$ rpki-client -vvf rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft File: D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft (raw, json) Hash identifier: Cj4bI7FQ+sCUrqnLYVokzFZ7A3/nc7T4xoWBuHcZWd8= Subject key identifier: 18:5A:1B:DC:6D:D8:E9:55:55:25:70:36:42:A6:6C:7E:D7:71:09:8E Authority key identifier: D6:7D:DC:B4:6C:F4:0B:52:64:1F:71:BF:77:56:DF:A2:9F:41:59:A2 Certificate issuer: /CN=D67DDCB46CF40B52641F71BF7756DFA29F4159A2 Certificate serial: 6F811AC02F463B028201ADD5A52986307D742DBE Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft Manifest number: 3E Signing time: Wed 17 Jun 2026 04:18:00 +0000 Manifest this update: Wed 17 Jun 2026 04:13:00 +0000 Manifest next update: Thu 18 Jun 2026 07:43:00 +0000 Files and hashes: 1: D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl (hash: 4XVpba4jEYVfJvLR2mz3FrBwHSONN+nHuP1JT6btBpE=) 2: 323430343a663630303a3a2f33322d3438203d3e203234323037.roa (hash: O3BW4/+vpeYZOrGXcLGA8HAU1zfqrZRISOMkRbThX6s=) 3: 3230332e3135332e3131322e302f32312d3234203d3e203234323037.roa (hash: Lw1DMZ5kJp5ICeFivj5ZZ60njB9OoQuGFsGq8+auMdU=) 4: 3230332e3135332e39362e302f32302d3234203d3e203234323037.roa (hash: AhfkSgsUfVbnlwjYQF5FXALegxkl9ZVed7BF03/fBz8=) 5: 3232322e3136352e3139322e302f31382d3234203d3e203234323037.roa (hash: XrQbHF8ES5i2bpLQRbTUE7Wl3M4ZUVmyaoRlPolZS6Y=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Jun 2026 03:08:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:81:1a:c0:2f:46:3b:02:82:01:ad:d5:a5:29:86:30:7d:74:2d:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D67DDCB46CF40B52641F71BF7756DFA29F4159A2 Validity Not Before: Jun 17 04:13:00 2026 GMT Not After : Jun 18 07:43:00 2026 GMT Subject: CN=185A1BDC6DD8E9555525703642A66C7ED771098E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:e9:74:2c:b3:1c:90:17:eb:81:f6:9a:93:21: 21:fe:cb:66:c3:9f:bb:8c:db:57:2f:21:c8:d0:d2: 88:e6:35:77:90:db:56:85:ac:bf:6b:ad:45:55:25: cd:b7:fd:c8:dc:c2:09:d2:6c:d4:1d:5d:21:11:96: 4a:eb:b8:1b:6d:82:82:41:6c:03:51:96:67:47:58: f0:68:eb:aa:d6:2c:59:da:36:fe:0b:fc:cd:be:a5: ee:4f:82:9e:51:97:f3:8c:b0:2c:1e:cb:a9:77:42: a6:a4:dd:c8:83:0e:89:ef:1e:9d:be:a3:f8:22:dd: 96:8a:b7:f0:96:db:92:77:55:da:fa:df:0c:5d:80: 7c:5c:af:cb:95:2a:a2:6b:f7:97:06:d7:9c:5f:ca: 94:ba:9c:1e:6b:06:49:b9:d1:87:c1:66:9f:c5:4b: 88:b5:40:70:cd:4d:03:40:ac:bf:87:3e:54:e9:ce: ff:18:fa:c0:44:eb:2b:5b:7c:c8:4f:ed:37:87:90: 49:b2:8c:36:39:cb:06:a2:56:0c:e8:71:8e:01:85: bc:3a:2d:71:2c:a8:d6:62:96:4e:36:38:64:22:d3: 58:c3:44:f6:8c:b6:b4:b2:b4:1f:49:83:f6:d2:c3: 2a:fb:17:ba:ab:04:61:a9:b4:b0:22:09:76:49:ea: 5e:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:5A:1B:DC:6D:D8:E9:55:55:25:70:36:42:A6:6C:7E:D7:71:09:8E