$ rpki-client -vvf rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft File: 20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft (raw, json) Hash identifier: 2LQmYVWyNbTg5VL8oAE0ZPKzB/aO8+UTATo98XGoQFA= Subject key identifier: 8E:4A:AB:9E:7B:D5:59:41:FC:BF:2E:33:56:D8:61:19:B4:A6:28:62 Authority key identifier: 20:B4:FB:5E:02:47:6A:FF:A1:00:3C:5C:90:D3:8F:F4:EC:10:14:B7 Certificate issuer: /CN=20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7 Certificate serial: 4C7BAFBC5FA894405BBC1781972E651A382F77E9 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft Manifest number: 3D Signing time: Tue 16 Jun 2026 19:48:05 +0000 Manifest this update: Tue 16 Jun 2026 19:43:05 +0000 Manifest next update: Wed 17 Jun 2026 20:44:05 +0000 Files and hashes: 1: 3130332e3137332e3233302e302f32332d3233203d3e20313437303837.roa (hash: ipU1a2udwtca/E3v1pmxqgcaK0XTJh0tDNEJJ4f4t7Y=) 2: 323030313a6466373a633138303a3a2f34382d3438203d3e20313437303837.roa (hash: rXO9gTdPSQGsrR5rUmnzksusGY7II8+DMWGkUGzNqUA=) 3: 20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl (hash: KYzDWn+rmzlblJ/Fitn51vNgnWAfpVg5rONCP0MhiUY=) 4: 3130332e3137332e3233302e302f32342d3234203d3e20313437303837.roa (hash: xLoeT+ko7MUw5aLnf4wj8gyqTKfil2TZ1gKntVO+LKI=) 5: 3130332e3137332e3233312e302f32342d3234203d3e20313437303837.roa (hash: Pvijj3PbMpACCVbyxLVtqjTUpSYeYm8MFybvzhiihDM=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 20:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:7b:af:bc:5f:a8:94:40:5b:bc:17:81:97:2e:65:1a:38:2f:77:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7 Validity Not Before: Jun 16 19:43:05 2026 GMT Not After : Jun 17 20:44:05 2026 GMT Subject: CN=8E4AAB9E7BD55941FCBF2E3356D86119B4A62862 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:7e:bc:8e:aa:f8:21:14:b6:f0:3d:4b:25:7b: 37:80:ce:4e:5a:be:6a:3a:91:60:09:b1:46:10:e4: a1:8b:21:b8:9c:20:91:8f:27:45:66:b0:94:2a:50: 4d:e2:08:24:8a:3f:08:4e:12:1d:95:ac:d1:b2:45: 55:fb:47:46:97:cf:fb:97:07:a6:0d:e7:35:11:94: 32:8f:e5:0a:4d:07:65:2a:9b:8e:32:ac:a7:50:be: eb:e0:e9:90:0e:5f:e0:db:be:55:33:9c:ff:04:25: 7f:02:2c:4c:5a:a0:9f:99:fb:ff:f5:94:5e:ff:e2: 4b:c6:48:a7:04:0f:c0:a7:f4:51:65:a5:c1:3d:d8: 2b:da:c8:e2:2b:36:22:aa:97:c9:5d:86:30:9f:3e: 6e:43:86:94:ef:81:f6:05:7a:5a:3d:b3:2d:58:36: 53:d4:6f:6a:55:c4:bf:83:2b:70:18:c9:3d:16:02: 90:9e:80:36:ad:70:d3:9f:e1:86:56:2e:db:59:a8: 80:3a:bd:b8:aa:98:af:87:9d:cd:d6:f0:cf:ed:0e: 1c:74:30:f0:8d:33:69:40:67:88:77:12:d5:cf:dc: 3b:02:3a:f1:5d:e9:fd:01:de:6c:4c:6d:d7:bb:77: f8:da:62:6f:1d:79:e8:45:c5:34:d3:d1:1c:e7:4b: 0d:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:4A:AB:9E:7B:D5:59:41:FC:BF:2E:33:56:D8:61:19:B4:A6:28:62 