$ rpki-client -vvf rpki-rsync.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/CEC7223DC3162D68B5B173F5479670C6ED7E854B.mft File: CEC7223DC3162D68B5B173F5479670C6ED7E854B.mft (raw, json) Hash identifier: dElzi5eK3ynUOMA7tO9WIdRGUh2KdO/0VkBUaKWrkcc= Subject key identifier: 57:FD:A0:D1:5E:6A:5C:E4:02:3A:C9:C9:69:C7:4A:A1:85:84:C9:54 Authority key identifier: CE:C7:22:3D:C3:16:2D:68:B5:B1:73:F5:47:96:70:C6:ED:7E:85:4B Certificate issuer: /CN=CEC7223DC3162D68B5B173F5479670C6ED7E854B Certificate serial: 1A8D9685E245B90AF68834E4C8E7BFBAE01322A4 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CEC7223DC3162D68B5B173F5479670C6ED7E854B.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/CEC7223DC3162D68B5B173F5479670C6ED7E854B.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 11:13:54 +0000 Manifest this update: Tue 02 Jun 2026 11:08:54 +0000 Manifest next update: Wed 03 Jun 2026 13:03:54 +0000 Files and hashes: 1: 3130332e39302e3235302e302f32332d3234203d3e20313336313032.roa (hash: /5UsQ72wkftXufGALBqkedRUAuHfRHvsc0Wy+KWVZoE=) 2: 34392e3132382e3138382e302f32322d3234203d3e20313337323836.roa (hash: VNYYS2GDQmFWdOUq1UzUKPeHy/hhrUowLycYAkc8LZ4=) 3: CEC7223DC3162D68B5B173F5479670C6ED7E854B.crl (hash: Lss7vwSqMa54IyyO/YHOKy0vQyf1O5rQ7RBohbSnHa8=) 4: 3130332e39302e3234382e302f32332d3234203d3e20313337323836.roa (hash: 3KlRb2Xxps0pa33onoIOEPbzzvYPuOJ6GZ6dlFF3dyg=) 5: 3130332e31302e3134382e302f32322d3234203d3e20313336313032.roa (hash: IkerkjqgnhBAn5EejyZFy6lrwBbURS4/dFzRwIvSKxM=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/CEC7223DC3162D68B5B173F5479670C6ED7E854B.crl rsync://rpki-rsync.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/CEC7223DC3162D68B5B173F5479670C6ED7E854B.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CEC7223DC3162D68B5B173F5479670C6ED7E854B.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:8d:96:85:e2:45:b9:0a:f6:88:34:e4:c8:e7:bf:ba:e0:13:22:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEC7223DC3162D68B5B173F5479670C6ED7E854B Validity Not Before: Jun 2 11:08:54 2026 GMT Not After : Jun 3 13:03:54 2026 GMT Subject: CN=57FDA0D15E6A5CE4023AC9C969C74AA18584C954 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:64:df:85:d2:be:ba:b1:02:7d:50:d4:4f:33: f3:f4:ad:ac:fb:6d:54:67:5a:54:02:35:8b:a5:da: c2:cc:88:39:f5:69:20:e3:9b:d6:a5:a1:c0:f1:ad: bd:33:0b:f5:a4:50:ec:a1:cf:0b:05:48:4d:43:a1: b8:00:08:d9:d3:1a:df:c1:1a:a6:8d:be:31:59:2c: e9:52:be:72:5b:5d:06:23:76:5f:de:1b:b3:0a:97: 3c:15:c2:0d:d1:7b:5a:41:ab:ef:40:16:59:78:51: b4:e1:8f:a3:c2:f5:89:75:b8:26:0f:68:4f:6b:e5: e1:c0:00:f8:fb:38:39:64:3e:d8:de:3d:b9:7e:84: 93:4b:e7:6b:53:4b:58:90:2e:ed:ba:09:f9:a4:61: f1:10:fc:0c:b9:bb:74:24:de:f6:bd:1e:e7:90:e2: 34:aa:ac:1c:0a:10:ad:e2:27:f3:01:25:44:f0:11: 41:67:62:17:a0:cf:db:89:fb:e8:57:f6:41:a2:0b: 08:4d:cc:cf:2c:d3:bf:20:ce:c5:90:6d:08:ae:3d: 06:b4:17:87:37:cb:4f:36:d2:26:a4:d8:7e:e5:6f: f0:89:86:1d:20:ca:85:9b:a3:36:da:b2:0c:f7:97: 9f:ab:41:d1:25:79:6b:64:65:bb:c3:7e:6d:69:b1: e4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:FD:A0:D1:5E:6A:5C:E4:02:3A:C9:C9:69:C7:4A:A1:85:84:C9:54 X509v3 Authority Key Identifier: keyid:CE:C7:22:3D:C3:16:2D:68:B5:B1:73:F5:47:96:70:C6:ED:7E:85:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/CEC7223DC3162D68B5B173F5479670C6ED7E854B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CEC7223DC3162D68B5B173F5479670C6ED7E854B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/CEC7223DC3162D68B5B173F5479670C6ED7E854B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:58:b0:b9:57:ff:35:e5:a2:0d:8d:54:67:fe:06:4f:56:82: f2:60:e4:21:d7:f6:33:f4:26:b9:b0:e9:88:a6:0f:da:6b:bb: b2:aa:3f:26:cb:23:f8:0c:0d:5e:9c:29:c7:f8:68:f0:73:c8: f1:4c:d3:0a:ca:f1:5b:72:fa:e0:9f:7a:43:50:6d:7b:70:00: 66:a9:92:78:ac:8b:ef:a6:98:39:95:85:04:d5:2a:99:04:29: e5:33:91:4b:d6:57:14:6d:0c:5f:83:16:d0:55:b5:79:9f:49: 05:be:f4:3f:19:75:aa:73:37:21:5e:c8:4e:ae:01:8c:90:e7: d1:90:4d:a2:dd:95:75:79:bb:c7:fc:16:4e:1a:d7:85:35:e0: 0e:f2:e0:08:4a:0f:22:c4:12:61:a2:9d:6d:e4:37:7f:f4:f2: 23:f1:6d:e6:a8:d5:72:4c:7a:e6:2e:63:8b:c3:7e:18:58:cf: e0:d4:02:30:5c:47:07:2d:ee:88:c6:ad:82:8c:b9:b6:a3:ed: 03:a2:8f:cc:2a:bd:ea:89:9c:08:ad:1c:00:e6:7f:45:f6:83: b2:7c:70:92:ba:e4:25:13:99:0b:be:d1:eb:93:b0:5c:c1:5a: 2e:48:99:0e:01:76:bb:fb:1e:1c:22:a6:2c:a7:c2:ff:95:c9: 87:da:96:7b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGo2WheJFuQr2iDTkyOe/uuATIqQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VDNzIyM0RDMzE2MkQ2OEI1QjE3M0Y1NDc5NjcwQzZF RDdFODU0QjAeFw0yNjA2MDIxMTA4NTRaFw0yNjA2MDMxMzAzNTRaMDMxMTAvBgNV BAMTKDU3RkRBMEQxNUU2QTVDRTQwMjNBQzlDOTY5Qzc0QUExODU4NEM5NTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCZN+F0r66sQJ9UNRPM/P0raz7 bVRnWlQCNYul2sLMiDn1aSDjm9alocDxrb0zC/WkUOyhzwsFSE1DobgACNnTGt/B GqaNvjFZLOlSvnJbXQYjdl/eG7MKlzwVwg3Re1pBq+9AFll4UbThj6PC9Yl1uCYP aE9r5eHAAPj7ODlkPtjePbl+hJNL52tTS1iQLu26CfmkYfEQ/Ay5u3Qk3va9HueQ 4jSqrBwKEK3iJ/MBJUTwEUFnYhegz9uJ++hX9kGiCwhNzM8s078gzsWQbQiuPQa0 F4c3y0820iak2H7lb/CJhh0gyoWbozbasgz3l5+rQdEleWtkZbvDfm1pseRXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUV/2g0V5qXOQCOsnJacdKoYWEyVQwHwYDVR0j BBgwFoAUzsciPcMWLWi1sXP1R5Zwxu1+hUswDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NDQwMmRhYTUtZmIwYy00YTI0LTk4ODktMzNiZDUwZGI0ZmUwLzAvQ0VDNzIyM0RD MzE2MkQ2OEI1QjE3M0Y1NDc5NjcwQzZFRDdFODU0Qi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DRUM3MjIzREMzMTYyRDY4QjVCMTczRjU0Nzk2NzBDNkVEN0U4 NTRCLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNDQwMmRhYTUtZmIwYy00YTI0LTk4 ODktMzNiZDUwZGI0ZmUwLzAvQ0VDNzIyM0RDMzE2MkQ2OEI1QjE3M0Y1NDc5Njcw QzZFRDdFODU0Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG1YsLlX/zXlog2NVGf+Bk9WgvJg5CHX9jP0 Jrmw6YimD9pru7KqPybLI/gMDV6cKcf4aPBzyPFM0wrK8Vty+uCfekNQbXtwAGap knisi++mmDmVhQTVKpkEKeUzkUvWVxRtDF+DFtBVtXmfSQW+9D8ZdapzNyFeyE6u AYyQ59GQTaLdlXV5u8f8Fk4a14U14A7y4AhKDyLEEmGinW3kN3/08iPxbeao1XJM euYuY4vDfhhYz+DUAjBcRwct7ojGrYKMubaj7QOij8wqveqJnAitHADmf0X2g7J8 cJK65CUTmQu+0euTsFzBWi5ImQ4Bdrv7Hhwipiynwv+VyYfalns= -----END CERTIFICATE-----Generated at Wed Jun 3 04:08:48 2026 by rpki-client