$ rpki-client -vvf rpki-rsync.idnic.net/repo/d0278b7d-47ed-4860-ab3a-9c114cc5f09b/0/17742FC0C74368833EBF6E2F4739E40851DF22B3.mft File: 17742FC0C74368833EBF6E2F4739E40851DF22B3.mft (raw, json) Hash identifier: S+GBHwgV3l97tzreuBoDXGkwWeCh7dcyTQ3V0rw0y9A= Subject key identifier: 1E:79:6D:3E:0D:1F:E7:CD:DC:38:A6:D6:A8:70:06:BD:74:FF:3B:DE Authority key identifier: 17:74:2F:C0:C7:43:68:83:3E:BF:6E:2F:47:39:E4:08:51:DF:22:B3 Certificate issuer: /CN=17742FC0C74368833EBF6E2F4739E40851DF22B3 Certificate serial: 5EDBCFCCF4852040285BCF015937E5DD94CA6A9E Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/17742FC0C74368833EBF6E2F4739E40851DF22B3.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/d0278b7d-47ed-4860-ab3a-9c114cc5f09b/0/17742FC0C74368833EBF6E2F4739E40851DF22B3.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 11:13:53 +0000 Manifest this update: Tue 02 Jun 2026 11:08:53 +0000 Manifest next update: Wed 03 Jun 2026 14:31:53 +0000 Files and hashes: 1: 3130332e372e38342e302f32322d3234203d3e20313331363934.roa (hash: tmbAEyLE76tgjDcNY4wBMI0dIrm2Dzy73Jh2pXp1CnI=) 2: 17742FC0C74368833EBF6E2F4739E40851DF22B3.crl (hash: RANFi6EfkVZbfZr7X9rQ6gkidn7Zdq1Wh3E+cgj+94s=) 3: 3130332e372e38342e302f32342d3234203d3e20313331363934.roa (hash: 61KCr4LZw95H2JYGRIw9ZEj1S0o3FwUcbepM7R2Azqk=) 4: 3130332e372e38362e302f32342d3234203d3e20313331363934.roa (hash: 6EOQrI9w7hileq2P5mQW6OqeyxIwHgc1DUCMquQFgz0=) 5: 3130332e372e38342e302f32332d3234203d3e20313331363934.roa (hash: zoQ/J/6Jm2OBRNguUNV6YFc5PoQWEqsjad+WhZYc2Y4=) 6: 3130332e372e38372e302f32342d3234203d3e20313331363934.roa (hash: 6Gm0rr1a95ME07Ou0hVRMcp6qwVMepybNRK8xJtQ8ZQ=) 7: 3130332e372e38362e302f32332d3234203d3e20313331363934.roa (hash: 9iOGSPVwdIzM06Nv1aCnsZni2w9fn0oDKaUrH+7kG4w=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/d0278b7d-47ed-4860-ab3a-9c114cc5f09b/0/17742FC0C74368833EBF6E2F4739E40851DF22B3.crl rsync://rpki-rsync.idnic.net/repo/d0278b7d-47ed-4860-ab3a-9c114cc5f09b/0/17742FC0C74368833EBF6E2F4739E40851DF22B3.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/17742FC0C74368833EBF6E2F4739E40851DF22B3.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:db:cf:cc:f4:85:20:40:28:5b:cf:01:59:37:e5:dd:94:ca:6a:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17742FC0C74368833EBF6E2F4739E40851DF22B3 Validity Not Before: Jun 2 11:08:53 2026 GMT Not After : Jun 3 14:31:53 2026 GMT Subject: CN=1E796D3E0D1FE7CDDC38A6D6A87006BD74FF3BDE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b3:ec:81:cf:02:b0:f6:99:78:ef:4c:2f:53: 3d:09:6d:0d:57:34:ba:af:32:7f:65:cc:89:33:59: e0:c5:be:b0:e1:b9:82:8c:c2:18:5c:e9:82:b8:dc: 0b:e6:80:5d:68:04:ad:8c:98:92:8f:dc:66:33:58: 4a:7b:36:a3:56:25:7f:06:3c:d6:0a:a9:ba:09:66: 4e:15:6b:64:36:c5:39:3b:89:22:f2:fa:ba:3c:5c: 47:d5:b3:15:04:2b:49:83:0d:5c:4c:37:eb:35:12: a3:cd:b9:49:51:01:8d:7d:56:c0:ec:30:c4:36:bb: df:df:d5:21:b1:50:3d:d9:e7:8f:12:ad:66:7e:df: 8e:77:8c:5f:63:f6:0b:c0:bb:c9:39:30:b8:f3:e9: a6:84:58:21:e4:a4:22:fe:60:8a:87:bf:37:b4:6c: 3d:65:43:6b:52:73:dd:6b:a3:38:cd:20:76:42:81: c7:7d:12:24:71:7b:43:5c:66:d3:36:b8:61:a5:95: 29:62:df:28:5e:0f:13:a6:82:e4:7c:d4:c0:36:11: 41:2a:da:37:63:94:b8:46:93:b9:c8:1f:34:e5:33: 0e:fd:7b:c9:e6:e7:26:6c:b9:ac:8a:17:52:45:de: 