4D:25:96:F8:95:00:3D:EE:4D:8D:96:CC:43:B3:9F Certificate issuer: /CN=59406D6B894D2596F895003DEE4D8D96CC43B39F Certificate serial: 5CC9C9F84E2243BE21422CE70C3375F9FE79C361 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/59406D6B894D2596F895003DEE4D8D96CC43B39F.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.mft Manifest number: 0E Signing time: Tue 12 May 2026 02:20:30 +0000 Manifest this update: Tue 12 May 2026 02:15:30 +0000 Manifest next update: Wed 13 May 2026 05:52:30 +0000 Files and hashes: 1: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: 2NT3KSaIgnkQK0dsegRvJOGdovq/XdyRI/OHCIdm244=) 2: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: lsGPNQll8lHqimmyJl12NLTMwKg8Yil8iz0vwp/l9l4=) 3: 59406D6B894D2596F895003DEE4D8D96CC43B39F.crl (hash: CXc+WyIDh4bprV2sIfgqE8oZ6QomT1jATRxOMWucFIg=) 4: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: hCsETlpD6R/zfRJVkzNBOTiAfvvIYDjPCkGRa8bOeSk=) 5: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: nM1lR1t5YbRxvlzSB15Qj3P9xptJWT24EGOpflzojVc=) 6: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: UA+YdwLCDED5UMDmCG4dNPuGHlL+yaAK93vKKhIdDPg=) 7: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: zFIO9wiF748rHmRcjoZ1ZZ07oJftCfa8w4TwQheX8tM=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.crl rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/59406D6B894D2596F895003DEE4D8D96CC43B39F.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 05:52:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:c9:c9:f8:4e:22:43:be:21:42:2c:e7:0c:33:75:f9:fe:79:c3:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=59406D6B894D2596F895003DEE4D8D96CC43B39F Validity Not Before: May 12 02:15:30 2026 GMT Not After : May 13 05:52:30 2026 GMT Subject: CN=30C8CF67C2FC8A7A5305ED6FB5CD2FD909CF0915 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:0c:61:81:96:3a:ce:3f:5b:f1:b2:24:4d:23: 23:d3:13:4a:6c:87:ed:af:77:ec:29:2d:0c:2b:0c: 95:03:43:d7:0a:3b:8f:a9:ec:29:a8:49:be:47:1d: 84:0f:f8:d3:14:e4:91:e4:bb:75:a2:88:92:a6:2e: 93:f2:1d:71:40:d6:6c:41:1e:19:0a:f5:00:ec:da: fb:56:2f:be:90:43:f0:46:4b:72:4e:3b:bf:5b:77: 15:43:05:76:75:c8:96:33:76:5a:79:a7:fa:c8:f8: 0d:53:a2:a5:40:48:73:59:78:d3:16:d6:08:2e:db: 45:f3:61:52:08:dd:1d:89:90:13:ce:30:dc:73:86: da:7d:b4:58:64:6e:07:73:b9:b1:e6:0e:e5:16:20: 53:cd:80:74:f3:8a:85:c4:fb:c9:7a:c7:c9:c6:b8: b1:73:8d:bc:22:60:cb:2a:9d:e1:6b:de:4b:f5:a9: 01:6d:bb:a0:38:04:47:52:2d:82:00:c9:4f:d1:38: 60:2d:c0:f5:f4:e1:41:75:85:71:f4:52:a7:4a:5d: d8:ba:41:52:90:51:26:9c:71:68:78:e0:2f:81:17: 6b:59:a6:12:c7:50:1a:91:41:59:60:ad:82:79:9b: 9b:ab:0e:00:84:8a:b5:c6:11:45:37:12:29:a6:cb: 6d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:C8:CF:67:C2:FC:8A:7A:53:05:ED:6F:B5:CD:2F:D9:09:CF:09:15 X509v3 Authority Key Identifier: keyid:59:40:6D:6B:89:4D:25:96:F8:95:00:3D:EE:4D:8D:96:CC:43:B3:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/59406D6B894D2596F895003DEE4D8D96CC43B39F.