$ rpki-client -vvf rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.mft File: AA42E2E4EE53543BA04EE4744C57336151FA4CE7.mft (raw, json) Hash identifier: wvafygTUqgj0Ta7QmotoyG/i9PqJCJdRWqLPe83Zovw= Subject key identifier: C4:E7:42:F8:C0:3E:06:DC:CB:B9:A9:C0:C0:08:88:F2:9E:77:96:8A Authority key identifier: AA:42:E2:E4:EE:53:54:3B:A0:4E:E4:74:4C:57:33:61:51:FA:4C:E7 Certificate issuer: /CN=AA42E2E4EE53543BA04EE4744C57336151FA4CE7 Certificate serial: 071364CE358A6E601AC3AF5AE6649BFA50A935BC Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 09:26:44 +0000 Manifest this update: Tue 02 Jun 2026 09:21:44 +0000 Manifest next update: Wed 03 Jun 2026 10:06:44 +0000 Files and hashes: 1: 3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa (hash: SkrbD60j+7Lskvvrp9vktxOHNyXUZfRbUIZo6hU5Tds=) 2: AA42E2E4EE53543BA04EE4744C57336151FA4CE7.crl (hash: PcySwt4rot8+FbE53JdquCxpnQ8ziyLaqc2bfIppPiQ=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.crl rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 09:47:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:13:64:ce:35:8a:6e:60:1a:c3:af:5a:e6:64:9b:fa:50:a9:35:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA42E2E4EE53543BA04EE4744C57336151FA4CE7 Validity Not Before: Jun 2 09:21:44 2026 GMT Not After : Jun 3 10:06:44 2026 GMT Subject: CN=C4E742F8C03E06DCCBB9A9C0C00888F29E77968A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6c:59:3b:1e:5e:23:b9:b7:30:52:90:17:18: 85:97:63:88:5c:d8:1d:2c:9a:04:97:40:d1:92:c3: bf:a1:e6:26:18:21:f4:94:5a:a4:72:ff:bd:c1:ca: 44:e0:fe:4f:25:cb:4a:30:70:e6:31:be:79:f1:82: 6f:27:3f:76:fc:0e:41:e1:a2:56:c8:3a:2d:88:28: 8d:9c:84:e5:68:0e:99:ed:0d:f2:e5:5b:e8:a2:4f: 1a:78:e9:7f:b7:97:fb:78:4e:c1:82:5c:00:1f:a6: 67:35:23:18:01:a5:4c:fe:23:2f:90:d1:d0:c0:55: 4b:00:6a:22:88:80:20:87:72:05:76:e0:cc:8c:34: ce:c6:6d:1b:c3:45:ec:e7:83:65:1a:07:57:b4:c1: 29:73:a4:5d:db:19:c2:cd:4f:0a:22:eb:cc:96:2a: b5:5c:f9:51:b3:fb:0b:8a:4f:67:02:fe:00:f5:b9: 07:52:85:11:09:a3:1e:eb:b2:5b:54:20:f1:e8:f4: d9:52:09:c8:72:96:54:91:95:88:30:6a:9f:10:39: b2:51:a1:fc:20:5d:19:d3:27:af:6f:96:d2:6e:cd: a8:d3:82:44:f9:f1:19:6a:a8:fb:65:1d:d4:e0:d0: da:9c:4a:06:6f:18:e0:a4:cc:8e:f1:51:ae:93:8b: 3b:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:E7:42:F8:C0:3E:06:DC:CB:B9:A9:C0:C0:08:88:F2:9E:77:96:8A X509v3 Authority Key Identifier: keyid:AA:42:E2:E4:EE:53:54:3B:A0:4E:E4:74:4C:57:33:61:51:FA:4C:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:9c:ca:e5:6a:47:c9:5f:cb:e3:1a:03:89:b8:2a:76:e4:f5: 