$ rpki-client -vvf rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft File: 20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft (raw, json) Hash identifier: vVulPUglxQ2652M5vmbcUaqMCU9cjvTE3mKug6O525g= Subject key identifier: 24:A4:7D:E2:E7:03:85:90:D1:96:84:D6:20:1F:0A:F4:43:E0:0F:82 Authority key identifier: 20:B4:FB:5E:02:47:6A:FF:A1:00:3C:5C:90:D3:8F:F4:EC:10:14:B7 Certificate issuer: /CN=20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7 Certificate serial: 3CB3A064E9CB6BC0D7D453FB9779DFE606639DC3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft Manifest number: 0F Signing time: Tue 12 May 2026 19:35:40 +0000 Manifest this update: Tue 12 May 2026 19:30:40 +0000 Manifest next update: Wed 13 May 2026 22:38:40 +0000 Files and hashes: 1: 3130332e3137332e3233302e302f32342d3234203d3e20313437303837.roa (hash: xLoeT+ko7MUw5aLnf4wj8gyqTKfil2TZ1gKntVO+LKI=) 2: 20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl (hash: d3btUF6mAi+JSJPGbH0JlmqfIn29i3zPqnA3rh4vOQ4=) 3: 3130332e3137332e3233302e302f32332d3233203d3e20313437303837.roa (hash: ipU1a2udwtca/E3v1pmxqgcaK0XTJh0tDNEJJ4f4t7Y=) 4: 3130332e3137332e3233312e302f32342d3234203d3e20313437303837.roa (hash: Pvijj3PbMpACCVbyxLVtqjTUpSYeYm8MFybvzhiihDM=) 5: 323030313a6466373a633138303a3a2f34382d3438203d3e20313437303837.roa (hash: rXO9gTdPSQGsrR5rUmnzksusGY7II8+DMWGkUGzNqUA=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:b3:a0:64:e9:cb:6b:c0:d7:d4:53:fb:97:79:df:e6:06:63:9d:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7 Validity Not Before: May 12 19:30:40 2026 GMT Not After : May 13 22:38:40 2026 GMT Subject: CN=24A47DE2E7038590D19684D6201F0AF443E00F82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:6d:de:4d:63:a5:5f:23:3e:65:c1:76:0d:7a: 38:49:0b:2e:0c:fc:ff:f5:c9:8a:5c:6e:93:e3:95: 89:a2:3d:7e:b7:d9:7a:07:07:47:42:78:84:34:f9: 23:c1:de:bd:85:dd:29:4f:7d:29:77:a9:f7:7d:1d: 91:97:19:90:78:f8:96:25:f2:b6:f2:ae:b0:40:61: 6c:f6:7c:0b:3a:25:e6:50:99:82:67:46:1c:fd:68: 82:fa:86:72:ba:1b:a8:c9:8d:9e:30:10:bc:49:aa: 4c:6a:c3:d0:6b:a4:7d:a5:27:5b:69:b0:12:05:91: b3:4d:f5:1a:b8:01:40:13:1e:b0:81:18:7e:d0:87: 71:e4:51:77:6e:c5:98:a7:e4:4f:b7:60:cd:36:55: 54:b7:99:c2:5b:d3:7c:25:a9:26:09:97:52:8a:b2: ca:e3:01:dc:2f:95:9e:a8:e9:e9:ec:dc:93:dc:07: 80:b2:dc:b0:c7:4d:d2:5f:29:b9:f2:60:2b:39:fb: 0b:62:8a:db:ab:5b:41:68:0e:55:8a:59:57:1c:f2: da:56:b0:ad:20:4a:5b:b0:d4:1d:1f:cb:8d:49:1e: 48:82:3d:56:c2:a9:3d:84:e9:d4:af:e2:41:29:e5: 55:b9:40:8c:9a:0b:81:25:26:a7:a7:01:b6:dd:fd: 7c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:A4:7D:E2:E7:03:85:90:D1:96:84:D6:20:1F:0A:F4:43:E0:0F:82 X509v3 Authority Key Identifier: keyid:20:B4:FB:5E:02:47:6A:FF:A1:00:3C:5C:90:D3:8F:F4:EC:10:14:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:53:3a:46:81:8e:54:09:a3:50:ae:84:f5:a0:41:f3:cb:f3: d2:8d:b7:86:32:ac:ef:98:8a:9e:36:55:fd:94:8c:83:e7:a9: 8c:fe:6f:92:26:20:26:83:68:7c:69:f2:43:2a:4d:d0:7c:81: ce:e3:4c:5a:9c:14:16:c9:d1:f2:18:5a:54:87:c8:d4:02:60: d5:ca:88:bd:ee:f5:17:48:ca:dd:25:49:50:37:7c:d7:3a:cb: 4c:25:70:14:c9:a2:d6:63:39:a6:35:83:db:2e:e5:69:c0:24: 45:e8:06:4f:b9:a4:da:02:f4:33:1e:a7:00:20:b5:e3:a9:76: db:26:d7:53:ad:76:49:a1:54:6a:f7:f6:1f:83:73:19:6e:d0: 0f:cc:ee:8c:8d:34:56:70:ed:d0:f5:66:be:f0:d4:c0:72:35: 38:95:77:5f:61:13:a8:f8:77:6f:2d:5a:bd:93:3c:d9:7f:00: 4c:25:cc:51:3c:30:db:09:d0:85:b0:f1:9b:31:b3:a3:1b:2b: 57:32:af:fe:94:ae:ec:96:b4:22:f4:0e:c5:b1:57:5e:65:08: 55:d8:20:9c:ad:18:ec:f4:37:90:25:56:62:70:36:35:87:67: 8c:b7:7c:98:a0:97:42:b6:cb:c9:a8:9f:4a:db:50:8d:00:71: 9d:22:c5:d3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPLOgZOnLa8DX1FP7l3nf5gZjncMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBCNEZCNUUwMjQ3NkFGRkExMDAzQzVDOTBEMzhGRjRF QzEwMTRCNzAeFw0yNjA1MTIxOTMwNDBaFw0yNjA1MTMyMjM4NDBaMDMxMTAvBgNV BAMTKDI0QTQ3REUyRTcwMzg1OTBEMTk2ODRENjIwMUYwQUY0NDNFMDBGODIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2bd5NY6VfIz5lwXYNejhJCy4M /P/1yYpcbpPjlYmiPX632XoHB0dCeIQ0+SPB3r2F3SlPfSl3qfd9HZGXGZB4+JYl 8rbyrrBAYWz2fAs6JeZQmYJnRhz9aIL6hnK6G6jJjZ4wELxJqkxqw9BrpH2lJ1tp sBIFkbNN9Rq4AUATHrCBGH7Qh3HkUXduxZin5E+3YM02VVS3mcJb03wlqSYJl1KK ssrjAdwvlZ6o6ens3JPcB4Cy3LDHTdJfKbnyYCs5+wtiiturW0FoDlWKWVcc8tpW sK0gSluw1B0fy41JHkiCPVbCqT2E6dSv4kEp5VW5QIyaC4ElJqenAbbd/XwrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUJKR94ucDhZDRloTWIB8K9EPgD4IwHwYDVR0j BBgwFoAUILT7XgJHav+hADxckNOP9OwQFLcwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZDAwZjljYzctNGE2OS00YzllLWJiYTYtNGQ5YWJiNTZlZmY2LzAvMjBCNEZCNUUw MjQ3NkFGRkExMDAzQzVDOTBEMzhGRjRFQzEwMTRCNy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8yMEI0RkI1RTAyNDc2QUZGQTEwMDNDNUM5MEQzOEZGNEVDMTAx NEI3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZDAwZjljYzctNGE2OS00YzllLWJi YTYtNGQ5YWJiNTZlZmY2LzAvMjBCNEZCNUUwMjQ3NkFGRkExMDAzQzVDOTBEMzhG RjRFQzEwMTRCNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHRTOkaBjlQJo1CuhPWgQfPL89KNt4YyrO+Y ip42Vf2UjIPnqYz+b5ImICaDaHxp8kMqTdB8gc7jTFqcFBbJ0fIYWlSHyNQCYNXK iL3u9RdIyt0lSVA3fNc6y0wlcBTJotZjOaY1g9su5WnAJEXoBk+5pNoC9DMepwAg teOpdtsm11OtdkmhVGr39h+Dcxlu0A/M7oyNNFZw7dD1Zr7w1MByNTiVd19hE6j4 d28tWr2TPNl/AEwlzFE8MNsJ0IWw8Zsxs6MbK1cyr/6UruyWtCL0DsWxV15lCFXY IJytGOz0N5AlVmJwNjWHZ4y3fJigl0K2y8mon0rbUI0AcZ0ixdM= -----END CERTIFICATE-----Generated at Wed May 13 00:31:26 2026 by rpki-client