$ rpki-client -vvf rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.mft File: BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.mft (raw, json) Hash identifier: KuGZ+L5w25QufJ9mMnJHS1QOCAapVaB/F+16EaHCbqg= Subject key identifier: CF:0C:22:C8:47:FA:79:79:0A:1E:7E:1C:D7:39:24:55:6C:9B:0D:C4 Authority key identifier: BA:A4:29:4A:62:FF:BF:34:4C:A7:AF:61:DA:13:D0:99:4A:00:00:E3 Certificate issuer: /CN=BAA4294A62FFBF344CA7AF61DA13D0994A0000E3 Certificate serial: 0D044C1073DA1D1718DD0A4B31C4929B5C465E22 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.mft Manifest number: 05 Signing time: Tue 05 May 2026 06:14:17 +0000 Manifest this update: Tue 05 May 2026 06:09:17 +0000 Manifest next update: Wed 06 May 2026 08:59:17 +0000 Files and hashes: 1: 3130332e3134302e37382e302f32342d3234203d3e203438343635.roa (hash: hoI4Z+yZlJFn+WHGYBiSiySAQlgqw69H0i3XEwm8T7w=) 2: 3130332e3134302e37392e302f32342d3234203d3e203438343635.roa (hash: oPvC3i/lrZuDzfOmiLwK2jYBsKG2L4fiPPqahjcNpFg=) 3: BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.crl (hash: 1E3/A/lxkXhxgw/BjO9PcG4TyxnFkCPPH57KUZDe46s=) 4: 323030313a6466303a623238303a3a2f34382d3438203d3e20313338383733.roa (hash: Z144p4vK3Wc0Wvxj3ow3CyTWpjreny/dO0BWeCNgJ+I=) 5: 3130332e3134302e37382e302f32332d3234203d3e20313338383733.roa (hash: K6H7szwO6ti+xX+3grJSvrA81wCwhPJ39G60g97CTBE=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.crl rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 May 2026 08:59:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:04:4c:10:73:da:1d:17:18:dd:0a:4b:31:c4:92:9b:5c:46:5e:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BAA4294A62FFBF344CA7AF61DA13D0994A0000E3 Validity Not Before: May 5 06:09:17 2026 GMT Not After : May 6 08:59:17 2026 GMT Subject: CN=CF0C22C847FA79790A1E7E1CD73924556C9B0DC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:d0:3d:c8:64:83:dd:2a:d1:6a:5a:67:08:9e: 53:e5:55:33:b0:34:7a:93:0e:cd:c1:27:bc:06:50: ef:d3:c6:3f:1b:0d:75:4a:31:0a:17:2a:f2:05:75: 32:90:5b:39:48:b2:64:4a:33:87:c6:7b:1b:d6:38: 01:90:d9:6c:b6:60:97:75:c9:b2:c9:19:11:73:8d: f0:f7:cb:4b:e6:65:d6:bd:44:83:24:94:ad:94:15: 87:53:e7:fb:5e:c2:88:59:cb:1e:4d:8b:52:d4:31: dd:df:be:d4:84:58:96:13:99:b7:58:1d:2b:79:55: 3e:44:ca:7d:e3:b0:38:cd:16:94:7d:35:29:03:69: a1:ba:d9:1e:4e:37:c3:45:17:e1:b8:b0:75:5e:7c: 6b:9c:3a:1f:63:02:e9:4d:fe:21:6d:55:53:29:9e: 0e:e5:1b:3f:d9:e5:41:34:a6:c9:37:1c:20:db:10: fa:20:0b:dc:b7:11:98:b4:5c:35:29:09:d6:ff:52: 14:0a:96:2d:9a:14:15:a7:5f:ee:cf:7c:58:08:ea: 31:88:65:59:f3:14:b0:b1:b2:ba:85:f1:89:ac:e6: 02:2a:30:a1:c0:33:cf:71:99:55:58:e7:da:6b:61: 36:7b:a5:5a:14:34:35:02:7a:d0:a4:cb:22:37:ff: 9c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:0C:22:C8:47:FA:79:79:0A:1E:7E:1C:D7:39:24:55:6C:9B:0D:C4 