X509v3 Authority Key Identifier: keyid:D6:7D:DC:B4:6C:F4:0B:52:64:1F:71:BF:77:56:DF:A2:9F:41:59:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:f8:2e:db:67:fe:42:19:08:5a:87:80:53:b9:42:a3:44:93: 8d:d1:43:e5:cf:49:48:2a:37:8f:ce:0b:26:bf:66:cc:07:1a: 62:0c:be:ed:2a:37:a5:5c:fd:92:db:d4:51:d4:8c:1d:e3:09: 10:24:75:6d:ac:df:c0:c8:07:6d:9c:ad:35:2d:a7:f4:a5:ce: bd:8f:c1:e9:e3:5b:73:6c:63:b9:4f:bf:84:42:b9:81:8b:8e: 47:46:e4:a7:08:9b:09:ea:ca:7e:7e:14:45:84:e8:0f:3b:ad: 50:aa:70:ef:eb:9a:f6:92:4c:59:89:00:7a:d1:48:9a:0d:fa: 4e:18:2c:a6:2e:57:45:4f:b9:8b:87:d2:31:f2:82:fa:64:71: 27:eb:98:bf:4f:2b:33:79:f1:7b:78:df:ec:3f:5a:0d:c3:57: 83:bc:6d:ce:20:20:6f:2a:80:17:65:6c:72:2f:e0:ad:9e:bd: 5a:37:0f:f2:08:02:da:5f:36:eb:c5:d1:c5:1a:f1:0a:fe:35: 21:33:e8:60:73:b7:08:eb:c7:ca:27:ff:58:e6:28:e7:cc:30: 17:1b:30:68:f6:5e:a2:2c:54:46:11:47:a7:63:bb:cc:c2:a2: e4:d5:3a:78:5a:a0:e5:8e:b3:00:d5:b0:f0:a2:5d:5a:22:ae: 36:17:b0:be -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUb4EawC9GOwKCAa3VpSmGMH10Lb4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDY3RERDQjQ2Q0Y0MEI1MjY0MUY3MUJGNzc1NkRGQTI5 RjQxNTlBMjAeFw0yNjA2MTcwNDEzMDBaFw0yNjA2MTgwNzQzMDBaMDMxMTAvBgNV BAMTKDE4NUExQkRDNkREOEU5NTU1NTI1NzAzNjQyQTY2QzdFRDc3MTA5OEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD16XQssxyQF+uB9pqTISH+y2bD n7uM21cvIcjQ0ojmNXeQ21aFrL9rrUVVJc23/cjcwgnSbNQdXSERlkrruBttgoJB bANRlmdHWPBo66rWLFnaNv4L/M2+pe5Pgp5Rl/OMsCwey6l3Qqak3ciDDonvHp2+ o/gi3ZaKt/CW25J3Vdr63wxdgHxcr8uVKqJr95cG15xfypS6nB5rBkm50YfBZp/F S4i1QHDNTQNArL+HPlTpzv8Y+sBE6ytbfMhP7TeHkEmyjDY5ywaiVgzocY4Bhbw6 LXEsqNZilk42OGQi01jDRPaMtrSytB9Jg/bSwyr7F7qrBGGptLAiCXZJ6l7nAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGFob3G3Y6VVVJXA2QqZsftdxCY4wHwYDVR0j BBgwFoAU1n3ctGz0C1JkH3G/d1bfop9BWaIwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZmM3ZTgwODEtNjNhZi00OWU3LTk2NDYtNzZjMjVhNWU5N2NhLzAvRDY3RERDQjQ2 Q0Y0MEI1MjY0MUY3MUJGNzc1NkRGQTI5RjQxNTlBMi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9ENjdERENCNDZDRjQwQjUyNjQxRjcxQkY3NzU2REZBMjlGNDE1 OUEyLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZmM3ZTgwODEtNjNhZi00OWU3LTk2 NDYtNzZjMjVhNWU5N2NhLzAvRDY3RERDQjQ2Q0Y0MEI1MjY0MUY3MUJGNzc1NkRG QTI5RjQxNTlBMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHT4Lttn/kIZCFqHgFO5QqNEk43RQ+XPSUgq N4/OCya/ZswHGmIMvu0qN6Vc/ZLb1FHUjB3jCRAkdW2s38DIB22crTUtp/Slzr2P wenjW3NsY7lPv4RCuYGLjkdG5KcImwnqyn5+FEWE6A87rVCqcO/rmvaSTFmJAHrR SJoN+k4YLKYuV0VPuYuH0jHygvpkcSfrmL9PKzN58Xt43+w/Wg3DV4O8bc4gIG8q gBdlbHIv4K2evVo3D/IIAtpfNuvF0cUa8Qr+NSEz6GBztwjrx8on/1jmKOfMMBcb MGj2XqIsVEYRR6dju8zCouTVOnhaoOWOswDVsPCiXVoirjYXsL4= -----END CERTIFICATE-----Generated at Wed Jun 17 10:40:17 2026 by rpki-client