$ rpki-client -vvf rpki-rsync.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.mft File: 8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.mft (raw, json) Hash identifier: Fvvh6K8pXaekdoqOxVJVLnG5FWbQkgQwZzHmgua2D2g= Subject key identifier: 49:9D:3C:2C:55:21:DF:A1:37:23:E2:AB:DA:BF:66:32:67:90:FD:05 Authority key identifier: 86:44:EF:5C:AF:D6:FF:2C:75:38:33:B5:88:D6:D5:E4:0A:D9:C0:77 Certificate issuer: /CN=8644EF5CAFD6FF2C753833B588D6D5E40AD9C077 Certificate serial: 1A6715D4EC922A12972E550D68449454A488C937 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.mft Manifest number: 42 Signing time: Sat 20 Jun 2026 05:06:00 +0000 Manifest this update: Sat 20 Jun 2026 05:01:00 +0000 Manifest next update: Sun 21 Jun 2026 06:45:00 +0000 Files and hashes: 1: 3130332e3134302e3138382e302f32332d3234203d3e20313338383831.roa (hash: AiKeHz2pWrwnk84HIHiggHrF6Y+TQyS0iMZkjpVVcMY=) 2: 8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.crl (hash: Qt4xdtd7jmFrB13DZmHJQzjDdMAwmgBg+SpJ+3WMjug=) 3: 323430353a63303a3a2f33322d3438203d3e20313338383831.roa (hash: A51y95Y2VvHOxleNisrOn7Mw2CXWlCwKbBD4RKfiRXo=) 4: 3130332e3134302e3138392e302f32342d3234203d3e20313338383831.roa (hash: buNf/KMT3H26jyT7kcH4G4XIVCs19dscJeFhejymKUs=) 5: 3130332e3134302e3138382e302f32342d3234203d3e20313338383831.roa (hash: V+R7emBXYGxGYC8TKAJDN/rKFNkkzGGzXMecTJssl6Q=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.crl rsync://rpki-rsync.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 06:45:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:67:15:d4:ec:92:2a:12:97:2e:55:0d:68:44:94:54:a4:88:c9:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8644EF5CAFD6FF2C753833B588D6D5E40AD9C077 Validity Not Before: Jun 20 05:01:00 2026 GMT Not After : Jun 21 06:45:00 2026 GMT Subject: CN=499D3C2C5521DFA13723E2ABDABF66326790FD05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6e:63:98:a7:00:4f:5a:bc:00:7b:f3:96:47: e6:a0:b5:b2:13:07:90:80:e2:e5:43:ac:60:2b:ad: af:1f:eb:83:20:ad:81:2a:a2:4d:af:1b:cd:f2:fa: 80:e7:6f:62:2d:76:49:27:36:ce:15:9f:3f:e6:19: 83:14:4a:b6:6a:b3:c0:d5:b0:1b:c4:e0:42:27:e9: c0:71:d9:27:bc:22:d7:59:9c:7d:cd:87:03:3f:86: 60:a6:95:73:14:1d:86:4a:bb:53:03:fd:c0:8b:7c: 99:c4:a8:fc:85:b0:15:f3:8b:1d:66:34:77:42:f2: 68:f0:fc:22:b8:47:16:b0:63:c2:8c:69:7d:4e:39: e4:36:fe:68:3c:b2:d4:78:77:53:f1:26:d3:93:72: 57:74:a8:d7:fc:28:74:05:dc:53:0a:cc:0c:09:69: 86:bf:c7:70:a3:7c:3d:18:21:1c:2c:8b:a1:33:cb: 14:82:52:5a:ca:67:95:83:57:13:a5:c5:5c:88:0d: ce:f3:a1:9c:2a:08:72:34:be:35:95:b5:1f:05:0b: 6a:ed:d8:eb:65:1f:62:25:d9:10:fa:a1:a1:06:ed: ae:49:3c:73:db:56:c4:5b:ec:ad:b3:7b:ac:76:40: 19:d0:a8:c7:42:3c:2e:01:36:b8:f5:d2:93:af:0c: 32:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:9D:3C:2C:55:21:DF:A1:37:23:E2:AB:DA:BF:66:32:67:90:FD:05 X509v3 Authority Key Identifier: keyid:86:44:EF:5C:AF:D6:FF:2C:75:38:33:B5:88:D6:D5:E4:0A:D9:C0:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/8644EF5CAFD6FF2C753833B588D6D5E40AD9C077.