X509v3 Authority Key Identifier: keyid:20:B4:FB:5E:02:47:6A:FF:A1:00:3C:5C:90:D3:8F:F4:EC:10:14:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:49:9d:a7:a5:36:3b:2f:21:a5:5f:89:54:9d:35:e8:f7:00: 01:60:95:cf:95:b3:ce:16:a0:84:dd:ce:2e:1b:6b:23:3e:56: 1a:cf:85:02:32:71:98:f8:f0:ba:3f:fe:ce:e1:49:97:60:04: 48:15:5c:78:20:66:15:f5:61:44:b2:af:dd:25:49:62:66:02: c8:5b:45:dc:2f:c6:ba:93:60:61:55:60:f5:94:e3:c9:eb:e7: a0:0d:12:18:67:4d:17:6d:fd:da:43:cd:2a:41:da:89:24:71: 0c:6d:81:8c:4c:f4:43:88:63:25:3f:e7:fe:e8:3b:2d:d1:d9: bb:38:cf:7f:60:11:d4:37:de:40:d1:28:ab:16:42:f3:f3:9f: 67:4c:e0:fa:a6:ca:1f:1f:20:0b:a4:71:0d:43:8d:b9:e9:fd: c1:21:a0:4a:b4:28:dc:2e:d0:8b:e7:b2:b8:da:b7:26:7b:41: 3e:44:7a:83:fb:d6:16:15:79:88:14:fa:96:93:64:d3:21:dc: a2:4a:d9:69:d8:bd:3e:0f:e7:d1:37:58:1e:99:bd:1b:cc:07: 1c:ab:d5:b3:39:a4:5a:bd:76:00:3a:e5:46:ed:a2:b3:2d:7b: d3:59:b0:4a:13:4a:a2:0e:31:f0:b8:6d:34:9c:a4:68:73:ff: ed:80:fd:a0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUTHuvvF+olEBbvBeBly5lGjgvd+kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBCNEZCNUUwMjQ3NkFGRkExMDAzQzVDOTBEMzhGRjRF QzEwMTRCNzAeFw0yNjA2MTYxOTQzMDVaFw0yNjA2MTcyMDQ0MDVaMDMxMTAvBgNV BAMTKDhFNEFBQjlFN0JENTU5NDFGQ0JGMkUzMzU2RDg2MTE5QjRBNjI4NjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4fryOqvghFLbwPUslezeAzk5a vmo6kWAJsUYQ5KGLIbicIJGPJ0VmsJQqUE3iCCSKPwhOEh2VrNGyRVX7R0aXz/uX B6YN5zURlDKP5QpNB2Uqm44yrKdQvuvg6ZAOX+DbvlUznP8EJX8CLExaoJ+Z+//1 lF7/4kvGSKcED8Cn9FFlpcE92CvayOIrNiKql8ldhjCfPm5DhpTvgfYFelo9sy1Y NlPUb2pVxL+DK3AYyT0WApCegDatcNOf4YZWLttZqIA6vbiqmK+Hnc3W8M/tDhx0 MPCNM2lAZ4h3EtXP3DsCOvFd6f0B3mxMbde7d/jaYm8deehFxTTT0RznSw07AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUjkqrnnvVWUH8vy4zVthhGbSmKGIwHwYDVR0j BBgwFoAUILT7XgJHav+hADxckNOP9OwQFLcwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZDAwZjljYzctNGE2OS00YzllLWJiYTYtNGQ5YWJiNTZlZmY2LzAvMjBCNEZCNUUw MjQ3NkFGRkExMDAzQzVDOTBEMzhGRjRFQzEwMTRCNy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8yMEI0RkI1RTAyNDc2QUZGQTEwMDNDNUM5MEQzOEZGNEVDMTAx NEI3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZDAwZjljYzctNGE2OS00YzllLWJi YTYtNGQ5YWJiNTZlZmY2LzAvMjBCNEZCNUUwMjQ3NkFGRkExMDAzQzVDOTBEMzhG RjRFQzEwMTRCNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFBJnaelNjsvIaVfiVSdNej3AAFglc+Vs84W oITdzi4bayM+VhrPhQIycZj48Lo//s7hSZdgBEgVXHggZhX1YUSyr90lSWJmAshb RdwvxrqTYGFVYPWU48nr56ANEhhnTRdt/dpDzSpB2okkcQxtgYxM9EOIYyU/5/7o Oy3R2bs4z39gEdQ33kDRKKsWQvPzn2dM4Pqmyh8fIAukcQ1Djbnp/cEhoEq0KNwu 0IvnsrjatyZ7QT5EeoP71hYVeYgU+paTZNMh3KJK2WnYvT4P59E3WB6ZvRvMBxyr 1bM5pFq9dgA65UbtorMte9NZsEoTSqIOMfC4bTScpGhz/+2A/aA= -----END CERTIFICATE-----Generated at Wed Jun 17 09:43:25 2026 by rpki-client