$ rpki-client -vvf rpki-rsync.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.mft File: BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.mft (raw, json) Hash identifier: ja9rPz/kVmQnBlg0rcvAZT0tagdKRvrBhev2//v6vSw= Subject key identifier: 09:0A:6F:55:4D:3C:C4:CD:D2:4D:7F:13:18:C4:40:44:90:DF:85:B1 Authority key identifier: BA:D1:40:35:88:CA:8E:7E:1F:9A:4B:30:6C:6B:8B:E2:90:79:79:3E Certificate issuer: /CN=BAD1403588CA8E7E1F9A4B306C6B8BE29079793E Certificate serial: 1889E133E0470139B7168EF9B136B6D3A58FB191 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 10:12:43 +0000 Manifest this update: Tue 02 Jun 2026 10:07:43 +0000 Manifest next update: Wed 03 Jun 2026 11:26:43 +0000 Files and hashes: 1: 3130332e3135332e33342e302f32332d3234203d3e20313430343532.roa (hash: K/vlRNC+KQ5JyA0pwiIFS/TmPu7i6jVh0r5OiRdmy0A=) 2: BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.crl (hash: TV0RzJgJi9SevDKEaYbJq6zTGExM3rtD40ni3a0708s=) 3: 323030313a6466343a326438303a3a2f34382d3438203d3e20313430343532.roa (hash: v7DJudWf3ta86HIN/myNYYKoGmeXzKtpr14NT1uUyL0=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.crl rsync://rpki-rsync.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 11:26:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:89:e1:33:e0:47:01:39:b7:16:8e:f9:b1:36:b6:d3:a5:8f:b1:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BAD1403588CA8E7E1F9A4B306C6B8BE29079793E Validity Not Before: Jun 2 10:07:43 2026 GMT Not After : Jun 3 11:26:43 2026 GMT Subject: CN=090A6F554D3CC4CDD24D7F1318C4404490DF85B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:06:cf:f7:32:9d:12:ef:df:bc:5a:f0:bf:6a: cf:03:5d:db:82:d8:a1:d7:c0:4f:a3:53:98:00:c2: 52:84:74:88:17:ed:aa:96:28:78:8f:3d:a4:be:b6: 6c:e1:8b:3f:41:74:90:af:0b:02:13:60:af:86:63: 9f:00:97:4a:6d:33:b5:8f:fe:30:aa:c5:3d:51:92: 9f:68:ec:a4:e8:4e:a6:16:af:7f:13:99:cd:30:f4: 6c:73:89:6d:97:f2:2c:6a:a3:a9:3a:2c:80:c4:dc: 17:8c:ef:6f:8e:20:4e:ca:e6:a1:9c:17:82:8d:0e: ff:f2:27:0e:18:f6:18:05:4b:f3:46:6e:51:0e:db: 6a:79:19:25:8c:2d:d6:08:d0:ed:61:e9:5e:7a:37: 28:4d:8d:f5:3c:52:f5:0f:ea:6f:03:7b:3e:15:c1: e6:3d:aa:85:c2:32:30:f7:ae:e3:d0:a8:ab:77:c9: 89:d9:c2:41:84:75:9c:a0:28:28:45:02:b1:ae:7d: bf:93:c1:90:f1:e6:ea:a1:57:6d:17:83:80:11:bb: fb:d9:60:4c:3f:1e:b9:ff:0b:28:a1:9d:e2:44:cb: 29:64:3b:db:c3:95:8b:eb:b2:4e:6e:76:3f:4f:73: 01:4d:57:ef:9f:90:6e:b6:a5:8a:f1:45:b5:32:8b: 7b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:0A:6F:55:4D:3C:C4:CD:D2:4D:7F:13:18:C4:40:44:90:DF:85:B1 X509v3 Authority Key Identifier: