$ rpki-client -vvf rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft File: BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft (raw, json) Hash identifier: svcZACv2iiTPqnvygkhqwFizV2j63ylP5QbIeo5/jys= Subject key identifier: 29:46:EB:33:8D:11:57:AF:1E:45:CC:21:FF:40:E8:6C:A1:86:31:1B Authority key identifier: BA:5A:38:A4:D0:FB:8A:AA:8D:D1:8E:1F:B3:9A:43:14:2B:DF:3C:67 Certificate issuer: /CN=BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67 Certificate serial: 6FA25DA126D88061B833D1B135CFEE38EA66FCC4 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft Manifest number: 05 Signing time: Tue 05 May 2026 08:51:20 +0000 Manifest this update: Tue 05 May 2026 08:46:20 +0000 Manifest next update: Wed 06 May 2026 09:33:20 +0000 Files and hashes: 1: 323030313a6466343a623130303a3a2f34382d3438203d3e20313337333331.roa (hash: 6KPoXiqtvd9nuyAco4ru4jZgNuQNFI930Qn7LAylJPg=) 2: 3130332e3131322e3136322e302f32332d3234203d3e20313337333331.roa (hash: +/Z+l46w62+euzVttfTbUpjA36xrgfvJsPvniMmOZIM=) 3: 3130332e3133332e3232322e302f32332d3234203d3e20313337333331.roa (hash: 34SELdnrb0ReXu8mxgFx5LIh/fNfXuwnNwVvGgL+Ivc=) 4: BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.crl (hash: VV51eklNkpD/yHfgN35CVdIhkoSm6Gb8cPPjd/N/k5s=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.crl rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 May 2026 09:33:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:a2:5d:a1:26:d8:80:61:b8:33:d1:b1:35:cf:ee:38:ea:66:fc:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67 Validity Not Before: May 5 08:46:20 2026 GMT Not After : May 6 09:33:20 2026 GMT Subject: CN=2946EB338D1157AF1E45CC21FF40E86CA186311B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:70:d4:83:0d:49:69:fd:60:69:90:bd:68:fb: bc:b0:49:a3:69:93:4f:bd:d6:24:6b:bb:7d:ff:1b: 7d:cf:6b:03:fc:47:db:35:c7:23:7d:a9:08:a2:d3: a2:0e:ba:41:45:24:f0:c3:1a:5c:09:64:b5:5c:b0: 24:92:3d:7f:e8:a0:a0:ef:20:5e:b0:54:67:91:ca: 2f:c1:f1:51:6d:0d:b4:69:ae:8c:0c:30:82:00:1b: f2:58:54:9f:cb:56:91:48:71:4d:93:60:28:3f:d4: e9:fd:db:74:5e:20:53:82:bd:30:36:41:17:2a:2f: af:39:c8:bf:80:3a:99:1e:fa:ec:73:40:1a:63:0e: 4c:52:ba:96:8c:27:72:0d:69:81:b4:2a:b4:7d:88: a5:d8:c9:c4:b9:1a:4d:8f:8d:4e:cf:09:5f:04:20: 56:d2:23:51:fb:bc:1b:d9:a6:ce:19:e8:c4:86:f7: 19:de:af:6a:e7:c2:f3:3b:88:db:e9:6f:1c:95:84: d3:5b:ab:db:fd:ef:83:ab:50:4e:42:e7:6a:bc:b6: f5:b9:0b:89:51:6e:60:6c:54:31:7c:d0:a4:87:4b: 7c:35:97:05:27:dc:c2:29:26:51:f2:ba:02:7d:2e: 48:04:1c:b4:c5:d4:80:6a:f2:1f:74:ac:62:63:9f: ac:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:46:EB:33:8D:11:57:AF:1E:45:CC:21:FF:40:E8:6C:A1:86:31:1B X509v3 Authority Key Identifier: keyid:BA:5A:38:A4:D0:FB:8A:AA:8D:D1:8E:1F:B3:9A:43:14:2B:DF:3C:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/2fd80d96-ef1b-44b2-903a-7f6da941a836/0/BA5A38A4D0FB8AAA8DD18E1FB39A43142BDF3C67.