$ rpki-client -vvf rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft File: D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft (raw, json) Hash identifier: kCjpTmkur3XlsV2uNbqnOOPn7N+7h4hF2+M7WS7HFeY= Subject key identifier: 88:DC:1B:34:E7:79:99:1C:3D:60:00:92:84:58:E9:86:7D:5D:10:55 Authority key identifier: D2:0C:1E:0D:D0:2A:A8:B1:CE:1F:EB:A4:76:97:7C:F8:BB:16:14:36 Certificate issuer: /CN=D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436 Certificate serial: 362D77DA8CC5290225A88E86E3EAF92D25FA2388 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft Manifest number: 0F Signing time: Tue 12 May 2026 19:04:45 +0000 Manifest this update: Tue 12 May 2026 18:59:45 +0000 Manifest next update: Wed 13 May 2026 19:59:45 +0000 Files and hashes: 1: 3230322e35312e3232342e302f32302d3234203d3e203338313434.roa (hash: NWVRwRUJEoPLPqz3cDGwdvfhxswf8EJ/TbLr4jkDe78=) 2: 36302e3235332e39362e302f31392d3234203d3e203338313434.roa (hash: NMwe5J+/CXgAi6nFmZAKAhCZ3C0lGwYdxKCNwpdKULE=) 3: D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.crl (hash: UfQpDn9o/1bKAPR4IHQjMMcKdqGyKAhUdVBtNLuf+sE=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.crl rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:2d:77:da:8c:c5:29:02:25:a8:8e:86:e3:ea:f9:2d:25:fa:23:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436 Validity Not Before: May 12 18:59:45 2026 GMT Not After : May 13 19:59:45 2026 GMT Subject: CN=88DC1B34E779991C3D6000928458E9867D5D1055 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:fc:64:1b:e5:c2:37:fc:b8:2b:76:38:ae:63: 15:ae:98:f8:e5:5b:34:90:c9:d4:c7:9b:7d:39:7d: ae:16:cc:f0:ac:fc:f2:60:1a:fd:ab:38:f5:3b:b1: 2a:46:9a:1e:30:08:8f:4a:3c:33:7f:27:35:89:f1: 21:74:1d:55:41:7a:f9:75:43:56:15:c7:a9:34:83: 23:67:e5:22:d5:cb:71:2c:58:0f:f2:f6:7a:fd:c3: fe:97:ac:f2:88:51:39:af:a5:2c:14:53:75:05:b0: 0e:e5:1e:13:5c:55:ef:b6:3c:1a:8f:49:85:13:e4: 15:99:cf:22:fa:92:4f:96:87:27:03:eb:68:21:c5: 16:9f:20:e6:77:8c:38:fc:57:02:f0:e7:d1:2c:1b: b6:47:b2:3e:40:83:f6:30:28:15:2c:b4:2f:85:c2: 88:9e:6d:2d:c1:d7:b1:fb:fd:c9:7c:4b:e6:74:f7: 37:98:2a:82:08:ea:8d:98:5e:1d:c8:80:ec:ff:25: 27:9f:8b:74:c9:8d:46:c5:ed:6c:59:2f:5c:12:d8: 20:c8:e3:bc:d9:b4:1a:52:9a:6b:d1:53:76:ac:00: 59:51:66:17:d6:22:20:58:7e:b1:5f:37:ae:bf:8d: f7:68:b2:86:72:0f:7b:12:28:42:6a:e5:25:6b:f2: 11:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:DC:1B:34:E7:79:99:1C:3D:60:00:92:84:58:E9:86:7D:5D:10:55 X509v3 Authority Key Identifier: keyid:D2:0C:1E:0D:D0:2A:A8:B1:CE:1F:EB:A4:76:97:7C:F8:BB:16:14:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:c7:29:4b:40:39:93:4d:c1:18:d1:f5:f1:04:7e:65:33:15: 