
$ rpki-client -vvf rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft
File: A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft (raw, json)
Hash identifier: JJHI1dUwbTpLmvx7rvft3ibCiPpqeRt0YHEKtP6egUE=
Subject key identifier: DB:DE:32:C4:7A:78:E8:23:22:A5:78:DD:52:74:62:36:08:7D:E2:AE
Authority key identifier: A5:33:6F:EF:F1:11:D5:B9:25:A8:95:4E:53:C4:C9:C5:E2:2A:B8:00
Certificate issuer: /CN=A5336FEFF111D5B925A8954E53C4C9C5E22AB800
Certificate serial: 67EF45F3D9943601FD8663B4886A524471618519
Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft
Manifest number: 65
Signing time: Fri 17 Jul 2026 07:06:42 +0000
Manifest this update: Fri 17 Jul 2026 07:01:42 +0000
Manifest next update: Sat 18 Jul 2026 09:18:42 +0000
Files and hashes: 1: 3130332e3132352e31332e302f32342d3234203d3e20313335363336.roa (hash: 8YrdvedqGs1zZAIQAtRZi80VSrXLRsF6zbtnQUstSsA=)
2: 3130332e3132352e31342e302f32342d3234203d3e20313335363336.roa (hash: m7Frx9lSqsLf1s8zbJ/qpER1sGLgEtc9hyQy6nCFDhY=)
3: A5336FEFF111D5B925A8954E53C4C9C5E22AB800.crl (hash: VGL+h2ybWhq4YDnbRdSxULXtCF0Mh0bj01EKHGqhPNc=)
4: 3130332e3132352e31352e302f32342d3234203d3e20313335363336.roa (hash: +IUhzjX4iJxCcMgbcQWdmMHcD7sxtYcY/3hZmSmLykA=)
5: 3130332e3132352e31322e302f32342d3234203d3e20313533333137.roa (hash: AZJ4QAHlxTzcVIbJwO/UxabGeC31FjTnD/rHg0D3/ME=)
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.crl
rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.cer
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 18 Jul 2026 04:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:ef:45:f3:d9:94:36:01:fd:86:63:b4:88:6a:52:44:71:61:85:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A5336FEFF111D5B925A8954E53C4C9C5E22AB800
Validity
Not Before: Jul 17 07:01:42 2026 GMT
Not After : Jul 18 09:18:42 2026 GMT
Subject: CN=DBDE32C47A78E82322A578DD52746236087DE2AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:29:fb:99:28:ca:6d:45:e6:53:9b:fa:bf:2d:
20:78:91:17:b4:ab:1b:2b:ea:74:1d:18:4d:65:3e:
02:ff:63:3e:c9:7a:b5:25:fc:0c:73:d2:d9:49:27:
56:46:99:99:02:45:68:63:47:64:d4:59:b8:3a:c6:
c6:cf:51:4f:9f:0e:70:19:7e:e6:7e:a6:59:8a:a5:
84:97:b2:d0:23:77:4e:90:64:f7:ff:94:24:4e:26:
6f:ec:54:5d:3d:d5:cf:76:6b:38:c4:a1:d3:1b:05:
ae:41:ce:88:51:4b:51:31:5c:a7:92:6f:b6:e4:8c:
2f:63:32:8d:d0:82:ce:25:b9:79:34:e8:d3:31:f9:
fb:75:9a:8e:89:9a:55:60:85:ae:81:15:f2:15:a6:
28:bb:6b:b6:82:0f:67:9b:01:4f:4a:2e:73:3b:ae:
d5:23:56:7c:34:e6:c4:c2:86:17:f0:f3:8e:a4:c3:
f3:6a:50:03:7c:0d:d5:25:6b:af:21:ab:0a:fa:2a:
eb:a1:1e:67:1b:cc:58:e8:e3:8a:08:99:76:a3:12:
98:9c:71:9a:50:db:e5:72:7e:49:34:11:1a:54:9d:
2c:2c:a1:d3:e4:fd:25:5b:f2:46:91:38:24:4f:86:
92:c9:93:1f:a9:e6:0d:9f:96:c6:1b:45:6f:f5:c7:
bb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DE:32:C4:7A:78:E8:23:22:A5:78:DD:52:74:62:36:08:7D:E2:AE
X509v3 Authority Key Identifier:
keyid:A5:33:6F:EF:F1:11:D5:B9:25:A8:95:4E:53:C4:C9:C5:E2:2A:B8:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/0c54be9a-9b5d-4c64-b4e8-61c74e9ecedc/0/A5336FEFF111D5B925A8954E53C4C9C5E22AB800.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:b1:e9:5a:7a:1f:09:e5:c9:6a:67:9e:60:f7:2a:a0:8a:65:
ae:35:0f:ab:fb:24:67:a7:d3:52:d3:d2:a1:f9:ac:d8:51:27:
a0:4d:18:a8:ab:b8:28:72:1a:2c:04:e9:f4:52:aa:36:53:c2:
a1:3c:53:5e:36:c6:af:27:2c:fd:89:cd:42:6d:48:61:34:8f:
c8:b4:b2:e7:41:2e:00:cf:19:96:4b:e9:ec:b6:eb:e9:28:cb:
1d:4f:c2:5d:fa:55:13:05:6c:ab:2b:35:81:65:ce:65:5d:62:
76:3d:56:8c:87:6c:08:d9:ab:1b:77:f3:0f:d2:00:b2:ed:4b:
b5:46:a8:2d:6a:fa:c9:c9:47:c0:47:33:51:22:89:40:8e:e4:
1c:5b:6c:c0:a8:a9:0b:5a:e6:50:43:fa:0a:1b:48:dd:05:e7:
9d:a9:f3:14:ce:a8:52:7c:8d:24:c5:ba:85:2d:46:3b:f1:c1:
43:51:fa:44:52:64:59:f5:15:22:fe:ea:13:e8:c6:bb:d5:57:
f3:9c:81:8a:43:a4:de:b8:df:35:6b:1c:f1:b5:39:bd:1a:da:
ec:cb:b5:b4:ea:af:85:a9:01:6e:65:5d:49:71:2f:b8:ba:56:
d9:7a:01:f2:eb:34:fb:b1:de:4c:05:6b:f8:35:be:f1:20:37:
71:3a:f9:64
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUZ+9F89mUNgH9hmO0iGpSRHFhhRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTUzMzZGRUZGMTExRDVCOTI1QTg5NTRFNTNDNEM5QzVF
MjJBQjgwMDAeFw0yNjA3MTcwNzAxNDJaFw0yNjA3MTgwOTE4NDJaMDMxMTAvBgNV
BAMTKERCREUzMkM0N0E3OEU4MjMyMkE1NzhERDUyNzQ2MjM2MDg3REUyQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXKfuZKMptReZTm/q/LSB4kRe0
qxsr6nQdGE1lPgL/Yz7JerUl/Axz0tlJJ1ZGmZkCRWhjR2TUWbg6xsbPUU+fDnAZ
fuZ+plmKpYSXstAjd06QZPf/lCROJm/sVF091c92azjEodMbBa5BzohRS1ExXKeS
b7bkjC9jMo3Qgs4luXk06NMx+ft1mo6JmlVgha6BFfIVpii7a7aCD2ebAU9KLnM7
rtUjVnw05sTChhfw846kw/NqUAN8DdUla68hqwr6KuuhHmcbzFjo44oImXajEpic
cZpQ2+Vyfkk0ERpUnSwsodPk/SVb8kaROCRPhpLJkx+p5g2flsYbRW/1x7sLAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU294yxHp46CMipXjdUnRiNgh94q4wHwYDVR0j
BBgwFoAUpTNv7/ER1bklqJVOU8TJxeIquAAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v
MGM1NGJlOWEtOWI1ZC00YzY0LWI0ZTgtNjFjNzRlOWVjZWRjLzAvQTUzMzZGRUZG
MTExRDVCOTI1QTg5NTRFNTNDNEM5QzVFMjJBQjgwMC5jcmwwcgYIKwYBBQUHAQEE
ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl
cG8vSUROSUMvMS9BNTMzNkZFRkYxMTFENUI5MjVBODk1NEU1M0M0QzlDNUUyMkFC
ODAwLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov
L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMGM1NGJlOWEtOWI1ZC00YzY0LWI0
ZTgtNjFjNzRlOWVjZWRjLzAvQTUzMzZGRUZGMTExRDVCOTI1QTg5NTRFNTNDNEM5
QzVFMjJBQjgwMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAASx6Vp6HwnlyWpnnmD3KqCKZa41D6v7JGen
01LT0qH5rNhRJ6BNGKiruChyGiwE6fRSqjZTwqE8U142xq8nLP2JzUJtSGE0j8i0
sudBLgDPGZZL6ey26+koyx1Pwl36VRMFbKsrNYFlzmVdYnY9VoyHbAjZqxt38w/S
ALLtS7VGqC1q+snJR8BHM1EiiUCO5BxbbMCoqQta5lBD+gobSN0F552p8xTOqFJ8
jSTFuoUtRjvxwUNR+kRSZFn1FSL+6hPoxrvVV/OcgYpDpN643zVrHPG1Ob0a2uzL
tbTqr4WpAW5lXUlxL7i6Vtl6AfLrNPux3kwFa/g1vvEgN3E6+WQ=
-----END CERTIFICATE-----
Generated at Fri Jul 17 10:12:18 2026 by rpki-client