$ rpki-client -vvf rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.mft File: D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.mft (raw, json) Hash identifier: cqwUuIgSzrLl0wfI1z+vDiXPtr/a+HVIN4GZfapKvIU= Subject key identifier: DE:E2:D1:7B:DD:86:DD:A8:1F:0E:4E:DA:63:9D:A2:64:A5:CB:1A:A8 Authority key identifier: D8:5D:DC:BE:5B:D7:5A:50:DB:0F:9F:99:16:12:3B:E9:7C:C8:E0:1A Certificate issuer: /CN=D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A Certificate serial: 15EA5FA7BC02C0EC1988EC793734FE673F3AF456 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.mft Manifest number: 2B Signing time: Tue 02 Jun 2026 16:29:53 +0000 Manifest this update: Tue 02 Jun 2026 16:24:53 +0000 Manifest next update: Wed 03 Jun 2026 16:46:53 +0000 Files and hashes: 1: 323030313a6466303a6134303a3a2f34382d3438203d3e20313439333532.roa (hash: oPoNFbylWE3wDnquzh9cCts/g1mAJ32eRWzuqQ1Bx0w=) 2: D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.crl (hash: 0DJD8pRzO1X5IHynItECccVQnV/oTwqropLzpT7qxVA=) 3: 3130332e3137342e31342e302f32332d3234203d3e20313439333532.roa (hash: Y/EQKcpkANIA0psSjIaznqwzitz7bm3TFARBNjc3Kms=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.crl rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 16:46:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:ea:5f:a7:bc:02:c0:ec:19:88:ec:79:37:34:fe:67:3f:3a:f4:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A Validity Not Before: Jun 2 16:24:53 2026 GMT Not After : Jun 3 16:46:53 2026 GMT Subject: CN=DEE2D17BDD86DDA81F0E4EDA639DA264A5CB1AA8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:b8:db:29:9a:2a:53:86:36:c1:3c:b7:8c:f2: 0a:10:67:a6:d3:0b:be:5d:17:a7:60:0d:ea:c1:17: 6b:03:10:6d:c6:76:c7:d7:83:09:9e:20:63:86:3d: 68:85:ec:f3:4a:4a:53:95:f5:fb:7a:9c:5f:6b:da: 30:bb:58:f7:17:97:5d:98:f5:72:dd:fc:eb:34:01: 06:f6:ee:dd:e8:04:be:08:d9:02:da:75:74:7b:0a: bd:22:62:d9:9a:e8:b6:15:08:62:8e:4c:68:85:98: 6b:93:29:2e:d6:fe:2d:9b:38:99:36:48:f1:cc:c4: 79:1b:bf:7c:72:49:82:8f:f7:e4:9b:1d:b3:7a:09: ce:4f:dd:74:7b:2d:d4:bc:da:bf:a3:e3:65:22:e0: 9f:61:2c:3e:0d:12:22:f0:37:8d:51:d0:4e:d3:49: fa:5f:b6:0c:b4:d4:20:45:71:7d:fb:02:65:90:66: 5b:62:a0:98:ec:d2:22:e1:39:71:45:ed:4b:20:8a: 9c:ff:5c:39:8b:86:13:46:43:43:c0:4e:3e:fd:df: 2b:38:27:95:4a:2b:e2:e2:f6:65:07:53:37:4f:3a: 46:6f:42:f7:f1:68:18:86:5c:7b:bd:7b:1a:8d:6f: b6:22:f2:7c:73:bd:ef:35:2e:d8:a3:b0:c3:0b:9a: 8e:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:E2:D1:7B:DD:86:DD:A8:1F:0E:4E:DA:63:9D:A2:64:A5:CB:1A:A8 X509v3 Authority Key Identifier: keyid:D8:5D:DC:BE:5B:D7:5A:50:DB:0F:9F:99:16:12:3B:E9:7C:C8:E0:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cc:29:97:28:3a:19:42:c0:00:61:24:51:7a:bc:08:e5:0d:50: 14:bd:ba:51:98:b7:1c:61:7b:f8:02:1a:7b:ac:85:02:25:2f: b7:cc:df:de:b1:b2:4f:b4:6d:a7:d1:d4:ab:c4:c7:3d:ff:08: fe:92:e0:bd:95:ba:6a:d2:99:16:27:88:ea:d6:cf:aa:dd:67: 14:ee:3b:30:66:2f:04:03:16:57:db:35:e6:fe:39:aa:43:c3: b9:35:b0:26:14:3e:7a:8f:21:d1:2a:71:d2:98:03:b5:97:45: d3:bd:4b:06:37:dd:a6:4e:50:11:4c:fc:ea:b6:cb:cc:1c:9a: e5:e6:34:74:90:e1:0a:94:0d:de:7b:aa:8f:c4:09:5a:b8:ca: bb:f7:d4:5a:3d:42:a4:d7:05:5e:6d:82:a6:9b:91:2f:65:82: b1:08:ef:3e:7c:9a:a3:25:fe:5a:02:da:bc:3d:4f:62:00:0d: ab:9a:ee:04:53:b9:4c:be:f3:c8:57:a2:66:16:18:fb:59:89: 9e:85:f2:c8:2e:67:e1:b3:55:86:82:72:e0:f3:2c:46:dd:64: ff:7c:7a:23:a0:fc:bf:a1:ce:78:e2:da:b8:e7:e3:da:33:59: 75:87:e6:be:4a:85:e6:a7:4a:6c:a3:81:05:ab:ce:de:5d:4b: 21:86:38:79 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFepfp7wCwOwZiOx5NzT+Zz869FYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDg1RERDQkU1QkQ3NUE1MERCMEY5Rjk5MTYxMjNCRTk3 Q0M4RTAxQTAeFw0yNjA2MDIxNjI0NTNaFw0yNjA2MDMxNjQ2NTNaMDMxMTAvBgNV BAMTKERFRTJEMTdCREQ4NkREQTgxRjBFNEVEQTYzOURBMjY0QTVDQjFBQTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+uNspmipThjbBPLeM8goQZ6bT C75dF6dgDerBF2sDEG3GdsfXgwmeIGOGPWiF7PNKSlOV9ft6nF9r2jC7WPcXl12Y 9XLd/Os0AQb27t3oBL4I2QLadXR7Cr0iYtma6LYVCGKOTGiFmGuTKS7W/i2bOJk2 SPHMxHkbv3xySYKP9+SbHbN6Cc5P3XR7LdS82r+j42Ui4J9hLD4NEiLwN41R0E7T Sfpftgy01CBFcX37AmWQZltioJjs0iLhOXFF7Usgipz/XDmLhhNGQ0PATj793ys4 J5VKK+Li9mUHUzdPOkZvQvfxaBiGXHu9exqNb7Yi8nxzve81LtijsMMLmo4bAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU3uLRe92G3agfDk7aY52iZKXLGqgwHwYDVR0j BBgwFoAU2F3cvlvXWlDbD5+ZFhI76XzI4BowDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v OWVhYjBhMDEtOGVlNC00ODI1LTg0MGQtMTEyZGFlZjBhY2E4LzAvRDg1RERDQkU1 QkQ3NUE1MERCMEY5Rjk5MTYxMjNCRTk3Q0M4RTAxQS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EODVERENCRTVCRDc1QTUwREIwRjlGOTkxNjEyM0JFOTdDQzhF MDFBLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vOWVhYjBhMDEtOGVlNC00ODI1LTg0 MGQtMTEyZGFlZjBhY2E4LzAvRDg1RERDQkU1QkQ3NUE1MERCMEY5Rjk5MTYxMjNC RTk3Q0M4RTAxQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMwplyg6GULAAGEkUXq8COUNUBS9ulGYtxxh e/gCGnushQIlL7fM396xsk+0bafR1KvExz3/CP6S4L2VumrSmRYniOrWz6rdZxTu OzBmLwQDFlfbNeb+OapDw7k1sCYUPnqPIdEqcdKYA7WXRdO9SwY33aZOUBFM/Oq2 y8wcmuXmNHSQ4QqUDd57qo/ECVq4yrv31Fo9QqTXBV5tgqabkS9lgrEI7z58mqMl /loC2rw9T2IADaua7gRTuUy+88hXomYWGPtZiZ6F8sguZ+GzVYaCcuDzLEbdZP98 eiOg/L+hznji2rjn49ozWXWH5r5KheanSmyjgQWrzt5dSyGGOHk= -----END CERTIFICATE-----Generated at Wed Jun 3 04:15:59 2026 by rpki-client