
$ rpki-client -vvf rpki-rsync.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/25C2ACFFB836196566A3BCCE3421DBB96CD84116.mft
File: 25C2ACFFB836196566A3BCCE3421DBB96CD84116.mft (raw, json)
Hash identifier: lEZRe6+P/HcoQ/7q59t6fIxyiz7gbNbWZ+b/YsU+tq4=
Subject key identifier: 39:D9:14:E0:A1:77:59:95:F1:0A:30:D1:E8:20:81:90:E5:0C:E8:1E
Authority key identifier: 25:C2:AC:FF:B8:36:19:65:66:A3:BC:CE:34:21:DB:B9:6C:D8:41:16
Certificate issuer: /CN=25C2ACFFB836196566A3BCCE3421DBB96CD84116
Certificate serial: 78DF3CC5A19C3DC74046A8B70CCBEC4BA780BECE
Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/25C2ACFFB836196566A3BCCE3421DBB96CD84116.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/25C2ACFFB836196566A3BCCE3421DBB96CD84116.mft
Manifest number: 5B
Signing time: Wed 08 Jul 2026 17:20:22 +0000
Manifest this update: Wed 08 Jul 2026 17:15:22 +0000
Manifest next update: Thu 09 Jul 2026 18:59:22 +0000
Files and hashes: 1: 3130332e3135372e35352e302f32342d3234203d3e20313336303730.roa (hash: ohDVM2o2IOUVSNhwh1E7felK+Pc0SKnjsPpIi1yZSaw=)
2: 323030313a6466303a313730303a3a2f34382d3438203d3e20313336303730.roa (hash: HwpDGD2SJ/iUFIW/7Q0l9KkQ0CWL7/v9c6sBLXd1KZY=)
3: 3130332e3135372e35352e302f32342d3234203d3e20333936393832.roa (hash: p5VGWtHjvpIWNYWejy2oeQf0oISTWP+7YBr4TnXtjDM=)
4: 3130332e38342e3131362e302f32342d3234203d3e20313336303730.roa (hash: zEDT0INoIq23WBcFzMUv15oPL7BGutII4EaV+fPSC68=)
5: 25C2ACFFB836196566A3BCCE3421DBB96CD84116.crl (hash: mBw8t2V9kHBEIUO6FnLm3mwrjmxCTblNUkV8avBfHuM=)
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/25C2ACFFB836196566A3BCCE3421DBB96CD84116.crl
rsync://rpki-rsync.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/25C2ACFFB836196566A3BCCE3421DBB96CD84116.mft
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/25C2ACFFB836196566A3BCCE3421DBB96CD84116.cer
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 09 Jul 2026 07:19:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:df:3c:c5:a1:9c:3d:c7:40:46:a8:b7:0c:cb:ec:4b:a7:80:be:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25C2ACFFB836196566A3BCCE3421DBB96CD84116
Validity
Not Before: Jul 8 17:15:22 2026 GMT
Not After : Jul 9 18:59:22 2026 GMT
Subject: CN=39D914E0A1775995F10A30D1E8208190E50CE81E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:17:67:26:8a:d4:38:ff:72:f3:7a:e5:bb:5e:
91:f7:24:0f:f9:80:bd:19:d3:be:25:4c:35:45:59:
5a:3c:64:98:24:e8:44:82:6d:62:47:36:d2:38:61:
a4:42:de:5a:c7:9c:3d:0c:49:ce:40:85:f2:d7:63:
ba:6f:91:59:b5:1b:6c:f6:f9:c3:83:59:06:2b:e8:
d1:dc:05:37:b4:3b:e2:db:ae:21:92:99:12:72:06:
e5:79:cc:bd:55:85:08:d3:a6:c7:09:45:dd:d4:23:
8c:85:45:ee:54:ca:04:d5:78:c9:a5:7e:23:1f:f3:
53:1e:19:cb:c4:0d:2d:60:73:b7:4a:c6:14:95:51:
83:65:94:b5:58:43:64:33:89:ca:f2:5c:ab:cf:4f:
14:2e:8b:34:b5:05:5e:2b:53:2f:3b:fa:01:50:8d:
25:07:97:c7:89:e4:d7:6b:48:1d:a1:59:1b:66:6c:
29:f8:fd:b5:32:99:33:81:8b:33:b1:13:2d:be:1e:
6e:f6:20:ae:3c:b6:44:6b:f3:5f:c7:4e:9d:a9:ae:
b1:90:77:eb:f0:26:4d:20:e0:c0:d6:32:37:ac:22:
1a:6d:d8:f6:ff:eb:13:e2:81:da:f3:a0:0e:f3:55:
86:73:94:f0:f5:56:9d:64:3a:17:a7:87:8b:43:9a:
bd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D9:14:E0:A1:77:59:95:F1:0A:30:D1:E8:20:81:90:E5:0C:E8:1E
