$ rpki-client -vvf rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.mft File: 2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.mft (raw, json) Hash identifier: t3QqPfy3Ig5bBxHB0rcUgyfOoz4JJia30rzvarQB/Ks= Subject key identifier: 83:FE:5E:38:2C:BC:B4:38:AD:D1:4D:68:D6:56:1B:D6:8E:09:87:4D Authority key identifier: 2C:F0:62:4C:97:05:2A:18:8B:12:C2:D8:DF:D6:92:56:BE:AE:A0:A3 Certificate issuer: /CN=2CF0624C97052A188B12C2D8DFD69256BEAEA0A3 Certificate serial: 2CC63B45113ACD2522D026A8817B163277DB1850 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.mft Manifest number: 3D Signing time: Wed 17 Jun 2026 00:43:50 +0000 Manifest this update: Wed 17 Jun 2026 00:38:50 +0000 Manifest next update: Thu 18 Jun 2026 04:38:50 +0000 Files and hashes: 1: 3131372e3132312e3230342e302f32342d3234203d3e203436303239.roa (hash: 9xyVMpzGgMxzPTr0/YEPxhsOk4K0WU7VoWYP2UAihTY=) 2: 3131372e3132312e3230372e302f32342d3234203d3e203436303239.roa (hash: 5qjiHCREo3yTZVwviMFSFaOdgsJ0Wu7pJnWioBrnUw8=) 3: 3131372e3132312e3230322e302f32342d3234203d3e203436303239.roa (hash: G6layxH6VqJ35uHJZhmjgga72kPwjzbEYW/yD2TBIJU=) 4: 3131372e3132312e3230362e302f32342d3234203d3e203436303239.roa (hash: JklHOE9UnXIvsKlW/PC+ZLgav3mgVpKETno9/XOSONo=) 5: 3131372e3132312e3230332e302f32342d3234203d3e203436303239.roa (hash: khNOf5qfeVAtCDmI+P0qU0wtTsenc+owEXE7IuCFTL4=) 6: 3131372e3132312e3230312e302f32342d3234203d3e203436303239.roa (hash: Gt77/DpvHcyfECJ/rzUv8b/LftlAsDwob9ro6Az9CBg=) 7: 2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.crl (hash: Ql/JuEau1lBc6crP30nToccg57Ojs+IkyuYEVQIGkvo=) 8: 3131372e3132312e3230302e302f32342d3234203d3e203436303239.roa (hash: jjDQyLwOLFkeP+V5865OD4J5ZSFyfyGf7kRLTYcgAUA=) 9: 3131372e3132312e3230352e302f32342d3234203d3e203436303239.roa (hash: UH+sfXi3uyUzmqtZ5a3kiK88kT3KnsNHU+6St14pVbU=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.crl rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Jun 2026 03:08:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:c6:3b:45:11:3a:cd:25:22:d0:26:a8:81:7b:16:32:77:db:18:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CF0624C97052A188B12C2D8DFD69256BEAEA0A3 Validity Not Before: Jun 17 00:38:50 2026 GMT Not After : Jun 18 04:38:50 2026 GMT Subject: CN=83FE5E382CBCB438ADD14D68D6561BD68E09874D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:1e:1e:2d:52:54:b6:af:6c:62:ee:39:19:6d: c7:b7:da:34:0f:e6:39:78:05:b6:b2:d0:d5:c9:08: 2a:a9:99:5a:c2:80:26:30:b3:08:d5:6c:18:19:9d: 06:f1:0e:fd:a2:29:24:9a:5d:73:d6:39:bd:81:38: 45:5c:bc:1a:49:50:11:cf:c9:06:31:06:ee:d6:eb: 0b:8a:68:44:20:82:48:79:a2:da:71:c5:6b:01:f7: b3:b5:14:55:d0:28:26:3c:e4:5f:a7:2b:ee:72:0c: 4c:e0:e1:a5:f0:6f:77:c6:b0:d3:01:a5:a8:f7:85: c0:be:75:01:0a:46:be:c2:20:59:d7:e5:73:98:72: e6:bc:bc:12:7e:ec:c6:73:82:2c:4b:fc:0b:b4:75: d5:9d:1f:74:f3:4d:05:8c:28:39:08:6a:ea:c0:06: f9:b6:6d:1f:e7:96:b7:5b:1c:34:b5:9e:c3:75:28: 15:17:d1:6b:ed:29:68:58:fd:38:18:ca:4d:aa:23: cb:8d:a6:20:cd:3d:f8:81:a5:c5:8d:94:2f:1e:b9: f7:3f:7d:ec:24:f7:65:b8:b9:9d:0d:bd:c3:ea:12: e4:71:b4:51:24:65:07:f9:92:96:a5:80:14:ef:64: de:8e:91:31:79:3a:a0:d4:8a:95:05:51:43:8a:7c: b1:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:FE:5E:38:2C:BC:B4:38:AD:D1:4D:68:D6:56:1B:D6:8E:09:87:4D X509v3 Authority Key Identifier: keyid:2C:F0:62:4C:97:05:2A:18:8B:12:C2:D8:DF:D6:92:56:BE:AE:A0:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:35:7d:0b:17:25:98:37:2f:78:1f:1f:4b:7e:ec:7c:9d:0e: 70:5f:82:a3:c5:58:d4:03:95:55:87:82:29:47:30:91:2d:39: 54:f2:02:29:04:bb:85:30:72:f0:57:83:48:3f:e4:2e:49:9b: 76:88:8e:ee:06:04:b1:ea:1a:91:27:ca:05:12:aa:15:91:93: 41:92:20:09:9a:aa:61:b0:d7:c7:02:04:9a:79:28:96:c0:16: 96:bb:e5:f3:3e:10:f6:c7:2f:e2:7a:f7:ba:7e:88:17:48:a3: 96:f5:53:88:f7:83:7a:6c:2e:22:2a:26:ee:ff:bd:e8:99:3e: 45:33:ca:be:18:9b:db:cc:c0:8e:7b:7c:63:e6:5a:c0:90:51: 2d:8e:43:c8:c7:17:ab:9b:7c:18:41:23:32:2a:44:02:90:9d: d3:13:e1:4f:0f:2a:4c:75:ed:8d:0a:c9:d8:0f:f0:c6:83:de: 8b:32:6d:0b:ce:7c:c7:8f:d8:65:4f:b1:5a:8f:75:22:d9:a7: 26:b5:cf:b3:ce:5c:07:18:c1:ed:2e:d8:38:9c:14:f9:b3:ed: 0a:e3:a2:dc:68:b2:6a:c5:fb:6f:0d:c7:12:9d:ab:c2:af:75: 29:a3:d7:88:25:a8:0b:0b:31:ba:70:4d:be:5a:55:da:20:c0: 2e:9e:e1:44 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULMY7RRE6zSUi0CaogXsWMnfbGFAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkNGMDYyNEM5NzA1MkExODhCMTJDMkQ4REZENjkyNTZC RUFFQTBBMzAeFw0yNjA2MTcwMDM4NTBaFw0yNjA2MTgwNDM4NTBaMDMxMTAvBgNV BAMTKDgzRkU1RTM4MkNCQ0I0MzhBREQxNEQ2OEQ2NTYxQkQ2OEUwOTg3NEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHh4tUlS2r2xi7jkZbce32jQP 5jl4Bbay0NXJCCqpmVrCgCYwswjVbBgZnQbxDv2iKSSaXXPWOb2BOEVcvBpJUBHP yQYxBu7W6wuKaEQggkh5otpxxWsB97O1FFXQKCY85F+nK+5yDEzg4aXwb3fGsNMB paj3hcC+dQEKRr7CIFnX5XOYcua8vBJ+7MZzgixL/Au0ddWdH3TzTQWMKDkIaurA Bvm2bR/nlrdbHDS1nsN1KBUX0WvtKWhY/TgYyk2qI8uNpiDNPfiBpcWNlC8eufc/ fewk92W4uZ0NvcPqEuRxtFEkZQf5kpalgBTvZN6OkTF5OqDUipUFUUOKfLEHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUg/5eOCy8tDit0U1o1lYb1o4Jh00wHwYDVR0j BBgwFoAULPBiTJcFKhiLEsLY39aSVr6uoKMwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MTUzYjA2N2MtZWNjOS00ZGNhLTk4N2QtYjk1NzY4MTVmODU1LzAvMkNGMDYyNEM5 NzA1MkExODhCMTJDMkQ4REZENjkyNTZCRUFFQTBBMy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8yQ0YwNjI0Qzk3MDUyQTE4OEIxMkMyRDhERkQ2OTI1NkJFQUVB MEEzLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMTUzYjA2N2MtZWNjOS00ZGNhLTk4 N2QtYjk1NzY4MTVmODU1LzAvMkNGMDYyNEM5NzA1MkExODhCMTJDMkQ4REZENjky NTZCRUFFQTBBMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKw1fQsXJZg3L3gfH0t+7HydDnBfgqPFWNQD lVWHgilHMJEtOVTyAikEu4UwcvBXg0g/5C5Jm3aIju4GBLHqGpEnygUSqhWRk0GS IAmaqmGw18cCBJp5KJbAFpa75fM+EPbHL+J697p+iBdIo5b1U4j3g3psLiIqJu7/ veiZPkUzyr4Ym9vMwI57fGPmWsCQUS2OQ8jHF6ubfBhBIzIqRAKQndMT4U8PKkx1 7Y0KydgP8MaD3osybQvOfMeP2GVPsVqPdSLZpya1z7POXAcYwe0u2DicFPmz7Qrj otxosmrF+28NxxKdq8KvdSmj14glqAsLMbpwTb5aVdogwC6e4UQ= -----END CERTIFICATE-----Generated at Wed Jun 17 10:01:19 2026 by rpki-client