$ rpki-client -vvf rpki-rsync.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.mft File: 889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.mft (raw, json) Hash identifier: dg6Pe8EQJ5I7UWyOgK2C1WDLUX3KnUGfWAD/K532B6w= Subject key identifier: 74:2E:E8:64:4F:BB:C1:65:9A:79:14:48:1A:1B:8F:5F:8F:B1:B3:30 Authority key identifier: 88:9C:6D:E3:F5:7A:53:47:0E:BB:EA:BC:1C:2D:89:A6:F3:FC:17:C8 Certificate issuer: /CN=889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8 Certificate serial: 21854AF0846D582D618345686D6A1C6FA39B6BD3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.mft Manifest number: 3D Signing time: Tue 16 Jun 2026 21:09:51 +0000 Manifest this update: Tue 16 Jun 2026 21:04:51 +0000 Manifest next update: Wed 17 Jun 2026 23:21:51 +0000 Files and hashes: 1: 3136302e31392e38342e302f32342d3234203d3e20313532373534.roa (hash: bNudrF44x2izySD0tRS+nFPqbeFunnsrm7up4Eby2bw=) 2: 3136302e31392e38352e302f32342d3234203d3e20313532373534.roa (hash: ldSnrrmteNryHWcf9UUZou80Ix7aIJzaiTf7mkq3mc4=) 3: 3136302e31392e38342e302f32332d3233203d3e20313532373534.roa (hash: L2W5rnLzb0ayOTJLCbvv5xJbFsJZYaXlC2C/bL2KNmw=) 4: 889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.crl (hash: ZHK44iBM7q8mKnG6ADJBpnZcuTwWnbeXovHocjlEXJo=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.crl rsync://rpki-rsync.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 23:21:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:85:4a:f0:84:6d:58:2d:61:83:45:68:6d:6a:1c:6f:a3:9b:6b:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8 Validity Not Before: Jun 16 21:04:51 2026 GMT Not After : Jun 17 23:21:51 2026 GMT Subject: CN=742EE8644FBBC1659A7914481A1B8F5F8FB1B330 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:03:94:39:68:df:18:34:27:f6:16:e0:d4:7a: 91:c4:42:98:7a:2c:8a:a5:c8:b5:e8:ef:37:5f:61: 4d:e5:a5:c9:f5:4f:0b:e9:4c:db:a5:40:c6:cd:91: ed:dc:77:c9:5a:47:6b:8d:12:2a:92:de:f7:7d:a4: 48:e4:26:6e:cf:c4:ea:76:62:ed:f5:eb:bb:0b:c4: 1d:cf:22:b3:99:54:a3:bb:71:96:1c:ab:c5:41:97: b2:aa:b1:1a:f9:b3:56:12:00:85:e5:71:f0:58:fa: 3e:89:cc:6c:61:df:64:53:01:15:c7:1d:40:17:0e: 40:64:1c:95:cd:f7:1f:d3:1b:81:83:0e:85:1f:3c: 53:4d:37:dc:2a:a0:13:ec:b2:08:ba:58:9e:ec:0f: be:54:f8:48:62:37:4f:35:87:0d:94:52:6a:23:d9: 33:36:ab:7d:f9:58:f9:bd:6b:aa:ae:54:8f:45:50: 24:b6:99:a5:b7:e3:9e:fe:40:27:24:3a:5d:ea:ef: 8a:27:3c:22:7b:13:b7:92:ce:ba:80:85:00:57:a6: be:b2:55:30:ee:c4:c6:0e:18:ee:d8:f1:43:29:9a: 52:98:81:20:bf:4d:a6:1d:11:61:ed:97:f7:98:32: fd:f8:f7:79:69:f5:04:e1:e1:43:81:fd:9b:41:33: 8a:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:2E:E8:64:4F:BB:C1:65:9A:79:14:48:1A:1B:8F:5F:8F:B1:B3:30 X509v3 Authority Key Identifier: keyid:88:9C:6D:E3:F5:7A:53:47:0E:BB:EA:BC:1C:2D:89:A6:F3:FC:17:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/889C6DE3F57A53470EBBEABC1C2D89A6F3FC17C8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:6e:de:08:fd:70:ab:a1:7f:07:6a:0d:08:f7:a3:23:3f:eb: f7:12:36:e0:f5:10:7c:2a:86:69:b9:d6:af:d1:6e:25:fe:56: a8:07:57:78:73:35:de:17:ca:e9:f0:a7:17:39:6b:02:97:e4: cb:0e:63:8a:12:1b:9d:3b:4a:06:91:74:53:0d:24:82:c6:71: 86:c0:bd:48:b6:c2:af:89:c5:72:32:fe:b9:67:cb:6d:40:71: bb:fe:e0:cf:4b:0f:92:cd:dd:45:19:08:f8:10:98:18:e2:28: a2:ab:1e:68:17:10:e0:a0:57:e0:13:45:b9:6c:08:f0:c1:9e: ba:8e:80:67:a2:31:4f:d0:4b:31:04:92:44:d8:f3:63:67:9d: 8f:16:72:b3:81:50:10:16:f0:fd:12:38:02:bb:bd:c9:34:e4: bb:d6:c0:ba:fa:e8:4f:35:7c:88:39:8a:9b:14:0f:c3:19:99: 09:76:55:a7:30:00:41:46:d8:ae:df:df:8d:35:cb:cc:da:d1: 3c:e9:81:f2:30:ce:8e:76:73:53:ae:42:3e:8c:73:96:31:32: 40:cd:ba:76:05:29:14:fc:38:0d:7d:69:fe:f0:10:61:f5:17: 08:d1:71:b1:dd:6e:cd:9f:aa:85:56:fb:7a:e4:ef:88:db:41: 1e:d1:8d:e4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIYVK8IRtWC1hg0VobWocb6Oba9MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODg5QzZERTNGNTdBNTM0NzBFQkJFQUJDMUMyRDg5QTZG M0ZDMTdDODAeFw0yNjA2MTYyMTA0NTFaFw0yNjA2MTcyMzIxNTFaMDMxMTAvBgNV BAMTKDc0MkVFODY0NEZCQkMxNjU5QTc5MTQ0ODFBMUI4RjVGOEZCMUIzMzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmA5Q5aN8YNCf2FuDUepHEQph6 LIqlyLXo7zdfYU3lpcn1TwvpTNulQMbNke3cd8laR2uNEiqS3vd9pEjkJm7PxOp2 Yu3167sLxB3PIrOZVKO7cZYcq8VBl7KqsRr5s1YSAIXlcfBY+j6JzGxh32RTARXH HUAXDkBkHJXN9x/TG4GDDoUfPFNNN9wqoBPssgi6WJ7sD75U+EhiN081hw2UUmoj 2TM2q335WPm9a6quVI9FUCS2maW3457+QCckOl3q74onPCJ7E7eSzrqAhQBXpr6y VTDuxMYOGO7Y8UMpmlKYgSC/TaYdEWHtl/eYMv3493lp9QTh4UOB/ZtBM4oXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUdC7oZE+7wWWaeRRIGhuPX4+xszAwHwYDVR0j BBgwFoAUiJxt4/V6U0cOu+q8HC2JpvP8F8gwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YmEwOThmMDAtYTBhMC00YjVjLTllODMtNjA2NzM3MTI4Y2IxLzAvODg5QzZERTNG NTdBNTM0NzBFQkJFQUJDMUMyRDg5QTZGM0ZDMTdDOC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC84ODlDNkRFM0Y1N0E1MzQ3MEVCQkVBQkMxQzJEODlBNkYzRkMx N0M4LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYmEwOThmMDAtYTBhMC00YjVjLTll ODMtNjA2NzM3MTI4Y2IxLzAvODg5QzZERTNGNTdBNTM0NzBFQkJFQUJDMUMyRDg5 QTZGM0ZDMTdDOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAElu3gj9cKuhfwdqDQj3oyM/6/cSNuD1EHwq hmm51q/RbiX+VqgHV3hzNd4Xyunwpxc5awKX5MsOY4oSG507SgaRdFMNJILGcYbA vUi2wq+JxXIy/rlny21Acbv+4M9LD5LN3UUZCPgQmBjiKKKrHmgXEOCgV+ATRbls CPDBnrqOgGeiMU/QSzEEkkTY82NnnY8WcrOBUBAW8P0SOAK7vck05LvWwLr66E81 fIg5ipsUD8MZmQl2VacwAEFG2K7f3401y8za0TzpgfIwzo52c1OuQj6Mc5YxMkDN unYFKRT8OA19af7wEGH1FwjRcbHdbs2fqoVW+3rk74jbQR7RjeQ= -----END CERTIFICATE-----Generated at Wed Jun 17 10:44:10 2026 by rpki-client