$ rpki-client -vvf rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.mft File: 4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.mft (raw, json) Hash identifier: j8mXxmUQChkTP+zgxymUwVhtJXEwSqrqCqMnmJUWkz8= Subject key identifier: 32:93:11:F2:19:5F:AC:92:FF:89:E5:38:38:40:1B:E0:AB:94:E2:4F Authority key identifier: 41:38:E0:AD:46:46:D8:B5:B1:91:64:81:31:05:E2:EC:7C:5A:C4:A5 Certificate issuer: /CN=4138E0AD4646D8B5B19164813105E2EC7C5AC4A5 Certificate serial: 0DC7D70A9EFEF97BD7FB0A9E61469CCC8060A12D Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 12:25:27 +0000 Manifest this update: Tue 02 Jun 2026 12:20:27 +0000 Manifest next update: Wed 03 Jun 2026 13:31:27 +0000 Files and hashes: 1: 3130332e3231342e3233392e302f32342d3234203d3e20313335343339.roa (hash: MIfS/eHMskBKSqBbwRfOeUTCESkdJmMT09TJQUGAcLg=) 2: 3130332e3231342e3233372e302f32342d3234203d3e20313335343339.roa (hash: chcA0La2Ovm9yQOvdpAAt2EqYZMflbdwEaNV+8DJqdc=) 3: 4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.crl (hash: SsvZRll9MkyXvMoi1SN/1HxQMUFNQDJTpoUyfzc2DZk=) 4: 3130332e3231342e3233382e302f32342d3234203d3e20313335343339.roa (hash: ATgc6Id4lihO/sLAGAO1j7xGe/4awMhi2w1w0ztaLuU=) 5: 3130332e3231342e3233362e302f32342d3234203d3e20313335343339.roa (hash: dMqa0oYO4c22L7uxBboRe6E/5z9CmS2c9aynUToZXQs=) 6: 3130332e3231342e3233362e302f32322d3232203d3e20313335343339.roa (hash: t4tJtjdDpsJpFR/xtJD4ECgHePAHDWhC6e/Cj+1efek=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.crl rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 13:31:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:c7:d7:0a:9e:fe:f9:7b:d7:fb:0a:9e:61:46:9c:cc:80:60:a1:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4138E0AD4646D8B5B19164813105E2EC7C5AC4A5 Validity Not Before: Jun 2 12:20:27 2026 GMT Not After : Jun 3 13:31:27 2026 GMT Subject: CN=329311F2195FAC92FF89E53838401BE0AB94E24F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:0a:bf:4d:84:8d:18:3e:64:6a:d4:5f:68:dc: 4e:72:4b:43:cc:95:5f:33:86:08:b6:27:0c:2d:f3: 4e:3a:2f:43:8a:1d:d6:9c:16:49:f9:64:18:ba:a1: 81:ec:24:c0:56:bc:f4:45:76:22:bd:e6:1b:71:d8: 1e:78:1a:af:3e:ac:9e:44:c7:41:e7:8b:c4:ad:25: be:31:82:17:60:46:e4:12:11:88:a6:cc:87:e6:46: b9:20:68:31:8d:0a:01:cf:bc:4c:f4:bf:f0:55:0a: b0:08:ee:59:6f:8b:72:a1:fd:f1:e0:f0:d4:94:94: cc:1c:76:1a:0f:2a:1c:87:3e:fb:16:4b:f7:67:62: 32:36:3a:d0:14:15:6d:c7:2c:72:b6:2a:99:9a:d2: b9:e3:d4:43:50:f7:0b:04:4a:e0:b3:55:ea:cc:36: a5:e7:c8:21:57:ce:f5:04:53:9c:df:a2:26:fb:a3: f6:46:08:f2:db:bb:ff:5f:0e:63:a3:d7:02:3e:96: 5a:24:f1:c8:c3:55:4b:dc:4a:4c:bb:65:bc:5d:0b: 14:64:e4:9d:3e:48:24:8d:ab:08:cb:75:3d:b5:dd: f9:04:1a:05:b5:ff:61:10:12:0f:a0:1d:c7:bf:13: 48:68:7b:46:e3:cf:2e:19:4f:00:c0:f4:55:f1:79: 41:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:93:11:F2:19:5F:AC:92:FF:89:E5:38:38:40:1B:E0:AB:94:E2:4F X509v3 Authority Key Identifier: keyid:41:38:E0:AD:46:46:D8:B5:B1:91:64:81:31:05:E2:EC:7C:5A:C4:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:c0:bc:dd:00:8f:a5:ed:1a:9a:1f:26:a4:0f:03:86:f8:ff: 0a:55:f7:e8:30:65:66:a9:51:48:79:03:37:f7:aa:10:fc:f3: 2d:e7:d0:d0:4d:e9:99:46:ba:af:27:34:3c:aa:3f:44:04:7f: b4:f8:f0:32:45:b0:99:77:72:a3:63:ad:63:1a:41:b8:f4:ae: 07:96:6f:32:40:83:78:7c:c8:b1:21:2b:1e:da:95:6b:e9:c7: 97:44:75:5e:a6:8b:19:e7:40:69:f0:ea:2b:8b:3a:54:c6:a8: 52:51:eb:08:5b:e8:23:08:ad:c5:5d:c5:8f:85:b1:2d:da:40: 0a:b3:49:22:f9:96:d5:f0:fa:c4:44:41:b7:58:ce:2f:39:ae: 2d:7d:41:58:23:8e:90:b0:36:37:15:45:e1:3c:8a:14:fc:74: 9d:e6:52:1a:d2:a3:55:3f:57:2c:3b:e7:5f:43:7f:6a:df:b1: 44:01:ef:ec:29:bf:28:82:b6:ea:71:3c:56:8c:f3:d6:59:ed: 20:04:75:cb:71:31:ac:68:97:d4:c3:21:84:f2:14:85:81:a5: 11:ef:89:a9:dd:a9:d9:b3:b5:a5:31:b9:02:40:38:f6:20:56: ed:47:cc:1f:2e:f2:97:46:5c:ea:cf:92:c3:b2:f8:7d:6b:e1: e7:23:79:a9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDcfXCp7++XvX+wqeYUaczIBgoS0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDEzOEUwQUQ0NjQ2RDhCNUIxOTE2NDgxMzEwNUUyRUM3 QzVBQzRBNTAeFw0yNjA2MDIxMjIwMjdaFw0yNjA2MDMxMzMxMjdaMDMxMTAvBgNV BAMTKDMyOTMxMUYyMTk1RkFDOTJGRjg5RTUzODM4NDAxQkUwQUI5NEUyNEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Cr9NhI0YPmRq1F9o3E5yS0PM lV8zhgi2Jwwt8046L0OKHdacFkn5ZBi6oYHsJMBWvPRFdiK95htx2B54Gq8+rJ5E x0Hni8StJb4xghdgRuQSEYimzIfmRrkgaDGNCgHPvEz0v/BVCrAI7llvi3Kh/fHg 8NSUlMwcdhoPKhyHPvsWS/dnYjI2OtAUFW3HLHK2Kpma0rnj1ENQ9wsESuCzVerM NqXnyCFXzvUEU5zfoib7o/ZGCPLbu/9fDmOj1wI+llok8cjDVUvcSky7ZbxdCxRk 5J0+SCSNqwjLdT213fkEGgW1/2EQEg+gHce/E0hoe0bjzy4ZTwDA9FXxeUGnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMpMR8hlfrJL/ieU4OEAb4KuU4k8wHwYDVR0j BBgwFoAUQTjgrUZG2LWxkWSBMQXi7HxaxKUwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v Y2RlNzE0MzctODVmYy00N2FmLTk2ODctOTAzYmFmYjJjMTYxLzAvNDEzOEUwQUQ0 NjQ2RDhCNUIxOTE2NDgxMzEwNUUyRUM3QzVBQzRBNS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MTM4RTBBRDQ2NDZEOEI1QjE5MTY0ODEzMTA1RTJFQzdDNUFD NEE1LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vY2RlNzE0MzctODVmYy00N2FmLTk2 ODctOTAzYmFmYjJjMTYxLzAvNDEzOEUwQUQ0NjQ2RDhCNUIxOTE2NDgxMzEwNUUy RUM3QzVBQzRBNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADbAvN0Aj6XtGpofJqQPA4b4/wpV9+gwZWap UUh5Azf3qhD88y3n0NBN6ZlGuq8nNDyqP0QEf7T48DJFsJl3cqNjrWMaQbj0rgeW bzJAg3h8yLEhKx7alWvpx5dEdV6mixnnQGnw6iuLOlTGqFJR6whb6CMIrcVdxY+F sS3aQAqzSSL5ltXw+sREQbdYzi85ri19QVgjjpCwNjcVReE8ihT8dJ3mUhrSo1U/ Vyw7519Df2rfsUQB7+wpvyiCtupxPFaM89ZZ7SAEdctxMaxol9TDIYTyFIWBpRHv iandqdmztaUxuQJAOPYgVu1HzB8u8pdGXOrPksOy+H1r4ecjeak= -----END CERTIFICATE-----Generated at Wed Jun 3 03:50:18 2026 by rpki-client