$ rpki-client -vvf rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/2843C420C9538DE003DB96047ACE7F2FE1B83454.mft File: 2843C420C9538DE003DB96047ACE7F2FE1B83454.mft (raw, json) Hash identifier: lGsODdD8fOcbyMrL4UsEzI5hAdSomUNHMtYtVi5Jj9c= Subject key identifier: EA:94:B2:B8:D4:DD:D0:07:63:4B:E6:E0:B4:02:62:B6:C5:B3:0D:51 Authority key identifier: 28:43:C4:20:C9:53:8D:E0:03:DB:96:04:7A:CE:7F:2F:E1:B8:34:54 Certificate issuer: /CN=2843C420C9538DE003DB96047ACE7F2FE1B83454 Certificate serial: 19F978749D6C58C4CA3D4F024CC159F2B2F6D03A Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2843C420C9538DE003DB96047ACE7F2FE1B83454.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/2843C420C9538DE003DB96047ACE7F2FE1B83454.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 11:13:54 +0000 Manifest this update: Tue 02 Jun 2026 11:08:54 +0000 Manifest next update: Wed 03 Jun 2026 13:05:54 +0000 Files and hashes: 1: 2843C420C9538DE003DB96047ACE7F2FE1B83454.crl (hash: btA7srsVTRCGcjmk3fFS7sMXQ75mBeXbdFJACQyTtbE=) 2: 3130332e36362e36332e302f32342d3234203d3e20313339393832.roa (hash: Gs+snvngtmEUYMerL8umS66cdNSbHO+hqLt5UBqYHqk=) 3: 3130332e36362e36322e302f32342d3234203d3e20313339393832.roa (hash: ZmQheHX1MZV/oBZW9LIfogQSYln7HG4CQMJRL8sFUs4=) 4: 3130332e36362e36322e302f32332d3233203d3e20313339393832.roa (hash: Ekh2cRoP3jEu4ToqLXfO3pEmBPqQ1/HiAdtyj75YlY4=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/2843C420C9538DE003DB96047ACE7F2FE1B83454.crl rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/2843C420C9538DE003DB96047ACE7F2FE1B83454.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2843C420C9538DE003DB96047ACE7F2FE1B83454.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 13:05:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:f9:78:74:9d:6c:58:c4:ca:3d:4f:02:4c:c1:59:f2:b2:f6:d0:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2843C420C9538DE003DB96047ACE7F2FE1B83454 Validity Not Before: Jun 2 11:08:54 2026 GMT Not After : Jun 3 13:05:54 2026 GMT Subject: CN=EA94B2B8D4DDD007634BE6E0B40262B6C5B30D51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:05:0a:1e:56:3b:2d:4c:a8:6e:dd:7c:b4:27: cb:68:24:e0:7c:01:11:e1:23:18:8a:2d:b7:95:41: 12:54:0e:84:82:4c:dd:cc:87:21:3c:33:ff:a8:3a: f9:0c:83:e8:39:8b:fa:7d:fb:8d:89:1e:bc:45:ea: 18:fe:e6:4c:2f:cb:d1:cb:6c:6a:ed:e1:a3:b9:1f: 95:e9:07:80:4c:f9:6a:9b:f2:bc:f8:f5:ce:ca:03: f5:24:36:c3:6c:1b:d9:e0:02:ac:55:70:99:8d:66: 1c:3b:d1:5a:e0:6b:10:07:3f:68:f5:37:cf:3f:00: 51:25:20:7b:a7:a1:7b:9e:b3:4e:bb:c8:70:d2:de: ed:17:5e:89:8e:40:37:3d:0b:16:2f:c8:e6:30:ac: bb:c6:09:40:74:e3:61:1a:da:71:15:81:03:27:8b: 42:88:1c:b1:cf:62:a4:8b:46:0b:f2:d2:1a:0b:a5: 17:9d:9f:9c:08:3a:8a:a5:29:32:2e:3d:39:5e:6d: 0f:6b:f6:37:e4:5a:53:09:71:23:eb:97:66:fa:17: a7:2c:93:c7:98:a3:01:da:fb:2a:a4:90:5e:a2:cb: 32:f8:89:d8:25:b5:d4:69:84:e8:65:27:3d:1f:be: ed:cc:e2:32:b2:95:98:73:3d:05:14:ae:8d:94:a2: 7d:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:94:B2:B8:D4:DD:D0:07:63:4B:E6:E0:B4:02:62:B6:C5:B3:0D:51 X509v3 Authority Key Identifier: keyid:28:43:C4:20:C9:53:8D:E0:03:DB:96:04:7A:CE:7F:2F:E1:B8:34:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/2843C420C9538DE003DB96047ACE7F2FE1B83454.