$ rpki-client -vvf rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft File: 33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft (raw, json) Hash identifier: xSfjqhFSxn7Szzir83mBYwOw8MXdoY93pfGsRxe98ak= Subject key identifier: F7:AA:A5:18:FB:DE:A8:EB:B7:37:C1:C0:40:FC:A2:E0:B6:36:46:1C Authority key identifier: 33:DC:D8:55:DE:6E:86:6A:83:A5:70:AB:A8:A1:DE:A5:A6:E3:0E:4D Certificate issuer: /CN=33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D Certificate serial: 06B9076AA182808A6827FFDF11AC5DF7F8BFC426 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft Manifest number: 0F Signing time: Wed 13 May 2026 03:47:37 +0000 Manifest this update: Wed 13 May 2026 03:42:37 +0000 Manifest next update: Thu 14 May 2026 05:34:37 +0000 Files and hashes: 1: 33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.crl (hash: sVgY/bqhl0vMK7Wa4SDBEfJ9hW9pzPa7V/8AJbcULJc=) 2: 3130332e3232362e3233332e302f32342d3234203d3e203539323736.roa (hash: uqKW3vXwMrHK/2SgTQdiTOjsX9kzPieFPKMfbMm8/NQ=) 3: 3130332e3232362e3233322e302f32322d3234203d3e203539323736.roa (hash: U02e5KxNF9MHIRapu80B9THLjIPZwCj+D7pGERVzSdk=) 4: 3130332e3232362e3233342e302f32342d3234203d3e203539323736.roa (hash: suxBsM49rj/B+/QbrRHASWUhsJL/fsUqfhAd7EFeilQ=) 5: 323430303a623138303a3a2f33322d3438203d3e203539323736.roa (hash: Pp8IAqZslv9JrsHvh5t4K1Xf7pozFAooFyaeWpnY8Hw=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.crl rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 04:31:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:b9:07:6a:a1:82:80:8a:68:27:ff:df:11:ac:5d:f7:f8:bf:c4:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D Validity Not Before: May 13 03:42:37 2026 GMT Not After : May 14 05:34:37 2026 GMT Subject: CN=F7AAA518FBDEA8EBB737C1C040FCA2E0B636461C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:b5:a7:a0:79:8b:6b:c4:5c:88:b5:be:d4:2e: f2:3f:2e:c3:fe:38:7f:ff:56:0c:38:45:ca:8a:4f: ab:12:1d:f6:68:73:8a:e0:e6:40:dc:f9:0d:04:c8: 4a:36:ba:e2:30:b2:fe:60:19:fc:b1:6a:3f:46:5d: 02:b0:e8:32:e4:fd:05:b9:18:48:33:e7:88:a9:a5: 20:77:79:41:56:5c:38:f4:0e:9d:50:ed:45:3a:ae: 13:10:81:12:8a:e5:6d:3a:49:83:84:ec:c6:5d:3f: a1:8e:f4:60:97:10:1b:d0:e1:77:6d:3f:8a:a8:a4: a7:b4:44:9a:ce:11:56:c7:ff:22:12:8a:c8:40:01: a8:30:82:d2:7b:ca:85:0d:85:fa:19:db:1d:60:38: 25:5d:49:4b:7f:50:f1:75:d6:03:80:2b:a2:24:78: 91:cc:8a:65:fe:b4:db:79:5c:5e:e7:99:e6:8d:7c: 5c:53:7a:c5:1d:b0:c3:ba:b0:2e:a2:b6:8d:99:f7: 6e:14:19:c8:07:e0:94:6b:a8:83:9d:c8:75:4c:71: 46:c5:93:0b:b7:e5:0e:77:7b:31:9f:e0:84:3e:97: d7:3a:01:4a:8d:a6:2b:5e:49:8f:d2:84:f7:6f:b7: 43:b4:ce:fb:9f:72:ce:7b:0e:47:bf:55:f3:9a:cf: d0:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:AA:A5:18:FB:DE:A8:EB:B7:37:C1:C0:40:FC:A2:E0:B6:36:46:1C