$ rpki-client -vvf rpki-rsync.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.mft File: C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.mft (raw, json) Hash identifier: MkbXegTfVNyvvbuNQG+ShpzN4bcYdjnpjNlTX8NmDrg= Subject key identifier: 63:43:9F:FA:83:D4:85:8A:57:AC:A1:F6:2D:58:86:6D:9B:36:EA:54 Authority key identifier: C7:0A:A2:7E:60:19:7D:02:F0:DC:CD:8E:79:24:FF:F9:C0:47:2B:50 Certificate issuer: /CN=C70AA27E60197D02F0DCCD8E7924FFF9C0472B50 Certificate serial: 445FB50471EBF47A2D7A2A6547392D9E725D0806 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.mft Manifest number: 2B Signing time: Tue 02 Jun 2026 12:05:00 +0000 Manifest this update: Tue 02 Jun 2026 12:00:00 +0000 Manifest next update: Wed 03 Jun 2026 12:28:00 +0000 Files and hashes: 1: C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.crl (hash: sbKeWkyqr1tlquxxeDIRetiAuuHP4zSRhcP5FHVfhI0=) 2: 33362e35302e3232342e302f32342d3234203d3e20313532303830.roa (hash: IG22wGAeafPyZiCHJfimAg7HtJoJBGXUaInRtJgtJX8=) 3: 33362e35302e3232352e302f32342d3234203d3e20313532303830.roa (hash: RMvUFQrKL018cFixmOMzozWh6kTAtIwXuWq18nozxuA=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.crl rsync://rpki-rsync.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 12:28:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:5f:b5:04:71:eb:f4:7a:2d:7a:2a:65:47:39:2d:9e:72:5d:08:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C70AA27E60197D02F0DCCD8E7924FFF9C0472B50 Validity Not Before: Jun 2 12:00:00 2026 GMT Not After : Jun 3 12:28:00 2026 GMT Subject: CN=63439FFA83D4858A57ACA1F62D58866D9B36EA54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a5:ba:95:a0:b6:86:e0:4d:8d:30:42:dd:71: 43:05:0d:3e:c4:ba:b4:b7:d6:2c:8e:28:df:4a:20: 04:f3:a7:96:09:8d:be:aa:cc:0a:7d:f3:3c:a7:a7: c9:2b:d5:99:b0:10:9e:51:54:8a:5f:2d:cd:39:3a: 62:d4:14:de:a7:44:7b:bf:ed:3f:d1:36:fe:3a:89: 61:1e:7d:6d:db:c3:b0:be:8a:58:e4:0a:7b:12:a0: 1f:db:cf:72:4f:dd:96:a1:e6:d0:cd:42:ce:4a:2f: 6e:98:4d:ce:4d:f0:28:e1:61:b3:6c:c8:4e:ef:2c: e1:82:3f:7e:a7:43:dc:35:fa:d6:8c:41:c0:03:07: 6d:d2:4a:de:1b:c3:7f:92:b3:7a:72:cd:8a:de:90: c0:4a:69:ed:75:e0:1b:29:65:f2:3f:d6:2a:a7:e9: 05:ae:6a:a2:0c:39:83:5e:ec:34:d7:e5:55:a9:1f: a8:54:6f:da:2b:8b:b6:b5:1b:75:40:78:49:19:f9: 77:60:22:b6:69:d5:d8:c2:a1:4c:7b:44:64:34:a2: d0:e9:65:8c:8e:b9:e9:ad:0a:c9:58:70:38:bf:81: b3:9c:f5:54:4d:88:03:62:61:95:18:e7:94:50:90: b7:8a:42:0c:b2:c2:ef:0b:01:2c:e6:6c:7f:f7:5f: 34:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:43:9F:FA:83:D4:85:8A:57:AC:A1:F6:2D:58:86:6D:9B:36:EA:54 X509v3 Authority Key Identifier: keyid:C7:0A:A2:7E:60:19:7D:02:F0:DC:CD:8E:79:24:FF:F9:C0:47:2B:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/C70AA27E60197D02F0DCCD8E7924FFF9C0472B50.