$ rpki-client -vvf rpki-rsync.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/D5B392E916885394AA1C2B31FE082DC317BCE686.mft File: D5B392E916885394AA1C2B31FE082DC317BCE686.mft (raw, json) Hash identifier: YMED9FT58H4zidc0+UECjP4SbsXRlQFJotWgqkB/z/M= Subject key identifier: 18:21:53:8F:EC:0F:6F:DC:B3:4A:14:18:94:EA:08:63:9C:B2:93:33 Authority key identifier: D5:B3:92:E9:16:88:53:94:AA:1C:2B:31:FE:08:2D:C3:17:BC:E6:86 Certificate issuer: /CN=D5B392E916885394AA1C2B31FE082DC317BCE686 Certificate serial: 771CB0D28D0FC751BCF2B2066F4BC8B52BDF1D97 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D5B392E916885394AA1C2B31FE082DC317BCE686.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/D5B392E916885394AA1C2B31FE082DC317BCE686.mft Manifest number: 3D Signing time: Tue 16 Jun 2026 23:58:01 +0000 Manifest this update: Tue 16 Jun 2026 23:53:01 +0000 Manifest next update: Thu 18 Jun 2026 00:24:01 +0000 Files and hashes: 1: D5B392E916885394AA1C2B31FE082DC317BCE686.crl (hash: zaKNQJsUxhDj1KNciMkY9LPm9eaZqKPmMNoFrqmJKzM=) 2: 323430353a343663303a3a2f33322d3332203d3e20313339343331.roa (hash: 72ltkdAz77XwydUIwwc3kpnQIFXbCRX8QiK7JdJ6abI=) 3: 3130332e3134332e32332e302f32342d3234203d3e20313339343331.roa (hash: AcnbfkvX1w/c7v0ssG/zc+baC3z+ryz2Lyxv+skns7o=) 4: 3130332e3134332e32322e302f32332d3233203d3e20313339343331.roa (hash: n/anw1j/p698bFcxqqm49V4G12x2QBboMMl4JYNKkrU=) 5: 3130332e3134332e32322e302f32342d3234203d3e20313339343331.roa (hash: Mij6gjlboJz168uvi1+veD3ghjYsq0hmKTYOHdpJFfc=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/D5B392E916885394AA1C2B31FE082DC317BCE686.crl rsync://rpki-rsync.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/D5B392E916885394AA1C2B31FE082DC317BCE686.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D5B392E916885394AA1C2B31FE082DC317BCE686.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Jun 2026 00:24:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:1c:b0:d2:8d:0f:c7:51:bc:f2:b2:06:6f:4b:c8:b5:2b:df:1d:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D5B392E916885394AA1C2B31FE082DC317BCE686 Validity Not Before: Jun 16 23:53:01 2026 GMT Not After : Jun 18 00:24:01 2026 GMT Subject: CN=1821538FEC0F6FDCB34A141894EA08639CB29333 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4b:68:05:51:51:bd:a2:aa:ef:8e:33:20:cd: 21:ce:a6:87:0c:9b:8f:b2:23:18:cf:6e:cd:c8:71: 29:b3:50:c5:ac:cf:4e:e2:bf:15:f0:7e:31:61:1a: 50:b5:1f:ba:d2:88:c9:36:b0:30:c0:fd:28:16:d7: a6:db:37:c3:a3:22:17:d0:94:87:45:67:6a:8e:7e: 6a:29:ae:d7:50:de:e1:6e:10:5a:2a:9d:fa:1f:0a: cc:62:fd:6f:c6:cc:16:bd:d1:06:81:cb:6f:f2:28: 2e:8f:40:10:85:49:d3:60:b9:7d:ae:e5:11:9d:ea: b3:84:68:30:f4:1b:44:2b:04:be:16:57:1e:d0:e8: 41:57:60:63:57:b1:52:ca:a1:7f:07:e0:39:72:9e: ab:88:cc:ac:8d:90:21:0c:40:e5:e2:b5:30:29:ad: 95:99:c6:6d:4e:68:52:0e:6b:3b:df:87:63:92:4f: 5e:9a:7a:28:ea:8c:72:ee:0e:5f:76:d0:fb:c7:41: d5:da:3e:e3:01:c0:91:e5:a3:18:80:34:3b:c8:35: 34:69:22:9a:60:c2:80:3b:95:f6:91:51:67:a4:35: f1:72:3c:89:e6:5b:a2:50:37:44:76:9f:91:a1:e4: 73:ce:96:41:90:f2:32:9d:d2:32:da:56:73:37:26: bc:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:21:53:8F:EC:0F:6F:DC:B3:4A:14:18:94:EA:08:63:9C:B2:93:33 X509v3 Authority Key Identifier: keyid:D5:B3:92:E9:16:88:53:94:AA:1C:2B:31:FE:08:2D:C3:17:BC:E6:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/D5B392E916885394AA1C2B31FE082DC317BCE686.