$ rpki-client -vvf rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft File: D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft (raw, json) Hash identifier: 7W2ctYQCfZ6UN3EBhXwKp7D6I19aBxKMzp5NwjtpDzY= Subject key identifier: 80:F9:B3:F6:3D:8D:3D:23:50:1A:63:22:E7:E4:E1:FF:9D:B3:6B:3B Authority key identifier: D2:0C:1E:0D:D0:2A:A8:B1:CE:1F:EB:A4:76:97:7C:F8:BB:16:14:36 Certificate issuer: /CN=D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436 Certificate serial: 2D76D152FC9007923CF4D81C2B549611C7C17610 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft Manifest number: 2B Signing time: Tue 02 Jun 2026 21:05:35 +0000 Manifest this update: Tue 02 Jun 2026 21:00:35 +0000 Manifest next update: Wed 03 Jun 2026 23:52:35 +0000 Files and hashes: 1: 36302e3235332e39362e302f31392d3234203d3e203338313434.roa (hash: NMwe5J+/CXgAi6nFmZAKAhCZ3C0lGwYdxKCNwpdKULE=) 2: 3230322e35312e3232342e302f32302d3234203d3e203338313434.roa (hash: NWVRwRUJEoPLPqz3cDGwdvfhxswf8EJ/TbLr4jkDe78=) 3: D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.crl (hash: QgCbTym1y4p5ir7kHnqgZq4Qx+kT9S9tOeyh9N5QPgg=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.crl rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 23:52:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:76:d1:52:fc:90:07:92:3c:f4:d8:1c:2b:54:96:11:c7:c1:76:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436 Validity Not Before: Jun 2 21:00:35 2026 GMT Not After : Jun 3 23:52:35 2026 GMT Subject: CN=80F9B3F63D8D3D23501A6322E7E4E1FF9DB36B3B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:15:00:1d:b1:95:d5:ca:92:00:ef:0a:a3:69: b6:40:e6:f8:df:b5:13:f6:75:7f:5b:74:11:b3:4c: 22:a2:2d:af:cd:9a:d7:a0:01:f7:55:24:8b:9d:5f: 09:e0:8a:2c:92:0c:b7:9d:1c:7a:b5:90:38:7a:3c: b3:48:52:9a:90:8b:84:2b:ae:c8:8a:85:7a:ed:d6: 12:40:ff:3a:f0:de:b5:a9:57:66:d9:c6:72:f8:06: 3b:fb:88:04:3b:da:06:86:5f:2a:4f:11:32:64:f0: 84:36:8d:7f:b1:85:b9:40:89:df:8f:39:c0:ce:7c: 62:ab:a7:79:ca:76:5c:64:96:17:98:33:2d:d0:dc: 42:05:28:1c:a7:52:65:2e:46:81:e8:7f:ea:14:fd: 9e:7e:86:8a:73:e5:60:69:50:6e:74:28:ea:86:c1: cb:c3:b3:36:07:d1:c8:6f:05:f5:00:02:33:de:d3: cf:31:f7:fc:ea:e6:3f:a2:bb:40:62:70:a9:ec:15: 45:92:d2:83:ba:db:d6:b5:26:71:90:75:2f:59:d0: 23:18:08:81:c3:1b:04:1f:47:ba:36:90:bd:d2:0c: 45:3e:f0:44:62:3e:87:32:a5:89:cd:ba:8b:e7:8b: 13:21:cf:0a:3e:40:6c:29:6a:e6:40:65:fa:45:0e: ba:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:F9:B3:F6:3D:8D:3D:23:50:1A:63:22:E7:E4:E1:FF:9D:B3:6B:3B X509v3 Authority Key Identifier: