$ rpki-client -vvf rpki-rsync.idnic.net/repo/0f0bcdc3-0fea-4747-9907-656486bae8da/0/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.mft File: C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.mft (raw, json) Hash identifier: ZxGOCLYxT3GLg0Qkx/q8OjZAthFvAgaizwz72O2nc/w= Subject key identifier: CA:AD:83:4D:10:1A:3E:7E:9C:6E:CE:DD:3B:65:50:86:0C:54:1E:7A Authority key identifier: C9:A0:E9:83:26:93:84:F0:0C:CE:85:7E:3A:8E:88:87:BE:9B:7F:C8 Certificate issuer: /CN=C9A0E983269384F00CCE857E3A8E8887BE9B7FC8 Certificate serial: 3FE691B3C216AEC9164E1E9B7D2E01AAA2393EE7 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/0f0bcdc3-0fea-4747-9907-656486bae8da/0/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.mft Manifest number: 3D Signing time: Tue 16 Jun 2026 16:19:02 +0000 Manifest this update: Tue 16 Jun 2026 16:14:02 +0000 Manifest next update: Wed 17 Jun 2026 19:56:02 +0000 Files and hashes: 1: 3130332e38312e3131302e302f32332d3234203d3e20313530393538.roa (hash: PAwVQ07BR901R53ceqUz7lmumWNjRRTL4GW80ND0yx0=) 2: 3130332e38312e3131312e302f32342d3234203d3e20313530393538.roa (hash: l+i6wCpyx98LrkN6bI1lbQddhWqft7YLNRfJYsyxYlA=) 3: C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.crl (hash: 5tvL+8mIoHZTfwzWR3OWP43SnnN7l4IOAiHpW8hjLQE=) 4: 323030313a6466323a623263303a3a2f34382d3438203d3e20313530393538.roa (hash: DNfu6S0MfyEIbWVxydJYNYlQdSHELvJkaaSCCqoydj0=) 5: 3130332e38312e3131302e302f32342d3234203d3e20313530393538.roa (hash: 1X7ytOOeZ7baYbrptPG956jTOlJu9VRB/BLTjRkOU00=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/0f0bcdc3-0fea-4747-9907-656486bae8da/0/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.crl rsync://rpki-rsync.idnic.net/repo/0f0bcdc3-0fea-4747-9907-656486bae8da/0/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 19:56:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:e6:91:b3:c2:16:ae:c9:16:4e:1e:9b:7d:2e:01:aa:a2:39:3e:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C9A0E983269384F00CCE857E3A8E8887BE9B7FC8 Validity Not Before: Jun 16 16:14:02 2026 GMT Not After : Jun 17 19:56:02 2026 GMT Subject: CN=CAAD834D101A3E7E9C6ECEDD3B6550860C541E7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1a:13:3a:f5:23:8b:25:23:f0:a6:a5:62:04: 80:44:0a:06:7c:93:ba:5f:22:45:08:d1:d8:bd:64: ac:2c:5c:a5:08:55:1c:00:65:5f:a6:89:27:41:01: f9:5d:8d:e6:50:b2:be:fc:0d:27:1f:4b:67:9a:c8: 6c:5f:22:89:9d:57:2e:6c:cc:ab:7a:b3:35:06:12: 02:e3:fd:cb:07:35:84:27:ba:40:80:2f:1c:c9:bf: ab:c0:5c:5a:2b:94:17:97:15:05:0e:08:ad:ab:bb: 27:8a:df:31:78:fe:f9:3c:fd:7d:64:4a:d8:71:f0: 9b:fe:91:b6:e5:1d:7c:da:3f:06:33:57:c0:b9:f5: 62:db:eb:31:80:1f:65:76:3e:cc:50:13:56:b6:76: e8:fe:6c:a2:16:62:4c:24:d1:2a:db:7f:b8:88:b4: 72:44:42:3d:cc:06:31:8d:ba:14:43:97:c4:ef:44: 28:94:20:52:3b:f3:01:bd:cf:23:7a:39:64:00:f8: 63:d6:e6:a9:06:3f:a6:33:c0:75:19:30:d2:b6:94: aa:0d:61:92:69:90:fb:88:24:37:37:af:93:2c:9e: 0c:3f:43:11:04:25:f9:dd:57:ee:a9:28:bd:3c:4c: 1d:f0:a6:0c:cd:bb:51:2a:ad:66:5f:36:43:4d:db: