$ rpki-client -vvf rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft File: CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft (raw, json) Hash identifier: OS/lYiHziZe/ccL/taIW9xTtNXUE4LdTnXCKW+UdA6Y= Subject key identifier: 76:46:AA:E2:8B:E3:E5:12:1B:CC:2C:89:79:06:28:DB:8C:E8:C5:01 Authority key identifier: CF:67:7D:C4:A0:E9:F5:2E:45:8D:7F:78:6C:11:00:4C:BC:C0:6B:E6 Certificate issuer: /CN=CF677DC4A0E9F52E458D7F786C11004CBCC06BE6 Certificate serial: 269878B0A4FF55722B6766D32E82CB0481A1E2EF Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft Manifest number: 0E Signing time: Tue 12 May 2026 05:36:03 +0000 Manifest this update: Tue 12 May 2026 05:31:03 +0000 Manifest next update: Wed 13 May 2026 08:24:03 +0000 Files and hashes: 1: 34332e3234382e32342e302f32322d3234203d3e203138313033.roa (hash: 9zWseK0VGBFjDjSukC7sEdd2KVTBNcjvlH0F1oisM48=) 2: 3130332e32332e3234302e302f32322d3234203d3e203138313033.roa (hash: CIu+a1x1Ob4TtttYENYOSXpa0Xw1+bkYfz/RVtE/6mo=) 3: 3230332e3132382e36342e302f31392d3234203d3e203138313033.roa (hash: eBoaZqyr6WlSbN/AJF6RgzCQyG+1zBmzaFfb/7fN5dY=) 4: 3130332e31302e39362e302f32322d3234203d3e203138313033.roa (hash: h+jOCf2n8qXpyofV0yrwta8TGMspkZPZ+KTwYTU4B7c=) 5: CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.crl (hash: DD/r7i19AJ+TTppNCIUJQYH8JlqZ2bmI2Ez/p8MHH+c=) 6: 323430313a316230303a3a2f33322d3438203d3e203138313033.roa (hash: LF0MrR9BI6ohPR99FqHdVyHSCGgsD/4Honm25vFKTtU=) 7: 3230332e3230312e35302e302f32332d3234203d3e203138313033.roa (hash: hnbLn0WCQW7tjxDDomIPOhXC1r7ltYUmnmJCJUDX+Hs=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.crl rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 08:24:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:98:78:b0:a4:ff:55:72:2b:67:66:d3:2e:82:cb:04:81:a1:e2:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CF677DC4A0E9F52E458D7F786C11004CBCC06BE6 Validity Not Before: May 12 05:31:03 2026 GMT Not After : May 13 08:24:03 2026 GMT Subject: CN=7646AAE28BE3E5121BCC2C89790628DB8CE8C501 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:31:fc:26:7c:13:c1:80:cc:d4:f9:5e:59:a0: ae:f2:ed:3b:5f:b5:fb:bc:de:cd:fb:e1:03:e1:46: 64:21:8a:70:eb:30:77:18:95:b5:a2:78:5f:dd:fa: 6e:97:c1:3b:f8:bb:63:eb:ce:3e:48:2c:86:2e:a6: fe:d1:d8:6c:13:1b:ce:54:69:2d:bc:f3:48:e9:e0: 49:a1:87:fc:35:a8:b1:71:02:38:6e:53:a4:f1:96: 39:b6:c6:2a:e8:32:ee:84:f5:a0:11:98:ed:1e:c1: 22:e3:ec:8a:23:a3:03:52:98:85:d1:ad:38:cd:6b: 21:1b:ba:20:ad:97:59:a0:ff:f8:8f:29:7e:d9:42: 94:63:83:d1:3b:1a:d7:99:38:9f:ac:25:b8:2a:cb: 1d:19:6a:86:4e:87:5b:48:84:5a:d8:48:77:fd:44: db:7e:a6:cc:ea:15:40:b5:9c:cd:bf:23:a7:8f:b7: 61:91:35:5a:fd:05:5d:05:b0:d1:b0:eb:87:e8:a1: 26:d5:f2:02:18:d0:e5:d7:d2:54:03:6f:e1:25:45: b2:81:db:97:1a:c6:a9:45:ac:74:72:ca:e1:60:80: 7b:e5:34:ca:55:d4:95:4f:d9:d1:ce:4a:12:41:75: 