$ rpki-client -vvf rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft File: D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft (raw, json) Hash identifier: 8y2t1Iixuy1L/0UJKNmWwoYKbNfE6e3D7tx/he2vJtc= Subject key identifier: 2F:A9:23:60:04:99:E7:5A:FB:71:3D:5F:0C:3D:AA:61:01:82:72:B0 Authority key identifier: D6:7D:DC:B4:6C:F4:0B:52:64:1F:71:BF:77:56:DF:A2:9F:41:59:A2 Certificate issuer: /CN=D67DDCB46CF40B52641F71BF7756DFA29F4159A2 Certificate serial: 2DC442AD09DBAB9DB45CF393AF64300FDFDD92FB Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft Manifest number: 0F Signing time: Tue 12 May 2026 22:41:04 +0000 Manifest this update: Tue 12 May 2026 22:36:04 +0000 Manifest next update: Thu 14 May 2026 01:24:04 +0000 Files and hashes: 1: 323430343a663630303a3a2f33322d3438203d3e203234323037.roa (hash: O3BW4/+vpeYZOrGXcLGA8HAU1zfqrZRISOMkRbThX6s=) 2: 3232322e3136352e3139322e302f31382d3234203d3e203234323037.roa (hash: XrQbHF8ES5i2bpLQRbTUE7Wl3M4ZUVmyaoRlPolZS6Y=) 3: D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl (hash: VowRRJ6fHviaIBM0pYc5CD0muk7HeYASzfDCw2Oakj0=) 4: 3230332e3135332e3131322e302f32312d3234203d3e203234323037.roa (hash: Lw1DMZ5kJp5ICeFivj5ZZ60njB9OoQuGFsGq8+auMdU=) 5: 3230332e3135332e39362e302f32302d3234203d3e203234323037.roa (hash: AhfkSgsUfVbnlwjYQF5FXALegxkl9ZVed7BF03/fBz8=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:c4:42:ad:09:db:ab:9d:b4:5c:f3:93:af:64:30:0f:df:dd:92:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D67DDCB46CF40B52641F71BF7756DFA29F4159A2 Validity Not Before: May 12 22:36:04 2026 GMT Not After : May 14 01:24:04 2026 GMT Subject: CN=2FA923600499E75AFB713D5F0C3DAA61018272B0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:4d:c1:d1:f8:62:74:13:ec:05:4c:a8:7e:62: 01:a8:95:e6:ce:a2:8e:95:48:da:28:1c:c0:dd:47: e9:2c:15:27:58:eb:8d:61:fa:01:29:07:55:b9:60: da:24:d0:d0:0c:2e:6e:03:4c:35:45:0e:7c:79:99: 6f:9c:19:1c:19:31:fc:b4:59:90:10:fb:10:6e:9c: bd:9e:87:9f:8f:13:07:58:b1:52:33:7d:90:28:55: a9:78:de:52:7b:03:13:c9:89:47:1a:48:58:e6:c0: c9:19:40:6c:7b:5d:f8:9f:11:a9:90:58:d9:a3:41: e7:28:b8:4d:83:45:1e:dd:04:f5:98:90:f2:c1:15: 25:6c:c8:4a:33:02:84:ec:bf:7c:8d:de:80:fd:7d: 80:4e:27:67:6e:a9:41:86:4c:61:1c:3a:fc:de:90: 2e:63:ed:47:7f:1c:57:9e:f4:92:fb:3f:5e:ac:9a: 44:10:d4:eb:7e:06:f2:12:df:e6:96:54:70:52:ef: ea:89:86:e4:27:c4:d0:ad:48:5f:f7:45:a6:00:19: 68:66:f3:6f:8f:4d:a1:f5:6b:3c:21:e2:73:a6:60: e8:b7:78:a7:b6:09:01:f6:ce:92:4a:db:95:41:70: 4c:5a:86:4d:56:17:37:15:00:0f:0b:55:14:3f:77: dc:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:A9:23:60:04:99:E7:5A:FB:71:3D:5F:0C:3D:AA:61:01:82:72:B0 X509v3 Authority Key Identifier: keyid:D6:7D:DC:B4:6C:F4:0B:52:64:1F:71:BF:77:56:DF:A2:9F:41:59:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:5d:ad:7d:65:40:bb:27:5e:b6:84:02:14:f4:8a:2b:17:fd: 09:6b:f8:95:e5:b4:20:2a:17:6d:33:0b:d6:9c:34:a2:b7:dd: 7b:57:3e:2c:93:49:11:9c:0d:14:42:a2:19:7a:df:d2:8a:a2: 7f:de:7e:db:44:27:75:c1:97:75:12:9a:88:b8:31:b5:e0:b7: cc:ed:e4:e2:12:2a:be:99:14:56:6b:e5:59:7b:52:51:b9:3f: 91:8e:85:c2:94:b8:69:68:cf:85:6b:cb:92:22:2c:0e:ad:93: 1e:f3:14:89:fb:15:30:7a:c9:92:3d:32:d5:f0:b6:83:89:ec: 91:57:a2:d9:db:98:49:e3:f6:14:7a:9a:d3:e8:53:67:c2:88: d9:2d:3c:1f:e6:9f:d0:7b:f7:ed:97:86:73:a7:4e:8f:93:bf: 29:8a:1c:dc:a7:34:04:d0:1f:dc:a5:b6:37:ce:32:38:d8:69: 77:d0:72:af:ac:58:ce:d3:fa:a2:21:0e:64:a3:e9:ea:c5:58: 91:93:09:f1:a2:a4:f2:30:da:1d:06:08:67:22:21:4f:12:3a: 43:a1:20:22:4a:f3:39:ed:22:5b:4e:e2:18:21:d3:44:3f:9e: 97:2a:a2:bc:c3:ff:55:ea:a0:28:da:5a:da:25:5d:32:79:6b: f2:50:5b:5d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULcRCrQnbq520XPOTr2QwD9/dkvswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDY3RERDQjQ2Q0Y0MEI1MjY0MUY3MUJGNzc1NkRGQTI5 RjQxNTlBMjAeFw0yNjA1MTIyMjM2MDRaFw0yNjA1MTQwMTI0MDRaMDMxMTAvBgNV BAMTKDJGQTkyMzYwMDQ5OUU3NUFGQjcxM0Q1RjBDM0RBQTYxMDE4MjcyQjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChTcHR+GJ0E+wFTKh+YgGolebO oo6VSNooHMDdR+ksFSdY641h+gEpB1W5YNok0NAMLm4DTDVFDnx5mW+cGRwZMfy0 WZAQ+xBunL2eh5+PEwdYsVIzfZAoVal43lJ7AxPJiUcaSFjmwMkZQGx7XfifEamQ WNmjQecouE2DRR7dBPWYkPLBFSVsyEozAoTsv3yN3oD9fYBOJ2duqUGGTGEcOvze kC5j7Ud/HFee9JL7P16smkQQ1Ot+BvIS3+aWVHBS7+qJhuQnxNCtSF/3RaYAGWhm 82+PTaH1azwh4nOmYOi3eKe2CQH2zpJK25VBcExahk1WFzcVAA8LVRQ/d9x1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUL6kjYASZ51r7cT1fDD2qYQGCcrAwHwYDVR0j BBgwFoAU1n3ctGz0C1JkH3G/d1bfop9BWaIwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZmM3ZTgwODEtNjNhZi00OWU3LTk2NDYtNzZjMjVhNWU5N2NhLzAvRDY3RERDQjQ2 Q0Y0MEI1MjY0MUY3MUJGNzc1NkRGQTI5RjQxNTlBMi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9ENjdERENCNDZDRjQwQjUyNjQxRjcxQkY3NzU2REZBMjlGNDE1 OUEyLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZmM3ZTgwODEtNjNhZi00OWU3LTk2 NDYtNzZjMjVhNWU5N2NhLzAvRDY3RERDQjQ2Q0Y0MEI1MjY0MUY3MUJGNzc1NkRG QTI5RjQxNTlBMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAF5drX1lQLsnXraEAhT0iisX/Qlr+JXltCAq F20zC9acNKK33XtXPiyTSRGcDRRCohl639KKon/efttEJ3XBl3USmoi4MbXgt8zt 5OISKr6ZFFZr5Vl7UlG5P5GOhcKUuGloz4Vry5IiLA6tkx7zFIn7FTB6yZI9MtXw toOJ7JFXotnbmEnj9hR6mtPoU2fCiNktPB/mn9B79+2XhnOnTo+TvymKHNynNATQ H9yltjfOMjjYaXfQcq+sWM7T+qIhDmSj6erFWJGTCfGipPIw2h0GCGciIU8SOkOh ICJK8zntIltO4hgh00Q/npcqorzD/1XqoCjaWtolXTJ5a/JQW10= -----END CERTIFICATE-----Generated at Wed May 13 01:14:43 2026 by rpki-client