e2:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:AD:83:4D:10:1A:3E:7E:9C:6E:CE:DD:3B:65:50:86:0C:54:1E:7A X509v3 Authority Key Identifier: keyid:C9:A0:E9:83:26:93:84:F0:0C:CE:85:7E:3A:8E:88:87:BE:9B:7F:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/0f0bcdc3-0fea-4747-9907-656486bae8da/0/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/0f0bcdc3-0fea-4747-9907-656486bae8da/0/C9A0E983269384F00CCE857E3A8E8887BE9B7FC8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:69:d7:e4:76:3a:27:b3:5b:82:ba:06:71:5e:35:ff:9f:ea: 07:55:78:57:ba:98:ec:02:3d:bd:eb:54:2c:0e:f1:d1:8c:49: af:c5:f8:b5:17:40:7d:16:53:42:b0:e6:17:13:0a:5c:ea:e5: a5:d8:67:16:c3:39:ac:af:2b:c4:c6:42:c3:46:15:1a:f9:0e: 72:a9:c5:e7:69:4b:33:af:c6:55:b3:64:03:98:80:22:9f:4c: 81:5c:b1:70:19:44:b4:73:8f:63:75:8f:f9:89:93:27:55:d4: e1:98:24:7f:65:9c:a4:8e:5e:87:de:78:c1:af:ec:4c:ad:13: e0:7a:6c:b2:de:48:20:54:15:16:17:78:3d:f6:f3:1a:57:da: 88:5a:72:84:29:97:f2:46:c6:16:c6:42:f0:12:57:42:00:24: 97:73:d7:8b:bf:8b:41:97:f0:8f:dc:3b:f7:6c:9f:c1:19:b8: e2:9c:07:ca:50:ff:4a:bb:5d:26:c2:f9:7d:6e:d0:b0:4a:04: f9:c3:af:b5:a3:f3:92:66:92:63:c2:eb:a5:73:75:5e:eb:43: f6:25:3d:83:f8:ba:d0:b1:ee:62:a4:52:e6:fd:24:8c:a9:e7: d4:dc:78:02:4b:2c:fe:cd:67:e7:c6:1c:9f:b1:e4:74:6f:f5: 63:81:af:f4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUP+aRs8IWrskWTh6bfS4BqqI5PucwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzlBMEU5ODMyNjkzODRGMDBDQ0U4NTdFM0E4RTg4ODdC RTlCN0ZDODAeFw0yNjA2MTYxNjE0MDJaFw0yNjA2MTcxOTU2MDJaMDMxMTAvBgNV BAMTKENBQUQ4MzREMTAxQTNFN0U5QzZFQ0VERDNCNjU1MDg2MEM1NDFFN0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLGhM69SOLJSPwpqViBIBECgZ8 k7pfIkUI0di9ZKwsXKUIVRwAZV+miSdBAfldjeZQsr78DScfS2eayGxfIomdVy5s zKt6szUGEgLj/csHNYQnukCALxzJv6vAXForlBeXFQUOCK2ruyeK3zF4/vk8/X1k Sthx8Jv+kbblHXzaPwYzV8C59WLb6zGAH2V2PsxQE1a2duj+bKIWYkwk0Srbf7iI tHJEQj3MBjGNuhRDl8TvRCiUIFI78wG9zyN6OWQA+GPW5qkGP6YzwHUZMNK2lKoN YZJpkPuIJDc3r5Msngw/QxEEJfndV+6pKL08TB3wpgzNu1EqrWZfNkNN2+LLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUyq2DTRAaPn6cbs7dO2VQhgxUHnowHwYDVR0j BBgwFoAUyaDpgyaThPAMzoV+Oo6Ih76bf8gwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MGYwYmNkYzMtMGZlYS00NzQ3LTk5MDctNjU2NDg2YmFlOGRhLzAvQzlBMEU5ODMy NjkzODRGMDBDQ0U4NTdFM0E4RTg4ODdCRTlCN0ZDOC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DOUEwRTk4MzI2OTM4NEYwMENDRTg1N0UzQThFODg4N0JFOUI3 RkM4LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMGYwYmNkYzMtMGZlYS00NzQ3LTk5 MDctNjU2NDg2YmFlOGRhLzAvQzlBMEU5ODMyNjkzODRGMDBDQ0U4NTdFM0E4RTg4 ODdCRTlCN0ZDOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAD5p1+R2OiezW4K6BnFeNf+f6gdVeFe6mOwC Pb3rVCwO8dGMSa/F+LUXQH0WU0Kw5hcTClzq5aXYZxbDOayvK8TGQsNGFRr5DnKp xedpSzOvxlWzZAOYgCKfTIFcsXAZRLRzj2N1j/mJkydV1OGYJH9lnKSOXofeeMGv 7EytE+B6bLLeSCBUFRYXeD328xpX2ohacoQpl/JGxhbGQvASV0IAJJdz14u/i0GX 8I/cO/dsn8EZuOKcB8pQ/0q7XSbC+X1u0LBKBPnDr7Wj85JmkmPC66VzdV7rQ/Yl PYP4utCx7mKkUub9JIyp59TceAJLLP7NZ+fGHJ+x5HRv9WOBr/Q= -----END CERTIFICATE-----Generated at Wed Jun 17 10:33:05 2026 by rpki-client