X509v3 Authority Key Identifier: keyid:BA:A4:29:4A:62:FF:BF:34:4C:A7:AF:61:DA:13:D0:99:4A:00:00:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:2d:1f:bb:db:5a:8f:fe:e9:dc:21:39:49:d9:46:38:dd:9f: 61:80:8c:48:c1:ce:21:1a:98:2d:f9:10:4f:64:a6:80:85:c8: 5d:0f:87:a1:86:aa:53:83:30:2c:ee:62:7a:8b:43:94:93:92: 01:b7:a8:46:f8:aa:2e:d4:70:fc:2d:3e:4b:b0:80:41:3d:b4: de:2f:4d:46:54:85:e0:fc:ce:d7:31:53:a8:f1:01:4c:3e:2a: 12:75:5c:94:57:f3:5d:6a:83:31:7e:39:38:c9:4b:33:66:03: 62:29:f8:02:a4:8e:07:de:93:ae:fa:b6:c5:b7:ae:47:54:1e: 1c:df:b8:c0:88:31:7c:89:6b:ff:3a:c8:f9:91:ed:7a:ae:00: 8d:e4:70:15:8a:03:f0:f1:29:f3:c1:9a:a7:73:4e:7a:d4:c8: 6f:29:62:6b:77:da:f7:b2:fc:91:84:fc:2f:27:7c:cd:3a:c2: 3e:09:46:c3:70:bc:84:c0:dc:ed:8e:cd:23:5f:d0:c3:b2:96: 10:be:c6:d2:49:e1:8a:3a:00:36:44:7c:47:05:7f:20:d1:22: c3:9e:1e:b5:b2:70:1c:44:f4:f8:f8:fd:54:57:1d:36:96:a8: da:0f:6f:f7:a3:02:fb:e2:dd:91:2a:31:63:1a:e7:70:3f:7f: d9:af:1c:97 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDQRMEHPaHRcY3QpLMcSSm1xGXiIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkFBNDI5NEE2MkZGQkYzNDRDQTdBRjYxREExM0QwOTk0 QTAwMDBFMzAeFw0yNjA1MDUwNjA5MTdaFw0yNjA1MDYwODU5MTdaMDMxMTAvBgNV BAMTKENGMEMyMkM4NDdGQTc5NzkwQTFFN0UxQ0Q3MzkyNDU1NkM5QjBEQzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE0D3IZIPdKtFqWmcInlPlVTOw NHqTDs3BJ7wGUO/Txj8bDXVKMQoXKvIFdTKQWzlIsmRKM4fGexvWOAGQ2Wy2YJd1 ybLJGRFzjfD3y0vmZda9RIMklK2UFYdT5/tewohZyx5Ni1LUMd3fvtSEWJYTmbdY HSt5VT5Eyn3jsDjNFpR9NSkDaaG62R5ON8NFF+G4sHVefGucOh9jAulN/iFtVVMp ng7lGz/Z5UE0psk3HCDbEPogC9y3EZi0XDUpCdb/UhQKli2aFBWnX+7PfFgI6jGI ZVnzFLCxsrqF8Yms5gIqMKHAM89xmVVY59prYTZ7pVoUNDUCetCkyyI3/5z3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzwwiyEf6eXkKHn4c1zkkVWybDcQwHwYDVR0j BBgwFoAUuqQpSmL/vzRMp69h2hPQmUoAAOMwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZjczYWI3OWQtMDBkNS00OWNiLWFjMTAtM2JkNGYyMzg2YmM2LzAvQkFBNDI5NEE2 MkZGQkYzNDRDQTdBRjYxREExM0QwOTk0QTAwMDBFMy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9CQUE0Mjk0QTYyRkZCRjM0NENBN0FGNjFEQTEzRDA5OTRBMDAw MEUzLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZjczYWI3OWQtMDBkNS00OWNiLWFj MTAtM2JkNGYyMzg2YmM2LzAvQkFBNDI5NEE2MkZGQkYzNDRDQTdBRjYxREExM0Qw OTk0QTAwMDBFMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADQtH7vbWo/+6dwhOUnZRjjdn2GAjEjBziEa mC35EE9kpoCFyF0Ph6GGqlODMCzuYnqLQ5STkgG3qEb4qi7UcPwtPkuwgEE9tN4v TUZUheD8ztcxU6jxAUw+KhJ1XJRX811qgzF+OTjJSzNmA2Ip+AKkjgfek676tsW3 rkdUHhzfuMCIMXyJa/86yPmR7XquAI3kcBWKA/DxKfPBmqdzTnrUyG8pYmt32vey /JGE/C8nfM06wj4JRsNwvITA3O2OzSNf0MOylhC+xtJJ4Yo6ADZEfEcFfyDRIsOe HrWycBxE9Pj4/VRXHTaWqNoPb/ejAvvi3ZEqMWMa53A/f9mvHJc= -----END CERTIFICATE-----Generated at Tue May 5 17:58:47 2026 by rpki-client