$ rpki-client -vvf rpki-rsync.idnic.net/repo/da0fbb55-1dd8-4f8b-b890-4a2c0a0111db/0/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.mft File: B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.mft (raw, json) Hash identifier: dDBX2ttyfor6Ted7UgfAWeVkDuQUg52TwY+YPf7fLTw= Subject key identifier: BD:BA:B4:21:2C:1F:98:86:53:F8:EA:79:AD:03:A1:50:6D:4F:28:E2 Authority key identifier: B5:CF:A0:20:DD:4B:BF:D4:98:C5:E4:D8:4A:8D:63:09:73:87:49:CC Certificate issuer: /CN=B5CFA020DD4BBFD498C5E4D84A8D6309738749CC Certificate serial: 4F8BEFDC6E75B11328F36863E687478ACDFDCCB3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/da0fbb55-1dd8-4f8b-b890-4a2c0a0111db/0/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 10:28:03 +0000 Manifest this update: Tue 02 Jun 2026 10:23:03 +0000 Manifest next update: Wed 03 Jun 2026 11:40:03 +0000 Files and hashes: 1: 3130332e3231352e36322e302f32342d3234203d3e20313531303130.roa (hash: xB0/WgkgeQpbT+DgIUgkpcHnnIC1tIl18yTmoTUITOQ=) 2: 3130332e3231352e36332e302f32342d3234203d3e20313531303130.roa (hash: KOBMUeuuJtkuzoTiB4FBFCyBVV1+45BqlCrbct7wq3M=) 3: B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.crl (hash: O5NypJbgLe80M+w4vH2uG6RXeEp2rJS6JyTGe0SzHQQ=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/da0fbb55-1dd8-4f8b-b890-4a2c0a0111db/0/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.crl rsync://rpki-rsync.idnic.net/repo/da0fbb55-1dd8-4f8b-b890-4a2c0a0111db/0/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 11:40:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:8b:ef:dc:6e:75:b1:13:28:f3:68:63:e6:87:47:8a:cd:fd:cc:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B5CFA020DD4BBFD498C5E4D84A8D6309738749CC Validity Not Before: Jun 2 10:23:03 2026 GMT Not After : Jun 3 11:40:03 2026 GMT Subject: CN=BDBAB4212C1F988653F8EA79AD03A1506D4F28E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:19:ac:1a:d0:2e:90:31:5b:6a:f3:c4:f8:9b: 97:c5:9f:01:a9:c1:1d:a2:90:61:23:7f:6f:6e:5a: e2:ae:6b:76:3c:90:cf:1b:f5:d8:25:f9:64:cb:08: aa:0c:ca:97:77:04:ea:ea:66:b8:97:0f:c5:f2:89: 19:73:c5:f2:42:65:a0:9d:70:3e:d3:5d:f2:7d:a1: 48:19:33:b2:71:77:f3:51:b0:79:47:64:a0:84:8c: dd:20:bd:ee:fc:90:6e:7d:95:0f:71:7e:8a:e3:2d: 17:76:1b:b9:45:c8:c4:c1:ef:48:50:b0:05:98:22: 1b:ac:b0:c6:22:ec:07:87:a8:69:dc:17:9d:0a:d2: fa:c0:06:2c:78:c1:bf:87:58:91:93:4c:e2:61:0b: 6b:fb:5e:e1:8f:54:57:1d:3f:fa:12:11:fc:62:07: da:fa:39:0f:c2:e9:2c:ea:96:fd:ef:b6:6d:a2:0a: 27:06:fa:4e:cf:f7:c4:93:45:9c:59:e0:b9:52:e1: 1c:fd:1e:ae:79:93:18:b0:44:9a:79:59:d8:53:cf: d1:5e:5f:c1:9f:70:b3:b5:b7:e2:5c:17:10:59:b6: 19:f8:00:f4:01:b9:de:df:e9:3c:2c:d1:03:1a:fc: ce:84:3c:db:a1:27:60:09:fb:26:74:a4:d4:13:0a: 81:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:BA:B4:21:2C:1F:98:86:53:F8:EA:79:AD:03:A1:50:6D:4F:28:E2 X509v3 Authority Key Identifier: keyid:B5:CF:A0:20:DD:4B:BF:D4:98:C5:E4:D8:4A:8D:63:09:73:87:49:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/da0fbb55-1dd8-4f8b-b890-4a2c0a0111db/0/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/da0fbb55-1dd8-4f8b-b890-4a2c0a0111db/0/B5CFA020DD4BBFD498C5E4D84A8D6309738749CC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:c7:41:47:a9:27:9a:31:6e:3c:64:47:a5:a6:d2:9c:fb:8f: 5f:50:ad:87:fd:ff:5a:3a:8e:99:2a:13:b3:4b:47:e0:93:c4: 04:24:20:82:46:7a:34:8d:3a:55:b2:61:0c:0d:90:bd:ee:de: d9:b3:39:d8:e8:12:8f:d3:c1:dd:c8:6e:61:76:23:39:f2:aa: 20:23:4e:27:d3:36:7b:28:78:be:66:74:25:bc:45:0c:10:8e: 51:30:30:10:66:7c:00:50:58:21:64:a0:d8:e4:e9:9d:88:bb: 64:18:74:e4:c8:b8:e3:0c:73:14:bc:5f:30:f5:4b:1e:2e:34: ac:20:9c:9a:36:0f:87:7d:2b:c0:67:8e:0f:2c:0b:35:c9:3c: 0e:55:9e:06:e6:2c:f7:0b:c1:99:5a:e6:18:76:db:33:29:55: 00:9e:8a:1d:aa:ba:63:9d:6a:c2:88:1a:3f:91:0e:88:b7:7c: 38:d6:ea:17:9a:32:a3:58:72:b9:f4:50:0c:f5:a6:df:c7:11: e6:28:9e:5a:2e:68:f7:fb:2d:cd:76:89:ea:7d:16:df:83:49: 52:d9:d2:31:2e:88:e9:a9:c8:bd:fe:19:42:0f:35:1a:22:47: e5:b2:04:58:94:f5:eb:e8:09:e5:8d:71:93:14:7b:f8:2e:35: 11:ce:60:03 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUT4vv3G51sRMo82hj5odHis39zLMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjVDRkEwMjBERDRCQkZENDk4QzVFNEQ4NEE4RDYzMDk3 Mzg3NDlDQzAeFw0yNjA2MDIxMDIzMDNaFw0yNjA2MDMxMTQwMDNaMDMxMTAvBgNV BAMTKEJEQkFCNDIxMkMxRjk4ODY1M0Y4RUE3OUFEMDNBMTUwNkQ0RjI4RTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtGawa0C6QMVtq88T4m5fFnwGp wR2ikGEjf29uWuKua3Y8kM8b9dgl+WTLCKoMypd3BOrqZriXD8XyiRlzxfJCZaCd cD7TXfJ9oUgZM7Jxd/NRsHlHZKCEjN0gve78kG59lQ9xforjLRd2G7lFyMTB70hQ sAWYIhussMYi7AeHqGncF50K0vrABix4wb+HWJGTTOJhC2v7XuGPVFcdP/oSEfxi B9r6OQ/C6Szqlv3vtm2iCicG+k7P98STRZxZ4LlS4Rz9Hq55kxiwRJp5WdhTz9Fe X8GfcLO1t+JcFxBZthn4APQBud7f6Tws0QMa/M6EPNuhJ2AJ+yZ0pNQTCoFhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUvbq0ISwfmIZT+Op5rQOhUG1PKOIwHwYDVR0j BBgwFoAUtc+gIN1Lv9SYxeTYSo1jCXOHScwwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZGEwZmJiNTUtMWRkOC00ZjhiLWI4OTAtNGEyYzBhMDExMWRiLzAvQjVDRkEwMjBE RDRCQkZENDk4QzVFNEQ4NEE4RDYzMDk3Mzg3NDlDQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9CNUNGQTAyMERENEJCRkQ0OThDNUU0RDg0QThENjMwOTczODc0 OUNDLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZGEwZmJiNTUtMWRkOC00ZjhiLWI4 OTAtNGEyYzBhMDExMWRiLzAvQjVDRkEwMjBERDRCQkZENDk4QzVFNEQ4NEE4RDYz MDk3Mzg3NDlDQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADrHQUepJ5oxbjxkR6Wm0pz7j19QrYf9/1o6 jpkqE7NLR+CTxAQkIIJGejSNOlWyYQwNkL3u3tmzOdjoEo/Twd3IbmF2IznyqiAj TifTNnsoeL5mdCW8RQwQjlEwMBBmfABQWCFkoNjk6Z2Iu2QYdOTIuOMMcxS8XzD1 Sx4uNKwgnJo2D4d9K8Bnjg8sCzXJPA5VngbmLPcLwZla5hh22zMpVQCeih2qumOd asKIGj+RDoi3fDjW6heaMqNYcrn0UAz1pt/HEeYonlouaPf7Lc12iep9Ft+DSVLZ 0jEuiOmpyL3+GUIPNRoiR+WyBFiU9evoCeWNcZMUe/guNRHOYAM= -----END CERTIFICATE-----Generated at Wed Jun 3 04:08:10 2026 by rpki-client