$ rpki-client -vvf rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.mft File: A23D2170DA27C430D1B3E7D124ABD655F46B001F.mft (raw, json) Hash identifier: 6m/MN+xZ4LYQ3NbDary2Dx0QmLxGNBitvjdm+A9Fyfo= Subject key identifier: 40:0A:0E:D9:E6:06:E8:00:99:DF:E6:AF:0E:61:86:7E:9B:8C:16:F2 Authority key identifier: A2:3D:21:70:DA:27:C4:30:D1:B3:E7:D1:24:AB:D6:55:F4:6B:00:1F Certificate issuer: /CN=A23D2170DA27C430D1B3E7D124ABD655F46B001F Certificate serial: 344D0CF54D3FA09DB4E6DCB6925F99B13D481FC3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A23D2170DA27C430D1B3E7D124ABD655F46B001F.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.mft Manifest number: 3D Signing time: Tue 16 Jun 2026 16:59:45 +0000 Manifest this update: Tue 16 Jun 2026 16:54:45 +0000 Manifest next update: Wed 17 Jun 2026 18:48:45 +0000 Files and hashes: 1: 3230322e38372e3234302e302f32312d3234203d3e203234323032.roa (hash: h4LsVnhP761IIN/z9Kk00GAOTaHl3wnyiIWG9ZY5w+g=) 2: A23D2170DA27C430D1B3E7D124ABD655F46B001F.crl (hash: 4I+buMDqiAZIfwFSB+wTPA6WeuK7cNaAyXoOpngY020=) 3: 323430363a323134303a3a2f33322d3438203d3e203234323032.roa (hash: kqAPpNXie+q2l37gsl3EdI8q/ahDj2lY/Z2RQl2axK8=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.crl rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A23D2170DA27C430D1B3E7D124ABD655F46B001F.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 18:48:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:4d:0c:f5:4d:3f:a0:9d:b4:e6:dc:b6:92:5f:99:b1:3d:48:1f:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A23D2170DA27C430D1B3E7D124ABD655F46B001F Validity Not Before: Jun 16 16:54:45 2026 GMT Not After : Jun 17 18:48:45 2026 GMT Subject: CN=400A0ED9E606E80099DFE6AF0E61867E9B8C16F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:eb:af:80:cc:8b:27:6d:a0:33:56:7b:ac:76: e3:86:f8:ab:89:9a:b4:10:60:04:c9:32:fb:8d:b7: 44:ff:a3:25:08:93:4f:1a:f9:41:91:81:c6:5e:83: e7:04:cc:0c:ee:68:75:d2:29:66:5e:e2:94:6e:c5: 2c:6f:f2:dd:9f:3c:e8:9c:92:bb:69:54:ff:a9:6a: 66:96:50:6b:37:5d:4c:96:61:1b:c3:1e:7c:3f:26: 98:47:82:dc:76:1d:b1:51:f4:94:ff:0b:81:ae:a0: 2b:7a:79:ca:48:60:b6:8c:a8:76:93:89:0d:c2:49: f6:85:59:ce:15:7a:aa:b6:7a:aa:58:bb:dc:90:d8: 7c:47:ee:f9:99:24:70:33:a8:16:4a:31:28:2c:13: cf:c6:cd:ce:40:63:af:dd:b9:c7:b6:59:e0:17:ed: 1e:f0:39:98:51:ab:b0:0a:08:6a:7c:7c:3e:98:f6: 06:1a:4e:19:e2:61:7a:a8:5d:51:aa:8c:d8:13:25: 22:a1:44:eb:f0:25:3d:10:41:82:51:33:ed:29:17: 44:73:9d:33:bc:43:a1:22:5b:ed:7f:b6:c7:36:2a: 9f:ea:d3:58:3a:90:06:7e:ba:de:9c:45:a2:8c:db: 9b:f7:f2:3d:f1:c4:7b:d3:45:b0:23:e1:05:43:02: 8a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:0A:0E:D9:E6:06:E8:00:99:DF:E6:AF:0E:61:86:7E:9B:8C:16:F2 X509v3 Authority Key Identifier: keyid:A2:3D:21:70:DA:27:C4:30:D1:B3:E7:D1:24:AB:D6:55:F4:6B:00:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A23D2170DA27C430D1B3E7D124ABD655F46B001F.