$ rpki-client -vvf rpki-rsync.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.mft File: 1AA62432414DDF3584FE86B5C67FB22925A9D3B3.mft (raw, json) Hash identifier: pkg+jmfhb6LYWki0ph8M5SgkpwBsGZp7f9R/h8AY230= Subject key identifier: FD:D2:9C:D4:41:95:62:C5:B1:AF:8B:49:E8:77:F1:63:E9:69:B1:70 Authority key identifier: 1A:A6:24:32:41:4D:DF:35:84:FE:86:B5:C6:7F:B2:29:25:A9:D3:B3 Certificate issuer: /CN=1AA62432414DDF3584FE86B5C67FB22925A9D3B3 Certificate serial: 42C64445768B0FA881B71490BCF8E89C63853DA0 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 17:41:19 +0000 Manifest this update: Tue 02 Jun 2026 17:36:19 +0000 Manifest next update: Wed 03 Jun 2026 18:05:19 +0000 Files and hashes: 1: 3130332e35312e39392e302f32342d3234203d3e20313530343639.roa (hash: KO5msUjW/HADSpbcbiZqt5Rho/bq6n0Bk1hJW/E0KBc=) 2: 3130332e35312e39382e302f32332d3233203d3e20313530343639.roa (hash: y3pv5F6oTlsmrZ6EnNXAjdzgbs9s6wBiVuWts/sp7e0=) 3: 1AA62432414DDF3584FE86B5C67FB22925A9D3B3.crl (hash: HLIvy+4QGZ436FNXYs9zKA/DpFF41cCHzc3bhuuoc9c=) 4: 3130332e35312e39382e302f32342d3234203d3e20313530343639.roa (hash: eiTM77LAawXXBM2P9HzaFup35pUjYK9bwPNmiTzjRYk=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.crl rsync://rpki-rsync.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:c6:44:45:76:8b:0f:a8:81:b7:14:90:bc:f8:e8:9c:63:85:3d:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1AA62432414DDF3584FE86B5C67FB22925A9D3B3 Validity Not Before: Jun 2 17:36:19 2026 GMT Not After : Jun 3 18:05:19 2026 GMT Subject: CN=FDD29CD4419562C5B1AF8B49E877F163E969B170 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:77:e4:62:01:b3:4e:da:78:44:b4:47:eb:0f: 27:5f:aa:36:26:4f:63:4d:37:18:de:b0:4e:a6:0a: 27:f2:d3:66:86:ad:39:f2:c5:41:af:65:94:69:22: 9a:72:79:c3:dc:45:33:30:6f:38:4a:2e:9f:1e:61: 43:10:ee:92:e4:84:ae:29:25:80:4d:0d:7e:54:27: 4c:80:36:b8:a2:40:f2:c6:15:50:d5:f8:13:5a:90: ff:28:5e:e9:93:91:4a:3e:69:34:21:44:08:21:d2: bd:6d:70:7a:f5:8c:7d:a3:2b:46:22:23:b4:db:97: c4:cd:c9:c7:7e:a8:b1:96:e6:3b:61:57:ec:57:fa: 0f:62:24:77:b5:8d:17:0f:05:cd:40:d9:72:71:fa: ce:17:48:4a:14:7b:0f:6e:37:ef:e1:4b:7c:9e:23: 87:76:e8:d3:1d:dd:ff:ed:ea:d1:86:2c:f1:98:2f: ac:03:4b:96:92:cb:37:19:87:40:c6:5b:f0:f1:41: da:b2:c7:f3:4a:21:83:9b:84:fa:9c:c0:26:7d:9f: c8:f4:6b:6e:f1:e9:40:9a:d2:57:86:70:d0:48:99: 57:c1:8b:56:24:f1:5e:8d:fb:d0:2d:2b:bd:23:ec: ca:78:28:7c:0c:b7:06:e8:81:c3:5d:f3:3b:0d:5d: 0a:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:D2:9C:D4:41:95:62:C5:B1:AF:8B:49:E8:77:F1:63:E9:69:B1:70 X509v3 Authority Key Identifier: keyid:1A:A6:24:32:41:4D:DF:35:84:FE:86:B5:C6:7F:B2:29:25:A9:D3:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/1AA62432414DDF3584FE86B5C67FB22925A9D3B3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:29:07:3e:44:bb:53:4d:6d:d3:94:6d:52:4c:57:81:15:c0: aa:93:17:7f:6d:75:62:e1:f5:af:ea:84:23:46:9b:90:4b:46: c0:f2:1e:0b:46:9f:e8:13:4d:d4:67:a9:17:25:6d:d5:ff:43: 9a:29:70:b5:6a:08:d2:63:2d:93:da:5e:de:02:1b:a8:ed:2d: de:f1:52:3b:76:2f:21:23:fb:46:fa:11:83:5c:77:7a:ff:10: 0b:9a:54:d6:49:6d:d0:5b:92:ae:85:5f:ae:6a:01:18:b8:99: 13:0b:3a:f2:8a:b0:de:30:6c:96:8d:81:d6:f9:1c:63:97:71: 65:ea:5f:59:2d:70:6f:d1:67:1b:68:25:55:cf:4a:be:d7:42: f8:0a:8f:8f:96:f7:1a:74:49:07:a8:f7:78:89:10:1e:a7:b6: 0f:4a:77:a3:36:db:f9:53:6a:9f:ee:ed:72:16:20:30:1f:82: e9:89:0e:c2:49:1d:c5:a1:8d:fc:75:27:bc:88:fc:ef:30:4a: 30:ed:a6:7e:9b:bb:69:d6:4c:2f:f6:2b:c9:d0:21:7c:11:fc: ec:f8:05:73:28:14:72:a5:58:ba:2a:57:ca:a6:0f:cf:7a:94: 2f:ec:d3:dc:21:27:1d:8a:5c:8a:e8:ec:cc:bb:8d:6c:62:25: 52:dc:3e:b8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQsZERXaLD6iBtxSQvPjonGOFPaAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUFBNjI0MzI0MTREREYzNTg0RkU4NkI1QzY3RkIyMjky NUE5RDNCMzAeFw0yNjA2MDIxNzM2MTlaFw0yNjA2MDMxODA1MTlaMDMxMTAvBgNV BAMTKEZERDI5Q0Q0NDE5NTYyQzVCMUFGOEI0OUU4NzdGMTYzRTk2OUIxNzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyd+RiAbNO2nhEtEfrDydfqjYm T2NNNxjesE6mCify02aGrTnyxUGvZZRpIppyecPcRTMwbzhKLp8eYUMQ7pLkhK4p JYBNDX5UJ0yANriiQPLGFVDV+BNakP8oXumTkUo+aTQhRAgh0r1tcHr1jH2jK0Yi I7Tbl8TNycd+qLGW5jthV+xX+g9iJHe1jRcPBc1A2XJx+s4XSEoUew9uN+/hS3ye I4d26NMd3f/t6tGGLPGYL6wDS5aSyzcZh0DGW/DxQdqyx/NKIYObhPqcwCZ9n8j0 a27x6UCa0leGcNBImVfBi1Yk8V6N+9AtK70j7Mp4KHwMtwbogcNd8zsNXQrjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/dKc1EGVYsWxr4tJ6HfxY+lpsXAwHwYDVR0j BBgwFoAUGqYkMkFN3zWE/oa1xn+yKSWp07MwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MmYxM2E2ZWYtMzQzNC00NDAxLWIzZTEtNjUxNTMwNjZmYjNlLzAvMUFBNjI0MzI0 MTREREYzNTg0RkU4NkI1QzY3RkIyMjkyNUE5RDNCMy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8xQUE2MjQzMjQxNERERjM1ODRGRTg2QjVDNjdGQjIyOTI1QTlE M0IzLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMmYxM2E2ZWYtMzQzNC00NDAxLWIz ZTEtNjUxNTMwNjZmYjNlLzAvMUFBNjI0MzI0MTREREYzNTg0RkU4NkI1QzY3RkIy MjkyNUE5RDNCMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJspBz5Eu1NNbdOUbVJMV4EVwKqTF39tdWLh 9a/qhCNGm5BLRsDyHgtGn+gTTdRnqRclbdX/Q5opcLVqCNJjLZPaXt4CG6jtLd7x Ujt2LyEj+0b6EYNcd3r/EAuaVNZJbdBbkq6FX65qARi4mRMLOvKKsN4wbJaNgdb5 HGOXcWXqX1ktcG/RZxtoJVXPSr7XQvgKj4+W9xp0SQeo93iJEB6ntg9Kd6M22/lT ap/u7XIWIDAfgumJDsJJHcWhjfx1J7yI/O8wSjDtpn6bu2nWTC/2K8nQIXwR/Oz4 BXMoFHKlWLoqV8qmD896lC/s09whJx2KXIro7My7jWxiJVLcPrg= -----END CERTIFICATE-----Generated at Wed Jun 3 04:08:40 2026 by rpki-client