$ rpki-client -vvf rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft File: A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft (raw, json) Hash identifier: 8D0NoWq7urjaPgWWV6PzCZrmTaPq3S9B73e4lQIdOnA= Subject key identifier: 79:DF:07:1F:3B:73:13:93:88:9E:2A:38:6F:E5:25:46:E2:CE:97:C3 Authority key identifier: A8:D2:11:A5:40:A0:A5:7C:5D:6A:CB:50:32:09:1B:1A:80:BA:45:8A Certificate issuer: /CN=A8D211A540A0A57C5D6ACB5032091B1A80BA458A Certificate serial: 12D70DE9820005ECCDAC63ED6AB93FD66D2F7CA6 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft Manifest number: 41 Signing time: Fri 19 Jun 2026 23:19:06 +0000 Manifest this update: Fri 19 Jun 2026 23:14:06 +0000 Manifest next update: Sun 21 Jun 2026 01:46:06 +0000 Files and hashes: 1: 3130332e37302e31362e302f32322d3232203d3e20313335343632.roa (hash: Tf1EVsRaCkdXitEPeo2GAGcjlLdYQ1D5kk2M9WCpy3U=) 2: 3130332e37302e31392e302f32342d3234203d3e20313335343632.roa (hash: 7evCo+jZlUXwDGTBsCsQhDg2DWHBDqS4cWsJw91trY0=) 3: 3130332e37302e31372e302f32342d3234203d3e20313335343632.roa (hash: lI29Pn9PS61mVywxJrefD11DZjjtEbyEF7MkqWi1LZ4=) 4: 3130332e37302e31362e302f32342d3234203d3e20313335343632.roa (hash: SJ+P4+oX8hijYzZ9qA/WaUDV4gideRVgm7o6icDoWoM=) 5: A8D211A540A0A57C5D6ACB5032091B1A80BA458A.crl (hash: CZsdMTiTnbhUkmKRbpcVbt/P80FGet8ixXr7YYcrxk4=) 6: 3130332e37302e31382e302f32342d3234203d3e20313335343632.roa (hash: m9ehKEyZKrnBxPUxglJU8vra1GpJJTUpkzpv7UpDmeA=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.crl rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 01:46:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:d7:0d:e9:82:00:05:ec:cd:ac:63:ed:6a:b9:3f:d6:6d:2f:7c:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A8D211A540A0A57C5D6ACB5032091B1A80BA458A Validity Not Before: Jun 19 23:14:06 2026 GMT Not After : Jun 21 01:46:06 2026 GMT Subject: CN=79DF071F3B731393889E2A386FE52546E2CE97C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:48:df:ac:17:5a:02:86:ce:e0:cf:c0:69:a1: 87:00:6e:61:4b:59:df:a7:3a:b1:39:5e:16:8d:74: af:54:8a:dd:5d:25:db:2b:95:ef:2c:16:76:48:c9: 2a:b2:a5:95:8b:b6:0e:2e:5f:74:68:5a:c9:bd:52: 8d:b0:f6:ab:c7:3c:6f:be:4d:03:91:55:f8:33:80: ac:08:7b:4b:57:ad:7c:5a:53:0c:52:de:86:25:cd: c3:58:62:c0:d7:5e:43:b7:dd:5a:7f:c4:51:e0:3c: 64:4a:33:d3:da:36:97:b3:c2:8a:6c:60:db:c2:be: 6a:e1:37:30:40:b9:ee:77:63:a4:87:53:7c:a2:db: db:66:64:e4:90:0d:3e:69:b1:9e:1d:e1:72:75:77: 62:5f:fc:ec:7f:d2:f6:cf:20:b1:f0:1d:77:0f:0d: 04:35:33:d4:bc:57:42:4b:ce:8b:89:6d:13:58:6e: 7c:de:83:48:dd:74:30:87:b5:40:3a:e3:3a:fe:ed: e5:60:44:72:da:97:28:93:c2:ee:df:6c:2b:f5:a1: 71:9c:b6:05:86:fc:0f:9a:d4:c1:b1:6d:2b:96:71: 0c:d6:f2:88:98:5b:7f:4c:53:64:70:64:26:45:63: e3:02:63:47:fa:e1:70:14:cb:8a:6a:b5:43:15:7e: cc:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:DF:07:1F:3B:73:13:93:88:9E:2A:38:6F:E5:25:46:E2:CE:97:C3 X509v3 Authority Key Identifier: keyid:A8:D2:11:A5:40:A0:A5:7C:5D:6A:CB:50:32:09:1B:1A:80:BA:45:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:53:c5:89:5e:b9:52:80:2a:ab:e1:ec:91:90:c9:83:fa:c7: f6:b0:e9:a3:06:7b:ec:75:18:6a:f1:21:5d:9c:26:02:3c:21: 2c:fd:d8:bf:33:d0:52:cc:f8:61:c9:60:86:98:a5:c6:c2:f9: b6:56:04:49:8a:2c:49:c6:aa:0b:83:7d:d5:33:92:3a:f4:93: af:84:1d:f9:f5:97:d9:84:8d:85:96:b7:53:e4:f6:de:e2:84: fb:ef:0b:ff:ed:ee:69:fc:9b:78:3d:91:30:69:c9:62:45:66: b9:f3:5e:cc:86:40:d7:b0:91:7f:6b:dc:cc:c6:a1:5d:9d:6a: e2:15:0a:72:c7:1f:ff:de:cc:1d:d2:87:e8:61:b4:c7:04:62: 95:10:59:f6:9e:6b:19:85:79:0a:a6:ec:e2:d9:f0:3a:88:fd: 0e:2c:6a:8a:21:35:23:c3:13:ad:c1:ac:5d:44:47:7b:8f:f7: 48:e6:2e:6b:3f:45:02:3f:70:a4:b6:29:bc:7d:e1:02:f1:15: 85:1b:02:e5:58:dd:2f:0d:f5:88:35:78:8a:a2:fe:52:d4:14: 5d:2a:bb:ae:86:18:3d:a5:72:66:51:2d:d6:31:0b:6a:2e:ad: 3f:e7:22:d6:d6:3f:c3:95:1a:f4:d0:f3:6f:32:7a:8c:51:4e: 09:5b:ef:e3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUEtcN6YIABezNrGPtark/1m0vfKYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQThEMjExQTU0MEEwQTU3QzVENkFDQjUwMzIwOTFCMUE4 MEJBNDU4QTAeFw0yNjA2MTkyMzE0MDZaFw0yNjA2MjEwMTQ2MDZaMDMxMTAvBgNV BAMTKDc5REYwNzFGM0I3MzEzOTM4ODlFMkEzODZGRTUyNTQ2RTJDRTk3QzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCySN+sF1oChs7gz8BpoYcAbmFL Wd+nOrE5XhaNdK9Uit1dJdsrle8sFnZIySqypZWLtg4uX3RoWsm9Uo2w9qvHPG++ TQORVfgzgKwIe0tXrXxaUwxS3oYlzcNYYsDXXkO33Vp/xFHgPGRKM9PaNpezwops YNvCvmrhNzBAue53Y6SHU3yi29tmZOSQDT5psZ4d4XJ1d2Jf/Ox/0vbPILHwHXcP DQQ1M9S8V0JLzouJbRNYbnzeg0jddDCHtUA64zr+7eVgRHLalyiTwu7fbCv1oXGc tgWG/A+a1MGxbSuWcQzW8oiYW39MU2RwZCZFY+MCY0f64XAUy4pqtUMVfszBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUed8HHztzE5OInio4b+UlRuLOl8MwHwYDVR0j BBgwFoAUqNIRpUCgpXxdastQMgkbGoC6RYowDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODZmNGQ0ZjEtYjM2Yy00YTQ2LTg4NDQtNGU2YzdhM2M5N2Q5LzAvQThEMjExQTU0 MEEwQTU3QzVENkFDQjUwMzIwOTFCMUE4MEJBNDU4QS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BOEQyMTFBNTQwQTBBNTdDNUQ2QUNCNTAzMjA5MUIxQTgwQkE0 NThBLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vODZmNGQ0ZjEtYjM2Yy00YTQ2LTg4 NDQtNGU2YzdhM2M5N2Q5LzAvQThEMjExQTU0MEEwQTU3QzVENkFDQjUwMzIwOTFC MUE4MEJBNDU4QS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIVTxYleuVKAKqvh7JGQyYP6x/aw6aMGe+x1 GGrxIV2cJgI8ISz92L8z0FLM+GHJYIaYpcbC+bZWBEmKLEnGqguDfdUzkjr0k6+E Hfn1l9mEjYWWt1Pk9t7ihPvvC//t7mn8m3g9kTBpyWJFZrnzXsyGQNewkX9r3MzG oV2dauIVCnLHH//ezB3Sh+hhtMcEYpUQWfaeaxmFeQqm7OLZ8DqI/Q4saoohNSPD E63BrF1ER3uP90jmLms/RQI/cKS2Kbx94QLxFYUbAuVY3S8N9Yg1eIqi/lLUFF0q u66GGD2lcmZRLdYxC2ourT/nItbWP8OVGvTQ828yeoxRTglb7+M= -----END CERTIFICATE-----Generated at Sat Jun 20 09:18:45 2026 by rpki-client