$ rpki-client -vvf rpki-rsync.idnic.net/repo/ca124e6a-f51b-46d0-8ea3-76b2744558a6/0/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.mft File: 72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.mft (raw, json) Hash identifier: TAFNWj+L4FVuBrhJOH3LgSaxAVlFzU6BNnTLqg8gknc= Subject key identifier: FD:9F:26:C5:DD:A1:F9:AD:7C:50:1E:41:8E:09:59:47:68:3C:41:61 Authority key identifier: 72:87:1B:42:F8:AB:1D:9C:A1:F6:A1:3D:1E:29:CD:BE:15:1D:11:AE Certificate issuer: /CN=72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE Certificate serial: 6217F01D4DEE8F15D82BF50F51DCDBFE8A235220 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/ca124e6a-f51b-46d0-8ea3-76b2744558a6/0/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 14:58:14 +0000 Manifest this update: Tue 02 Jun 2026 14:53:14 +0000 Manifest next update: Wed 03 Jun 2026 15:29:14 +0000 Files and hashes: 1: 3130332e372e3130372e302f32342d3234203d3e20313531353939.roa (hash: Uq0zjp96KTXKbxSis8DhaT+OdD/bH8ZzigpO4G+X8Xo=) 2: 72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.crl (hash: 3yRFoKS1jJIHZhtcwDq1z/taPPX8gHIWiec7LMC5S28=) 3: 3130332e372e3130362e302f32342d3234203d3e20313531353939.roa (hash: q7SyYWgacRS5rzIzN3lkEYg9DVcMVi1C+rpPj5LCLHE=) 4: 3130332e372e3130362e302f32332d3233203d3e20313531353939.roa (hash: jakvC7z6ih8TLDBjPGwBe82NoGvM+4jFqZRksuR7CGI=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/ca124e6a-f51b-46d0-8ea3-76b2744558a6/0/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.crl rsync://rpki-rsync.idnic.net/repo/ca124e6a-f51b-46d0-8ea3-76b2744558a6/0/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 15:29:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:17:f0:1d:4d:ee:8f:15:d8:2b:f5:0f:51:dc:db:fe:8a:23:52:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE Validity Not Before: Jun 2 14:53:14 2026 GMT Not After : Jun 3 15:29:14 2026 GMT Subject: CN=FD9F26C5DDA1F9AD7C501E418E095947683C4161 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:82:65:25:c9:10:78:7d:6e:66:38:93:57:f7: a0:11:b7:a2:10:41:a2:a7:41:04:6e:26:52:33:74: 76:48:c7:d4:14:08:2e:75:9d:c1:6a:a4:c5:76:7c: 22:ce:cb:9f:37:63:29:55:d9:7b:30:13:b4:83:91: 66:d3:10:2b:d3:ed:70:6e:a9:d3:7d:d7:b2:de:be: 5c:dc:ab:47:5e:69:14:f7:67:3a:13:49:52:ff:82: 72:73:26:db:3d:0d:4f:10:af:fa:5a:63:0f:d7:c5: 1d:20:62:5f:26:81:72:d6:0a:3f:87:08:15:3f:f0: 5b:ce:19:2b:bc:6e:23:f8:2a:2d:9c:13:88:78:f3: 5b:6d:56:29:c9:ef:dd:05:2f:de:a3:55:f3:ae:22: d1:5d:c9:32:3e:2c:32:3b:39:3c:e0:92:31:09:a5: 2c:e3:3f:3a:84:6b:27:0e:bc:22:44:03:68:ab:3b: 4e:71:df:a8:a2:cd:a0:47:aa:7e:3b:06:6d:16:07: b2:ba:5d:ae:6e:da:a1:de:9c:13:f8:6f:dc:e0:38: a8:a6:ef:bc:e1:fb:80:31:3b:c9:13:3a:ad:01:a4: 60:5e:7c:7e:5d:bb:b6:b1:6c:0b:61:32:12:15:a6: 1b:9f:4f:9a:98:88:27:dd:7e:b7:ce:ea:de:2a:14: 39:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:9F:26:C5:DD:A1:F9:AD:7C:50:1E:41:8E:09:59:47:68:3C:41:61 X509v3 Authority