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:3f:cf:9a:59:df:01:ed:1b:a5:5e:b4:13:d3:75:ac:1c:c3: 8a:fa:7a:73:47:46:ac:93:f5:b1:01:dd:16:11:f3:42:29:cd: 61:24:06:df:c5:b8:8a:0c:66:fa:f7:04:06:78:ec:90:db:69: 10:c3:79:ec:d7:d1:cf:db:ab:e3:c2:57:5b:e9:15:9f:40:1d: 91:94:36:61:db:aa:8d:6b:58:db:41:19:f1:6f:a1:75:26:23: a7:19:2f:1e:0e:b3:b0:23:79:f4:92:a0:e2:39:96:3f:4b:04: 13:96:ab:ee:32:c5:9e:bd:d9:d4:12:22:bf:4b:d8:95:07:ca: 43:25:ba:4a:0c:c1:99:d5:e3:c9:28:90:60:ae:4d:f8:4d:46: 9b:ef:16:40:87:c4:d6:73:cb:8c:8f:74:9b:ee:90:7d:d3:b8: e4:f1:c9:b6:4b:b4:be:22:00:b1:64:0f:f7:20:5b:88:c0:2a: 64:a6:98:3b:2f:2d:5f:0f:21:73:d6:af:7e:2e:86:ed:8a:f3: 64:ce:7e:d8:4e:4b:1c:84:8d:63:a8:90:8b:50:d2:ea:15:2b: 6c:0d:9e:f3:34:94:0f:ef:03:ba:09:13:8f:7e:94:b0:57:fb: 67:b8:fa:b8:9d:f1:63:d0:45:bd:41:e6:fb:cc:71:13:01:bc: dd:68:92:8e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNE0M9U0/oJ205ty2kl+ZsT1IH8MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTIzRDIxNzBEQTI3QzQzMEQxQjNFN0QxMjRBQkQ2NTVG NDZCMDAxRjAeFw0yNjA2MTYxNjU0NDVaFw0yNjA2MTcxODQ4NDVaMDMxMTAvBgNV BAMTKDQwMEEwRUQ5RTYwNkU4MDA5OURGRTZBRjBFNjE4NjdFOUI4QzE2RjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI66+AzIsnbaAzVnusduOG+KuJ mrQQYATJMvuNt0T/oyUIk08a+UGRgcZeg+cEzAzuaHXSKWZe4pRuxSxv8t2fPOic krtpVP+pamaWUGs3XUyWYRvDHnw/JphHgtx2HbFR9JT/C4GuoCt6ecpIYLaMqHaT iQ3CSfaFWc4Veqq2eqpYu9yQ2HxH7vmZJHAzqBZKMSgsE8/Gzc5AY6/duce2WeAX 7R7wOZhRq7AKCGp8fD6Y9gYaThniYXqoXVGqjNgTJSKhROvwJT0QQYJRM+0pF0Rz nTO8Q6EiW+1/tsc2Kp/q01g6kAZ+ut6cRaKM25v38j3xxHvTRbAj4QVDAootAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQAoO2eYG6ACZ3+avDmGGfpuMFvIwHwYDVR0j BBgwFoAUoj0hcNonxDDRs+fRJKvWVfRrAB8wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NjFmMDJhODktN2VlOC00YTgzLTgwMDQtMjM0ZDkxNGEwZmQ0LzAvQTIzRDIxNzBE QTI3QzQzMEQxQjNFN0QxMjRBQkQ2NTVGNDZCMDAxRi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BMjNEMjE3MERBMjdDNDMwRDFCM0U3RDEyNEFCRDY1NUY0NkIw MDFGLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNjFmMDJhODktN2VlOC00YTgzLTgw MDQtMjM0ZDkxNGEwZmQ0LzAvQTIzRDIxNzBEQTI3QzQzMEQxQjNFN0QxMjRBQkQ2 NTVGNDZCMDAxRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKc/z5pZ3wHtG6VetBPTdawcw4r6enNHRqyT 9bEB3RYR80IpzWEkBt/FuIoMZvr3BAZ47JDbaRDDeezX0c/bq+PCV1vpFZ9AHZGU NmHbqo1rWNtBGfFvoXUmI6cZLx4Os7AjefSSoOI5lj9LBBOWq+4yxZ692dQSIr9L 2JUHykMlukoMwZnV48kokGCuTfhNRpvvFkCHxNZzy4yPdJvukH3TuOTxybZLtL4i ALFkD/cgW4jAKmSmmDsvLV8PIXPWr34uhu2K82TOfthOSxyEjWOokItQ0uoVK2wN nvM0lA/vA7oJE49+lLBX+2e4+rid8WPQRb1B5vvMcRMBvN1oko4= -----END CERTIFICATE-----Generated at Wed Jun 17 10:03:24 2026 by rpki-client