$ rpki-client -vvf rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/509D7A005D22B25F29771D4736A9F3273A87402B.mft File: 509D7A005D22B25F29771D4736A9F3273A87402B.mft (raw, json) Hash identifier: ZV7yaFw+4P4/BGnAu6dKOlYpZnyRdVHS7GyaBwJXkKM= Subject key identifier: E5:FC:94:38:8E:52:1B:05:6E:8A:9E:7A:BB:BF:26:99:4D:76:5F:E7 Authority key identifier: 50:9D:7A:00:5D:22:B2:5F:29:77:1D:47:36:A9:F3:27:3A:87:40:2B Certificate issuer: /CN=509D7A005D22B25F29771D4736A9F3273A87402B Certificate serial: 4DEDF2D3D2EA1A5CFD3EAD3FB5760E5213A06433 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/509D7A005D22B25F29771D4736A9F3273A87402B.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/509D7A005D22B25F29771D4736A9F3273A87402B.mft Manifest number: 2B Signing time: Tue 02 Jun 2026 19:28:36 +0000 Manifest this update: Tue 02 Jun 2026 19:23:36 +0000 Manifest next update: Wed 03 Jun 2026 22:07:36 +0000 Files and hashes: 1: 3130332e39372e342e302f32342d3234203d3e20313336313237.roa (hash: 3XT6Qf//u+3dqP7/6tKzMllxBOnpkDd6boyw9AssiHI=) 2: 323430313a383034303a3a2f33322d3332203d3e20313336313237.roa (hash: Dj85ZEdEHR8+WCo+8/1VIzd5RABBzm91ckkaaPaldnM=) 3: 509D7A005D22B25F29771D4736A9F3273A87402B.crl (hash: HvhIpnEGYjLI6c8Ju+Zzl/YeKesihTQ5AO/8hqmvML4=) 4: 3130332e39372e352e302f32342d3234203d3e20313336313237.roa (hash: gia04ffSWp+0qNudeLLR7irdY7oXCN/dKfEZqry+RoQ=) 5: 3130332e39372e342e302f32322d3234203d3e20313336313237.roa (hash: JKx5cXFJ9JwbuaKvmzbMBf7ucrHYe7PUJvHjTqORfvc=) 6: 3130332e39372e372e302f32342d3234203d3e20313336313237.roa (hash: u9MbGwZTtdpRxvA0JKGeSH6mVkoh1gSizjeQTtefh6M=) 7: 3130332e39372e362e302f32342d3234203d3e20313336313237.roa (hash: RQSgO7tNppNvAC3aE8/fyIG2xxaOqC+3ztcNnXjPeng=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/509D7A005D22B25F29771D4736A9F3273A87402B.crl rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/509D7A005D22B25F29771D4736A9F3273A87402B.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/509D7A005D22B25F29771D4736A9F3273A87402B.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:ed:f2:d3:d2:ea:1a:5c:fd:3e:ad:3f:b5:76:0e:52:13:a0:64:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=509D7A005D22B25F29771D4736A9F3273A87402B Validity Not Before: Jun 2 19:23:36 2026 GMT Not After : Jun 3 22:07:36 2026 GMT Subject: CN=E5FC94388E521B056E8A9E7ABBBF26994D765FE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:8e:5f:ea:04:de:85:42:1a:2f:40:76:78:57: b9:f0:5f:80:4e:77:a8:6d:7a:66:bc:72:e0:c0:08: 86:26:de:a7:0b:61:da:98:ca:56:7f:bb:ab:43:e4: ec:d7:00:51:f8:cb:37:83:6d:f7:c9:7d:5c:b7:69: c4:83:d8:2f:b9:be:16:e2:71:6a:6d:67:09:85:38: a2:dd:3d:4a:32:c3:1f:3c:bc:fc:4f:e2:6a:b0:70: ef:2b:a5:13:2f:9e:82:ce:5a:b8:dc:c8:b9:fe:a2: a1:0e:c9:c2:20:8c:ea:a9:46:03:28:01:84:25:ef: f4:68:03:b2:a0:65:1e:63:c2:05:30:ed:cc:4a:ee: 6d:a3:92:1e:cd:20:75:4f:72:d7:f3:0e:f9:30:e9: d3:d0:8e:26:1f:30:fb:e5:af:eb:26:9a:92:e2:4f: d5:e9:87:64:f7:9a:ff:bf:2b:2d:74:5a:09:47:ae: df:52:af:2b:26:ab:15:da:98:ab:f1:f8:86:1a:e4: 85:d4:e0:9c:9e:83:cb:fa:94:ba:c8:fc:d6:48:29: f7:dc:ce:9c:b9:61:25:b9:19:e2:75:64:29:95:b7: a1:9f:07:45:3e:97:8d:0f:41:97:8b:52:6e:72:ae: 