$ rpki-client -vvf rpki-rsync.idnic.net/repo/a8c068da-f9c5-4036-854b-922caa93f324/0/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.mft File: 25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.mft (raw, json) Hash identifier: 5hGujyjzeZRMYe3fBNmTdSd+bmRl0y2qWnhab1UZ7JU= Subject key identifier: 53:8A:66:DA:79:CB:FB:16:01:B2:82:D1:73:A4:B8:B0:2F:B4:79:BB Authority key identifier: 25:DF:CC:E8:53:93:67:30:6B:FE:98:EC:BC:25:4B:3C:D0:FF:3F:5B Certificate issuer: /CN=25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B Certificate serial: 2C1ADD12DA5C6EC79F9A1AB85279585E5A311A3E Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/a8c068da-f9c5-4036-854b-922caa93f324/0/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.mft Manifest number: 2B Signing time: Tue 02 Jun 2026 15:23:40 +0000 Manifest this update: Tue 02 Jun 2026 15:18:40 +0000 Manifest next update: Wed 03 Jun 2026 16:54:40 +0000 Files and hashes: 1: 3130332e3134352e3130382e302f32342d3234203d3e20313339343436.roa (hash: OEqKbqVoV+spRdzW+aE4+2tFsdczawhoz6Mphx/Zguc=) 2: 25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.crl (hash: tcs40BAjzTI1wTPRzqwQ0SbVaSZPL8sacKDJuKkrNxk=) 3: 3130332e3134352e3130382e302f32332d3233203d3e20313339343436.roa (hash: thKA0k3SKd9ZuPgdjH+VF43W5Rz/i9a2JTXNPTXM6a0=) 4: 3130332e3134352e3130392e302f32342d3234203d3e20313339343436.roa (hash: 0P5qBTgfllLlHCA3nz89Ltdzy1jcnaNNEY3SQXv/0II=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/a8c068da-f9c5-4036-854b-922caa93f324/0/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.crl rsync://rpki-rsync.idnic.net/repo/a8c068da-f9c5-4036-854b-922caa93f324/0/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 16:54:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:1a:dd:12:da:5c:6e:c7:9f:9a:1a:b8:52:79:58:5e:5a:31:1a:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B Validity Not Before: Jun 2 15:18:40 2026 GMT Not After : Jun 3 16:54:40 2026 GMT Subject: CN=538A66DA79CBFB1601B282D173A4B8B02FB479BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:67:a5:ea:6b:0e:97:7d:dc:e2:b6:62:b4:d4: 31:29:e3:bd:1e:09:46:63:fb:63:b6:67:7d:10:fd: 72:2a:07:d8:ca:34:a0:f2:d4:32:e5:fd:93:b2:37: be:91:0c:2a:d1:45:4b:91:0f:f6:de:75:94:6c:df: 4e:63:b7:45:85:b2:51:ec:b6:09:4f:3c:93:ce:e4: 45:66:44:30:8d:77:c3:39:14:d1:00:f4:42:ba:93: 4b:4c:72:39:8d:84:51:08:0a:76:37:e6:02:9c:4e: 58:1f:56:be:9f:be:77:db:ee:13:df:60:f0:e0:8a: af:7c:ef:b0:6c:f2:30:0e:a1:83:4d:f7:cd:f9:6e: 67:7d:1e:3e:4a:5e:52:0b:4c:59:6f:a4:cf:d7:67: b2:0d:85:68:c6:e5:45:33:b9:6c:dd:ce:3f:75:d9: b7:60:e2:17:72:6c:f1:c4:37:b1:4b:ed:da:7b:fe: c3:f0:3b:bf:88:72:a0:bf:36:b6:27:37:98:8b:d4: 7f:5e:4f:97:49:0a:be:ea:c1:0a:71:55:45:d7:72: 53:c8:e2:95:f4:c1:34:70:62:b8:77:c3:12:e6:f8: 97:9c:b1:25:4c:44:c2:45:c5:f5:90:93:de:4d:1f: 65:d2:a9:5b:e3:c1:0b:e1:4f:9e:bd:a4:f6:b9:25: de:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:8A:66:DA:79:CB:FB:16:01:B2:82:D1:73:A4:B8:B0:2F:B4:79:BB