$ rpki-client -vvf rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.mft File: 59406D6B894D2596F895003DEE4D8D96CC43B39F.mft (raw, json) Hash identifier: rUTCvyKQpbYf+PF9LdhrfQMsu2mYO+DFyC0YsyU8L3Y= Subject key identifier: 5C:0D:58:54:98:CE:A6:4C:31:24:04:C1:F5:D6:29:9D:36:75:29:7A Authority key identifier: 59:40:6D:6B:89:4D:25:96:F8:95:00:3D:EE:4D:8D:96:CC:43:B3:9F Certificate issuer: /CN=59406D6B894D2596F895003DEE4D8D96CC43B39F Certificate serial: 70CC187F12453E0010B0D14EC0C2D64318B26EC5 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/59406D6B894D2596F895003DEE4D8D96CC43B39F.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 11:44:32 +0000 Manifest this update: Tue 02 Jun 2026 11:39:32 +0000 Manifest next update: Wed 03 Jun 2026 13:00:32 +0000 Files and hashes: 1: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: nM1lR1t5YbRxvlzSB15Qj3P9xptJWT24EGOpflzojVc=) 2: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: lsGPNQll8lHqimmyJl12NLTMwKg8Yil8iz0vwp/l9l4=) 3: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: UA+YdwLCDED5UMDmCG4dNPuGHlL+yaAK93vKKhIdDPg=) 4: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: zFIO9wiF748rHmRcjoZ1ZZ07oJftCfa8w4TwQheX8tM=) 5: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: 2NT3KSaIgnkQK0dsegRvJOGdovq/XdyRI/OHCIdm244=) 6: 59406D6B894D2596F895003DEE4D8D96CC43B39F.crl (hash: Gy9es47rmNtJHJWjhBTugzaPaxecgrruwZiFcQqBsic=) 7: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: hCsETlpD6R/zfRJVkzNBOTiAfvvIYDjPCkGRa8bOeSk=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.crl rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/59406D6B894D2596F895003DEE4D8D96CC43B39F.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:cc:18:7f:12:45:3e:00:10:b0:d1:4e:c0:c2:d6:43:18:b2:6e:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=59406D6B894D2596F895003DEE4D8D96CC43B39F Validity Not Before: Jun 2 11:39:32 2026 GMT Not After : Jun 3 13:00:32 2026 GMT Subject: CN=5C0D585498CEA64C312404C1F5D6299D3675297A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5a:26:c1:57:89:8f:95:8e:b4:df:e3:e7:ed: f9:b8:cd:cd:1f:b9:3b:24:56:66:39:71:bf:6c:94: e8:43:92:c5:11:9c:1c:8c:b7:45:f2:45:0d:d2:d8: 00:19:b3:73:12:ce:c2:01:d0:e4:b4:7d:82:6c:da: 32:03:bf:18:c9:e9:5b:91:60:2d:80:3d:05:00:74: 4f:60:35:f4:3f:12:15:40:6e:a9:e3:ce:cc:e0:1e: ed:c2:ca:d8:79:d9:3c:f6:2e:ee:4d:7b:ae:6e:bb: 37:bb:29:d3:85:06:1f:31:69:e6:39:02:c1:e6:44: 2e:c9:c2:16:41:80:ef:8f:21:06:7d:a2:87:5c:0b: 92:55:2e:de:3e:bc:0c:23:27:44:e0:64:c3:fd:b6: 40:89:f0:5e:e9:42:25:ae:10:39:1c:fa:ae:e5:c8: e1:ae:65:d2:29:aa:07:16:8d:4d:25:0e:b3:a9:87: 92:80:c4:54:d0:3e:19:de:20:b1:06:9a:20:10:f4: c1:2d:0b:eb:5f:18:9a:86:5f:ec:12:b6:dd:a6:2d: c5:11:5e:05:b7:ed:d6:36:2b:4d:12:ef:f1:30:a9: 19:da:9c:5b:f9:c1:51:a0:0e:84:73:dd:c3:ba:d9: 70:d4:d2:84:48:dd:19:e9:25:57:74:6b:94:03:02: 9f:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:0D:58:54:98:CE:A6:4C:31:24:04:C1:F5:D6:29:9D:36:75:29:7A X509v3 Authority Key Identifier: keyid:59:40:6D:6B:89:4D:25:96:F8:95:00:3D:EE:4D:8D:96:CC:43:B3:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/59406D6B894D2596F895003DEE4D8D96CC43B39F.