X509v3 Authority Key Identifier:
keyid:25:C2:AC:FF:B8:36:19:65:66:A3:BC:CE:34:21:DB:B9:6C:D8:41:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/25C2ACFFB836196566A3BCCE3421DBB96CD84116.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/25C2ACFFB836196566A3BCCE3421DBB96CD84116.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/4f377711-1e3d-4e5a-a4ac-05a1c502ad28/0/25C2ACFFB836196566A3BCCE3421DBB96CD84116.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:11:15:e6:8e:d7:5c:c4:4b:97:b8:c6:3f:43:b6:db:ed:75:
e1:87:04:5e:41:f3:c0:32:42:65:ea:2b:ff:0e:bc:d8:ae:fa:
4c:7d:e2:df:1e:cb:80:4c:12:7d:92:2f:58:28:7e:d9:29:87:
b0:de:e0:ac:1f:a5:b7:97:39:f7:ad:46:79:1c:55:38:3e:5e:
be:49:84:ef:ee:f8:1e:12:57:2a:0b:11:1d:a5:18:e3:fc:51:
05:c2:d1:98:9d:92:ec:7b:4d:10:c1:5d:8d:bb:45:6b:90:d3:
cb:dc:ba:de:8c:33:62:5b:3c:c9:ee:dd:7e:89:e9:0b:75:27:
a3:40:29:03:ed:fc:c0:ad:99:8b:83:75:0c:cf:e5:6b:ec:8e:
58:a4:0f:bd:3c:cb:85:85:69:0c:18:06:94:08:4a:39:d7:e8:
19:16:d1:94:a6:eb:99:7a:52:56:f4:8b:d1:10:b9:ab:46:df:
9b:64:a6:e7:cb:d6:cd:c0:b6:5c:c8:46:1c:c3:2b:bc:b4:d5:
95:b4:1b:7e:53:83:f5:27:ac:11:67:97:5d:83:c2:07:26:fd:
df:4f:65:dd:48:07:d1:0f:e0:b6:24:9b:56:c9:70:5d:66:1a:
cd:7d:a4:fe:22:b5:8a:e2:06:28:b2:f1:46:45:b8:28:64:3b:
44:50:c1:94
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUeN88xaGcPcdARqi3DMvsS6eAvs4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVDMkFDRkZCODM2MTk2NTY2QTNCQ0NFMzQyMURCQjk2
Q0Q4NDExNjAeFw0yNjA3MDgxNzE1MjJaFw0yNjA3MDkxODU5MjJaMDMxMTAvBgNV
BAMTKDM5RDkxNEUwQTE3NzU5OTVGMTBBMzBEMUU4MjA4MTkwRTUwQ0U4MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8F2cmitQ4/3LzeuW7XpH3JA/5
gL0Z074lTDVFWVo8ZJgk6ESCbWJHNtI4YaRC3lrHnD0MSc5AhfLXY7pvkVm1G2z2
+cODWQYr6NHcBTe0O+LbriGSmRJyBuV5zL1VhQjTpscJRd3UI4yFRe5UygTVeMml
fiMf81MeGcvEDS1gc7dKxhSVUYNllLVYQ2QzicryXKvPTxQuizS1BV4rUy87+gFQ
jSUHl8eJ5NdrSB2hWRtmbCn4/bUymTOBizOxEy2+Hm72IK48tkRr81/HTp2prrGQ
d+vwJk0g4MDWMjesIhpt2Pb/6xPigdrzoA7zVYZzlPD1Vp1kOhenh4tDmr2BAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUOdkU4KF3WZXxCjDR6CCBkOUM6B4wHwYDVR0j
BBgwFoAUJcKs/7g2GWVmo7zONCHbuWzYQRYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v
NGYzNzc3MTEtMWUzZC00ZTVhLWE0YWMtMDVhMWM1MDJhZDI4LzAvMjVDMkFDRkZC
ODM2MTk2NTY2QTNCQ0NFMzQyMURCQjk2Q0Q4NDExNi5jcmwwcgYIKwYBBQUHAQEE
ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl
cG8vSUROSUMvMS8yNUMyQUNGRkI4MzYxOTY1NjZBM0JDQ0UzNDIxREJCOTZDRDg0
MTE2LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov
L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNGYzNzc3MTEtMWUzZC00ZTVhLWE0
YWMtMDVhMWM1MDJhZDI4LzAvMjVDMkFDRkZCODM2MTk2NTY2QTNCQ0NFMzQyMURC
Qjk2Q0Q4NDExNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAHkRFeaO11zES5e4xj9DttvtdeGHBF5B88Ay
QmXqK/8OvNiu+kx94t8ey4BMEn2SL1goftkph7De4KwfpbeXOfetRnkcVTg+Xr5J
hO/u+B4SVyoLER2lGOP8UQXC0Zidkux7TRDBXY27RWuQ08vcut6MM2JbPMnu3X6J
6Qt1J6NAKQPt/MCtmYuDdQzP5WvsjlikD708y4WFaQwYBpQISjnX6BkW0ZSm65l6
Ulb0i9EQuatG35tkpufL1s3AtlzIRhzDK7y01ZW0G35Tg/UnrBFnl12Dwgcm/d9P
Zd1IB9EP4LYkm1bJcF1mGs19pP4itYriBiiy8UZFuChkO0RQwZQ=
-----END CERTIFICATE-----
Generated at Wed Jul 8 18:34:00 2026 by rpki-client