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:16:b6:45:b9:88:0f:e0:97:ee:6c:f8:74:6e:28:64:36:b0: 04:8b:8f:2a:71:c5:64:dc:38:3c:0b:a3:7f:f6:11:bc:b5:bc: 71:bc:aa:e6:58:77:6c:09:e9:58:95:f4:5f:aa:be:d6:b3:f1: 53:c4:13:b0:45:33:7d:dc:96:96:af:7d:62:5b:ba:47:17:c8: 7f:d1:52:7a:6e:ca:01:37:3c:1e:54:e0:64:bc:e4:04:91:35: 2d:bc:d1:9f:e0:bc:07:32:26:3f:3c:63:2f:92:60:7c:7b:f8: d8:d8:1e:d6:e0:61:c7:35:c9:e6:35:1e:71:53:59:f9:47:45: 44:19:18:79:ef:9a:64:e4:ca:3f:fc:4d:51:fd:27:83:1d:4e: 7b:30:ca:96:8d:29:5a:b9:37:e8:95:0a:c0:95:c7:cc:5c:e2: cc:d5:8f:6a:71:19:54:7d:77:f2:48:33:57:8f:0e:77:7a:41: 14:bb:64:da:36:c5:ad:cd:b5:6b:21:a8:dd:39:87:92:84:4c: 59:7e:57:ed:52:51:6d:de:83:3f:7c:56:28:f0:13:00:be:8b: 83:13:f8:3a:24:66:96:db:dd:f1:1c:78:3e:67:3d:1a:54:b9: 95:2f:ca:b9:c1:6f:d4:6c:ca:f8:23:5e:22:fe:99:a6:7a:1d: bf:0c:75:98 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGmcV1OySKhKXLlUNaESUVKSIyTcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODY0NEVGNUNBRkQ2RkYyQzc1MzgzM0I1ODhENkQ1RTQw QUQ5QzA3NzAeFw0yNjA2MjAwNTAxMDBaFw0yNjA2MjEwNjQ1MDBaMDMxMTAvBgNV BAMTKDQ5OUQzQzJDNTUyMURGQTEzNzIzRTJBQkRBQkY2NjMyNjc5MEZEMDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrbmOYpwBPWrwAe/OWR+agtbIT B5CA4uVDrGArra8f64MgrYEqok2vG83y+oDnb2ItdkknNs4Vnz/mGYMUSrZqs8DV sBvE4EIn6cBx2Se8ItdZnH3NhwM/hmCmlXMUHYZKu1MD/cCLfJnEqPyFsBXzix1m NHdC8mjw/CK4RxawY8KMaX1OOeQ2/mg8stR4d1PxJtOTcld0qNf8KHQF3FMKzAwJ aYa/x3CjfD0YIRwsi6EzyxSCUlrKZ5WDVxOlxVyIDc7zoZwqCHI0vjWVtR8FC2rt 2OtlH2Il2RD6oaEG7a5JPHPbVsRb7K2ze6x2QBnQqMdCPC4BNrj10pOvDDK9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUSZ08LFUh36E3I+Kr2r9mMmeQ/QUwHwYDVR0j BBgwFoAUhkTvXK/W/yx1ODO1iNbV5ArZwHcwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MDJjYjBiM2EtNjkyZC00NDJlLTkzMDgtOTAzYzAyZDU3MThmLzAvODY0NEVGNUNB RkQ2RkYyQzc1MzgzM0I1ODhENkQ1RTQwQUQ5QzA3Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS84NjQ0RUY1Q0FGRDZGRjJDNzUzODMzQjU4OEQ2RDVFNDBBRDlD MDc3LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMDJjYjBiM2EtNjkyZC00NDJlLTkz MDgtOTAzYzAyZDU3MThmLzAvODY0NEVGNUNBRkQ2RkYyQzc1MzgzM0I1ODhENkQ1 RTQwQUQ5QzA3Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJkWtkW5iA/gl+5s+HRuKGQ2sASLjypxxWTc ODwLo3/2Eby1vHG8quZYd2wJ6ViV9F+qvtaz8VPEE7BFM33clpavfWJbukcXyH/R UnpuygE3PB5U4GS85ASRNS280Z/gvAcyJj88Yy+SYHx7+NjYHtbgYcc1yeY1HnFT WflHRUQZGHnvmmTkyj/8TVH9J4MdTnswypaNKVq5N+iVCsCVx8xc4szVj2pxGVR9 d/JIM1ePDnd6QRS7ZNo2xa3NtWshqN05h5KETFl+V+1SUW3egz98VijwEwC+i4MT +DokZpbb3fEceD5nPRpUuZUvyrnBb9RsyvgjXiL+maZ6Hb8MdZg= -----END CERTIFICATE-----Generated at Sat Jun 20 09:20:13 2026 by rpki-client