08:a0:ae:8d:d3:a5:4f:de:6e:6f:a6:07:cf:66:dc: cf:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:46:AA:E2:8B:E3:E5:12:1B:CC:2C:89:79:06:28:DB:8C:E8:C5:01 X509v3 Authority Key Identifier: keyid:CF:67:7D:C4:A0:E9:F5:2E:45:8D:7F:78:6C:11:00:4C:BC:C0:6B:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:c3:54:b2:73:1f:08:26:af:19:02:c9:ec:2f:be:5a:ed:1e: e5:a8:46:eb:d4:62:c0:45:f7:75:16:5b:a8:16:e8:95:02:1e: a6:0c:63:37:2d:64:87:7a:5b:cd:25:cf:a9:49:01:4f:30:79: 0d:fd:41:56:ed:4c:61:5d:85:ec:d4:a6:2d:97:fc:31:35:b4: 96:20:3e:c4:ae:eb:29:1c:85:57:7e:fc:2f:d6:28:78:aa:3d: 74:ca:43:c2:5f:cf:49:3e:01:88:d7:95:6b:d5:b2:33:7c:b6: 9a:8b:6b:f6:43:7a:fa:94:52:0b:cd:9f:a1:15:73:fa:f2:10: f5:fb:f3:f3:fa:0f:35:97:66:d7:17:9a:60:3b:e8:bd:e9:c1: 62:b9:a9:a0:40:6c:5e:7e:18:7c:5f:b4:77:5b:89:0b:aa:0e: 55:6c:59:d1:48:44:bc:90:78:5d:2a:a0:e2:38:02:fe:8d:d4: b2:a6:52:fa:f9:f2:9f:10:63:7b:b3:49:14:4f:3e:d7:34:42: f9:18:66:34:9d:b9:26:ba:35:2b:12:3f:1a:11:d9:89:c9:a5: 41:c1:3e:9e:9e:93:61:26:fa:36:51:7a:d0:35:ee:3a:2c:cf: a9:b2:f9:d9:d6:74:b3:d0:65:a4:f4:3b:3a:72:95:1b:c4:54: 8d:48:64:ec -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJph4sKT/VXIrZ2bTLoLLBIGh4u8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0Y2NzdEQzRBMEU5RjUyRTQ1OEQ3Rjc4NkMxMTAwNENC Q0MwNkJFNjAeFw0yNjA1MTIwNTMxMDNaFw0yNjA1MTMwODI0MDNaMDMxMTAvBgNV BAMTKDc2NDZBQUUyOEJFM0U1MTIxQkNDMkM4OTc5MDYyOERCOENFOEM1MDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6MfwmfBPBgMzU+V5ZoK7y7Ttf tfu83s374QPhRmQhinDrMHcYlbWieF/d+m6XwTv4u2Przj5ILIYupv7R2GwTG85U aS2880jp4Emhh/w1qLFxAjhuU6Txljm2xiroMu6E9aARmO0ewSLj7IojowNSmIXR rTjNayEbuiCtl1mg//iPKX7ZQpRjg9E7GteZOJ+sJbgqyx0ZaoZOh1tIhFrYSHf9 RNt+pszqFUC1nM2/I6ePt2GRNVr9BV0FsNGw64fooSbV8gIY0OXX0lQDb+ElRbKB 25caxqlFrHRyyuFggHvlNMpV1JVP2dHOShJBdQigro3TpU/ebm+mB89m3M8pAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUdkaq4ovj5RIbzCyJeQYo24zoxQEwHwYDVR0j BBgwFoAUz2d9xKDp9S5FjX94bBEATLzAa+YwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YjE5OWMxYWYtZDljNy00ZmZkLWJhMDMtYTNlMWNkZDhhZWUwLzAvQ0Y2NzdEQzRB MEU5RjUyRTQ1OEQ3Rjc4NkMxMTAwNENCQ0MwNkJFNi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DRjY3N0RDNEEwRTlGNTJFNDU4RDdGNzg2QzExMDA0Q0JDQzA2 QkU2LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYjE5OWMxYWYtZDljNy00ZmZkLWJh MDMtYTNlMWNkZDhhZWUwLzAvQ0Y2NzdEQzRBMEU5RjUyRTQ1OEQ3Rjc4NkMxMTAw NENCQ0MwNkJFNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIfDVLJzHwgmrxkCyewvvlrtHuWoRuvUYsBF 93UWW6gW6JUCHqYMYzctZId6W80lz6lJAU8weQ39QVbtTGFdhezUpi2X/DE1tJYg PsSu6ykchVd+/C/WKHiqPXTKQ8Jfz0k+AYjXlWvVsjN8tpqLa/ZDevqUUgvNn6EV c/ryEPX78/P6DzWXZtcXmmA76L3pwWK5qaBAbF5+GHxftHdbiQuqDlVsWdFIRLyQ eF0qoOI4Av6N1LKmUvr58p8QY3uzSRRPPtc0QvkYZjSduSa6NSsSPxoR2YnJpUHB Pp6ek2Em+jZRetA17josz6my+dnWdLPQZaT0OzpylRvEVI1IZOw= -----END CERTIFICATE-----Generated at Tue May 12 22:56:40 2026 by rpki-client