keyid:BA:D1:40:35:88:CA:8E:7E:1F:9A:4B:30:6C:6B:8B:E2:90:79:79:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/BAD1403588CA8E7E1F9A4B306C6B8BE29079793E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:0b:3b:e2:8b:9a:d3:e4:3c:dd:3d:3a:f2:28:e8:c9:9b:69: 85:e7:1a:ca:28:d9:5f:1f:a9:da:78:d4:1d:4e:73:97:a5:34: e2:1e:ab:55:0e:2d:fb:66:24:d6:11:5b:52:0a:53:76:be:d0: da:61:08:0d:9d:14:a0:a6:e5:20:04:5f:21:17:91:2d:46:ee: c3:3b:a2:10:84:47:dc:cf:a3:f2:7a:15:d9:14:d5:ec:12:3a: 58:15:df:b1:8e:1b:53:82:1a:49:6d:0a:97:60:a7:79:1a:a3: 4e:7f:03:7f:d1:ef:ea:3b:34:79:35:d8:45:df:a0:b8:e8:d4: e1:62:26:43:66:60:06:0a:18:0e:e2:2a:e4:57:40:5b:a5:2d: 75:2f:6b:7b:f4:03:20:43:9f:fb:20:a2:fe:17:9f:78:f7:68: 8a:42:ff:2d:1b:22:80:a3:c2:bc:62:63:ac:6a:2f:09:49:92: fd:10:7b:a0:14:21:d4:77:77:b7:1f:16:8f:d6:c3:9a:40:4a: 2a:d4:a3:a8:cf:19:70:9d:24:df:97:82:44:4e:91:59:18:29: 70:c9:e7:f8:1c:28:e5:36:25:51:d8:d2:2c:7d:c9:21:2f:21: a0:6a:4e:f2:f6:61:d7:3e:64:45:d8:ec:b4:2b:a5:60:98:18: 54:e9:2b:da -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGInhM+BHATm3Fo75sTa206WPsZEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkFEMTQwMzU4OENBOEU3RTFGOUE0QjMwNkM2QjhCRTI5 MDc5NzkzRTAeFw0yNjA2MDIxMDA3NDNaFw0yNjA2MDMxMTI2NDNaMDMxMTAvBgNV BAMTKDA5MEE2RjU1NEQzQ0M0Q0REMjREN0YxMzE4QzQ0MDQ0OTBERjg1QjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCBs/3Mp0S79+8WvC/as8DXduC 2KHXwE+jU5gAwlKEdIgX7aqWKHiPPaS+tmzhiz9BdJCvCwITYK+GY58Al0ptM7WP /jCqxT1Rkp9o7KToTqYWr38Tmc0w9GxziW2X8ixqo6k6LIDE3BeM72+OIE7K5qGc F4KNDv/yJw4Y9hgFS/NGblEO22p5GSWMLdYI0O1h6V56NyhNjfU8UvUP6m8Dez4V weY9qoXCMjD3ruPQqKt3yYnZwkGEdZygKChFArGufb+TwZDx5uqhV20Xg4ARu/vZ YEw/Hrn/CyihneJEyylkO9vDlYvrsk5udj9PcwFNV++fkG62pYrxRbUyi3uTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCQpvVU08xM3STX8TGMRARJDfhbEwHwYDVR0j BBgwFoAUutFANYjKjn4fmkswbGuL4pB5eT4wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YmRjNDFjMWEtZTA4OC00ZWY2LTlkMjgtODE0YzYxNDU2ZDMwLzAvQkFEMTQwMzU4 OENBOEU3RTFGOUE0QjMwNkM2QjhCRTI5MDc5NzkzRS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9CQUQxNDAzNTg4Q0E4RTdFMUY5QTRCMzA2QzZCOEJFMjkwNzk3 OTNFLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYmRjNDFjMWEtZTA4OC00ZWY2LTlk MjgtODE0YzYxNDU2ZDMwLzAvQkFEMTQwMzU4OENBOEU3RTFGOUE0QjMwNkM2QjhC RTI5MDc5NzkzRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFELO+KLmtPkPN09OvIo6MmbaYXnGsoo2V8f qdp41B1Oc5elNOIeq1UOLftmJNYRW1IKU3a+0NphCA2dFKCm5SAEXyEXkS1G7sM7 ohCER9zPo/J6FdkU1ewSOlgV37GOG1OCGkltCpdgp3kao05/A3/R7+o7NHk12EXf oLjo1OFiJkNmYAYKGA7iKuRXQFulLXUva3v0AyBDn/sgov4Xn3j3aIpC/y0bIoCj wrxiY6xqLwlJkv0Qe6AUIdR3d7cfFo/Ww5pASirUo6jPGXCdJN+XgkROkVkYKXDJ 5/gcKOU2JVHY0ix9ySEvIaBqTvL2Ydc+ZEXY7LQrpWCYGFTpK9o= -----END CERTIFICATE-----Generated at Wed Jun 3 04:22:57 2026 by rpki-client