90:f0:cd:4f:c8:ff:f0:50:77:6f:41:a8:8a:21:7f: e7:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:79:6D:3E:0D:1F:E7:CD:DC:38:A6:D6:A8:70:06:BD:74:FF:3B:DE X509v3 Authority Key Identifier: keyid:17:74:2F:C0:C7:43:68:83:3E:BF:6E:2F:47:39:E4:08:51:DF:22:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/d0278b7d-47ed-4860-ab3a-9c114cc5f09b/0/17742FC0C74368833EBF6E2F4739E40851DF22B3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/17742FC0C74368833EBF6E2F4739E40851DF22B3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/d0278b7d-47ed-4860-ab3a-9c114cc5f09b/0/17742FC0C74368833EBF6E2F4739E40851DF22B3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:fe:31:d5:ff:45:9b:76:8d:7d:3f:40:b7:64:ae:78:9f:87: 72:4a:24:b0:6d:e6:73:14:90:f8:7c:39:be:29:45:60:61:04: 4b:09:60:88:7f:55:e7:7a:13:5e:f7:14:ef:0b:b0:97:d0:c6: d1:45:27:09:20:2a:ce:5c:5a:87:7c:04:09:af:87:45:eb:da: 2f:be:c2:36:ae:36:41:81:3a:57:f2:c1:b7:69:eb:64:09:88: 0d:d5:b0:b9:e2:53:5d:10:d5:38:53:ea:d2:17:03:8c:01:90: 32:3a:ed:93:a9:55:fc:1a:b6:e8:0e:16:50:fe:76:99:f7:4a: 43:f4:5f:2d:b4:a5:8c:3c:4a:96:79:fa:f2:ea:3c:35:7b:89: 62:c2:62:a5:02:3f:92:dd:7b:8c:a5:50:7e:ce:af:5e:ad:91: 13:3e:ca:6f:ec:36:2f:b4:14:5b:e2:35:18:2f:65:e8:a1:55: da:33:35:26:21:33:1d:95:45:0f:b3:d5:43:11:a2:0e:5a:a6: ca:81:8f:ca:97:b4:10:ef:ec:b0:e2:14:83:cf:81:e5:66:6c: 1e:e7:7a:05:75:b3:87:d1:a9:be:31:ae:6f:42:2f:f8:96:04: 37:ae:0e:f3:5a:59:0b:cf:b7:21:b5:c4:01:44:50:b8:c2:5d: b5:89:34:e7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXtvPzPSFIEAoW88BWTfl3ZTKap4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTc3NDJGQzBDNzQzNjg4MzNFQkY2RTJGNDczOUU0MDg1 MURGMjJCMzAeFw0yNjA2MDIxMTA4NTNaFw0yNjA2MDMxNDMxNTNaMDMxMTAvBgNV BAMTKDFFNzk2RDNFMEQxRkU3Q0REQzM4QTZENkE4NzAwNkJENzRGRjNCREUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5s+yBzwKw9pl470wvUz0JbQ1X NLqvMn9lzIkzWeDFvrDhuYKMwhhc6YK43AvmgF1oBK2MmJKP3GYzWEp7NqNWJX8G PNYKqboJZk4Va2Q2xTk7iSLy+ro8XEfVsxUEK0mDDVxMN+s1EqPNuUlRAY19VsDs MMQ2u9/f1SGxUD3Z548SrWZ+3453jF9j9gvAu8k5MLjz6aaEWCHkpCL+YIqHvze0 bD1lQ2tSc91rozjNIHZCgcd9EiRxe0NcZtM2uGGllSli3yheDxOmguR81MA2EUEq 2jdjlLhGk7nIHzTlMw79e8nm5yZsuayKF1JF3pDwzU/I//BQd29BqIohf+d3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHnltPg0f583cOKbWqHAGvXT/O94wHwYDVR0j BBgwFoAUF3QvwMdDaIM+v24vRznkCFHfIrMwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZDAyNzhiN2QtNDdlZC00ODYwLWFiM2EtOWMxMTRjYzVmMDliLzAvMTc3NDJGQzBD NzQzNjg4MzNFQkY2RTJGNDczOUU0MDg1MURGMjJCMy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8xNzc0MkZDMEM3NDM2ODgzM0VCRjZFMkY0NzM5RTQwODUxREYy MkIzLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZDAyNzhiN2QtNDdlZC00ODYwLWFi M2EtOWMxMTRjYzVmMDliLzAvMTc3NDJGQzBDNzQzNjg4MzNFQkY2RTJGNDczOUU0 MDg1MURGMjJCMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADP+MdX/RZt2jX0/QLdkrnifh3JKJLBt5nMU kPh8Ob4pRWBhBEsJYIh/Ved6E173FO8LsJfQxtFFJwkgKs5cWod8BAmvh0Xr2i++ wjauNkGBOlfywbdp62QJiA3VsLniU10Q1ThT6tIXA4wBkDI67ZOpVfwatugOFlD+ dpn3SkP0Xy20pYw8SpZ5+vLqPDV7iWLCYqUCP5Lde4ylUH7Or16tkRM+ym/sNi+0 FFviNRgvZeihVdozNSYhMx2VRQ+z1UMRog5apsqBj8qXtBDv7LDiFIPPgeVmbB7n egV1s4fRqb4xrm9CL/iWBDeuDvNaWQvPtyG1xAFEULjCXbWJNOc= -----END CERTIFICATE-----Generated at Wed Jun 3 04:19:05 2026 by rpki-client