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:1d:8f:d5:79:00:5c:10:31:9b:5a:8b:44:f8:57:51:71:99: 74:d2:17:c2:2b:da:0f:35:00:46:9a:c9:bf:39:f8:80:36:32: a1:f1:c4:8d:72:db:37:0f:5a:0e:2d:dd:ed:c6:1e:40:1d:54: e3:78:2b:26:db:40:48:3e:ec:c0:c7:09:3b:eb:c2:a0:ed:00: af:bc:3b:ff:cc:69:5e:cd:c4:53:1a:c3:11:f7:fd:e5:3c:9b: 90:45:f0:65:ff:5d:cf:4b:8c:81:6d:50:a2:bb:91:88:1e:57: 80:88:e3:46:72:98:71:4a:cc:33:05:03:ca:c4:e6:a2:b7:1f: f2:00:40:d8:98:f9:31:ef:ba:51:70:18:bc:91:07:4a:bc:cb: 34:ed:85:6c:f9:96:18:1b:1a:d0:68:9a:4a:86:c0:03:fe:5a: b5:06:f5:0f:ee:07:b1:2c:c3:81:0b:0d:7d:a4:23:35:ad:29: 1e:ea:c6:d9:e4:36:2a:55:46:40:c2:11:48:0b:9c:04:53:7b: 77:72:11:a8:80:07:be:4f:a7:a4:70:21:67:69:18:f6:8c:23: bb:5d:a4:45:06:06:53:b3:c3:01:03:73:08:36:a8:99:dd:e4: 1c:b4:da:d2:87:09:ed:fb:32:eb:a5:68:39:1c:29:a0:e7:38: 43:eb:9c:b5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURF+1BHHr9HoteiplRzktnnJdCAYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzcwQUEyN0U2MDE5N0QwMkYwRENDRDhFNzkyNEZGRjlD MDQ3MkI1MDAeFw0yNjA2MDIxMjAwMDBaFw0yNjA2MDMxMjI4MDBaMDMxMTAvBgNV BAMTKDYzNDM5RkZBODNENDg1OEE1N0FDQTFGNjJENTg4NjZEOUIzNkVBNTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpbqVoLaG4E2NMELdcUMFDT7E urS31iyOKN9KIATzp5YJjb6qzAp98zynp8kr1ZmwEJ5RVIpfLc05OmLUFN6nRHu/ 7T/RNv46iWEefW3bw7C+iljkCnsSoB/bz3JP3Zah5tDNQs5KL26YTc5N8CjhYbNs yE7vLOGCP36nQ9w1+taMQcADB23SSt4bw3+Ss3pyzYrekMBKae114BspZfI/1iqn 6QWuaqIMOYNe7DTX5VWpH6hUb9ori7a1G3VAeEkZ+XdgIrZp1djCoUx7RGQ0otDp ZYyOuemtCslYcDi/gbOc9VRNiANiYZUY55RQkLeKQgyywu8LASzmbH/3XzRBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUY0Of+oPUhYpXrKH2LViGbZs26lQwHwYDVR0j BBgwFoAUxwqifmAZfQLw3M2OeST/+cBHK1AwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v M2FlODM2NzMtMDk2YS00NDBjLWIyN2EtOWJlNjRiMTNiNGU1LzAvQzcwQUEyN0U2 MDE5N0QwMkYwRENDRDhFNzkyNEZGRjlDMDQ3MkI1MC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DNzBBQTI3RTYwMTk3RDAyRjBEQ0NEOEU3OTI0RkZGOUMwNDcy QjUwLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vM2FlODM2NzMtMDk2YS00NDBjLWIy N2EtOWJlNjRiMTNiNGU1LzAvQzcwQUEyN0U2MDE5N0QwMkYwRENDRDhFNzkyNEZG RjlDMDQ3MkI1MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJQdj9V5AFwQMZtai0T4V1FxmXTSF8Ir2g81 AEaayb85+IA2MqHxxI1y2zcPWg4t3e3GHkAdVON4KybbQEg+7MDHCTvrwqDtAK+8 O//MaV7NxFMawxH3/eU8m5BF8GX/Xc9LjIFtUKK7kYgeV4CI40ZymHFKzDMFA8rE 5qK3H/IAQNiY+THvulFwGLyRB0q8yzTthWz5lhgbGtBomkqGwAP+WrUG9Q/uB7Es w4ELDX2kIzWtKR7qxtnkNipVRkDCEUgLnARTe3dyEaiAB75Pp6RwIWdpGPaMI7td pEUGBlOzwwEDcwg2qJnd5By02tKHCe37MuulaDkcKaDnOEPrnLU= -----END CERTIFICATE-----Generated at Wed Jun 3 04:22:28 2026 by rpki-client