
$ rpki-client -vvf rpki-rsync.idnic.net/repo/66af4de5-5037-4917-9a93-0192c6959bfb/0/7B9D20A52D1839E0A747B27E30961527317BE820.mft
File: 7B9D20A52D1839E0A747B27E30961527317BE820.mft (raw, json)
Hash identifier: fFPzBY/TwQiBqzhyUsv27vB741YJ8AxeHhZ5V5PO0tI=
Subject key identifier: 3B:BE:45:2E:44:2C:EA:90:DB:81:02:FF:A0:E9:30:9E:4D:BB:7C:8A
Authority key identifier: 7B:9D:20:A5:2D:18:39:E0:A7:47:B2:7E:30:96:15:27:31:7B:E8:20
Certificate issuer: /CN=7B9D20A52D1839E0A747B27E30961527317BE820
Certificate serial: 1F4E17386AA371602453548260867C9D4886056A
Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/7B9D20A52D1839E0A747B27E30961527317BE820.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/66af4de5-5037-4917-9a93-0192c6959bfb/0/7B9D20A52D1839E0A747B27E30961527317BE820.mft
Manifest number: 67
Signing time: Fri 17 Jul 2026 18:00:15 +0000
Manifest this update: Fri 17 Jul 2026 17:55:15 +0000
Manifest next update: Sat 18 Jul 2026 19:20:15 +0000
Files and hashes: 1: 3130332e3136392e3232352e302f32342d3234203d3e20313432333534.roa (hash: HIvBExvjcNL80TSt3Rk5JG3F8xg1VqZTRljgmRS5hK0=)
2: 3130332e3136392e3232342e302f32342d3234203d3e20313432333534.roa (hash: IMBAva6ocuxkrwvvR0kfzc9aYWdmyeGotwSFXr/8fyM=)
3: 7B9D20A52D1839E0A747B27E30961527317BE820.crl (hash: BWaQ373aC1j4a9aMSJWUsprTb3iQmf3gMvvBjjd+yl4=)
4: 3130332e3136392e3232342e302f32332d3233203d3e20313432333534.roa (hash: d5BUk2IHCQz5cnQEHRFcfPlv6TvCXosv3ryqex1uhzo=)
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/66af4de5-5037-4917-9a93-0192c6959bfb/0/7B9D20A52D1839E0A747B27E30961527317BE820.crl
rsync://rpki-rsync.idnic.net/repo/66af4de5-5037-4917-9a93-0192c6959bfb/0/7B9D20A52D1839E0A747B27E30961527317BE820.mft
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/7B9D20A52D1839E0A747B27E30961527317BE820.cer
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 18 Jul 2026 19:20:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:4e:17:38:6a:a3:71:60:24:53:54:82:60:86:7c:9d:48:86:05:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7B9D20A52D1839E0A747B27E30961527317BE820
Validity
Not Before: Jul 17 17:55:15 2026 GMT
Not After : Jul 18 19:20:15 2026 GMT
Subject: CN=3BBE452E442CEA90DB8102FFA0E9309E4DBB7C8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:8f:41:bf:fd:5c:2f:85:00:8c:f9:dc:0f:
d0:c5:94:7e:c6:c9:d7:48:37:fe:b1:a5:89:68:c3:
a7:bb:f1:17:e2:13:fb:2f:f1:f3:71:73:b0:03:4f:
30:fd:7f:1c:ab:bd:12:09:8c:5f:49:11:47:a4:7c:
15:30:de:4f:23:02:d8:6a:3d:f1:5b:8f:ad:b3:b5:
2d:b8:46:8d:aa:79:33:a8:25:13:b1:6a:4b:13:86:
fc:0c:45:8b:4f:92:a8:ad:85:10:44:5f:de:0a:ee:
5f:f3:ce:90:fe:c0:0e:a2:93:a9:85:e1:19:dc:e9:
48:22:52:8d:a9:dc:fb:0b:e5:10:2d:42:cc:d6:2e:
2a:8c:36:98:f0:95:fe:39:88:57:3b:ee:d8:a8:38:
79:98:d1:f8:89:cf:eb:14:3b:de:b5:49:34:e8:68:
58:8c:ff:9c:7a:19:21:f3:ab:20:6a:a5:82:b2:ff:
7d:50:8e:81:0f:a3:26:7a:95:fc:fa:36:d0:0c:d3:
c6:94:68:8c:33:f8:01:fe:c5:3a:1f:e8:b3:54:ac:
62:70:8f:65:70:1c:69:a7:83:1e:b6:cd:ee:23:51:
8d:7b:fb:0a:59:da:4b:8d:85:26:07:00:d9:4d:14:
e8:56:d5:c8:89:a6:4e:86:16:ed:48:ac:50:b8:96:
15:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BE:45:2E:44:2C:EA:90:DB:81:02:FF:A0:E9:30:9E:4D:BB:7C:8A
