$ rpki-client -vvf rpki-rsync.idnic.net/repo/df1a0df6-1d3a-4bcc-b3d1-64695f87e37f/0/A041DA85A835517127145910FB36AAA5B7CA41F2.mft File: A041DA85A835517127145910FB36AAA5B7CA41F2.mft (raw, json) Hash identifier: ja2+vWPpdahfMSM0bcb5+G5bjBa4Ec+IjsNYU4kleUA= Subject key identifier: 38:92:82:4E:BD:2F:4B:6C:0E:1F:59:22:8A:72:F4:CD:C9:9E:4E:9F Authority key identifier: A0:41:DA:85:A8:35:51:71:27:14:59:10:FB:36:AA:A5:B7:CA:41:F2 Certificate issuer: /CN=A041DA85A835517127145910FB36AAA5B7CA41F2 Certificate serial: 46AB61FB76ED3D13E9DF46318B3FAF55483F11D1 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/A041DA85A835517127145910FB36AAA5B7CA41F2.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/df1a0df6-1d3a-4bcc-b3d1-64695f87e37f/0/A041DA85A835517127145910FB36AAA5B7CA41F2.mft Manifest number: 0F Signing time: Tue 12 May 2026 14:34:21 +0000 Manifest this update: Tue 12 May 2026 14:29:21 +0000 Manifest next update: Wed 13 May 2026 16:24:21 +0000 Files and hashes: 1: 3136302e32322e3139372e302f32342d3234203d3e20313532383232.roa (hash: cvKGIujNKpn8r6a8rprf+PEz/toRdewoQzshB4q6X84=) 2: A041DA85A835517127145910FB36AAA5B7CA41F2.crl (hash: KMKfUUMg07lmP97c97Dm/fPOMlxQ6qLNgESuL1d4ODE=) 3: 3136302e32322e3139362e302f32332d3233203d3e20313532383232.roa (hash: vmjqWZXe1WAW716qvYHn6H4tiVZPN9hJplwpeaEOs+c=) 4: 3136302e32322e3139362e302f32342d3234203d3e20313532383232.roa (hash: tY2P809Veb9qnVz+b5sj5T6oUhcFMFNmQj4vHbtiv9U=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/df1a0df6-1d3a-4bcc-b3d1-64695f87e37f/0/A041DA85A835517127145910FB36AAA5B7CA41F2.crl rsync://rpki-rsync.idnic.net/repo/df1a0df6-1d3a-4bcc-b3d1-64695f87e37f/0/A041DA85A835517127145910FB36AAA5B7CA41F2.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/A041DA85A835517127145910FB36AAA5B7CA41F2.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:ab:61:fb:76:ed:3d:13:e9:df:46:31:8b:3f:af:55:48:3f:11:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A041DA85A835517127145910FB36AAA5B7CA41F2 Validity Not Before: May 12 14:29:21 2026 GMT Not After : May 13 16:24:21 2026 GMT Subject: CN=3892824EBD2F4B6C0E1F59228A72F4CDC99E4E9F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:80:34:d6:e2:be:46:b2:b2:77:52:1b:fe:af: f3:44:c8:41:f2:f7:1c:1b:63:0a:d0:c7:2f:cc:53: a1:7f:b6:d2:7a:65:ac:12:d7:5f:bc:78:18:1b:8e: 82:56:78:a9:e6:ef:44:c3:ec:bf:dc:cf:8a:75:12: 58:63:97:59:d7:43:93:8f:8b:5b:b6:fc:f1:17:b7: ec:b6:2c:b9:5f:57:2e:dc:20:f9:c2:d0:9c:bc:48: 06:87:83:e1:b9:e3:d3:f1:86:99:a4:bd:35:3d:fb: 22:b2:39:6b:41:d9:ba:4b:bd:db:98:e8:f2:1a:e5: 1e:39:77:35:8d:99:2a:ef:ec:fb:b1:80:d7:c3:ec: 99:82:c9:ab:98:2b:6e:4b:a0:94:cd:a5:9e:f0:a1: bb:fd:11:31:73:37:b9:45:e1:9f:d9:52:e7:d0:92: e0:a4:fb:b0:bb:3c:f5:b8:36:b4:82:27:d7:0c:d0: cb:4b:3e:e9:6a:f2:cd:1e:f4:1f:9c:35:34:49:8e: c6:35:62:40:a2:fe:aa:0a:7f:72:ce:e0:1c:5e:9e: 96:55:15:bb:26:4c:56:0f:88:c9:12:57:57:85:3f: 1a:a8:e9:4d:d5:ab:18:ee:ad:67:0e:ae:79:90:fa: 6e:26:1a:b7:61:f1:82:3d:42:34:ab:62:8b:f3:8d: fa:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:92:82:4E:BD:2F:4B:6C:0E:1F:59:22:8A:72:F4:CD:C9:9E:4E:9F X509v3 Authority Key Identifier: keyid:A0:41:DA:85:A8:35:51:71:27:14:59:10:FB:36:AA:A5:B7:CA:41:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/df1a0df6-1d3a-4bcc-b3d1-64695f87e37f/0/A041DA85A835517127145910FB36AAA5B7CA41F2.