X509v3 Authority Key Identifier: keyid:33:DC:D8:55:DE:6E:86:6A:83:A5:70:AB:A8:A1:DE:A5:A6:E3:0E:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:00:94:36:ca:df:6b:ac:79:0e:19:a8:b9:a6:26:0b:86:1e: e8:47:7c:37:aa:63:1b:7d:5f:89:9c:92:93:37:f7:a2:bd:8d: c8:6a:52:46:90:97:a0:f6:0c:0f:ef:85:14:dc:39:b2:d6:d5: f2:c0:98:ab:f8:9e:38:95:26:bc:5a:28:e0:d4:c3:85:00:13: bb:a4:92:8c:ff:d0:36:90:5d:bb:b4:4f:64:47:e2:60:65:5a: dd:ee:6b:d1:e3:7a:e2:60:2a:2b:52:85:d9:08:3c:b2:d4:4c: a7:23:a0:65:68:15:1b:8a:5c:f2:a8:57:7b:78:64:c4:2c:9b: a9:cd:fd:47:57:55:c3:8c:bd:b0:d6:e5:cc:c5:83:04:67:b5: 74:32:42:83:d6:59:0e:b1:c1:09:1a:d6:12:08:a4:1f:7e:4a: 6f:f8:fb:46:26:8b:35:bd:f3:10:39:e1:b2:1c:69:19:9c:2d: ad:6d:0e:6b:7e:d3:cd:0b:d1:46:34:44:fa:f2:72:80:99:85: d0:15:3e:c0:70:36:75:47:bf:da:84:65:04:b3:a7:b0:49:34: b6:5c:5e:95:98:e4:44:58:ad:10:a9:05:37:71:ef:ff:3b:93: ef:3a:b6:95:ce:98:b2:42:0f:de:0c:07:1c:89:ac:fb:3b:1d: f4:6f:61:70 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBrkHaqGCgIpoJ//fEaxd9/i/xCYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzNEQ0Q4NTVERTZFODY2QTgzQTU3MEFCQThBMURFQTVB NkUzMEU0RDAeFw0yNjA1MTMwMzQyMzdaFw0yNjA1MTQwNTM0MzdaMDMxMTAvBgNV BAMTKEY3QUFBNTE4RkJERUE4RUJCNzM3QzFDMDQwRkNBMkUwQjYzNjQ2MUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHtaegeYtrxFyItb7ULvI/LsP+ OH//Vgw4RcqKT6sSHfZoc4rg5kDc+Q0EyEo2uuIwsv5gGfyxaj9GXQKw6DLk/QW5 GEgz54ippSB3eUFWXDj0Dp1Q7UU6rhMQgRKK5W06SYOE7MZdP6GO9GCXEBvQ4Xdt P4qopKe0RJrOEVbH/yISishAAagwgtJ7yoUNhfoZ2x1gOCVdSUt/UPF11gOAK6Ik eJHMimX+tNt5XF7nmeaNfFxTesUdsMO6sC6ito2Z924UGcgH4JRrqIOdyHVMcUbF kwu35Q53ezGf4IQ+l9c6AUqNpiteSY/ShPdvt0O0zvufcs57Dke/VfOaz9ClAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU96qlGPveqOu3N8HAQPyi4LY2RhwwHwYDVR0j BBgwFoAUM9zYVd5uhmqDpXCrqKHepabjDk0wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YmY1NDJiYzQtNzRkYy00NWRkLWI2NTktNzQ1Y2EyYWNhMzMzLzAvMzNEQ0Q4NTVE RTZFODY2QTgzQTU3MEFCQThBMURFQTVBNkUzMEU0RC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zM0RDRDg1NURFNkU4NjZBODNBNTcwQUJBOEExREVBNUE2RTMw RTRELmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYmY1NDJiYzQtNzRkYy00NWRkLWI2 NTktNzQ1Y2EyYWNhMzMzLzAvMzNEQ0Q4NTVERTZFODY2QTgzQTU3MEFCQThBMURF QTVBNkUzMEU0RC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFMAlDbK32useQ4ZqLmmJguGHuhHfDeqYxt9 X4mckpM396K9jchqUkaQl6D2DA/vhRTcObLW1fLAmKv4njiVJrxaKODUw4UAE7uk koz/0DaQXbu0T2RH4mBlWt3ua9HjeuJgKitShdkIPLLUTKcjoGVoFRuKXPKoV3t4 ZMQsm6nN/UdXVcOMvbDW5czFgwRntXQyQoPWWQ6xwQka1hIIpB9+Sm/4+0YmizW9 8xA54bIcaRmcLa1tDmt+080L0UY0RPrycoCZhdAVPsBwNnVHv9qEZQSzp7BJNLZc XpWY5ERYrRCpBTdx7/87k+86tpXOmLJCD94MBxyJrPs7HfRvYXA= -----END CERTIFICATE-----Generated at Wed May 13 07:56:30 2026 by rpki-client