$ rpki-client -vvf rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft File: D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft (raw, json) Hash identifier: eue7MBQ4yjkB1NFp54HuUa5OQi6TVdCnPwpJ2+nE5dI= Subject key identifier: 3F:3C:36:34:D6:12:BC:66:AC:84:C2:EA:3C:04:5A:F2:2A:A9:26:22 Authority key identifier: D6:7D:DC:B4:6C:F4:0B:52:64:1F:71:BF:77:56:DF:A2:9F:41:59:A2 Certificate issuer: /CN=D67DDCB46CF40B52641F71BF7756DFA29F4159A2 Certificate serial: 48E0D32E949605B3ADF91E4CE1C93EBCE154C8BC Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft Manifest number: 2B Signing time: Tue 02 Jun 2026 18:22:12 +0000 Manifest this update: Tue 02 Jun 2026 18:17:12 +0000 Manifest next update: Wed 03 Jun 2026 21:33:12 +0000 Files and hashes: 1: 3232322e3136352e3139322e302f31382d3234203d3e203234323037.roa (hash: XrQbHF8ES5i2bpLQRbTUE7Wl3M4ZUVmyaoRlPolZS6Y=) 2: 3230332e3135332e39362e302f32302d3234203d3e203234323037.roa (hash: AhfkSgsUfVbnlwjYQF5FXALegxkl9ZVed7BF03/fBz8=) 3: D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl (hash: +ho3FQCpCk6X6CO33Ybu254LQ13z85eyZAL76fabe5I=) 4: 3230332e3135332e3131322e302f32312d3234203d3e203234323037.roa (hash: Lw1DMZ5kJp5ICeFivj5ZZ60njB9OoQuGFsGq8+auMdU=) 5: 323430343a663630303a3a2f33322d3438203d3e203234323037.roa (hash: O3BW4/+vpeYZOrGXcLGA8HAU1zfqrZRISOMkRbThX6s=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 21:33:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:e0:d3:2e:94:96:05:b3:ad:f9:1e:4c:e1:c9:3e:bc:e1:54:c8:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D67DDCB46CF40B52641F71BF7756DFA29F4159A2 Validity Not Before: Jun 2 18:17:12 2026 GMT Not After : Jun 3 21:33:12 2026 GMT Subject: CN=3F3C3634D612BC66AC84C2EA3C045AF22AA92622 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:4f:01:c0:63:fa:1b:e9:aa:7c:f4:57:fe:3e: b5:19:13:7d:7d:ce:73:f6:94:39:06:e8:75:0f:cd: bb:ca:14:14:f6:cb:4f:29:0a:50:d3:01:62:29:3e: 13:ac:0f:0b:a5:96:6d:82:4d:f9:24:2b:76:2c:da: bc:37:c4:c2:12:07:55:88:62:69:f1:c3:c4:c7:28: e2:69:14:49:16:bc:a8:8f:9f:7f:ce:07:9b:d4:3a: e2:0a:0e:ea:78:a3:db:ff:0c:5f:de:66:25:82:ab: 60:c1:ae:73:42:fa:c2:42:ad:13:7d:1c:27:13:fc: 58:81:73:79:dd:08:75:64:fe:ea:dc:af:36:60:b8: 34:d9:01:46:9f:e4:5e:22:ba:19:fe:32:5a:e8:ea: 8c:54:3e:11:53:41:03:fe:81:9a:48:f9:3d:72:a3: a5:c4:81:86:1b:37:4b:2c:ff:ae:37:4d:5e:bb:04: 46:c8:b6:0e:f4:cb:da:94:5e:05:47:be:7a:76:f0: 63:35:9e:39:7c:dc:b3:e2:9b:f0:8b:6a:6f:4a:d9: 40:05:e0:f6:fc:39:b8:48:5f:61:2e:0f:5d:89:f3: 0f:98:db:30:c5:cc:d7:f1:a5:24:8a:71:dc:fb:5d: a9:ca:35:d5:b7:16:1d:80:9f:11:95:97:16:79:cf: af:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:3C:36:34:D6:12:BC:66:AC:84:C2:EA:3C:04:5A:F2:2A:A9:26:22 