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/A041DA85A835517127145910FB36AAA5B7CA41F2.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/df1a0df6-1d3a-4bcc-b3d1-64695f87e37f/0/A041DA85A835517127145910FB36AAA5B7CA41F2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:fb:42:82:dc:8c:eb:c3:e4:77:26:97:f5:28:41:ba:e7:66: b3:b7:15:e9:73:4b:48:11:07:d1:16:a2:da:9b:1a:17:f6:52: 4c:21:71:c3:e0:0c:d5:7f:6c:2f:05:7a:f4:77:6f:b9:92:c5: 70:fe:90:b9:f8:60:30:4d:27:d8:ab:da:82:42:9a:2a:24:0a: aa:d1:cd:57:f5:6f:37:0a:07:eb:96:72:38:5c:a9:eb:8c:9f: ce:63:67:d9:d0:14:3a:03:93:02:77:3c:11:f6:87:25:18:66: 4f:f1:59:46:46:5e:6b:4a:5f:31:c5:ab:97:3a:a6:56:e2:a1: e7:f8:19:fd:4f:f9:1d:42:6d:0f:92:82:0e:08:03:38:2e:34: dd:19:1a:3f:5f:5d:d0:22:63:04:e7:30:d0:65:b8:dc:2a:2d: d4:64:f9:2d:dd:d3:d2:56:a1:0e:97:94:8c:03:42:75:1a:92: 8b:e6:d9:c1:dc:6a:f5:fd:24:6f:f1:bf:50:06:3a:8b:73:d0: a5:c8:a7:6d:58:4c:e5:0a:04:68:82:16:3d:b3:40:46:8e:fa: 9a:fc:70:04:f1:04:28:c3:d9:e4:54:c8:56:33:54:8f:8b:1c: 48:32:8d:3c:17:7a:06:7e:8c:15:0e:bb:a0:e7:96:62:76:f5: b3:de:c9:ae -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURqth+3btPRPp30Yxiz+vVUg/EdEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTA0MURBODVBODM1NTE3MTI3MTQ1OTEwRkIzNkFBQTVC N0NBNDFGMjAeFw0yNjA1MTIxNDI5MjFaFw0yNjA1MTMxNjI0MjFaMDMxMTAvBgNV BAMTKDM4OTI4MjRFQkQyRjRCNkMwRTFGNTkyMjhBNzJGNENEQzk5RTRFOUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjgDTW4r5GsrJ3Uhv+r/NEyEHy 9xwbYwrQxy/MU6F/ttJ6ZawS11+8eBgbjoJWeKnm70TD7L/cz4p1Elhjl1nXQ5OP i1u2/PEXt+y2LLlfVy7cIPnC0Jy8SAaHg+G549PxhpmkvTU9+yKyOWtB2bpLvduY 6PIa5R45dzWNmSrv7PuxgNfD7JmCyauYK25LoJTNpZ7wobv9ETFzN7lF4Z/ZUufQ kuCk+7C7PPW4NrSCJ9cM0MtLPulq8s0e9B+cNTRJjsY1YkCi/qoKf3LO4BxenpZV FbsmTFYPiMkSV1eFPxqo6U3VqxjurWcOrnmQ+m4mGrdh8YI9QjSrYovzjfo/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOJKCTr0vS2wOH1kiinL0zcmeTp8wHwYDVR0j BBgwFoAUoEHahag1UXEnFFkQ+zaqpbfKQfIwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZGYxYTBkZjYtMWQzYS00YmNjLWIzZDEtNjQ2OTVmODdlMzdmLzAvQTA0MURBODVB ODM1NTE3MTI3MTQ1OTEwRkIzNkFBQTVCN0NBNDFGMi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC9BMDQxREE4NUE4MzU1MTcxMjcxNDU5MTBGQjM2QUFBNUI3Q0E0 MUYyLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZGYxYTBkZjYtMWQzYS00YmNjLWIz ZDEtNjQ2OTVmODdlMzdmLzAvQTA0MURBODVBODM1NTE3MTI3MTQ1OTEwRkIzNkFB QTVCN0NBNDFGMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABv7QoLcjOvD5Hcml/UoQbrnZrO3FelzS0gR B9EWotqbGhf2UkwhccPgDNV/bC8FevR3b7mSxXD+kLn4YDBNJ9ir2oJCmiokCqrR zVf1bzcKB+uWcjhcqeuMn85jZ9nQFDoDkwJ3PBH2hyUYZk/xWUZGXmtKXzHFq5c6 plbioef4Gf1P+R1CbQ+Sgg4IAzguNN0ZGj9fXdAiYwTnMNBluNwqLdRk+S3d09JW oQ6XlIwDQnUakovm2cHcavX9JG/xv1AGOotz0KXIp21YTOUKBGiCFj2zQEaO+pr8 cATxBCjD2eRUyFYzVI+LHEgyjTwXegZ+jBUOu6DnlmJ29bPeya4= -----END CERTIFICATE-----Generated at Tue May 12 23:45:55 2026 by rpki-client