$ rpki-client -vvf rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft File: A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft (raw, json) Hash identifier: GQ1cY9dx82Ly8x/M/Q0FTUM2leeWcJHkqw62+qK1A+g= Subject key identifier: 21:D2:2B:BA:9B:59:22:58:6F:CC:92:4E:71:E2:FB:84:CB:08:B5:BB Authority key identifier: A8:D2:11:A5:40:A0:A5:7C:5D:6A:CB:50:32:09:1B:1A:80:BA:45:8A Certificate issuer: /CN=A8D211A540A0A57C5D6ACB5032091B1A80BA458A Certificate serial: 508B036C27FF6B3C5FF204C6B68E9FFC28872B4A Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft Manifest number: 3D Signing time: Tue 16 Jun 2026 22:36:33 +0000 Manifest this update: Tue 16 Jun 2026 22:31:33 +0000 Manifest next update: Thu 18 Jun 2026 02:26:33 +0000 Files and hashes: 1: 3130332e37302e31382e302f32342d3234203d3e20313335343632.roa (hash: m9ehKEyZKrnBxPUxglJU8vra1GpJJTUpkzpv7UpDmeA=) 2: A8D211A540A0A57C5D6ACB5032091B1A80BA458A.crl (hash: 9/BZ/VHErid/P7x9GE1VgXdX5fGrKu1EYBYTa/Vlvm8=) 3: 3130332e37302e31372e302f32342d3234203d3e20313335343632.roa (hash: lI29Pn9PS61mVywxJrefD11DZjjtEbyEF7MkqWi1LZ4=) 4: 3130332e37302e31362e302f32342d3234203d3e20313335343632.roa (hash: SJ+P4+oX8hijYzZ9qA/WaUDV4gideRVgm7o6icDoWoM=) 5: 3130332e37302e31362e302f32322d3232203d3e20313335343632.roa (hash: Tf1EVsRaCkdXitEPeo2GAGcjlLdYQ1D5kk2M9WCpy3U=) 6: 3130332e37302e31392e302f32342d3234203d3e20313335343632.roa (hash: 7evCo+jZlUXwDGTBsCsQhDg2DWHBDqS4cWsJw91trY0=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.crl rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Jun 2026 02:26:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:8b:03:6c:27:ff:6b:3c:5f:f2:04:c6:b6:8e:9f:fc:28:87:2b:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A8D211A540A0A57C5D6ACB5032091B1A80BA458A Validity Not Before: Jun 16 22:31:33 2026 GMT Not After : Jun 18 02:26:33 2026 GMT Subject: CN=21D22BBA9B5922586FCC924E71E2FB84CB08B5BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:e4:d5:d3:01:aa:e9:c5:cd:e3:d1:53:77:4a: 66:c5:4a:14:f6:21:9a:e1:24:c1:12:1d:72:95:50: c2:ef:d9:25:f1:b7:24:a1:2d:72:26:4d:99:bf:fd: f9:fa:0d:01:00:3c:e8:2b:20:f9:9b:a4:7c:bc:52: 46:0f:fb:11:a3:9b:1b:1c:9a:88:93:ef:5d:5c:26: 10:96:1a:58:97:bf:65:bc:b4:92:a3:36:50:0f:7a: e9:de:bb:49:09:cb:0d:84:8e:de:97:16:86:2c:42: fc:04:60:35:10:3a:db:c4:f7:f5:ec:a1:ad:f8:03: db:67:a2:57:b5:6f:7f:64:e1:93:7b:1c:5d:ff:79: 2a:fd:48:51:53:23:3b:07:46:be:64:c5:67:71:73: 8c:44:ca:18:f1:62:6b:d2:2c:29:c2:f3:6e:00:21: 88:a7:68:68:6c:b7:1b:66:be:77:d8:f7:a1:d8:4b: f7:ad:a7:dc:2d:a6:fc:66:b6:3c:58:78:7a:5a:ae: 27:9d:ae:76:60:5f:66:a8:f8:85:25:39:3a:56:1e: 76:6c:69:47:7b:35:30:95:08:db:05:41:75:95:f1: 55:fa:a8:c1:fd:90:e5:21:da:91:ba:25:8a:92:27: 11:25:79:89:1a:74:6c:11:e4:34:69:98:0d:54:06: 09:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:D2:2B:BA:9B:59:22:58:6F:CC:92:4E:71:E2:FB:84:CB:08:B5:BB X509v3 Authority Key Identifier: keyid:A8:D2:11:A5:40:A0:A5:7C:5D:6A:CB:50:32:09:1B:1A:80:BA:45:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:a1:8b:c9:62:1e:df:e0:23:ef:79:e4:9a:27:c2:d7:dd:c4: 4a:d5:66:40:fc:18:bc:56:49:5a:04:cb:38:15:52:d1:fb:fb: e0:28:4d:ea:39:a7:ec:9c:79:21:4d:98:f8:d7:d0:16:54:a8: 53:ee:ef:be:96:98:89:66:5c:65:b3:46:a0:ab:18:b5:d7:59: 84:d3:06:8f:bc:56:af:97:ac:c6:93:84:9d:b8:c2:aa:76:b9: 27:7e:89:64:b0:09:c2:63:06:5e:d4:e8:04:a1:65:55:49:83: aa:33:57:ac:83:1c:02:dc:13:3d:20:6d:23:78:b1:ae:70:67: 82:01:f5:9e:18:5f:2a:e2:45:bc:ac:15:cd:2f:b4:bc:c6:b5: 7c:77:8a:d5:18:89:40:60:14:11:8f:48:54:ff:13:59:58:be: 8f:58:f8:e7:f8:3e:4b:63:06:ae:02:77:89:2f:bd:10:b4:07: da:50:5a:05:05:a6:9f:15:d9:6a:55:5a:3f:97:a6:40:24:9d: f5:93:3e:81:77:9e:6f:29:ce:a7:3a:f5:4c:15:d4:42:ce:34: 60:4d:ff:d9:c0:d9:07:51:90:50:27:e0:29:6e:e1:2c:e2:1e: 92:60:d9:82:9d:31:bb:3d:2a:0a:8b:65:13:84:c5:d5:19:2e: f1:c5:5a:4a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUIsDbCf/azxf8gTGto6f/CiHK0owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQThEMjExQTU0MEEwQTU3QzVENkFDQjUwMzIwOTFCMUE4 MEJBNDU4QTAeFw0yNjA2MTYyMjMxMzNaFw0yNjA2MTgwMjI2MzNaMDMxMTAvBgNV BAMTKDIxRDIyQkJBOUI1OTIyNTg2RkNDOTI0RTcxRTJGQjg0Q0IwOEI1QkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS5NXTAarpxc3j0VN3SmbFShT2 IZrhJMESHXKVUMLv2SXxtyShLXImTZm//fn6DQEAPOgrIPmbpHy8UkYP+xGjmxsc moiT711cJhCWGliXv2W8tJKjNlAPeuneu0kJyw2Ejt6XFoYsQvwEYDUQOtvE9/Xs oa34A9tnole1b39k4ZN7HF3/eSr9SFFTIzsHRr5kxWdxc4xEyhjxYmvSLCnC824A IYinaGhstxtmvnfY96HYS/etp9wtpvxmtjxYeHpariedrnZgX2ao+IUlOTpWHnZs aUd7NTCVCNsFQXWV8VX6qMH9kOUh2pG6JYqSJxEleYkadGwR5DRpmA1UBgl1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIdIruptZIlhvzJJOceL7hMsItbswHwYDVR0j BBgwFoAUqNIRpUCgpXxdastQMgkbGoC6RYowDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODZmNGQ0ZjEtYjM2Yy00YTQ2LTg4NDQtNGU2YzdhM2M5N2Q5LzAvQThEMjExQTU0 MEEwQTU3QzVENkFDQjUwMzIwOTFCMUE4MEJBNDU4QS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BOEQyMTFBNTQwQTBBNTdDNUQ2QUNCNTAzMjA5MUIxQTgwQkE0 NThBLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vODZmNGQ0ZjEtYjM2Yy00YTQ2LTg4 NDQtNGU2YzdhM2M5N2Q5LzAvQThEMjExQTU0MEEwQTU3QzVENkFDQjUwMzIwOTFC MUE4MEJBNDU4QS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACOhi8liHt/gI+955JonwtfdxErVZkD8GLxW SVoEyzgVUtH7++AoTeo5p+yceSFNmPjX0BZUqFPu776WmIlmXGWzRqCrGLXXWYTT Bo+8Vq+XrMaThJ24wqp2uSd+iWSwCcJjBl7U6AShZVVJg6ozV6yDHALcEz0gbSN4 sa5wZ4IB9Z4YXyriRbysFc0vtLzGtXx3itUYiUBgFBGPSFT/E1lYvo9Y+Of4Pktj Bq4Cd4kvvRC0B9pQWgUFpp8V2WpVWj+XpkAknfWTPoF3nm8pzqc69UwV1ELONGBN /9nA2QdRkFAn4Clu4SziHpJg2YKdMbs9KgqLZROExdUZLvHFWko= -----END CERTIFICATE-----Generated at Wed Jun 17 11:12:44 2026 by rpki-client