X509v3 Authority Key Identifier: keyid:25:DF:CC:E8:53:93:67:30:6B:FE:98:EC:BC:25:4B:3C:D0:FF:3F:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/a8c068da-f9c5-4036-854b-922caa93f324/0/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/a8c068da-f9c5-4036-854b-922caa93f324/0/25DFCCE8539367306BFE98ECBC254B3CD0FF3F5B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e2:99:68:30:4b:81:9e:67:59:31:d8:9f:63:16:fd:f1:ae:ec: 68:bc:f5:9a:ae:a0:1a:3b:3a:ab:63:7b:8c:6e:67:d5:4a:d9: 7a:f0:7d:0c:68:ea:97:3d:38:69:82:de:c8:5a:a4:28:96:13: bf:25:e1:b1:16:65:f6:16:8d:97:90:32:9c:11:81:d3:0d:f7: 6d:11:06:c7:96:75:d3:09:5c:62:73:83:48:67:b4:e6:72:41: b7:f3:71:4b:8b:47:06:ce:4f:6f:e7:91:b5:21:16:74:af:5d: 8a:04:89:26:6e:6d:8e:5f:34:12:8b:0e:84:1c:36:f5:c5:a1: 45:a6:69:b0:15:5b:a8:af:46:8f:41:9d:e6:75:0a:5a:e1:68: 04:14:55:a8:43:6d:f6:08:e3:cf:22:6c:01:83:df:ff:2f:05: 54:e6:1f:82:03:00:ba:1b:01:5c:00:7e:ee:50:ca:be:92:2f: bd:68:ff:e8:80:09:f6:e5:48:00:12:6f:ce:68:67:7a:47:1a: 0b:28:5d:6f:4f:be:15:3d:fc:90:78:bb:73:a1:f6:7c:c1:7f: 1c:62:ba:aa:6b:f4:05:0d:aa:aa:7c:f4:ca:4b:05:95:8d:0f: ea:6b:3e:88:0f:14:fe:92:1a:6c:5a:90:bb:b0:09:a6:49:5a: 6b:78:3a:5a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULBrdEtpcbsefmhq4UnlYXloxGj4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjVERkNDRTg1MzkzNjczMDZCRkU5OEVDQkMyNTRCM0NE MEZGM0Y1QjAeFw0yNjA2MDIxNTE4NDBaFw0yNjA2MDMxNjU0NDBaMDMxMTAvBgNV BAMTKDUzOEE2NkRBNzlDQkZCMTYwMUIyODJEMTczQTRCOEIwMkZCNDc5QkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhZ6Xqaw6XfdzitmK01DEp470e CUZj+2O2Z30Q/XIqB9jKNKDy1DLl/ZOyN76RDCrRRUuRD/bedZRs305jt0WFslHs tglPPJPO5EVmRDCNd8M5FNEA9EK6k0tMcjmNhFEICnY35gKcTlgfVr6fvnfb7hPf YPDgiq9877Bs8jAOoYNN9835bmd9Hj5KXlILTFlvpM/XZ7INhWjG5UUzuWzdzj91 2bdg4hdybPHEN7FL7dp7/sPwO7+IcqC/NrYnN5iL1H9eT5dJCr7qwQpxVUXXclPI 4pX0wTRwYrh3wxLm+JecsSVMRMJFxfWQk95NH2XSqVvjwQvhT569pPa5Jd5RAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUU4pm2nnL+xYBsoLRc6S4sC+0ebswHwYDVR0j BBgwFoAUJd/M6FOTZzBr/pjsvCVLPND/P1swDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YThjMDY4ZGEtZjljNS00MDM2LTg1NGItOTIyY2FhOTNmMzI0LzAvMjVERkNDRTg1 MzkzNjczMDZCRkU5OEVDQkMyNTRCM0NEMEZGM0Y1Qi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8yNURGQ0NFODUzOTM2NzMwNkJGRTk4RUNCQzI1NEIzQ0QwRkYz RjVCLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYThjMDY4ZGEtZjljNS00MDM2LTg1 NGItOTIyY2FhOTNmMzI0LzAvMjVERkNDRTg1MzkzNjczMDZCRkU5OEVDQkMyNTRC M0NEMEZGM0Y1Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAOKZaDBLgZ5nWTHYn2MW/fGu7Gi89ZquoBo7 Oqtje4xuZ9VK2XrwfQxo6pc9OGmC3shapCiWE78l4bEWZfYWjZeQMpwRgdMN920R BseWddMJXGJzg0hntOZyQbfzcUuLRwbOT2/nkbUhFnSvXYoEiSZubY5fNBKLDoQc NvXFoUWmabAVW6ivRo9BneZ1ClrhaAQUVahDbfYI488ibAGD3/8vBVTmH4IDALob AVwAfu5Qyr6SL71o/+iACfblSAASb85oZ3pHGgsoXW9PvhU9/JB4u3Oh9nzBfxxi uqpr9AUNqqp89MpLBZWND+prPogPFP6SGmxakLuwCaZJWmt4Olo= -----END CERTIFICATE-----Generated at Wed Jun 3 04:08:58 2026 by rpki-client