$ rpki-client -vvf rpki-rsync.idnic.net/repo/dfee82b7-c182-4e83-897c-e00f3ce1b0d2/0/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.mft File: D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.mft (raw, json) Hash identifier: 2of0LPK9vk6Ar+H4iRNuEoxwsFlRaRILlcw1ohHTkrE= Subject key identifier: C5:7A:3A:C3:CF:B1:C9:54:DB:CC:6A:51:2A:6F:9C:8B:22:B6:C2:2E Authority key identifier: D3:98:21:43:FC:BA:44:20:C0:7A:A5:CE:EB:50:ED:B2:84:87:CF:2C Certificate issuer: /CN=D3982143FCBA4420C07AA5CEEB50EDB28487CF2C Certificate serial: 4575702B9909084FCAC53543AD440E521E3C2DBF Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/dfee82b7-c182-4e83-897c-e00f3ce1b0d2/0/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.mft Manifest number: 0E Signing time: Tue 12 May 2026 08:35:00 +0000 Manifest this update: Tue 12 May 2026 08:30:00 +0000 Manifest next update: Wed 13 May 2026 10:07:00 +0000 Files and hashes: 1: 3130332e3232392e3138352e302f32342d3234203d3e2039333431.roa (hash: mtrDV4mqgTGdX3FIVkCoXVE0ERKQErVYoLX9nuzS4rw=) 2: D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.crl (hash: kNPN4qRdPmBE+/e8wja1wm5+F4Px2hDLgABGpZ25fGI=) 3: 3130332e3232392e3138342e302f32342d3234203d3e2039333431.roa (hash: ecWkSgSwkV2u+u82kb3iMyEyHidsVg9ktP1OUEc0RVY=) 4: 3130332e3232392e3138342e302f32332d3233203d3e2039333431.roa (hash: n33ojlZr3PPZOfsVvz1esHOzCxGjqSWfrz4yQc92lmw=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/dfee82b7-c182-4e83-897c-e00f3ce1b0d2/0/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.crl rsync://rpki-rsync.idnic.net/repo/dfee82b7-c182-4e83-897c-e00f3ce1b0d2/0/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:75:70:2b:99:09:08:4f:ca:c5:35:43:ad:44:0e:52:1e:3c:2d:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D3982143FCBA4420C07AA5CEEB50EDB28487CF2C Validity Not Before: May 12 08:30:00 2026 GMT Not After : May 13 10:07:00 2026 GMT Subject: CN=C57A3AC3CFB1C954DBCC6A512A6F9C8B22B6C22E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:53:c2:85:17:10:a2:1b:50:a8:90:79:89:a7: 43:32:94:56:a2:1e:f1:ee:8f:9f:45:7a:e6:52:ed: 1c:5a:94:39:d4:db:c9:a8:9e:e4:64:74:41:02:c0: f3:ff:d2:0d:99:dc:da:aa:39:37:64:c8:31:ad:1e: 7b:08:9d:72:5c:6c:58:c4:30:59:8b:a4:10:81:d5: ea:40:db:22:16:3f:ad:d7:c5:21:36:eb:2a:71:f4: f9:2f:9a:fb:22:e4:6b:c3:2e:29:06:e4:1c:e4:2d: 67:d2:68:3a:cf:6d:71:4e:a8:ef:7c:06:cf:ec:cd: a3:1b:e1:7c:0e:37:59:4d:87:82:f1:d0:2d:42:85: a1:df:b2:24:be:c0:ce:5e:79:4d:a5:f9:cf:a1:87: 2c:80:57:c5:14:0a:6a:1a:71:02:dc:30:5d:46:69: b3:39:79:78:82:18:7c:59:00:1a:82:36:22:4b:98: ac:2b:e0:06:fd:0b:3e:17:26:95:fc:f6:dc:21:1f: 23:72:98:1c:ed:f8:49:0e:ef:22:ba:ca:82:f4:cc: c0:7e:1f:bd:8f:87:78:32:1c:55:22:c6:b0:62:0d: 02:31:e0:08:05:44:43:d0:dc:1f:25:ec:0c:dd:62: ca:f1:f7:99:05:4d:c1:89:8a:21:05:c9:2d:c2:4b: ce:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:7A:3A:C3:CF:B1:C9:54:DB:CC:6A:51:2A:6F:9C:8B:22:B6:C2:2E X509v3 