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2843C420C9538DE003DB96047ACE7F2FE1B83454.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/2843C420C9538DE003DB96047ACE7F2FE1B83454.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:80:c8:29:52:1f:de:e9:61:49:81:95:66:21:eb:45:c5:ff: 8d:10:79:90:78:7b:88:22:e1:45:73:85:52:e2:4d:a9:62:e2: d9:87:d3:bc:2f:af:22:ae:2f:3d:6d:f1:96:9a:7c:ba:b9:f1: da:75:56:07:ef:47:c9:52:d2:f5:6c:9e:f1:85:b1:fb:81:a1: ab:c4:00:ce:ce:d9:29:c8:79:fb:e7:16:c2:a0:84:f0:a8:79: 96:65:a9:9c:88:2e:ad:21:0e:7d:85:f4:93:ee:41:6d:43:d0: 5f:a0:ec:03:93:79:9c:c8:a7:a0:56:74:ed:9e:5f:f9:ec:73: 50:3c:48:2b:96:7f:c5:47:b3:71:14:d8:43:3d:b0:31:c5:ff: c4:c7:4f:86:05:aa:c3:dd:98:5f:83:7a:70:37:44:29:60:ca: 86:fc:a8:5b:bc:d6:2a:ff:3a:3f:93:84:2b:31:dc:ff:2d:4e: 81:f6:18:bc:1c:68:14:82:82:87:97:57:a1:b8:51:99:2e:79: 71:3e:42:2d:78:c9:5f:e0:84:8c:5e:60:b1:2f:e6:e1:20:65: 01:a9:93:69:5c:f6:e4:cd:39:ad:61:f0:fc:90:f6:4b:d0:30: c0:e6:68:31:e3:e7:f9:87:03:64:6e:f4:9f:b1:98:04:f9:db: 83:70:ee:c1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGfl4dJ1sWMTKPU8CTMFZ8rL20DowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg0M0M0MjBDOTUzOERFMDAzREI5NjA0N0FDRTdGMkZF MUI4MzQ1NDAeFw0yNjA2MDIxMTA4NTRaFw0yNjA2MDMxMzA1NTRaMDMxMTAvBgNV BAMTKEVBOTRCMkI4RDREREQwMDc2MzRCRTZFMEI0MDI2MkI2QzVCMzBENTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3BQoeVjstTKhu3Xy0J8toJOB8 ARHhIxiKLbeVQRJUDoSCTN3MhyE8M/+oOvkMg+g5i/p9+42JHrxF6hj+5kwvy9HL bGrt4aO5H5XpB4BM+Wqb8rz49c7KA/UkNsNsG9ngAqxVcJmNZhw70VrgaxAHP2j1 N88/AFElIHunoXues067yHDS3u0XXomOQDc9CxYvyOYwrLvGCUB042Ea2nEVgQMn i0KIHLHPYqSLRgvy0hoLpRedn5wIOoqlKTIuPTlebQ9r9jfkWlMJcSPrl2b6F6cs k8eYowHa+yqkkF6iyzL4idgltdRphOhlJz0fvu3M4jKylZhzPQUUro2Uon0jAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6pSyuNTd0AdjS+bgtAJitsWzDVEwHwYDVR0j BBgwFoAUKEPEIMlTjeAD25YEes5/L+G4NFQwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YWJhOTA5NDQtNjU2ZC00YWE3LTkxNzMtNTkxMjgwODMzZjgxLzAvMjg0M0M0MjBD OTUzOERFMDAzREI5NjA0N0FDRTdGMkZFMUI4MzQ1NC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8yODQzQzQyMEM5NTM4REUwMDNEQjk2MDQ3QUNFN0YyRkUxQjgz NDU0LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYWJhOTA5NDQtNjU2ZC00YWE3LTkx NzMtNTkxMjgwODMzZjgxLzAvMjg0M0M0MjBDOTUzOERFMDAzREI5NjA0N0FDRTdG MkZFMUI4MzQ1NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFqAyClSH97pYUmBlWYh60XF/40QeZB4e4gi 4UVzhVLiTali4tmH07wvryKuLz1t8ZaafLq58dp1VgfvR8lS0vVsnvGFsfuBoavE AM7O2SnIefvnFsKghPCoeZZlqZyILq0hDn2F9JPuQW1D0F+g7AOTeZzIp6BWdO2e X/nsc1A8SCuWf8VHs3EU2EM9sDHF/8THT4YFqsPdmF+DenA3RClgyob8qFu81ir/ Oj+ThCsx3P8tToH2GLwcaBSCgoeXV6G4UZkueXE+Qi14yV/ghIxeYLEv5uEgZQGp k2lc9uTNOa1h8PyQ9kvQMMDmaDHj5/mHA2Ru9J+xmAT524Nw7sE= -----END CERTIFICATE-----Generated at Wed Jun 3 03:49:55 2026 by rpki-client