75:16:6f:cf:d3:a7:cd:0e:76:72:b1:b3:f6:98:be:9a:58:67: 10:72:ba:8b:36:34:2f:41:b5:fb:1e:77:22:63:f7:66:55:1f: 55:c6:9c:77:f5:da:9a:82:0b:c1:28:e9:b0:3c:9c:c6:a6:e6: a5:ad:03:1f:24:7a:b9:37:bc:34:ca:a4:8c:50:b6:8d:06:04: b1:e7:9f:a9:94:a5:41:01:0c:f3:ef:0a:76:39:24:6d:ac:bb: 87:00:fd:9f:a8:fa:0c:d4:b3:0f:9f:1b:eb:56:93:5e:5e:7b: 77:90:60:b3:dc:7b:71:43:76:84:89:0a:03:ba:21:14:d2:74: c3:d1:43:4c:51:43:a1:f1:c5:c4:fc:9d:ba:e8:dc:b1:dd:e0: 74:80:72:c1:b7:ae:59:c3:2b:14:4a:fa:5b:b9:e3:d1:05:b6: 07:ed:92:6f:4d:b1:dd:62:1a:d0:db:49:c6:0b:3e:20:a1:55: 38:c9:5d:6a:11:e4:16:9f:3a:0f:a2:e1:32:ae:34:b5:5e:e8: 92:27:4e:29:ab:3a:2e:20:e4:40:4d:e0:c5:05:72:9a:29:af: 41:bc:64:24:e0:53:74:bd:c5:cb:e6:e2:6b:79:ea:66:1e:06: e1:49:ce:c8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNi132ozFKQIlqI6G4+r5LSX6I4gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIwQzFFMEREMDJBQThCMUNFMUZFQkE0NzY5NzdDRjhC QjE2MTQzNjAeFw0yNjA1MTIxODU5NDVaFw0yNjA1MTMxOTU5NDVaMDMxMTAvBgNV BAMTKDg4REMxQjM0RTc3OTk5MUMzRDYwMDA5Mjg0NThFOTg2N0Q1RDEwNTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr/GQb5cI3/LgrdjiuYxWumPjl WzSQydTHm305fa4WzPCs/PJgGv2rOPU7sSpGmh4wCI9KPDN/JzWJ8SF0HVVBevl1 Q1YVx6k0gyNn5SLVy3EsWA/y9nr9w/6XrPKIUTmvpSwUU3UFsA7lHhNcVe+2PBqP SYUT5BWZzyL6kk+WhycD62ghxRafIOZ3jDj8VwLw59EsG7ZHsj5Ag/YwKBUstC+F woiebS3B17H7/cl8S+Z09zeYKoII6o2YXh3IgOz/JSefi3TJjUbF7WxZL1wS2CDI 47zZtBpSmmvRU3asAFlRZhfWIiBYfrFfN66/jfdosoZyD3sSKEJq5SVr8hETAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUiNwbNOd5mRw9YACShFjphn1dEFUwHwYDVR0j BBgwFoAU0gweDdAqqLHOH+ukdpd8+LsWFDYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MmNkNzUzNmQtOWUxMC00ZDQ5LWI2Y2EtMDQxY2M5YTU5MTRlLzAvRDIwQzFFMERE MDJBQThCMUNFMUZFQkE0NzY5NzdDRjhCQjE2MTQzNi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMjBDMUUwREQwMkFBOEIxQ0UxRkVCQTQ3Njk3N0NGOEJCMTYx NDM2LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMmNkNzUzNmQtOWUxMC00ZDQ5LWI2 Y2EtMDQxY2M5YTU5MTRlLzAvRDIwQzFFMEREMDJBQThCMUNFMUZFQkE0NzY5NzdD RjhCQjE2MTQzNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACXHKUtAOZNNwRjR9fEEfmUzFXUWb8/Tp80O dnKxs/aYvppYZxByuos2NC9BtfsedyJj92ZVH1XGnHf12pqCC8Eo6bA8nMam5qWt Ax8kerk3vDTKpIxQto0GBLHnn6mUpUEBDPPvCnY5JG2su4cA/Z+o+gzUsw+fG+tW k15ee3eQYLPce3FDdoSJCgO6IRTSdMPRQ0xRQ6HxxcT8nbro3LHd4HSAcsG3rlnD KxRK+lu549EFtgftkm9Nsd1iGtDbScYLPiChVTjJXWoR5BafOg+i4TKuNLVe6JIn TimrOi4g5EBN4MUFcpopr0G8ZCTgU3S9xcvm4mt56mYeBuFJzsg= -----END CERTIFICATE-----Generated at Tue May 12 22:32:08 2026 by rpki-client