Key Identifier: keyid:72:87:1B:42:F8:AB:1D:9C:A1:F6:A1:3D:1E:29:CD:BE:15:1D:11:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/ca124e6a-f51b-46d0-8ea3-76b2744558a6/0/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/ca124e6a-f51b-46d0-8ea3-76b2744558a6/0/72871B42F8AB1D9CA1F6A13D1E29CDBE151D11AE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:ad:4b:74:a9:54:88:68:4b:73:46:64:71:36:2f:6d:e7:fa: ab:7e:83:d3:1a:9d:28:c8:3e:d8:b5:a5:9b:20:32:49:02:79: ad:10:c1:79:f6:1b:29:84:2c:54:dc:4e:ca:a4:86:f7:28:e6: 9c:34:54:d7:ac:e8:1e:ac:c2:2c:9d:47:22:fa:09:d5:ef:95: 4b:5e:de:0c:ff:8d:a6:02:2e:b8:69:7f:de:6a:d0:5e:f8:da: 6f:ea:7a:38:d1:c5:37:58:ef:5d:86:35:0b:a5:25:86:15:fb: d0:6a:df:63:b2:61:6a:2f:88:34:13:97:50:19:0d:75:17:88: f1:cd:3a:c6:f3:8e:9b:26:88:58:21:28:5c:a7:ad:89:7b:0c: 62:bf:19:9d:4e:f5:7e:20:ad:a3:47:26:9e:d6:1a:32:af:59: 0f:1e:b1:fa:fe:b9:86:74:da:db:78:f7:42:3e:41:21:d6:fe: 5e:90:df:fc:e2:24:18:8e:ef:ec:60:0d:2b:cf:76:67:43:d3: 5c:2d:8e:34:25:67:08:38:b0:9a:6a:63:1c:12:13:67:48:2e: 42:8e:aa:7d:8a:df:2d:21:ef:7b:7f:54:17:c5:c7:78:1c:b6: 87:e4:ff:5e:8b:e9:fd:14:01:4d:3e:df:79:50:ca:8d:ef:3c: 3a:0f:02:26 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYhfwHU3ujxXYK/UPUdzb/oojUiAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzI4NzFCNDJGOEFCMUQ5Q0ExRjZBMTNEMUUyOUNEQkUx NTFEMTFBRTAeFw0yNjA2MDIxNDUzMTRaFw0yNjA2MDMxNTI5MTRaMDMxMTAvBgNV BAMTKEZEOUYyNkM1RERBMUY5QUQ3QzUwMUU0MThFMDk1OTQ3NjgzQzQxNjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1gmUlyRB4fW5mOJNX96ARt6IQ QaKnQQRuJlIzdHZIx9QUCC51ncFqpMV2fCLOy583YylV2XswE7SDkWbTECvT7XBu qdN917Levlzcq0deaRT3ZzoTSVL/gnJzJts9DU8Qr/paYw/XxR0gYl8mgXLWCj+H CBU/8FvOGSu8biP4Ki2cE4h481ttVinJ790FL96jVfOuItFdyTI+LDI7OTzgkjEJ pSzjPzqEaycOvCJEA2irO05x36iizaBHqn47Bm0WB7K6Xa5u2qHenBP4b9zgOKim 77zh+4AxO8kTOq0BpGBefH5du7axbAthMhIVphufT5qYiCfdfrfO6t4qFDnXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/Z8mxd2h+a18UB5BjglZR2g8QWEwHwYDVR0j BBgwFoAUcocbQvirHZyh9qE9HinNvhUdEa4wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v Y2ExMjRlNmEtZjUxYi00NmQwLThlYTMtNzZiMjc0NDU1OGE2LzAvNzI4NzFCNDJG OEFCMUQ5Q0ExRjZBMTNEMUUyOUNEQkUxNTFEMTFBRS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS83Mjg3MUI0MkY4QUIxRDlDQTFGNkExM0QxRTI5Q0RCRTE1MUQx MUFFLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vY2ExMjRlNmEtZjUxYi00NmQwLThl YTMtNzZiMjc0NDU1OGE2LzAvNzI4NzFCNDJGOEFCMUQ5Q0ExRjZBMTNEMUUyOUNE QkUxNTFEMTFBRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABytS3SpVIhoS3NGZHE2L23n+qt+g9ManSjI Pti1pZsgMkkCea0QwXn2GymELFTcTsqkhvco5pw0VNes6B6swiydRyL6CdXvlUte 3gz/jaYCLrhpf95q0F742m/qejjRxTdY712GNQulJYYV+9Bq32OyYWoviDQTl1AZ DXUXiPHNOsbzjpsmiFghKFynrYl7DGK/GZ1O9X4graNHJp7WGjKvWQ8esfr+uYZ0 2tt490I+QSHW/l6Q3/ziJBiO7+xgDSvPdmdD01wtjjQlZwg4sJpqYxwSE2dILkKO qn2K3y0h73t/VBfFx3gctofk/16L6f0UAU0+33lQyo3vPDoPAiY= -----END CERTIFICATE-----Generated at Wed Jun 3 04:11:59 2026 by rpki-client