$ rpki-client -vvf rpki-rsync.idnic.net/repo/24207523-d5f5-4acc-b0ac-bfb0954fa4e0/0/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.mft File: 8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.mft (raw, json) Hash identifier: T7TtrTq8RB9aNFUxI+2HofYiMb/N97Rytdyfy4aa6i0= Subject key identifier: 2B:F6:9B:FF:CC:9E:D8:13:18:EB:74:AF:AE:96:8B:5D:7C:25:F5:25 Authority key identifier: 8C:A8:A6:68:A2:40:DF:7B:15:FB:C3:E4:51:6A:84:08:BB:DC:47:E7 Certificate issuer: /CN=8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7 Certificate serial: 5761D08044D77C3795468E5DED0EC462E847C380 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/24207523-d5f5-4acc-b0ac-bfb0954fa4e0/0/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.mft Manifest number: 2B Signing time: Tue 02 Jun 2026 14:27:45 +0000 Manifest this update: Tue 02 Jun 2026 14:22:45 +0000 Manifest next update: Wed 03 Jun 2026 18:01:45 +0000 Files and hashes: 1: 8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.crl (hash: U6wbWG+7VvyA+l22rRr0bwKXU4MYyRmNOEkk3McU1Dk=) 2: 3130332e3232362e35352e302f32342d3234203d3e20313331373835.roa (hash: J67UWBhwkB4SyeMxqFOonlk/hP7ZCxo/ttgUlmNhJvU=) 3: 3130332e3131362e3130382e302f32342d3234203d3e20313331373835.roa (hash: CtGqY694vs+5rhe29OiFriR1fCqTy1GqyZ3iimqLrsk=) 4: 3130332e31362e37392e302f32342d3234203d3e20313331373835.roa (hash: KbKAffsvKxiK1iR4ZLtyFSXqzPv63zoW9cNrraJoQ4s=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/24207523-d5f5-4acc-b0ac-bfb0954fa4e0/0/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.crl rsync://rpki-rsync.idnic.net/repo/24207523-d5f5-4acc-b0ac-bfb0954fa4e0/0/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:61:d0:80:44:d7:7c:37:95:46:8e:5d:ed:0e:c4:62:e8:47:c3:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7 Validity Not Before: Jun 2 14:22:45 2026 GMT Not After : Jun 3 18:01:45 2026 GMT Subject: CN=2BF69BFFCC9ED81318EB74AFAE968B5D7C25F525 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4e:43:22:ef:44:25:6e:d3:71:72:cb:6b:09: 21:8d:ef:71:f9:98:a2:e9:fd:a4:d1:0d:5a:89:eb: 02:2f:70:f1:c5:1d:11:dd:11:aa:3a:3b:90:17:0c: ce:ab:27:6a:aa:b0:69:bd:3e:f8:65:e8:5b:01:19: 65:cb:72:e6:87:81:83:c9:c9:3f:8b:d2:b2:a2:3a: f2:f8:a6:6f:af:bd:6a:19:8c:6e:d8:c6:60:44:0a: 7e:82:62:48:6a:33:ef:5e:c4:cc:7f:33:17:31:3d: 6b:38:c6:83:ee:3d:59:65:81:e1:c3:88:ca:4d:f0: f0:cb:81:13:80:a1:7e:9e:ae:c9:c6:72:69:0c:db: aa:1f:89:e2:88:11:6a:c0:5b:3d:60:06:9f:1c:40: 3a:e9:cc:5f:b8:15:6a:ef:37:b3:c7:82:c8:5c:33: 7b:dd:85:5e:0f:d8:2d:8e:8d:9e:d1:0a:3c:9c:bb: 29:96:f6:74:ce:50:6e:2c:11:45:b6:df:ed:2d:c3: 40:48:5d:6b:e0:90:0e:e9:1b:a2:23:4e:b5:3e:38: bb:ff:e0:60:90:1c:38:4d:4b:e2:84:12:de:19:02: b1:6c:d4:42:70:06:29:78:71:b1:90:da:e7:4e:26: ba:fa:cd:49:8b:4b:f2:2b:e7:d2:49:15:22:9f:fd: 02:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:F6:9B:FF:CC:9E:D8:13:18:EB:74:AF:AE:96:8B:5D:7C:25:F5:25 X509v3 Authority