$ rpki-client -vvf rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft File: A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft (raw, json) Hash identifier: nhrXi/NmoBya3Gar46brnOaW/SFW8T0n56prswhkbIo= Subject key identifier: B9:E9:7D:C0:52:90:9D:DC:6D:A9:20:5E:66:04:A1:83:97:09:09:CD Authority key identifier: A5:33:6F:EF:F1:11:D5:B9:25:A8:95:4E:53:C4:C9:C5:E2:2A:B8:00 Certificate issuer: /CN=A5336FEFF111D5B925A8954E53C4C9C5E22AB800 Certificate serial: 3AE6554A0BE00B0B31E6AA8900387ED635B46579 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft Manifest number: 1A Signing time: Thu 21 May 2026 08:00:11 +0000 Manifest this update: Thu 21 May 2026 07:55:11 +0000 Manifest next update: Fri 22 May 2026 10:50:11 +0000 Files and hashes: 1: 3130332e3132352e31322e302f32342d3234203d3e20313533333137.roa (hash: AZJ4QAHlxTzcVIbJwO/UxabGeC31FjTnD/rHg0D3/ME=) 2: A5336FEFF111D5B925A8954E53C4C9C5E22AB800.crl (hash: iHOCE1Fevw2nam471K0yX6VSRrvUuAdBhnEEaF+3oNY=) 3: 3130332e3132352e31352e302f32342d3234203d3e20313335363336.roa (hash: +IUhzjX4iJxCcMgbcQWdmMHcD7sxtYcY/3hZmSmLykA=) 4: 3130332e3132352e31332e302f32342d3234203d3e20313335363336.roa (hash: 8YrdvedqGs1zZAIQAtRZi80VSrXLRsF6zbtnQUstSsA=) 5: 3130332e3132352e31342e302f32342d3234203d3e20313335363336.roa (hash: m7Frx9lSqsLf1s8zbJ/qpER1sGLgEtc9hyQy6nCFDhY=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.crl rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 May 2026 10:07:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:e6:55:4a:0b:e0:0b:0b:31:e6:aa:89:00:38:7e:d6:35:b4:65:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A5336FEFF111D5B925A8954E53C4C9C5E22AB800 Validity Not Before: May 21 07:55:11 2026 GMT Not After : May 22 10:50:11 2026 GMT Subject: CN=B9E97DC052909DDC6DA9205E6604A183970909CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:22:48:d9:b8:09:9d:f1:3f:94:cd:ea:b1:45: ab:a0:f5:67:13:57:93:8d:b1:95:f5:b7:4b:62:18: 8d:03:d5:88:3d:ed:8a:1f:4b:52:47:a9:6c:0d:78: 7d:d7:2a:aa:a8:a6:c8:12:a0:61:7d:50:6b:e7:a4: 53:cf:5f:be:0f:37:4e:1d:a6:1e:f6:57:16:95:fa: 96:4c:11:0d:c9:61:4a:5f:66:1a:2f:7b:86:38:0b: d1:a4:97:8c:6f:38:36:15:e9:83:5f:d7:9a:ac:b8: 9f:37:43:b9:b0:1f:7e:c9:51:9b:18:74:b3:48:19: e6:8a:2e:38:ff:b6:50:24:d5:07:a5:50:cb:01:cc: c4:3f:eb:46:b9:67:79:ab:8b:7b:64:a5:25:33:34: 33:63:02:73:72:c0:8a:df:de:ae:97:68:dc:31:77: 0f:df:34:c2:84:49:e3:dc:d7:71:89:94:b8:3a:56: 14:b6:1b:ae:d2:dd:fa:cf:bb:fa:9d:ef:f0:4b:f1: a8:25:0a:d4:d5:93:da:f7:a6:9b:19:44:8d:37:0e: 6e:33:a6:cd:f6:4b:33:b9:61:36:4a:f0:b0:91:34: e2:68:97:12:44:f3:51:3e:c0:63:0a:14:88:b6:55: b7:30:09:fd:cf:2d:fe:bf:3f:45:f9:f4:ec:5a:0d: 53:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:E9:7D:C0:52:90:9D:DC:6D:A9:20:5E:66:04:A1:83:97:09:09:CD