Authority Key Identifier: keyid:D3:98:21:43:FC:BA:44:20:C0:7A:A5:CE:EB:50:ED:B2:84:87:CF:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/dfee82b7-c182-4e83-897c-e00f3ce1b0d2/0/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/dfee82b7-c182-4e83-897c-e00f3ce1b0d2/0/D3982143FCBA4420C07AA5CEEB50EDB28487CF2C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:cb:87:51:76:a1:60:d0:ae:3b:8a:4e:70:21:8a:03:df:e6: cd:97:92:b8:a3:fb:49:7f:31:d5:de:9d:46:e9:45:5d:89:c0: 91:60:f0:5a:f1:8b:c6:2d:c0:99:38:a3:4a:9d:29:6c:32:1a: 56:c1:d2:a5:84:0e:f4:42:db:75:3f:c0:23:07:e3:66:83:94: a2:47:f7:1a:f3:d5:31:cf:df:09:1a:7e:b8:d3:0d:04:56:86: 05:8b:63:fd:d9:bd:ec:0e:34:e9:8c:73:fe:ef:cd:9d:43:ee: 10:a4:3b:0f:48:88:d9:d7:b8:d6:8c:65:f2:47:a3:8b:83:3a: a5:69:24:65:e6:dd:71:a4:07:71:ee:ca:7c:dc:65:00:ba:a7: fc:66:61:c2:68:d6:13:48:46:ba:6b:78:d5:b0:44:b6:72:b1: 6d:e2:25:69:91:79:30:d8:81:0c:1b:6d:06:a0:9f:56:13:46: 5b:2b:a2:7d:b3:81:12:fb:11:1c:8f:8f:a9:e0:e6:5f:67:56: 4a:2b:9c:64:78:a0:29:ca:ab:91:65:67:d8:26:63:e2:53:4d: a4:7a:b7:e2:f3:68:fd:c3:2e:11:0b:c7:f8:91:b6:88:8e:37: e1:9e:8f:cc:5a:32:98:38:03:db:53:2c:5a:ab:7a:79:53:03: ca:b3:41:0a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURXVwK5kJCE/KxTVDrUQOUh48Lb8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDM5ODIxNDNGQ0JBNDQyMEMwN0FBNUNFRUI1MEVEQjI4 NDg3Q0YyQzAeFw0yNjA1MTIwODMwMDBaFw0yNjA1MTMxMDA3MDBaMDMxMTAvBgNV BAMTKEM1N0EzQUMzQ0ZCMUM5NTREQkNDNkE1MTJBNkY5QzhCMjJCNkMyMkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaU8KFFxCiG1CokHmJp0MylFai HvHuj59FeuZS7RxalDnU28monuRkdEECwPP/0g2Z3NqqOTdkyDGtHnsInXJcbFjE MFmLpBCB1epA2yIWP63XxSE26ypx9Pkvmvsi5GvDLikG5BzkLWfSaDrPbXFOqO98 Bs/szaMb4XwON1lNh4Lx0C1ChaHfsiS+wM5eeU2l+c+hhyyAV8UUCmoacQLcMF1G abM5eXiCGHxZABqCNiJLmKwr4Ab9Cz4XJpX89twhHyNymBzt+EkO7yK6yoL0zMB+ H72Ph3gyHFUixrBiDQIx4AgFREPQ3B8l7AzdYsrx95kFTcGJiiEFyS3CS845AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUxXo6w8+xyVTbzGpRKm+ciyK2wi4wHwYDVR0j BBgwFoAU05ghQ/y6RCDAeqXO61DtsoSHzywwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZGZlZTgyYjctYzE4Mi00ZTgzLTg5N2MtZTAwZjNjZTFiMGQyLzAvRDM5ODIxNDNG Q0JBNDQyMEMwN0FBNUNFRUI1MEVEQjI4NDg3Q0YyQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMzk4MjE0M0ZDQkE0NDIwQzA3QUE1Q0VFQjUwRURCMjg0ODdD RjJDLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZGZlZTgyYjctYzE4Mi00ZTgzLTg5 N2MtZTAwZjNjZTFiMGQyLzAvRDM5ODIxNDNGQ0JBNDQyMEMwN0FBNUNFRUI1MEVE QjI4NDg3Q0YyQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGLLh1F2oWDQrjuKTnAhigPf5s2Xkrij+0l/ MdXenUbpRV2JwJFg8Frxi8YtwJk4o0qdKWwyGlbB0qWEDvRC23U/wCMH42aDlKJH 9xrz1THP3wkafrjTDQRWhgWLY/3ZvewONOmMc/7vzZ1D7hCkOw9IiNnXuNaMZfJH o4uDOqVpJGXm3XGkB3HuynzcZQC6p/xmYcJo1hNIRrpreNWwRLZysW3iJWmReTDY gQwbbQagn1YTRlsron2zgRL7ERyPj6ng5l9nVkornGR4oCnKq5FlZ9gmY+JTTaR6 t+LzaP3DLhELx/iRtoiON+Gej8xaMpg4A9tTLFqrenlTA8qzQQo= -----END CERTIFICATE-----Generated at Tue May 12 22:40:14 2026 by rpki-client