keyid:D2:0C:1E:0D:D0:2A:A8:B1:CE:1F:EB:A4:76:97:7C:F8:BB:16:14:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:34:a2:9c:10:c9:4e:dd:e1:74:58:ba:55:38:76:2f:91:41: b4:b4:2a:8e:6d:4b:52:dc:85:f6:38:4e:33:86:76:b4:58:74: 7c:82:30:8e:ac:09:35:f3:31:4d:b8:7f:9b:84:5a:6b:3b:83: d7:a2:17:ae:bc:7e:fe:49:ad:81:86:72:33:b3:79:e8:81:b4: eb:03:1d:68:db:e3:ad:7c:67:d1:70:4a:dc:0e:5e:8a:17:e6: de:dd:c2:63:88:b3:2d:6d:6c:0d:e5:d5:3c:7e:c7:22:e2:78: 62:de:a0:25:8b:5a:c3:29:ac:05:6e:a8:57:5b:49:c7:7d:84: fd:b6:7e:aa:42:e6:9e:80:bd:66:38:a5:43:bb:2e:c2:40:87: 4e:1e:5d:86:8e:6b:c8:86:78:ed:dc:18:fe:48:0a:c8:b5:f4: 3e:19:03:55:58:66:54:70:0f:d5:04:c6:13:5b:83:45:4f:6a: e2:e9:c2:8b:70:23:00:be:fc:c3:40:5a:0b:de:2b:85:df:5d: a1:70:50:a1:ee:68:07:c3:25:a9:0c:59:9e:15:0c:e8:24:e7: 5c:fc:41:22:83:7a:60:e2:b3:1b:72:83:1e:f4:e0:5f:8b:ac: 4b:0c:b8:a2:12:04:75:1d:ac:20:11:29:0b:93:7b:5b:b1:b7: 29:b1:96:a0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULXbRUvyQB5I89NgcK1SWEcfBdhAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIwQzFFMEREMDJBQThCMUNFMUZFQkE0NzY5NzdDRjhC QjE2MTQzNjAeFw0yNjA2MDIyMTAwMzVaFw0yNjA2MDMyMzUyMzVaMDMxMTAvBgNV BAMTKDgwRjlCM0Y2M0Q4RDNEMjM1MDFBNjMyMkU3RTRFMUZGOURCMzZCM0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRFQAdsZXVypIA7wqjabZA5vjf tRP2dX9bdBGzTCKiLa/NmtegAfdVJIudXwngiiySDLedHHq1kDh6PLNIUpqQi4Qr rsiKhXrt1hJA/zrw3rWpV2bZxnL4Bjv7iAQ72gaGXypPETJk8IQ2jX+xhblAid+P OcDOfGKrp3nKdlxklheYMy3Q3EIFKBynUmUuRoHof+oU/Z5+hopz5WBpUG50KOqG wcvDszYH0chvBfUAAjPe088x9/zq5j+iu0BicKnsFUWS0oO629a1JnGQdS9Z0CMY CIHDGwQfR7o2kL3SDEU+8ERiPocypYnNuovnixMhzwo+QGwpauZAZfpFDrrJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUgPmz9j2NPSNQGmMi5+Th/52zazswHwYDVR0j BBgwFoAU0gweDdAqqLHOH+ukdpd8+LsWFDYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MmNkNzUzNmQtOWUxMC00ZDQ5LWI2Y2EtMDQxY2M5YTU5MTRlLzAvRDIwQzFFMERE MDJBQThCMUNFMUZFQkE0NzY5NzdDRjhCQjE2MTQzNi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMjBDMUUwREQwMkFBOEIxQ0UxRkVCQTQ3Njk3N0NGOEJCMTYx NDM2LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMmNkNzUzNmQtOWUxMC00ZDQ5LWI2 Y2EtMDQxY2M5YTU5MTRlLzAvRDIwQzFFMEREMDJBQThCMUNFMUZFQkE0NzY5NzdD RjhCQjE2MTQzNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJE0opwQyU7d4XRYulU4di+RQbS0Ko5tS1Lc hfY4TjOGdrRYdHyCMI6sCTXzMU24f5uEWms7g9eiF668fv5JrYGGcjOzeeiBtOsD HWjb4618Z9FwStwOXooX5t7dwmOIsy1tbA3l1Tx+xyLieGLeoCWLWsMprAVuqFdb Scd9hP22fqpC5p6AvWY4pUO7LsJAh04eXYaOa8iGeO3cGP5ICsi19D4ZA1VYZlRw D9UExhNbg0VPauLpwotwIwC+/MNAWgveK4XfXaFwUKHuaAfDJakMWZ4VDOgk51z8 QSKDemDisxtygx704F+LrEsMuKISBHUdrCARKQuTe1uxtymxlqA= -----END CERTIFICATE-----Generated at Wed Jun 3 04:37:25 2026 by rpki-client