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D5B392E916885394AA1C2B31FE082DC317BCE686.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/D5B392E916885394AA1C2B31FE082DC317BCE686.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:82:78:9c:f4:9a:63:79:b5:71:56:4e:b7:5a:ec:75:a7:15: 75:ad:93:58:49:35:2d:f6:c5:2a:8d:88:f0:9a:38:72:20:cc: 61:23:21:b9:41:1f:5d:e5:17:f2:98:0d:1c:59:12:8e:5c:96: de:f1:c2:c6:19:99:c8:b0:90:3d:ce:7b:bc:e5:3a:b9:22:86: 59:79:af:fe:8d:8b:6c:73:1f:29:a2:48:38:7b:6f:54:ef:55: 5d:a1:5d:94:30:4b:d1:6b:d6:57:9b:6d:d8:16:1a:9e:e9:b6: 62:91:fd:7c:f4:bf:e1:3e:49:f6:7d:48:be:21:47:be:5b:bb: 47:d0:5e:c9:38:f8:cf:61:ca:1e:85:50:2d:79:f3:30:f4:69: 48:80:e9:ea:69:c1:d8:b6:56:55:9f:66:f9:64:12:e9:bb:1e: 4a:b0:78:89:6e:83:75:56:b1:71:37:f7:55:13:db:5b:41:7c: d5:6a:26:d7:19:6f:7c:3e:a1:23:6f:90:6e:99:e7:e9:23:2d: 0b:e5:ad:57:48:78:b7:f0:cc:25:1f:77:8e:74:82:bd:62:90: fb:77:56:73:e2:89:e4:0b:01:34:76:6b:82:68:81:8d:cf:45: ec:b5:b5:5e:aa:e2:1c:d6:c3:83:f8:d7:7d:b1:f4:ca:5c:0a: e8:14:9b:f4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdxyw0o0Px1G88rIGb0vItSvfHZcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDVCMzkyRTkxNjg4NTM5NEFBMUMyQjMxRkUwODJEQzMx N0JDRTY4NjAeFw0yNjA2MTYyMzUzMDFaFw0yNjA2MTgwMDI0MDFaMDMxMTAvBgNV BAMTKDE4MjE1MzhGRUMwRjZGRENCMzRBMTQxODk0RUEwODYzOUNCMjkzMzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVS2gFUVG9oqrvjjMgzSHOpocM m4+yIxjPbs3IcSmzUMWsz07ivxXwfjFhGlC1H7rSiMk2sDDA/SgW16bbN8OjIhfQ lIdFZ2qOfmoprtdQ3uFuEFoqnfofCsxi/W/GzBa90QaBy2/yKC6PQBCFSdNguX2u 5RGd6rOEaDD0G0QrBL4WVx7Q6EFXYGNXsVLKoX8H4DlynquIzKyNkCEMQOXitTAp rZWZxm1OaFIOazvfh2OST16aeijqjHLuDl920PvHQdXaPuMBwJHloxiANDvINTRp IppgwoA7lfaRUWekNfFyPInmW6JQN0R2n5Gh5HPOlkGQ8jKd0jLaVnM3Jrx5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGCFTj+wPb9yzShQYlOoIY5yykzMwHwYDVR0j BBgwFoAU1bOS6RaIU5SqHCsx/ggtwxe85oYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MTQ2ZjMzZjItZjA2ZS00ZWI2LWFlNjEtNTUyOWJjYTFjZGNkLzAvRDVCMzkyRTkx Njg4NTM5NEFBMUMyQjMxRkUwODJEQzMxN0JDRTY4Ni5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9ENUIzOTJFOTE2ODg1Mzk0QUExQzJCMzFGRTA4MkRDMzE3QkNF Njg2LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMTQ2ZjMzZjItZjA2ZS00ZWI2LWFl NjEtNTUyOWJjYTFjZGNkLzAvRDVCMzkyRTkxNjg4NTM5NEFBMUMyQjMxRkUwODJE QzMxN0JDRTY4Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACGCeJz0mmN5tXFWTrda7HWnFXWtk1hJNS32 xSqNiPCaOHIgzGEjIblBH13lF/KYDRxZEo5clt7xwsYZmciwkD3Oe7zlOrkihll5 r/6Ni2xzHymiSDh7b1TvVV2hXZQwS9Fr1lebbdgWGp7ptmKR/Xz0v+E+SfZ9SL4h R75bu0fQXsk4+M9hyh6FUC158zD0aUiA6eppwdi2VlWfZvlkEum7HkqweIlug3VW sXE391UT21tBfNVqJtcZb3w+oSNvkG6Z5+kjLQvlrVdIeLfwzCUfd450gr1ikPt3 VnPiieQLATR2a4JogY3PRey1tV6q4hzWw4P4132x9MpcCugUm/Q= -----END CERTIFICATE-----Generated at Wed Jun 17 11:31:10 2026 by rpki-client