X509v3 Authority Key Identifier:
keyid:7B:9D:20:A5:2D:18:39:E0:A7:47:B2:7E:30:96:15:27:31:7B:E8:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/66af4de5-5037-4917-9a93-0192c6959bfb/0/7B9D20A52D1839E0A747B27E30961527317BE820.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/7B9D20A52D1839E0A747B27E30961527317BE820.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/66af4de5-5037-4917-9a93-0192c6959bfb/0/7B9D20A52D1839E0A747B27E30961527317BE820.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:9c:11:eb:dc:c7:8e:85:e7:35:47:ef:94:97:55:31:46:c0:
19:b7:10:7f:c9:af:d4:6d:96:a8:d5:13:5e:09:47:3d:1d:c7:
f2:cd:bc:8a:ca:e5:b8:38:90:c4:e1:14:c1:70:6c:95:27:0c:
5c:e3:c7:53:ed:64:ab:d1:78:8f:40:e2:86:ba:36:5b:f3:3e:
9c:f7:90:3e:4c:41:72:9f:bc:fd:53:ab:c1:d3:a0:4b:bb:fe:
ad:b3:3d:60:e5:7c:b1:2c:2a:02:bb:c5:ed:ad:b6:7a:1c:e3:
f4:3a:cf:e0:d0:65:07:8a:a3:81:4b:5a:ca:7a:a0:8c:4b:cd:
71:28:c8:68:22:40:90:6c:c2:aa:6a:4e:ac:e5:6c:d0:e4:f0:
68:59:91:37:ef:6c:d6:71:b0:6b:f8:f5:4a:33:96:dc:96:35:
d9:d5:85:4f:cd:f7:1a:24:ca:c1:88:fa:f3:d3:2a:21:19:ff:
cd:9c:a8:08:6c:a3:1e:6d:a8:aa:a4:ea:33:98:fe:3a:01:94:
f9:54:36:c1:77:a3:b9:e4:0c:46:1e:0f:38:63:ff:3f:bc:28:
1b:d5:01:f1:78:d3:19:e6:47:56:b2:91:24:27:2b:48:ec:54:
6a:97:85:4a:79:90:ca:be:e1:f3:cb:b0:62:d5:45:18:53:0f:
20:a3:90:b0
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUH04XOGqjcWAkU1SCYIZ8nUiGBWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0I5RDIwQTUyRDE4MzlFMEE3NDdCMjdFMzA5NjE1Mjcz
MTdCRTgyMDAeFw0yNjA3MTcxNzU1MTVaFw0yNjA3MTgxOTIwMTVaMDMxMTAvBgNV
BAMTKDNCQkU0NTJFNDQyQ0VBOTBEQjgxMDJGRkEwRTkzMDlFNERCQjdDOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChPo9Bv/1cL4UAjPncD9DFlH7G
yddIN/6xpYlow6e78RfiE/sv8fNxc7ADTzD9fxyrvRIJjF9JEUekfBUw3k8jAthq
PfFbj62ztS24Ro2qeTOoJROxaksThvwMRYtPkqithRBEX94K7l/zzpD+wA6ik6mF
4Rnc6UgiUo2p3PsL5RAtQszWLiqMNpjwlf45iFc77tioOHmY0fiJz+sUO961STTo
aFiM/5x6GSHzqyBqpYKy/31QjoEPoyZ6lfz6NtAM08aUaIwz+AH+xTof6LNUrGJw
j2VwHGmngx62ze4jUY17+wpZ2kuNhSYHANlNFOhW1ciJpk6GFu1IrFC4lhX1AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUO75FLkQs6pDbgQL/oOkwnk27fIowHwYDVR0j
BBgwFoAUe50gpS0YOeCnR7J+MJYVJzF76CAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v
NjZhZjRkZTUtNTAzNy00OTE3LTlhOTMtMDE5MmM2OTU5YmZiLzAvN0I5RDIwQTUy
RDE4MzlFMEE3NDdCMjdFMzA5NjE1MjczMTdCRTgyMC5jcmwwcgYIKwYBBQUHAQEE
ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl
cG8vSUROSUMvMS83QjlEMjBBNTJEMTgzOUUwQTc0N0IyN0UzMDk2MTUyNzMxN0JF
ODIwLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov
L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNjZhZjRkZTUtNTAzNy00OTE3LTlh
OTMtMDE5MmM2OTU5YmZiLzAvN0I5RDIwQTUyRDE4MzlFMEE3NDdCMjdFMzA5NjE1
MjczMTdCRTgyMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAB+cEevcx46F5zVH75SXVTFGwBm3EH/Jr9Rt
lqjVE14JRz0dx/LNvIrK5bg4kMThFMFwbJUnDFzjx1PtZKvReI9A4oa6NlvzPpz3
kD5MQXKfvP1Tq8HToEu7/q2zPWDlfLEsKgK7xe2ttnoc4/Q6z+DQZQeKo4FLWsp6
oIxLzXEoyGgiQJBswqpqTqzlbNDk8GhZkTfvbNZxsGv49UozltyWNdnVhU/N9xok
ysGI+vPTKiEZ/82cqAhsox5tqKqk6jOY/joBlPlUNsF3o7nkDEYeDzhj/z+8KBvV
AfF40xnmR1aykSQnK0jsVGqXhUp5kMq+4fPLsGLVRRhTDyCjkLA=
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:26:30 2026 by rpki-client