X509v3 Authority Key Identifier: keyid:A5:33:6F:EF:F1:11:D5:B9:25:A8:95:4E:53:C4:C9:C5:E2:2A:B8:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:9c:4e:67:99:32:70:ba:3d:7a:ca:ac:b1:2a:f0:da:9f:96: 07:b2:cc:77:72:a8:7c:a4:ae:14:58:bf:19:93:51:2c:3d:93: c5:97:82:64:31:5a:4d:87:6c:df:9e:90:c1:7f:58:bc:9e:f7: 06:8f:df:24:0a:fc:28:31:45:f9:dc:d0:77:17:a9:b4:ba:21: 03:85:a4:24:94:c8:e6:e1:56:bc:ec:f1:59:a3:b8:5a:f8:30: 2c:4c:6b:16:37:e9:37:e7:ff:a0:64:2f:01:b7:23:26:ff:3b: 03:b3:5f:a3:97:24:c9:da:1e:71:ee:8f:63:21:2f:a3:91:5d: 27:93:64:91:d4:19:1f:3a:35:b1:71:c6:01:3a:cf:70:5a:f2: 39:f4:18:47:06:af:84:5b:8e:bc:53:40:b5:e7:f5:64:1c:2c: 55:d0:9a:7b:31:35:50:0b:d7:15:82:eb:65:87:c4:13:42:83: 3a:2e:d8:e4:a8:c0:49:81:94:a6:ff:a1:d1:7f:78:0a:e9:b0: f4:12:59:c1:53:b1:f6:4d:29:b7:55:e8:8e:36:89:0a:fd:fa: 0a:97:a7:c8:35:94:4c:02:22:3e:67:1d:11:79:ee:e5:6f:2e: 0e:b2:08:89:96:f8:40:bd:b6:6f:a0:be:b8:16:dc:d1:67:27: 15:9f:19:ba -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOuZVSgvgCwsx5qqJADh+1jW0ZXkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTUzMzZGRUZGMTExRDVCOTI1QTg5NTRFNTNDNEM5QzVF MjJBQjgwMDAeFw0yNjA1MjEwNzU1MTFaFw0yNjA1MjIxMDUwMTFaMDMxMTAvBgNV BAMTKEI5RTk3REMwNTI5MDlEREM2REE5MjA1RTY2MDRBMTgzOTcwOTA5Q0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWIkjZuAmd8T+UzeqxRaug9WcT V5ONsZX1t0tiGI0D1Yg97YofS1JHqWwNeH3XKqqopsgSoGF9UGvnpFPPX74PN04d ph72VxaV+pZMEQ3JYUpfZhove4Y4C9Gkl4xvODYV6YNf15qsuJ83Q7mwH37JUZsY dLNIGeaKLjj/tlAk1QelUMsBzMQ/60a5Z3mri3tkpSUzNDNjAnNywIrf3q6XaNwx dw/fNMKESePc13GJlLg6VhS2G67S3frPu/qd7/BL8aglCtTVk9r3ppsZRI03Dm4z ps32SzO5YTZK8LCRNOJolxJE81E+wGMKFIi2VbcwCf3PLf6/P0X59OxaDVMDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUuel9wFKQndxtqSBeZgShg5cJCc0wHwYDVR0j BBgwFoAUpTNv7/ER1bklqJVOU8TJxeIquAAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MGM1NGJlOWEtOWI1ZC00YzY0LWI0ZTgtNjFjNzRlOWVjZWRjLzAvQTUzMzZGRUZG MTExRDVCOTI1QTg5NTRFNTNDNEM5QzVFMjJBQjgwMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BNTMzNkZFRkYxMTFENUI5MjVBODk1NEU1M0M0QzlDNUUyMkFC ODAwLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMGM1NGJlOWEtOWI1ZC00YzY0LWI0 ZTgtNjFjNzRlOWVjZWRjLzAvQTUzMzZGRUZGMTExRDVCOTI1QTg5NTRFNTNDNEM5 QzVFMjJBQjgwMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG2cTmeZMnC6PXrKrLEq8NqflgeyzHdyqHyk rhRYvxmTUSw9k8WXgmQxWk2HbN+ekMF/WLye9waP3yQK/CgxRfnc0HcXqbS6IQOF pCSUyObhVrzs8VmjuFr4MCxMaxY36Tfn/6BkLwG3Iyb/OwOzX6OXJMnaHnHuj2Mh L6ORXSeTZJHUGR86NbFxxgE6z3Ba8jn0GEcGr4RbjrxTQLXn9WQcLFXQmnsxNVAL 1xWC62WHxBNCgzou2OSowEmBlKb/odF/eArpsPQSWcFTsfZNKbdV6I42iQr9+gqX p8g1lEwCIj5nHRF57uVvLg6yCImW+EC9tm+gvrgW3NFnJxWfGbo= -----END CERTIFICATE-----Generated at Thu May 21 12:53:00 2026 by rpki-client