$ rpki-client -vvf rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft File: AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft (raw, json) Hash identifier: OaLNbmkLMo3ywlnu+u0bFJjPPH36TJkTsVvlHja9ubI= Subject key identifier: 73:E7:18:4A:71:4A:FD:1E:F4:45:76:9F:47:3A:F8:CF:40:76:62:1B Authority key identifier: AF:A3:29:4E:55:80:B6:82:03:BC:0D:F0:4F:D0:07:22:AA:74:F5:D0 Certificate issuer: /CN=AFA3294E5580B68203BC0DF04FD00722AA74F5D0 Certificate serial: 0D983F7DB9D660E8835763A86FC54110833557EC Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 09:16:31 +0000 Manifest this update: Tue 02 Jun 2026 09:11:31 +0000 Manifest next update: Wed 03 Jun 2026 11:58:31 +0000 Files and hashes: 1: 3130332e3138392e3131382e302f32342d3234203d3e20313439383833.roa (hash: luezxLjf+gQLcjiQqhuyu+ya30sT86b3qelMWGrfE0Y=) 2: 3130332e3138392e3131382e302f32332d3233203d3e20313439383833.roa (hash: MCW/xqC9gtQy6b8F5lQvfvI/LlU0HFmKiOjV/FzQgxY=) 3: 3130332e3138392e3131392e302f32342d3234203d3e20313439383833.roa (hash: 2XC3UsHd4KwKUJ2Uidn6/QSZk29AP2xoMLuxzT2QDYQ=) 4: AFA3294E5580B68203BC0DF04FD00722AA74F5D0.crl (hash: oa9+eegHMUuLklrYGRuE4x3z/qgvmGx/HAtUK4djPTw=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.crl rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 11:58:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:98:3f:7d:b9:d6:60:e8:83:57:63:a8:6f:c5:41:10:83:35:57:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AFA3294E5580B68203BC0DF04FD00722AA74F5D0 Validity Not Before: Jun 2 09:11:31 2026 GMT Not After : Jun 3 11:58:31 2026 GMT Subject: CN=73E7184A714AFD1EF445769F473AF8CF4076621B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:87:39:d4:16:b5:05:0e:87:93:86:66:d7:b0: 95:94:96:9e:76:9b:14:5b:99:b5:18:b0:89:5d:4f: b9:6c:12:7a:13:fa:d0:91:dd:17:f5:83:dc:4e:1e: 57:51:54:50:72:17:54:91:1f:76:a5:22:0f:eb:c2: de:0b:d0:ce:f7:6d:09:47:a9:b0:f9:06:db:3d:6b: 64:b5:03:e0:50:ab:b2:fc:f2:9b:19:c6:31:1e:2c: 1d:a6:dd:57:94:9b:d4:01:bc:e2:a9:01:42:cf:3a: 74:5f:f2:0e:07:f6:45:88:76:bc:d3:fe:0f:49:ae: e8:c9:5b:56:f9:17:3a:53:74:b7:0d:b0:43:09:4d: 65:f3:45:31:78:88:09:e9:0a:a4:cb:b2:08:b7:23: 85:2b:4f:97:29:8a:29:7e:7b:56:9b:90:ea:4c:8c: 1c:c7:71:b5:91:b5:f4:4b:15:23:a1:d4:d8:86:c1: eb:9b:15:25:b6:fb:49:4b:e4:00:a2:ec:c7:99:f5: 8c:82:aa:03:7b:c5:42:40:e4:1c:bb:fa:32:00:73: 6d:03:76:2a:8e:07:af:8c:a4:2a:c8:14:69:6e:38: 50:08:a4:83:81:d2:e1:e5:31:e2:36:dc:b7:13:a3: 1e:cc:74:47:f2:fc:7b:3c:75:25:37:a7:e5:f8:f4: f7:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:E7:18:4A:71:4A:FD:1E:F4:45:76:9F:47:3A:F8:CF:40:76:62:1B X509v3 Authority Key Identifier: keyid:AF:A3:29:4E:55:80:B6:82:03:BC:0D:F0:4F:D0:07:22:AA:74:F5:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:26:f1:e5:5b:0b:16:d7:93:f0:41:92:23:9c:56:5f:25:e7: dc:d4:c6:4c:dc:b9:ec:87:8a:ee:93:a5:35:b5:b9:6e:bd:e2: c1:51:aa:9f:39:3f:16:e2:a8:e8:68:0c:bf:6f:d5:a1:ca:52: 6f:1f:d2:89:bf:4c:f7:12:fa:bc:db:f2:c9:42:1c:ce:02:0d: e5:da:fb:b7:ba:d2:82:ff:1e:cb:0d:15:1f:74:80:76:2a:57: 0f:fa:3b:7b:cf:0f:a8:7e:f6:d4:20:76:b8:9c:b9:29:b2:91: e9:94:6e:51:b2:aa:72:66:53:32:37:a0:a7:00:fb:d4:18:4a: 50:bb:be:61:31:ac:36:26:11:53:d7:78:a5:c5:b7:b0:6e:48: 0d:78:6c:a4:23:42:55:c6:99:14:56:40:6c:9a:85:1c:3a:af: 33:c0:f2:f8:18:fd:bd:0a:4c:5b:f5:1c:55:5f:62:47:ec:92: 1b:6c:c2:d9:02:db:dc:8f:3f:70:f0:3c:7a:f2:ce:5f:e2:03: 0d:d0:09:84:9e:b2:ea:ca:3e:14:07:e2:b1:58:26:3e:42:a4: c7:72:7f:d9:23:a4:b8:4e:fd:c7:40:91:3a:d6:b4:a1:74:32: 0e:19:1c:b9:88:b1:cc:c4:24:3e:8a:01:40:fd:af:89:00:d0: 92:1c:89:ac -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDZg/fbnWYOiDV2Oob8VBEIM1V+wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUZBMzI5NEU1NTgwQjY4MjAzQkMwREYwNEZEMDA3MjJB QTc0RjVEMDAeFw0yNjA2MDIwOTExMzFaFw0yNjA2MDMxMTU4MzFaMDMxMTAvBgNV BAMTKDczRTcxODRBNzE0QUZEMUVGNDQ1NzY5RjQ3M0FGOENGNDA3NjYyMUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxhznUFrUFDoeThmbXsJWUlp52 mxRbmbUYsIldT7lsEnoT+tCR3Rf1g9xOHldRVFByF1SRH3alIg/rwt4L0M73bQlH qbD5Bts9a2S1A+BQq7L88psZxjEeLB2m3VeUm9QBvOKpAULPOnRf8g4H9kWIdrzT /g9JrujJW1b5FzpTdLcNsEMJTWXzRTF4iAnpCqTLsgi3I4UrT5cpiil+e1abkOpM jBzHcbWRtfRLFSOh1NiGweubFSW2+0lL5ACi7MeZ9YyCqgN7xUJA5By7+jIAc20D diqOB6+MpCrIFGluOFAIpIOB0uHlMeI23LcTox7MdEfy/Hs8dSU3p+X49PexAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUc+cYSnFK/R70RXafRzr4z0B2YhswHwYDVR0j BBgwFoAUr6MpTlWAtoIDvA3wT9AHIqp09dAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NDNhZDUyMjYtNjU2ZC00NjFkLTljZmYtYzgzYWMwNzQyZjIwLzAvQUZBMzI5NEU1 NTgwQjY4MjAzQkMwREYwNEZEMDA3MjJBQTc0RjVEMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BRkEzMjk0RTU1ODBCNjgyMDNCQzBERjA0RkQwMDcyMkFBNzRG NUQwLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNDNhZDUyMjYtNjU2ZC00NjFkLTlj ZmYtYzgzYWMwNzQyZjIwLzAvQUZBMzI5NEU1NTgwQjY4MjAzQkMwREYwNEZEMDA3 MjJBQTc0RjVEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAF4m8eVbCxbXk/BBkiOcVl8l59zUxkzcueyH iu6TpTW1uW694sFRqp85PxbiqOhoDL9v1aHKUm8f0om/TPcS+rzb8slCHM4CDeXa +7e60oL/HssNFR90gHYqVw/6O3vPD6h+9tQgdricuSmykemUblGyqnJmUzI3oKcA +9QYSlC7vmExrDYmEVPXeKXFt7BuSA14bKQjQlXGmRRWQGyahRw6rzPA8vgY/b0K TFv1HFVfYkfskhtswtkC29yPP3DwPHryzl/iAw3QCYSesurKPhQH4rFYJj5CpMdy f9kjpLhO/cdAkTrWtKF0Mg4ZHLmIsczEJD6KAUD9r4kA0JIciaw= -----END CERTIFICATE-----Generated at Wed Jun 3 04:26:04 2026 by rpki-client