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:fd:b8:4e:fb:c6:b9:38:c7:5f:0d:c4:30:de:35:0c:8b:de: b8:a8:07:7f:e1:69:0c:2d:d9:d2:d9:26:40:ce:0e:77:62:bd: 5f:a1:07:a8:70:e6:5a:7e:7e:ad:e3:74:57:43:a4:07:61:e6: 1a:db:e9:7d:69:13:57:9e:9f:a6:b0:fa:b6:af:41:4e:c4:99: cc:3c:8a:32:19:47:66:44:b9:70:ac:18:b9:cc:db:b4:e0:88: 99:9e:28:f5:95:24:b0:10:4e:89:35:ba:33:1e:6c:f3:f9:e3: db:db:66:3d:f4:23:2a:51:b8:7e:2e:06:e8:ff:f6:0e:ab:ee: 92:42:46:29:8f:7a:4f:b3:b8:12:5f:8c:4c:ed:7f:b3:f4:9c: bb:60:92:aa:46:2e:e0:5d:e7:fa:1a:19:fa:dc:3f:2c:36:41: ce:c6:f8:86:8f:7f:e4:5e:10:4c:f7:71:99:db:e6:d1:e8:9a: 41:43:49:b4:3c:ab:c0:88:cb:4e:2a:fd:93:e9:93:08:ad:10: 20:f7:65:20:47:7a:1e:40:fd:18:7a:11:4c:37:c3:3c:13:41: 2e:df:9c:86:f8:20:3e:6d:10:37:c8:ac:2b:0f:5f:70:46:d9: a6:eb:ca:01:95:5e:8b:5b:89:2f:37:5c:7d:b0:fe:1a:47:c5: 3a:31:00:ad -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUb6JdoSbYgGG4M9GxNc/uOOpm/MQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkE1QTM4QTREMEZCOEFBQThERDE4RTFGQjM5QTQzMTQy QkRGM0M2NzAeFw0yNjA1MDUwODQ2MjBaFw0yNjA1MDYwOTMzMjBaMDMxMTAvBgNV BAMTKDI5NDZFQjMzOEQxMTU3QUYxRTQ1Q0MyMUZGNDBFODZDQTE4NjMxMUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYcNSDDUlp/WBpkL1o+7ywSaNp k0+91iRru33/G33PawP8R9s1xyN9qQii06IOukFFJPDDGlwJZLVcsCSSPX/ooKDv IF6wVGeRyi/B8VFtDbRprowMMIIAG/JYVJ/LVpFIcU2TYCg/1On923ReIFOCvTA2 QRcqL685yL+AOpke+uxzQBpjDkxSupaMJ3INaYG0KrR9iKXYycS5Gk2PjU7PCV8E IFbSI1H7vBvZps4Z6MSG9xner2rnwvM7iNvpbxyVhNNbq9v974OrUE5C52q8tvW5 C4lRbmBsVDF80KSHS3w1lwUn3MIpJlHyugJ9LkgEHLTF1IBq8h90rGJjn6y7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKUbrM40RV68eRcwh/0DobKGGMRswHwYDVR0j BBgwFoAUulo4pND7iqqN0Y4fs5pDFCvfPGcwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MmZkODBkOTYtZWYxYi00NGIyLTkwM2EtN2Y2ZGE5NDFhODM2LzAvQkE1QTM4QTRE MEZCOEFBQThERDE4RTFGQjM5QTQzMTQyQkRGM0M2Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9CQTVBMzhBNEQwRkI4QUFBOEREMThFMUZCMzlBNDMxNDJCREYz QzY3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMmZkODBkOTYtZWYxYi00NGIyLTkw M2EtN2Y2ZGE5NDFhODM2LzAvQkE1QTM4QTREMEZCOEFBQThERDE4RTFGQjM5QTQz MTQyQkRGM0M2Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJf9uE77xrk4x18NxDDeNQyL3rioB3/haQwt 2dLZJkDODndivV+hB6hw5lp+fq3jdFdDpAdh5hrb6X1pE1een6aw+ravQU7Emcw8 ijIZR2ZEuXCsGLnM27TgiJmeKPWVJLAQTok1ujMebPP549vbZj30IypRuH4uBuj/ 9g6r7pJCRimPek+zuBJfjEztf7P0nLtgkqpGLuBd5/oaGfrcPyw2Qc7G+IaPf+Re EEz3cZnb5tHomkFDSbQ8q8CIy04q/ZPpkwitECD3ZSBHeh5A/Rh6EUw3wzwTQS7f nIb4ID5tEDfIrCsPX3BG2abrygGVXotbiS83XH2w/hpHxToxAK0= -----END CERTIFICATE-----Generated at Tue May 5 17:52:03 2026 by rpki-client