$ rpki-client -vvf rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft File: 20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft (raw, json) Hash identifier: ylIvtbMQ/inqKeVD1v9GnlF9rvOSXKZPCdhQs5LzWjs= Subject key identifier: 74:D6:98:43:B7:59:80:33:63:FA:F7:5E:B7:A2:E9:7D:5E:F4:43:6A Authority key identifier: 20:B4:FB:5E:02:47:6A:FF:A1:00:3C:5C:90:D3:8F:F4:EC:10:14:B7 Certificate issuer: /CN=20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7 Certificate serial: 0B98FC07B249A58B7B11204D2E5F805BAA374458 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 08:35:35 +0000 Manifest this update: Tue 02 Jun 2026 08:30:35 +0000 Manifest next update: Wed 03 Jun 2026 10:40:35 +0000 Files and hashes: 1: 323030313a6466373a633138303a3a2f34382d3438203d3e20313437303837.roa (hash: rXO9gTdPSQGsrR5rUmnzksusGY7II8+DMWGkUGzNqUA=) 2: 3130332e3137332e3233312e302f32342d3234203d3e20313437303837.roa (hash: Pvijj3PbMpACCVbyxLVtqjTUpSYeYm8MFybvzhiihDM=) 3: 3130332e3137332e3233302e302f32342d3234203d3e20313437303837.roa (hash: xLoeT+ko7MUw5aLnf4wj8gyqTKfil2TZ1gKntVO+LKI=) 4: 3130332e3137332e3233302e302f32332d3233203d3e20313437303837.roa (hash: ipU1a2udwtca/E3v1pmxqgcaK0XTJh0tDNEJJ4f4t7Y=) 5: 20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl (hash: x9V/6Gy1czYfRn28vIRrBqD5s9Mk2mZt39hEsMJMrgU=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 10:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:98:fc:07:b2:49:a5:8b:7b:11:20:4d:2e:5f:80:5b:aa:37:44:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7 Validity Not Before: Jun 2 08:30:35 2026 GMT Not After : Jun 3 10:40:35 2026 GMT Subject: CN=74D69843B759803363FAF75EB7A2E97D5EF4436A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:7d:f7:45:7c:51:e7:23:23:27:83:c0:48:6d: f0:05:b1:1a:9a:8a:0c:e7:43:13:36:15:3e:53:89: ed:66:10:c8:8a:28:8c:c4:8d:38:e8:d7:05:dd:0a: ef:81:bc:39:ad:c5:f0:a2:d5:b3:52:3c:e3:e6:11: 8a:0c:9c:43:5c:46:7b:b3:ed:99:ce:cd:12:b2:97: c2:e4:a0:90:eb:59:6f:d3:32:3b:b9:73:35:cc:1c: 24:a0:ee:b8:f0:97:d6:c8:a5:da:90:96:76:51:42: d9:61:51:22:2d:65:4c:02:c9:3c:5d:71:93:e5:ce: 30:f4:9b:2c:fa:18:f4:6d:b8:a9:a9:d8:b6:37:2a: 68:59:7e:85:f2:c9:47:f3:d4:2e:89:3e:75:b5:99: 75:47:19:d5:9f:e5:57:6f:43:bf:16:c7:dc:99:8f: 4c:03:c7:b9:bd:72:b8:dd:1a:08:2d:c6:31:14:e4: 70:ee:8d:5f:c3:d0:0f:84:eb:b0:25:11:63:ca:6d: 58:65:a3:f2:fc:be:42:88:1f:6c:7a:30:a7:df:10: 01:32:8d:d5:00:3c:27:a5:93:c6:ed:70:5f:7d:ca: c2:1d:cc:e2:2c:4e:08:2c:44:d9:79:58:59:f1:3d: d5:c5:0d:68:6a:f7:2d:dc:dd:bc:f0:03:20:5d:e4: 4c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:D6:98:43:B7:59:80:33:63:FA:F7:5E:B7:A2:E9:7D:5E:F4:43:6A X509v3 Authority Key Identifier: keyid:20:B4:FB:5E:02:47:6A:FF:A1:00:3C:5C:90:D3:8F:F4:EC:10:14:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/d00f9cc7-4a69-4c9e-bba6-4d9abb56eff6/0/20B4FB5E02476AFFA1003C5C90D38FF4EC1014B7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:63:93:5d:5f:d3:2b:04:8c:cf:b9:9f:d1:7c:46:f2:f7:40: 2c:2c:f9:95:59:08:56:7c:49:f5:1f:0b:e3:64:d3:e6:8e:72: 3c:9d:fa:5d:91:52:d8:8f:8c:b2:08:74:ab:a4:8f:54:1c:38: 5b:8c:25:e5:b5:b3:a0:02:68:0d:f6:7f:67:eb:c0:44:15:64: b7:3c:f4:97:71:d2:d3:f5:f0:39:d3:eb:2d:b7:e3:6b:da:d4: 51:4e:80:4f:ea:74:1e:a5:71:9d:ae:83:e6:4f:a3:2e:1a:04: be:2e:8e:20:56:c0:79:c6:4b:0d:91:71:f1:60:10:00:70:28: b0:48:2b:e5:a9:10:71:3c:a8:ec:1e:46:d3:a6:45:12:88:7d: 3d:78:63:e7:b3:83:c1:d6:e3:f4:7b:31:2a:f9:ff:7c:5a:bb: d6:d1:45:dd:11:ab:c9:17:df:5f:a5:bd:24:ea:ab:6f:c1:04: ac:8e:a2:ba:7d:f6:5b:ab:48:d4:45:55:fc:3d:08:28:8d:57: 95:5e:ea:26:98:9d:4c:8c:46:e0:42:16:db:af:6a:53:43:92: cf:4c:74:58:f2:7e:27:77:1c:81:61:9a:d4:c7:b6:51:e9:c0: 40:5b:2a:db:34:67:1e:f4:e8:c7:a5:b2:97:81:71:92:ff:16: e4:6a:29:74 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUC5j8B7JJpYt7ESBNLl+AW6o3RFgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBCNEZCNUUwMjQ3NkFGRkExMDAzQzVDOTBEMzhGRjRF QzEwMTRCNzAeFw0yNjA2MDIwODMwMzVaFw0yNjA2MDMxMDQwMzVaMDMxMTAvBgNV BAMTKDc0RDY5ODQzQjc1OTgwMzM2M0ZBRjc1RUI3QTJFOTdENUVGNDQzNkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrffdFfFHnIyMng8BIbfAFsRqa igznQxM2FT5Tie1mEMiKKIzEjTjo1wXdCu+BvDmtxfCi1bNSPOPmEYoMnENcRnuz 7ZnOzRKyl8LkoJDrWW/TMju5czXMHCSg7rjwl9bIpdqQlnZRQtlhUSItZUwCyTxd cZPlzjD0myz6GPRtuKmp2LY3KmhZfoXyyUfz1C6JPnW1mXVHGdWf5VdvQ78Wx9yZ j0wDx7m9crjdGggtxjEU5HDujV/D0A+E67AlEWPKbVhlo/L8vkKIH2x6MKffEAEy jdUAPCelk8btcF99ysIdzOIsTggsRNl5WFnxPdXFDWhq9y3c3bzwAyBd5EwBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUdNaYQ7dZgDNj+vdet6LpfV70Q2owHwYDVR0j BBgwFoAUILT7XgJHav+hADxckNOP9OwQFLcwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZDAwZjljYzctNGE2OS00YzllLWJiYTYtNGQ5YWJiNTZlZmY2LzAvMjBCNEZCNUUw MjQ3NkFGRkExMDAzQzVDOTBEMzhGRjRFQzEwMTRCNy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8yMEI0RkI1RTAyNDc2QUZGQTEwMDNDNUM5MEQzOEZGNEVDMTAx NEI3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZDAwZjljYzctNGE2OS00YzllLWJi YTYtNGQ5YWJiNTZlZmY2LzAvMjBCNEZCNUUwMjQ3NkFGRkExMDAzQzVDOTBEMzhG RjRFQzEwMTRCNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE9jk11f0ysEjM+5n9F8RvL3QCws+ZVZCFZ8 SfUfC+Nk0+aOcjyd+l2RUtiPjLIIdKukj1QcOFuMJeW1s6ACaA32f2frwEQVZLc8 9Jdx0tP18DnT6y2342va1FFOgE/qdB6lcZ2ug+ZPoy4aBL4ujiBWwHnGSw2RcfFg EABwKLBIK+WpEHE8qOweRtOmRRKIfT14Y+ezg8HW4/R7MSr5/3xau9bRRd0Rq8kX 31+lvSTqq2/BBKyOorp99lurSNRFVfw9CCiNV5Ve6iaYnUyMRuBCFtuvalNDks9M dFjyfid3HIFhmtTHtlHpwEBbKts0Zx706MelspeBcZL/FuRqKXQ= -----END CERTIFICATE-----Generated at Wed Jun 3 03:42:49 2026 by rpki-client