$ rpki-client -vvf rpki-rsync.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/A58E55B7CCE754B9CB71A0C874161981234B001D.mft File: A58E55B7CCE754B9CB71A0C874161981234B001D.mft (raw, json) Hash identifier: LKEYqTV+KGqQIIAP4V2ltJq+Pu6xWwK6k8Qt3tkx+EQ= Subject key identifier: 2C:8B:14:19:67:27:CF:BF:9B:1F:B7:06:C1:3D:AE:42:42:59:E7:83 Authority key identifier: A5:8E:55:B7:CC:E7:54:B9:CB:71:A0:C8:74:16:19:81:23:4B:00:1D Certificate issuer: /CN=A58E55B7CCE754B9CB71A0C874161981234B001D Certificate serial: 149A316AD00B53AA358295121F77FEED906906DA Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A58E55B7CCE754B9CB71A0C874161981234B001D.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/A58E55B7CCE754B9CB71A0C874161981234B001D.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 08:40:42 +0000 Manifest this update: Tue 02 Jun 2026 08:35:42 +0000 Manifest next update: Wed 03 Jun 2026 10:53:42 +0000 Files and hashes: 1: 3130332e3135352e3230302e302f32332d3233203d3e20313431303733.roa (hash: Ff6Wy4wyEywRk6LONIzh1Zz/4K7kEOV4YAssJYfhUsI=) 2: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (hash: vr59TWn1/ZjjHekiAiHOdHxbOj07TAVp/Qt6Ye+eebQ=) 3: 323430363a373734303a3a2f33322d3332203d3e20313431303733.roa (hash: HohwK1jgAliW1qLFON0wv/kfIfQEid5eomkEHXmmaro=) 4: A58E55B7CCE754B9CB71A0C874161981234B001D.crl (hash: lXbav1gXu+aD+C+wP1fkH0yMlaLV1OMs6J0RoGlWALc=) 5: 3130332e3135352e3230302e302f32332d3234203d3e20313431303733.roa (hash: HB5+30LBsGIIfrOeoz4NikxPDJ/kMoZQRDczvkwPbL0=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/A58E55B7CCE754B9CB71A0C874161981234B001D.crl rsync://rpki-rsync.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/A58E55B7CCE754B9CB71A0C874161981234B001D.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A58E55B7CCE754B9CB71A0C874161981234B001D.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:9a:31:6a:d0:0b:53:aa:35:82:95:12:1f:77:fe:ed:90:69:06:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A58E55B7CCE754B9CB71A0C874161981234B001D Validity Not Before: Jun 2 08:35:42 2026 GMT Not After : Jun 3 10:53:42 2026 GMT Subject: CN=2C8B14196727CFBF9B1FB706C13DAE424259E783 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:14:a1:43:ce:eb:42:39:6d:98:ea:1a:ce:87: d0:b2:0d:ca:9d:ec:b1:4b:65:a7:81:4f:b8:3d:45: c3:a5:ce:db:73:4e:f0:7f:e4:f5:a0:0f:60:fc:1b: ab:1d:8a:00:9c:59:8b:e4:73:c5:05:d7:85:7e:ac: 25:96:cb:81:13:68:2d:73:2a:81:02:2e:ea:69:2a: ae:ab:ed:42:77:70:a0:aa:f5:c4:59:cd:18:d9:49: 09:39:ee:aa:0d:a0:19:0d:8d:37:c0:f8:89:a7:8b: ca:16:f5:bb:24:01:2f:4e:e0:e3:5e:27:61:02:0f: 4b:bb:70:9b:6a:6b:95:07:f2:bb:59:dc:83:74:d0: 1f:53:7b:87:a7:ce:98:96:dd:8e:d2:02:c1:bd:98: af:6d:e0:eb:3d:ab:c2:bd:65:eb:6e:78:2a:04:18: 44:a3:19:3b:58:d4:12:93:ef:45:8a:7f:d6:db:30: 34:70:c2:85:0c:ab:52:12:02:90:87:eb:50:8e:b4: ed:44:8b:8d:ce:dc:26:6b:78:38:40:f6:5f:8e:03: bf:b8:93:ea:b7:41:9e:8a:0a:0a:5b:b6:d1:39:7b: 03:90:a9:66:db:e9:19:fc:42:e5:8f:67:fb:e8:14: 42:b5:63:2f:51:62:bc:39:d1:e6:00:d3:ec:74:31: f1:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:8B:14:19:67:27:CF:BF:9B:1F:B7:06:C1:3D:AE:42:42:59:E7:83 X509v3 Authority Key Identifier: keyid:A5:8E:55:B7:CC:E7:54:B9:CB:71:A0:C8:74:16:19:81:23:4B:00:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/A58E55B7CCE754B9CB71A0C874161981234B001D.