X509v3 Authority Key Identifier: keyid:D6:7D:DC:B4:6C:F4:0B:52:64:1F:71:BF:77:56:DF:A2:9F:41:59:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:64:4f:93:c7:c1:78:b7:aa:50:f9:d0:4c:95:9c:22:85:1f: 49:d6:ee:49:a3:ff:1b:80:30:55:e0:e7:23:d5:ba:fa:e8:7a: ee:7b:d7:2c:83:20:66:47:b7:57:5d:c1:95:cd:9e:49:c8:c8: 17:e8:2d:32:be:76:9c:f0:79:64:dc:e4:a0:66:d7:70:99:49: 17:6e:af:77:c7:5a:5f:6b:12:82:99:71:26:f1:20:32:c5:1b: 18:28:0b:11:9b:33:c2:1f:7f:57:b6:62:66:13:ef:69:a7:18: c5:30:1b:41:86:32:fc:c6:2c:18:4d:11:2d:5e:35:47:4d:33: d3:f7:a5:42:1d:de:65:f1:91:06:21:a6:19:4a:42:c8:b1:61: 4e:27:d3:4a:68:ee:f8:df:fd:77:42:2a:f5:f6:c7:c5:e3:bc: 4f:91:3c:e0:0b:1b:a6:36:50:b0:c3:9d:f4:58:13:0e:c5:ee: 71:11:ce:bd:e2:e5:12:c8:86:7a:c5:17:d5:d0:5b:c0:29:06: 8d:2c:c3:a5:71:ff:e4:00:3a:b3:f0:8b:de:bb:c2:0e:de:ea: c4:90:c6:2f:42:18:38:b2:fd:57:ee:2d:f9:69:ae:1f:14:27: 7b:4f:94:13:97:f1:f7:55:73:25:4c:33:f9:0c:6b:0a:d9:d0: 8b:9c:fe:44 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSODTLpSWBbOt+R5M4ck+vOFUyLwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDY3RERDQjQ2Q0Y0MEI1MjY0MUY3MUJGNzc1NkRGQTI5 RjQxNTlBMjAeFw0yNjA2MDIxODE3MTJaFw0yNjA2MDMyMTMzMTJaMDMxMTAvBgNV BAMTKDNGM0MzNjM0RDYxMkJDNjZBQzg0QzJFQTNDMDQ1QUYyMkFBOTI2MjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChTwHAY/ob6ap89Ff+PrUZE319 znP2lDkG6HUPzbvKFBT2y08pClDTAWIpPhOsDwullm2CTfkkK3Ys2rw3xMISB1WI Ymnxw8THKOJpFEkWvKiPn3/OB5vUOuIKDup4o9v/DF/eZiWCq2DBrnNC+sJCrRN9 HCcT/FiBc3ndCHVk/urcrzZguDTZAUaf5F4iuhn+Mlro6oxUPhFTQQP+gZpI+T1y o6XEgYYbN0ss/643TV67BEbItg70y9qUXgVHvnp28GM1njl83LPim/CLam9K2UAF 4Pb8ObhIX2EuD12J8w+Y2zDFzNfxpSSKcdz7XanKNdW3Fh2AnxGVlxZ5z6/dAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUPzw2NNYSvGashMLqPARa8iqpJiIwHwYDVR0j BBgwFoAU1n3ctGz0C1JkH3G/d1bfop9BWaIwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZmM3ZTgwODEtNjNhZi00OWU3LTk2NDYtNzZjMjVhNWU5N2NhLzAvRDY3RERDQjQ2 Q0Y0MEI1MjY0MUY3MUJGNzc1NkRGQTI5RjQxNTlBMi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9ENjdERENCNDZDRjQwQjUyNjQxRjcxQkY3NzU2REZBMjlGNDE1 OUEyLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZmM3ZTgwODEtNjNhZi00OWU3LTk2 NDYtNzZjMjVhNWU5N2NhLzAvRDY3RERDQjQ2Q0Y0MEI1MjY0MUY3MUJGNzc1NkRG QTI5RjQxNTlBMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG1kT5PHwXi3qlD50EyVnCKFH0nW7kmj/xuA MFXg5yPVuvroeu571yyDIGZHt1ddwZXNnknIyBfoLTK+dpzweWTc5KBm13CZSRdu r3fHWl9rEoKZcSbxIDLFGxgoCxGbM8Iff1e2YmYT72mnGMUwG0GGMvzGLBhNES1e NUdNM9P3pUId3mXxkQYhphlKQsixYU4n00po7vjf/XdCKvX2x8XjvE+RPOALG6Y2 ULDDnfRYEw7F7nERzr3i5RLIhnrFF9XQW8ApBo0sw6Vx/+QAOrPwi967wg7e6sSQ xi9CGDiy/VfuLflprh8UJ3tPlBOX8fdVcyVMM/kMawrZ0Iuc/kQ= -----END CERTIFICATE-----Generated at Wed Jun 3 04:08:08 2026 by rpki-client