12:0b:3f:4a:7d:f8:1c:03:eb:8c:4c:84:40:3b:00:7e:2d:91: a1:00:fd:af:15:b7:a9:7c:ba:17:fe:0f:24:17:54:a1:db:6c: 39:51:87:5c:8f:81:d7:d9:f6:3a:b8:36:e9:a2:49:17:f7:2e: 5f:34:6d:34:63:86:36:29:2b:55:61:dc:b9:9b:74:ef:91:28: 7e:ab:93:2b:0e:d0:fe:c8:d0:ee:25:a7:e5:1d:a4:a2:55:67: c3:40:22:fc:7b:f6:83:37:4b:9b:e5:70:e5:f6:be:e8:03:ef: df:0e:2a:3d:77:6a:2d:57:3a:c1:d9:70:7a:5d:ca:88:dd:d4: ff:58:91:01:12:2f:ce:99:21:6f:c5:5f:c8:a2:18:9e:58:8e: 2a:41:89:c3:93:d1:ef:bf:ca:8f:2c:46:c8:41:7b:cb:6c:fe: f1:db:0f:de:f5:66:57:b7:bb:71:8b:b3:d3:2c:6f:28:c3:26: 39:83:e1:04:97:31:3f:0c:ec:3f:c2:a2:cf:64:75:75:5b:27: 35:c8:9a:93:01:a4:13:ce:8f:ef:84:7a:df:ed:d1:f7:c4:d4: 06:63:42:d0:8a:ef:1f:e0:01:ea:fa:5e:35:0b:4b:32:4f:3f: 7f:b6:8c:61 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBxNkzjWKbmAaw69a5mSb+lCpNbwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUE0MkUyRTRFRTUzNTQzQkEwNEVFNDc0NEM1NzMzNjE1 MUZBNENFNzAeFw0yNjA2MDIwOTIxNDRaFw0yNjA2MDMxMDA2NDRaMDMxMTAvBgNV BAMTKEM0RTc0MkY4QzAzRTA2RENDQkI5QTlDMEMwMDg4OEYyOUU3Nzk2OEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDObFk7Hl4jubcwUpAXGIWXY4hc 2B0smgSXQNGSw7+h5iYYIfSUWqRy/73BykTg/k8ly0owcOYxvnnxgm8nP3b8DkHh olbIOi2IKI2chOVoDpntDfLlW+iiTxp46X+3l/t4TsGCXAAfpmc1IxgBpUz+Iy+Q 0dDAVUsAaiKIgCCHcgV24MyMNM7GbRvDRezng2UaB1e0wSlzpF3bGcLNTwoi68yW KrVc+VGz+wuKT2cC/gD1uQdShREJox7rsltUIPHo9NlSCchyllSRlYgwap8QObJR ofwgXRnTJ69vltJuzajTgkT58RlqqPtlHdTg0NqcSgZvGOCkzI7xUa6TizvfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUxOdC+MA+BtzLuanAwAiI8p53loowHwYDVR0j BBgwFoAUqkLi5O5TVDugTuR0TFczYVH6TOcwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v Mjg2N2EyZWUtZDQxMS00ZmY4LTlmNWMtMzVkMDM0MTIzZjg0LzAvQUE0MkUyRTRF RTUzNTQzQkEwNEVFNDc0NEM1NzMzNjE1MUZBNENFNy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC9BQTQyRTJFNEVFNTM1NDNCQTA0RUU0NzQ0QzU3MzM2MTUxRkE0 Q0U3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMjg2N2EyZWUtZDQxMS00ZmY4LTlm NWMtMzVkMDM0MTIzZjg0LzAvQUE0MkUyRTRFRTUzNTQzQkEwNEVFNDc0NEM1NzMz NjE1MUZBNENFNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMacyuVqR8lfy+MaA4m4Knbk9RILP0p9+BwD 64xMhEA7AH4tkaEA/a8Vt6l8uhf+DyQXVKHbbDlRh1yPgdfZ9jq4NumiSRf3Ll80 bTRjhjYpK1Vh3LmbdO+RKH6rkysO0P7I0O4lp+UdpKJVZ8NAIvx79oM3S5vlcOX2 vugD798OKj13ai1XOsHZcHpdyojd1P9YkQESL86ZIW/FX8iiGJ5YjipBicOT0e+/ yo8sRshBe8ts/vHbD971Zle3u3GLs9MsbyjDJjmD4QSXMT8M7D/Cos9kdXVbJzXI mpMBpBPOj++Eet/t0ffE1AZjQtCK7x/gAer6XjULSzJPP3+2jGE= -----END CERTIFICATE-----Generated at Tue Jun 2 21:46:38 2026 by rpki-client