$ rpki-client -vvf rpki-rsync.idnic.net/repo/9b6ae2a2-d93f-49ca-ba4b-171ff8d1e57f/0/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.mft File: 85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.mft (raw, json) Hash identifier: X9TiTwgDlwlqNo3GngNWNMzVVWPrzOcu3IIV6YcRQX4= Subject key identifier: 85:CC:99:47:C9:3B:6E:B7:CA:3D:33:54:6C:9F:52:BC:3F:8F:8F:F7 Authority key identifier: 85:67:2F:F4:60:7E:3A:FD:9C:AC:D9:7C:84:E0:F2:47:A8:9F:C3:C7 Certificate issuer: /CN=85672FF4607E3AFD9CACD97C84E0F247A89FC3C7 Certificate serial: 65A6F5689CA0BB4CB40A04BEB626D4C881F2E176 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/9b6ae2a2-d93f-49ca-ba4b-171ff8d1e57f/0/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 07:39:32 +0000 Manifest this update: Tue 02 Jun 2026 07:34:32 +0000 Manifest next update: Wed 03 Jun 2026 10:13:32 +0000 Files and hashes: 1: 3130332e39332e3135382e302f32332d3234203d3e20313336313136.roa (hash: SMyShINBZJhBLQDbVGEzp9/aVi59DehpgguYlaDtpEI=) 2: 3130332e3131322e3232382e302f32332d3234203d3e20313336313136.roa (hash: yAzMQkLI2YElNnNv3RsEoxmgF9F1Ze8FCH2iEusLcbI=) 3: 85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.crl (hash: gvqQzStpgZRjCt5/Izs8IwKsZPutTmYjjOSQgkywABA=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/9b6ae2a2-d93f-49ca-ba4b-171ff8d1e57f/0/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.crl rsync://rpki-rsync.idnic.net/repo/9b6ae2a2-d93f-49ca-ba4b-171ff8d1e57f/0/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:13:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:a6:f5:68:9c:a0:bb:4c:b4:0a:04:be:b6:26:d4:c8:81:f2:e1:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85672FF4607E3AFD9CACD97C84E0F247A89FC3C7 Validity Not Before: Jun 2 07:34:32 2026 GMT Not After : Jun 3 10:13:32 2026 GMT Subject: CN=85CC9947C93B6EB7CA3D33546C9F52BC3F8F8FF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:15:b5:8d:18:e1:de:04:49:76:0e:90:74:0b: fe:63:c8:d3:07:6d:f7:3d:68:bc:e5:fc:28:3c:08: 42:1b:32:6a:8c:6d:eb:f1:f4:30:e5:f1:e7:66:e8: 3c:33:8e:04:f1:af:3a:ee:8c:4b:d7:94:0a:d1:9d: 94:87:e0:8f:bb:25:75:61:2a:34:fc:bc:88:9a:56: b8:05:4a:20:cc:d5:fe:fc:cf:0c:ae:16:96:68:cb: a1:6f:da:21:87:96:ee:33:db:31:f8:57:f3:94:cf: bc:62:33:de:32:70:6b:01:ed:b5:ed:f6:89:72:59: 3b:9f:ce:5e:64:22:80:80:76:9d:82:49:85:37:e3: a7:5c:0d:08:47:81:95:c1:57:b4:04:5a:b2:70:e1: 80:a5:e1:f5:6c:78:6b:ce:27:6b:36:e1:ff:75:92: 65:d4:8c:b3:26:90:df:bb:a3:db:fa:bc:6e:e6:91: 34:bd:3e:90:23:16:33:3d:35:4a:bf:4c:06:21:d7: 8f:82:83:9a:f4:60:38:3e:14:f7:53:b7:ef:25:3c: a4:78:e6:cb:30:b7:10:00:72:51:53:56:71:92:c4: 53:fe:45:ab:2d:7b:7d:81:80:90:32:aa:3f:d5:0c: d5:ec:80:c2:6b:de:b9:5a:d3:4f:3a:e3:90:55:1f: 50:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:CC:99:47:C9:3B:6E:B7:CA:3D:33:54:6C:9F:52:BC:3F:8F:8F:F7 X509v3 Authority Key Identifier: keyid:85:67:2F:F4:60:7E:3A:FD:9C:AC:D9:7C:84:E0:F2:47:A8:9F:C3:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/9b6ae2a2-d93f-49ca-ba4b-171ff8d1e57f/0/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/9b6ae2a2-d93f-49ca-ba4b-171ff8d1e57f/0/85672FF4607E3AFD9CACD97C84E0F247A89FC3C7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:e6:2e:d3:c5:d1:a5:f2:0d:1f:b8:65:bb:9f:69:87:6d:f7: fc:bd:fd:67:b3:1f:9c:d3:af:42:e4:0d:37:92:1a:de:72:da: 71:0f:0f:e9:17:8c:a1:ed:2d:8c:c2:a4:27:41:f1:cb:c7:0e: 73:c9:8b:d9:f7:c5:ef:ea:b0:3a:30:47:97:ff:c9:3c:bf:47: 30:80:27:79:5f:78:e8:c6:9c:29:0c:94:11:ff:42:d7:0c:d2: 25:85:cd:30:f6:12:f7:42:7b:44:e6:05:f6:00:f7:d8:3a:26: 0d:c0:dc:34:c8:b0:e3:12:b5:aa:07:a4:c2:ba:4e:ae:57:e5: cb:7c:16:ed:13:b7:93:d1:41:88:a3:66:27:f1:76:76:a6:71: 52:19:80:0f:6b:6b:6f:dd:d2:4d:15:a4:3d:d5:4f:00:7f:05: b1:e5:dd:9b:17:84:d2:d4:f0:02:71:5b:55:a5:37:5f:7a:ac: e1:8c:92:6d:91:e4:d9:31:1e:97:c1:b2:87:2a:33:14:c2:3b: 04:15:5c:9b:8e:47:22:7c:cd:95:0e:1a:48:1a:72:12:f4:9a: 12:02:65:f7:04:e7:e4:ef:16:0f:78:80:30:ac:c5:d1:4b:d5: 99:89:b3:89:67:8a:1d:5f:de:f2:8b:9e:27:51:ff:1c:8a:bd: 76:93:7d:92 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZab1aJygu0y0CgS+tibUyIHy4XYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODU2NzJGRjQ2MDdFM0FGRDlDQUNEOTdDODRFMEYyNDdB ODlGQzNDNzAeFw0yNjA2MDIwNzM0MzJaFw0yNjA2MDMxMDEzMzJaMDMxMTAvBgNV BAMTKDg1Q0M5OTQ3QzkzQjZFQjdDQTNEMzM1NDZDOUY1MkJDM0Y4RjhGRjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDFbWNGOHeBEl2DpB0C/5jyNMH bfc9aLzl/Cg8CEIbMmqMbevx9DDl8edm6DwzjgTxrzrujEvXlArRnZSH4I+7JXVh KjT8vIiaVrgFSiDM1f78zwyuFpZoy6Fv2iGHlu4z2zH4V/OUz7xiM94ycGsB7bXt 9olyWTufzl5kIoCAdp2CSYU346dcDQhHgZXBV7QEWrJw4YCl4fVseGvOJ2s24f91 kmXUjLMmkN+7o9v6vG7mkTS9PpAjFjM9NUq/TAYh14+Cg5r0YDg+FPdTt+8lPKR4 5sswtxAAclFTVnGSxFP+Raste32BgJAyqj/VDNXsgMJr3rla008645BVH1DzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhcyZR8k7brfKPTNUbJ9SvD+Pj/cwHwYDVR0j BBgwFoAUhWcv9GB+Ov2crNl8hODyR6ifw8cwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v OWI2YWUyYTItZDkzZi00OWNhLWJhNGItMTcxZmY4ZDFlNTdmLzAvODU2NzJGRjQ2 MDdFM0FGRDlDQUNEOTdDODRFMEYyNDdBODlGQzNDNy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS84NTY3MkZGNDYwN0UzQUZEOUNBQ0Q5N0M4NEUwRjI0N0E4OUZD M0M3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vOWI2YWUyYTItZDkzZi00OWNhLWJh NGItMTcxZmY4ZDFlNTdmLzAvODU2NzJGRjQ2MDdFM0FGRDlDQUNEOTdDODRFMEYy NDdBODlGQzNDNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEvmLtPF0aXyDR+4ZbufaYdt9/y9/WezH5zT r0LkDTeSGt5y2nEPD+kXjKHtLYzCpCdB8cvHDnPJi9n3xe/qsDowR5f/yTy/RzCA J3lfeOjGnCkMlBH/QtcM0iWFzTD2EvdCe0TmBfYA99g6Jg3A3DTIsOMStaoHpMK6 Tq5X5ct8Fu0Tt5PRQYijZifxdnamcVIZgA9ra2/d0k0VpD3VTwB/BbHl3ZsXhNLU 8AJxW1WlN196rOGMkm2R5NkxHpfBsocqMxTCOwQVXJuORyJ8zZUOGkgachL0mhIC ZfcE5+TvFg94gDCsxdFL1ZmJs4lnih1f3vKLnidR/xyKvXaTfZI= -----END CERTIFICATE-----Generated at Wed Jun 3 03:39:01 2026 by rpki-client