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A58E55B7CCE754B9CB71A0C874161981234B001D.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/A58E55B7CCE754B9CB71A0C874161981234B001D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:2b:9b:42:95:e6:1a:02:5c:be:ac:50:c5:47:93:da:23:34: 9a:c0:7b:d0:24:7b:cf:45:42:e9:23:69:95:d0:9d:47:ec:d9: d5:b0:9b:0f:d7:d4:10:86:f0:6c:5e:ee:de:a3:1a:89:70:0b: 02:bc:df:db:42:18:f9:7e:9d:94:d3:fe:a1:c9:be:02:71:32: 45:04:3b:da:5c:73:b4:97:dc:37:d3:79:04:ec:c2:13:59:74: e9:7d:fe:cc:00:80:26:2f:49:1d:f7:d0:20:7d:db:f4:24:48: 1c:f4:27:19:86:27:31:d8:e8:74:ba:49:8f:c0:b8:60:25:27: 73:df:17:7a:a6:ba:10:b9:0d:77:de:ce:8b:e1:73:fd:75:14: 86:2f:a5:91:ed:e1:f3:c4:2a:20:f7:59:41:c0:43:1d:61:f4: f1:ad:c1:1a:5a:19:12:9a:5b:90:a9:51:e4:7e:04:eb:df:b1: 39:8a:2b:f9:31:e1:62:19:24:ab:d8:69:df:d0:df:7a:49:eb: 96:3e:fc:1b:78:ac:d9:61:12:50:88:1d:35:81:f8:01:95:c8: 85:7a:36:68:fa:97:0b:f4:72:a7:da:fc:7f:e0:03:83:69:f4: 27:39:92:dc:78:66:0b:08:ed:66:fc:35:79:16:79:3f:3f:dd: 63:78:7d:8e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFJoxatALU6o1gpUSH3f+7ZBpBtowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTU4RTU1QjdDQ0U3NTRCOUNCNzFBMEM4NzQxNjE5ODEy MzRCMDAxRDAeFw0yNjA2MDIwODM1NDJaFw0yNjA2MDMxMDUzNDJaMDMxMTAvBgNV BAMTKDJDOEIxNDE5NjcyN0NGQkY5QjFGQjcwNkMxM0RBRTQyNDI1OUU3ODMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTFKFDzutCOW2Y6hrOh9CyDcqd 7LFLZaeBT7g9RcOlzttzTvB/5PWgD2D8G6sdigCcWYvkc8UF14V+rCWWy4ETaC1z KoECLuppKq6r7UJ3cKCq9cRZzRjZSQk57qoNoBkNjTfA+Imni8oW9bskAS9O4ONe J2ECD0u7cJtqa5UH8rtZ3IN00B9Te4enzpiW3Y7SAsG9mK9t4Os9q8K9ZetueCoE GESjGTtY1BKT70WKf9bbMDRwwoUMq1ISApCH61COtO1Ei43O3CZreDhA9l+OA7+4 k+q3QZ6KCgpbttE5ewOQqWbb6Rn8QuWPZ/voFEK1Yy9RYrw50eYA0+x0MfGLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULIsUGWcnz7+bH7cGwT2uQkJZ54MwHwYDVR0j BBgwFoAUpY5Vt8znVLnLcaDIdBYZgSNLAB0wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NDg1OGY4NWMtYTQ1OC00YTU4LWJiZGUtNGJmYjM0M2RjNGIwLzAvQTU4RTU1QjdD Q0U3NTRCOUNCNzFBMEM4NzQxNjE5ODEyMzRCMDAxRC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BNThFNTVCN0NDRTc1NEI5Q0I3MUEwQzg3NDE2MTk4MTIzNEIw MDFELmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNDg1OGY4NWMtYTQ1OC00YTU4LWJi ZGUtNGJmYjM0M2RjNGIwLzAvQTU4RTU1QjdDQ0U3NTRCOUNCNzFBMEM4NzQxNjE5 ODEyMzRCMDAxRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHkrm0KV5hoCXL6sUMVHk9ojNJrAe9Ake89F QukjaZXQnUfs2dWwmw/X1BCG8Gxe7t6jGolwCwK839tCGPl+nZTT/qHJvgJxMkUE O9pcc7SX3DfTeQTswhNZdOl9/swAgCYvSR330CB92/QkSBz0JxmGJzHY6HS6SY/A uGAlJ3PfF3qmuhC5DXfezovhc/11FIYvpZHt4fPEKiD3WUHAQx1h9PGtwRpaGRKa W5CpUeR+BOvfsTmKK/kx4WIZJKvYad/Q33pJ65Y+/Bt4rNlhElCIHTWB+AGVyIV6 Nmj6lwv0cqfa/H/gA4Np9Cc5ktx4ZgsI7Wb8NXkWeT8/3WN4fY4= -----END CERTIFICATE-----Generated at Wed Jun 3 03:20:58 2026 by rpki-client