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/59406D6B894D2596F895003DEE4D8D96CC43B39F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:4d:d5:f7:16:44:c6:f5:ac:e5:b2:f3:02:f9:bd:bc:08:a9: 3c:c6:0c:a5:c9:71:1a:a6:6b:22:3f:f5:de:95:f9:0d:c2:41: 9f:9f:43:84:40:07:b0:47:c7:c1:46:5f:3e:7c:fa:e8:3a:43: 48:fa:a8:df:85:d5:b1:83:6c:cd:f1:a0:57:ed:73:66:98:8a: b5:88:8e:3f:4f:9f:62:3d:27:0b:00:e6:3c:ec:4a:27:76:72: c2:1d:a9:fa:a1:61:29:dd:55:fe:55:81:07:fb:30:44:69:bf: 76:15:7d:7e:c3:ac:7b:85:f9:3b:63:a1:ed:5a:1b:6b:9d:ea: dd:e5:3a:ae:86:4c:85:4c:ac:cc:74:85:bf:57:e4:83:f6:42: 91:2f:7d:a0:ae:3c:8c:33:a2:cf:45:ac:e5:6f:86:c3:11:31: 36:aa:67:23:d2:2a:38:e2:d9:2c:d4:30:64:28:5e:cc:2d:c5: 57:4c:9e:c5:4f:ff:98:0b:6e:bb:f7:21:2b:02:2c:3e:80:79: 14:89:1f:b5:c7:46:3a:75:e3:73:46:0c:48:3f:d4:6c:21:79: fa:97:ff:21:4e:81:15:5e:9c:b2:e4:9e:c6:45:7f:4d:e6:4d: 6b:8d:ab:c9:fb:77:8a:10:5b:aa:80:84:ae:3e:ae:51:f1:0b: 75:ce:72:b0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcMwYfxJFPgAQsNFOwMLWQxiybsUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTk0MDZENkI4OTREMjU5NkY4OTUwMDNERUU0RDhEOTZD QzQzQjM5RjAeFw0yNjA2MDIxMTM5MzJaFw0yNjA2MDMxMzAwMzJaMDMxMTAvBgNV BAMTKDVDMEQ1ODU0OThDRUE2NEMzMTI0MDRDMUY1RDYyOTlEMzY3NTI5N0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBWibBV4mPlY603+Pn7fm4zc0f uTskVmY5cb9slOhDksURnByMt0XyRQ3S2AAZs3MSzsIB0OS0fYJs2jIDvxjJ6VuR YC2APQUAdE9gNfQ/EhVAbqnjzszgHu3Cyth52Tz2Lu5Ne65uuze7KdOFBh8xaeY5 AsHmRC7JwhZBgO+PIQZ9oodcC5JVLt4+vAwjJ0TgZMP9tkCJ8F7pQiWuEDkc+q7l yOGuZdIpqgcWjU0lDrOph5KAxFTQPhneILEGmiAQ9MEtC+tfGJqGX+wStt2mLcUR XgW37dY2K00S7/EwqRnanFv5wVGgDoRz3cO62XDU0oRI3RnpJVd0a5QDAp8FAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUXA1YVJjOpkwxJATB9dYpnTZ1KXowHwYDVR0j BBgwFoAUWUBta4lNJZb4lQA97k2NlsxDs58wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YmQxZWU1ZTItMzM4Yy00ZDIwLTgwN2UtZTUwYjc1NTgzZGI4LzAvNTk0MDZENkI4 OTREMjU5NkY4OTUwMDNERUU0RDhEOTZDQzQzQjM5Ri5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS81OTQwNkQ2Qjg5NEQyNTk2Rjg5NTAwM0RFRTREOEQ5NkNDNDNC MzlGLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvNTk0MDZENkI4OTREMjU5NkY4OTUwMDNERUU0RDhE OTZDQzQzQjM5Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGhN1fcWRMb1rOWy8wL5vbwIqTzGDKXJcRqm ayI/9d6V+Q3CQZ+fQ4RAB7BHx8FGXz58+ug6Q0j6qN+F1bGDbM3xoFftc2aYirWI jj9Pn2I9JwsA5jzsSid2csIdqfqhYSndVf5VgQf7MERpv3YVfX7DrHuF+Ttjoe1a G2ud6t3lOq6GTIVMrMx0hb9X5IP2QpEvfaCuPIwzos9FrOVvhsMRMTaqZyPSKjji 2SzUMGQoXswtxVdMnsVP/5gLbrv3ISsCLD6AeRSJH7XHRjp143NGDEg/1GwhefqX /yFOgRVenLLknsZFf03mTWuNq8n7d4oQW6qAhK4+rlHxC3XOcrA= -----END CERTIFICATE-----Generated at Wed Jun 3 03:38:56 2026 by rpki-client