Key Identifier: keyid:8C:A8:A6:68:A2:40:DF:7B:15:FB:C3:E4:51:6A:84:08:BB:DC:47:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/24207523-d5f5-4acc-b0ac-bfb0954fa4e0/0/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/24207523-d5f5-4acc-b0ac-bfb0954fa4e0/0/8CA8A668A240DF7B15FBC3E4516A8408BBDC47E7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:cd:f3:62:9a:25:9d:c4:bf:12:e7:1e:49:24:1d:73:6f:ff: 4d:c9:e1:97:d4:70:7d:78:5a:ae:e3:e6:b7:dd:c8:01:65:ed: 74:0f:64:6b:3b:16:25:b1:a5:2d:bd:0f:3d:c7:0c:90:ae:0c: 70:a3:44:3c:ef:cc:46:e2:11:b3:ea:90:5c:d3:af:37:d8:40: 20:18:97:40:14:15:be:1f:00:7d:62:6c:4e:95:a0:60:0f:b9: f1:b1:c0:c2:33:35:fe:be:c7:3a:87:15:9c:a0:5d:14:0b:af: 4d:f1:95:80:7a:f3:66:33:c1:81:74:cb:a6:fa:dc:c5:b0:bf: 5d:84:97:c1:8c:81:24:74:a8:e4:99:9b:f6:e9:44:f4:bd:b5: 5e:dd:c7:45:23:32:ee:4f:04:af:b4:c8:24:34:e1:e7:be:ab: bc:0b:90:f5:b5:72:12:0b:86:12:e5:3c:75:e9:c7:5d:03:47: 44:ba:be:b6:c6:dd:e8:18:c2:1d:c4:12:a3:fd:cc:37:f5:23: 02:10:7f:2e:62:9e:dd:61:b0:d4:54:a6:75:e4:71:a1:92:87: b7:9e:3b:e1:4c:c5:47:e3:8e:ae:e4:e9:a8:a5:3f:fe:d4:73: ff:40:49:b3:9d:7f:96:e9:47:1f:f3:5f:d9:26:c8:02:58:48: d5:39:23:b6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUV2HQgETXfDeVRo5d7Q7EYuhHw4AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOENBOEE2NjhBMjQwREY3QjE1RkJDM0U0NTE2QTg0MDhC QkRDNDdFNzAeFw0yNjA2MDIxNDIyNDVaFw0yNjA2MDMxODAxNDVaMDMxMTAvBgNV BAMTKDJCRjY5QkZGQ0M5RUQ4MTMxOEVCNzRBRkFFOTY4QjVEN0MyNUY1MjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0TkMi70QlbtNxcstrCSGN73H5 mKLp/aTRDVqJ6wIvcPHFHRHdEao6O5AXDM6rJ2qqsGm9Pvhl6FsBGWXLcuaHgYPJ yT+L0rKiOvL4pm+vvWoZjG7YxmBECn6CYkhqM+9exMx/MxcxPWs4xoPuPVllgeHD iMpN8PDLgROAoX6ersnGcmkM26ofieKIEWrAWz1gBp8cQDrpzF+4FWrvN7PHgshc M3vdhV4P2C2OjZ7RCjycuymW9nTOUG4sEUW23+0tw0BIXWvgkA7pG6IjTrU+OLv/ 4GCQHDhNS+KEEt4ZArFs1EJwBil4cbGQ2udOJrr6zUmLS/Ir59JJFSKf/QI5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUK/ab/8ye2BMY63SvrpaLXXwl9SUwHwYDVR0j BBgwFoAUjKimaKJA33sV+8PkUWqECLvcR+cwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjQyMDc1MjMtZDVmNS00YWNjLWIwYWMtYmZiMDk1NGZhNGUwLzAvOENBOEE2NjhB MjQwREY3QjE1RkJDM0U0NTE2QTg0MDhCQkRDNDdFNy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS84Q0E4QTY2OEEyNDBERjdCMTVGQkMzRTQ1MTZBODQwOEJCREM0 N0U3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMjQyMDc1MjMtZDVmNS00YWNjLWIw YWMtYmZiMDk1NGZhNGUwLzAvOENBOEE2NjhBMjQwREY3QjE1RkJDM0U0NTE2QTg0 MDhCQkRDNDdFNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKLN82KaJZ3EvxLnHkkkHXNv/03J4ZfUcH14 Wq7j5rfdyAFl7XQPZGs7FiWxpS29Dz3HDJCuDHCjRDzvzEbiEbPqkFzTrzfYQCAY l0AUFb4fAH1ibE6VoGAPufGxwMIzNf6+xzqHFZygXRQLr03xlYB682YzwYF0y6b6 3MWwv12El8GMgSR0qOSZm/bpRPS9tV7dx0UjMu5PBK+0yCQ04ee+q7wLkPW1chIL hhLlPHXpx10DR0S6vrbG3egYwh3EEqP9zDf1IwIQfy5int1hsNRUpnXkcaGSh7ee O+FMxUfjjq7k6ailP/7Uc/9ASbOdf5bpRx/zX9kmyAJYSNU5I7Y= -----END CERTIFICATE-----Generated at Wed Jun 3 03:53:56 2026 by rpki-client