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:e3:78:85:7e:b3:03:ec:b3:06:2f:57:18:b8:f2:07:b2:09: 7e:a3:bf:cc:14:76:43:0b:7a:65:5d:a7:b7:54:b4:79:cd:ba: e2:d2:33:d1:b9:18:2e:f3:67:9f:20:a4:6c:97:f4:7c:be:47: ad:0f:07:1b:d7:7b:22:4e:8b:a1:32:98:da:36:2e:93:43:6b: 4f:04:54:d5:15:c3:9d:a6:93:ae:fc:60:e8:29:f5:5c:00:a9: 07:8f:f0:cb:1a:88:1e:98:f6:16:a0:89:be:d1:cf:a9:95:d1: 7f:2c:78:a7:9a:bf:9b:5e:e7:f5:0d:e4:58:0a:7f:60:9f:2e: cc:49:89:8a:70:22:05:54:25:a3:59:d8:a9:7a:db:f7:1c:a6: 23:e8:0f:a8:ef:9a:4b:7f:9e:d2:50:b4:2c:74:bc:77:ac:d7: 0f:66:5c:dd:f1:26:81:e4:15:fc:f1:2e:01:88:67:11:d5:fe: 3d:b1:a4:22:56:7f:f4:ff:de:d8:e5:eb:6f:79:b4:1d:9e:f6: 30:88:8a:b5:8b:2f:b8:75:30:45:37:fb:47:63:82:c6:3f:86: ed:59:94:9d:10:0d:6f:40:01:1e:85:d2:34:59:71:69:ca:7c: c2:23:35:8a:dc:cd:e4:ee:95:a8:2d:90:51:9a:46:96:cb:7e: f7:31:24:32 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXMnJ+E4iQ74hQiznDDN1+f55w2EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTk0MDZENkI4OTREMjU5NkY4OTUwMDNERUU0RDhEOTZD QzQzQjM5RjAeFw0yNjA1MTIwMjE1MzBaFw0yNjA1MTMwNTUyMzBaMDMxMTAvBgNV BAMTKDMwQzhDRjY3QzJGQzhBN0E1MzA1RUQ2RkI1Q0QyRkQ5MDlDRjA5MTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfDGGBljrOP1vxsiRNIyPTE0ps h+2vd+wpLQwrDJUDQ9cKO4+p7CmoSb5HHYQP+NMU5JHku3WiiJKmLpPyHXFA1mxB HhkK9QDs2vtWL76QQ/BGS3JOO79bdxVDBXZ1yJYzdlp5p/rI+A1ToqVASHNZeNMW 1ggu20XzYVII3R2JkBPOMNxzhtp9tFhkbgdzubHmDuUWIFPNgHTzioXE+8l6x8nG uLFzjbwiYMsqneFr3kv1qQFtu6A4BEdSLYIAyU/ROGAtwPX04UF1hXH0UqdKXdi6 QVKQUSaccWh44C+BF2tZphLHUBqRQVlgrYJ5m5urDgCEirXGEUU3Eimmy20HAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMMjPZ8L8inpTBe1vtc0v2QnPCRUwHwYDVR0j BBgwFoAUWUBta4lNJZb4lQA97k2NlsxDs58wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YmQxZWU1ZTItMzM4Yy00ZDIwLTgwN2UtZTUwYjc1NTgzZGI4LzAvNTk0MDZENkI4 OTREMjU5NkY4OTUwMDNERUU0RDhEOTZDQzQzQjM5Ri5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS81OTQwNkQ2Qjg5NEQyNTk2Rjg5NTAwM0RFRTREOEQ5NkNDNDNC MzlGLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvNTk0MDZENkI4OTREMjU5NkY4OTUwMDNERUU0RDhE OTZDQzQzQjM5Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE/jeIV+swPsswYvVxi48geyCX6jv8wUdkML emVdp7dUtHnNuuLSM9G5GC7zZ58gpGyX9Hy+R60PBxvXeyJOi6EymNo2LpNDa08E VNUVw52mk678YOgp9VwAqQeP8MsaiB6Y9hagib7Rz6mV0X8seKeav5te5/UN5FgK f2CfLsxJiYpwIgVUJaNZ2Kl62/ccpiPoD6jvmkt/ntJQtCx0vHes1w9mXN3xJoHk FfzxLgGIZxHV/j2xpCJWf/T/3tjl6295tB2e9jCIirWLL7h1MEU3+0djgsY/hu1Z lJ0QDW9AAR6F0jRZcWnKfMIjNYrczeTulagtkFGaRpbLfvcxJDI= -----END CERTIFICATE-----Generated at Tue May 12 22:13:25 2026 by rpki-client