$ rpki-client -vvf rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft File: CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft (raw, json) Hash identifier: lTagMGgD7HFf4dQjWzOx2hEppN60PyX+gSb02uFt7Hc= Subject key identifier: 44:49:D8:7A:6B:7F:45:CB:7C:E3:E1:F8:9B:81:FD:27:CF:7B:F6:C6 Authority key identifier: CF:67:7D:C4:A0:E9:F5:2E:45:8D:7F:78:6C:11:00:4C:BC:C0:6B:E6 Certificate issuer: /CN=CF677DC4A0E9F52E458D7F786C11004CBCC06BE6 Certificate serial: 53C5B9306CC1801582163B157394C94DA4751BC3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft Manifest number: 2B Signing time: Tue 02 Jun 2026 10:28:04 +0000 Manifest this update: Tue 02 Jun 2026 10:23:04 +0000 Manifest next update: Wed 03 Jun 2026 11:56:04 +0000 Files and hashes: 1: CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.crl (hash: xcql/a1Hk/6cKutxYFp3WbB0f75sgt15jZyHmTt76TA=) 2: 3230332e3230312e35302e302f32332d3234203d3e203138313033.roa (hash: hnbLn0WCQW7tjxDDomIPOhXC1r7ltYUmnmJCJUDX+Hs=) 3: 34332e3234382e32342e302f32322d3234203d3e203138313033.roa (hash: 9zWseK0VGBFjDjSukC7sEdd2KVTBNcjvlH0F1oisM48=) 4: 3230332e3132382e36342e302f31392d3234203d3e203138313033.roa (hash: eBoaZqyr6WlSbN/AJF6RgzCQyG+1zBmzaFfb/7fN5dY=) 5: 3130332e31302e39362e302f32322d3234203d3e203138313033.roa (hash: h+jOCf2n8qXpyofV0yrwta8TGMspkZPZ+KTwYTU4B7c=) 6: 323430313a316230303a3a2f33322d3438203d3e203138313033.roa (hash: LF0MrR9BI6ohPR99FqHdVyHSCGgsD/4Honm25vFKTtU=) 7: 3130332e32332e3234302e302f32322d3234203d3e203138313033.roa (hash: CIu+a1x1Ob4TtttYENYOSXpa0Xw1+bkYfz/RVtE/6mo=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.crl rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:c5:b9:30:6c:c1:80:15:82:16:3b:15:73:94:c9:4d:a4:75:1b:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CF677DC4A0E9F52E458D7F786C11004CBCC06BE6 Validity Not Before: Jun 2 10:23:04 2026 GMT Not After : Jun 3 11:56:04 2026 GMT Subject: CN=4449D87A6B7F45CB7CE3E1F89B81FD27CF7BF6C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:04:17:40:af:91:6d:59:91:37:19:c0:4e:e5: 25:90:ec:40:34:b2:56:24:d2:f9:e5:01:4b:ff:5c: ed:b9:51:90:1c:d9:f9:45:24:5f:fe:1c:5f:a5:a5: ca:64:e1:b0:7f:0c:19:46:fa:57:e0:60:27:d6:c9: 5c:a8:ec:b2:1b:c0:6e:77:b9:4e:1a:ce:92:92:1b: 67:4b:bc:b1:42:99:30:17:8c:02:ae:6f:24:b6:19: 1b:be:85:89:18:33:6c:28:52:b6:ab:50:e4:ef:11: 09:1d:8b:20:df:14:b2:ab:6b:99:f4:ba:f4:21:5a: 8f:0a:2f:0c:57:63:a1:3c:7f:4c:62:c5:02:c1:bb: 9e:cd:57:bb:5a:01:47:d9:b7:f4:64:07:2c:cb:88: bc:d1:cf:d4:57:4e:f9:e2:70:69:11:af:c5:e9:55: 05:00:62:78:27:ec:1c:87:d2:e0:91:07:4b:4f:70: cd:eb:3f:dd:6b:1f:89:c9:1f:a7:01:00:28:aa:52: 89:97:5b:f4:5a:99:90:b2:09:93:57:b4:8f:4a:97: 70:8f:d1:4c:c3:48:97:17:72:93:de:65:38:aa:05: b8:d6:9c:91:46:be:b1:a6:27:5d:86:3a:2a:0d:75: 4d:3b:16:80:62:be:fa:36:9e:37:1c:42:57:81:7b: 50:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:49:D8:7A:6B:7F:45:CB:7C:E3:E1:F8:9B:81:FD:27:CF:7B:F6:C6 X509v3 Authority Key Identifier: keyid:CF:67:7D:C4:A0:E9:F5:2E:45:8D:7F:78:6C:11:00:4C:BC:C0:6B:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:31:5f:b7:7a:80:f5:6d:ae:f5:d8:6d:1a:f1:9d:ba:24:10: 39:e8:d6:96:db:b8:7f:75:16:d7:2d:fd:60:5d:97:47:b1:e8: be:9b:84:14:75:b4:9f:ce:d3:7e:44:cd:81:50:54:da:78:b6: ba:0e:c7:5c:18:2c:36:48:fa:ad:4a:5e:2c:76:5a:e1:e9:99: 5f:ef:67:a7:43:80:31:09:1c:af:2f:53:93:be:14:43:7f:95: c9:e3:51:4b:a7:2c:cc:34:60:51:70:54:a6:a9:f0:31:ab:1d: 2a:5c:fc:84:98:7e:3d:f2:43:b5:21:d3:a7:a1:d6:3c:02:6a: 34:1b:e8:b5:f4:e7:65:e1:89:06:28:1c:b9:d0:72:e5:eb:65: 9f:ad:d6:86:56:c6:6b:3c:ef:11:25:40:9b:d5:05:fe:69:96: 98:03:ef:9e:e9:0d:91:45:f8:2a:2d:da:b4:a7:7b:67:45:03: 4e:f0:9a:62:39:99:95:de:1d:19:11:05:15:cf:b5:63:75:cb: 27:b8:ab:8d:cd:6d:7c:cb:fe:f1:f8:c3:59:b6:7b:b4:64:92: 69:da:d5:73:1e:4a:d2:43:07:ef:62:dd:6f:41:15:a0:62:7e: 53:b6:64:d5:09:a1:28:ce:37:25:5c:f3:2e:5e:82:4a:cf:94: db:cc:d7:34 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUU8W5MGzBgBWCFjsVc5TJTaR1G8MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0Y2NzdEQzRBMEU5RjUyRTQ1OEQ3Rjc4NkMxMTAwNENC Q0MwNkJFNjAeFw0yNjA2MDIxMDIzMDRaFw0yNjA2MDMxMTU2MDRaMDMxMTAvBgNV BAMTKDQ0NDlEODdBNkI3RjQ1Q0I3Q0UzRTFGODlCODFGRDI3Q0Y3QkY2QzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtBBdAr5FtWZE3GcBO5SWQ7EA0 slYk0vnlAUv/XO25UZAc2flFJF/+HF+lpcpk4bB/DBlG+lfgYCfWyVyo7LIbwG53 uU4azpKSG2dLvLFCmTAXjAKubyS2GRu+hYkYM2woUrarUOTvEQkdiyDfFLKra5n0 uvQhWo8KLwxXY6E8f0xixQLBu57NV7taAUfZt/RkByzLiLzRz9RXTvnicGkRr8Xp VQUAYngn7ByH0uCRB0tPcM3rP91rH4nJH6cBACiqUomXW/RamZCyCZNXtI9Kl3CP 0UzDSJcXcpPeZTiqBbjWnJFGvrGmJ12GOioNdU07FoBivvo2njccQleBe1AbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUREnYemt/Rct84+H4m4H9J8979sYwHwYDVR0j BBgwFoAUz2d9xKDp9S5FjX94bBEATLzAa+YwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YjE5OWMxYWYtZDljNy00ZmZkLWJhMDMtYTNlMWNkZDhhZWUwLzAvQ0Y2NzdEQzRB MEU5RjUyRTQ1OEQ3Rjc4NkMxMTAwNENCQ0MwNkJFNi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DRjY3N0RDNEEwRTlGNTJFNDU4RDdGNzg2QzExMDA0Q0JDQzA2 QkU2LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYjE5OWMxYWYtZDljNy00ZmZkLWJh MDMtYTNlMWNkZDhhZWUwLzAvQ0Y2NzdEQzRBMEU5RjUyRTQ1OEQ3Rjc4NkMxMTAw NENCQ0MwNkJFNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJExX7d6gPVtrvXYbRrxnbokEDno1pbbuH91 Ftct/WBdl0ex6L6bhBR1tJ/O035EzYFQVNp4troOx1wYLDZI+q1KXix2WuHpmV/v Z6dDgDEJHK8vU5O+FEN/lcnjUUunLMw0YFFwVKap8DGrHSpc/ISYfj3yQ7Uh06eh 1jwCajQb6LX052XhiQYoHLnQcuXrZZ+t1oZWxms87xElQJvVBf5plpgD757pDZFF +Cot2rSne2dFA07wmmI5mZXeHRkRBRXPtWN1yye4q43NbXzL/vH4w1m2e7Rkkmna 1XMeStJDB+9i3W9BFaBiflO2ZNUJoSjONyVc8y5egkrPlNvM1zQ= -----END CERTIFICATE-----Generated at Wed Jun 3 03:38:57 2026 by rpki-client