35:d3:a1:14:2c:c8:6f:d0:bf:58:32:1c:2f:77:26: f5:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:FC:94:38:8E:52:1B:05:6E:8A:9E:7A:BB:BF:26:99:4D:76:5F:E7 X509v3 Authority Key Identifier: keyid:50:9D:7A:00:5D:22:B2:5F:29:77:1D:47:36:A9:F3:27:3A:87:40:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/509D7A005D22B25F29771D4736A9F3273A87402B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/509D7A005D22B25F29771D4736A9F3273A87402B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/509D7A005D22B25F29771D4736A9F3273A87402B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:68:a4:e0:50:ae:12:4c:8e:3e:20:f2:1d:a6:bd:7f:8c:38: 5b:e7:98:7b:e6:e1:e4:36:58:ca:41:85:48:d8:f9:92:cc:71: c7:ca:ba:ca:1d:64:cc:5c:6d:63:4b:48:87:f0:10:56:e2:32: 44:a9:61:35:e7:60:9a:cf:41:69:b6:1f:eb:8d:7e:b0:c7:50: b2:7c:7f:fa:43:be:c5:31:fd:12:52:6f:41:2d:c4:8d:17:fa: de:8b:31:14:08:4b:88:e6:1f:8f:c6:ae:2d:6d:b5:b1:d3:6c: 5f:e2:55:cd:d3:11:59:44:52:21:4f:ba:c0:b5:b2:f1:64:3f: 56:f8:61:7c:51:5a:da:b7:d1:2c:83:cb:d5:8b:a2:a3:61:df: b5:b0:69:24:f1:68:5e:7c:57:66:16:dd:24:3f:26:db:cb:24: b0:13:09:30:3e:dc:fd:5f:09:56:12:e6:c6:0a:9f:5f:46:f4: 41:c3:2a:90:6c:75:89:21:23:49:93:03:6a:97:3b:5a:8a:fc: 1d:74:6b:25:6b:c8:70:64:c6:81:96:a1:7c:a3:74:d4:fc:a7: d8:fc:81:f2:22:1c:bc:26:2a:5d:80:2e:05:93:a8:c7:8a:44: 5f:99:13:d0:18:39:6f:c5:7f:eb:39:17:b5:2c:11:a2:01:a9: 29:64:83:56 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUTe3y09LqGlz9Pq0/tXYOUhOgZDMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTA5RDdBMDA1RDIyQjI1RjI5NzcxRDQ3MzZBOUYzMjcz QTg3NDAyQjAeFw0yNjA2MDIxOTIzMzZaFw0yNjA2MDMyMjA3MzZaMDMxMTAvBgNV BAMTKEU1RkM5NDM4OEU1MjFCMDU2RThBOUU3QUJCQkYyNjk5NEQ3NjVGRTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOjl/qBN6FQhovQHZ4V7nwX4BO d6htema8cuDACIYm3qcLYdqYylZ/u6tD5OzXAFH4yzeDbffJfVy3acSD2C+5vhbi cWptZwmFOKLdPUoywx88vPxP4mqwcO8rpRMvnoLOWrjcyLn+oqEOycIgjOqpRgMo AYQl7/RoA7KgZR5jwgUw7cxK7m2jkh7NIHVPctfzDvkw6dPQjiYfMPvlr+smmpLi T9Xph2T3mv+/Ky10WglHrt9SrysmqxXamKvx+IYa5IXU4Jyeg8v6lLrI/NZIKffc zpy5YSW5GeJ1ZCmVt6GfB0U+l40PQZeLUm5yrjXToRQsyG/Qv1gyHC93JvULAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU5fyUOI5SGwVuip56u78mmU12X+cwHwYDVR0j BBgwFoAUUJ16AF0isl8pdx1HNqnzJzqHQCswDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NDRiMjczMDMtOWUzZC00ZDQyLWFmMjUtNmEwZjExODA4ZjI3LzAvNTA5RDdBMDA1 RDIyQjI1RjI5NzcxRDQ3MzZBOUYzMjczQTg3NDAyQi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS81MDlEN0EwMDVEMjJCMjVGMjk3NzFENDczNkE5RjMyNzNBODc0 MDJCLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNDRiMjczMDMtOWUzZC00ZDQyLWFm MjUtNmEwZjExODA4ZjI3LzAvNTA5RDdBMDA1RDIyQjI1RjI5NzcxRDQ3MzZBOUYz MjczQTg3NDAyQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGtopOBQrhJMjj4g8h2mvX+MOFvnmHvm4eQ2 WMpBhUjY+ZLMccfKusodZMxcbWNLSIfwEFbiMkSpYTXnYJrPQWm2H+uNfrDHULJ8 f/pDvsUx/RJSb0EtxI0X+t6LMRQIS4jmH4/Gri1ttbHTbF/iVc3TEVlEUiFPusC1 svFkP1b4YXxRWtq30SyDy9WLoqNh37WwaSTxaF58V2YW3SQ/JtvLJLATCTA+3P1f CVYS5sYKn19G9EHDKpBsdYkhI0mTA2qXO1qK/B10ayVryHBkxoGWoXyjdNT8p9j8 gfIiHLwmKl2ALgWTqMeKRF+ZE9AYOW/Ff+s5F7UsEaIBqSlkg1Y= -----END CERTIFICATE-----Generated at Wed Jun 3 04:01:50 2026 by rpki-client