$ rpki-client -vvf rpki-rsync.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.mft File: CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.mft (raw, json) Hash identifier: gP5G9euDGv1vxBQU54nzV8CYIm98ikvbCcHAYclLSlU= Subject key identifier: 22:F7:DD:48:86:8B:39:1C:09:91:D0:FE:F9:D6:7A:63:33:D1:5E:03 Authority key identifier: CE:62:0D:0F:51:CB:0E:E1:C8:DF:26:4C:48:8C:E3:4D:0C:F3:3C:1C Certificate issuer: /CN=CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C Certificate serial: 48006872E8227BC7F0EBB9EFB8C9C392CCA6F57A Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.mft Manifest number: 42 Signing time: Sat 20 Jun 2026 05:26:23 +0000 Manifest this update: Sat 20 Jun 2026 05:21:23 +0000 Manifest next update: Sun 21 Jun 2026 05:54:23 +0000 Files and hashes: 1: 3130332e3234302e3131312e302f32342d3234203d3e203538383139.roa (hash: Zbsf0dYqnLxdlncAJCYqnzQ41srbRVWGXwAiyL3mwjg=) 2: 3130332e3234302e3130382e302f32322d3234203d3e203538383139.roa (hash: ymqzNsOJhmLcRFDDsoYR0MwzS6+nUhmsNkUUP+/NCsk=) 3: 3130332e3234302e3131302e302f32342d3234203d3e203538383139.roa (hash: C3zLhXQdm0Y8L/fkvQyrUb6nvy5u+LmWUMPrd0571WA=) 4: 3130332e3234302e3130382e302f32342d3234203d3e203538383139.roa (hash: ubZK1JZSOkQSdT51nvL6YxDcdnyD6UzUmGgbeftTx40=) 5: 3130332e3234302e3130392e302f32342d3234203d3e203538383139.roa (hash: TA/s8DKqVENi0iNK6VJjUYJ9iOIFI3fpPu0mJtiANFQ=) 6: CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.crl (hash: sjcJqDDoG6BJSiSLAhoNwZ+mblyYPYRw0wA6jHnZdFs=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.crl rsync://rpki-rsync.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 05:54:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:00:68:72:e8:22:7b:c7:f0:eb:b9:ef:b8:c9:c3:92:cc:a6:f5:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C Validity Not Before: Jun 20 05:21:23 2026 GMT Not After : Jun 21 05:54:23 2026 GMT Subject: CN=22F7DD48868B391C0991D0FEF9D67A6333D15E03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:8f:c4:fa:2c:2d:6b:e6:57:74:d1:12:88:df: 49:88:e4:8d:7c:a3:71:06:ef:a5:22:f2:82:1a:7c: b1:bb:6c:e2:36:5c:c3:2c:28:19:70:35:c7:42:f8: cf:ad:44:3f:4c:b3:a4:05:61:b6:ba:77:31:a5:a5: bb:e6:65:75:30:9d:1a:85:4d:d8:ae:ba:c0:7d:ce: 79:bd:70:c8:cd:5e:27:09:07:5d:90:d8:80:0b:bc: e1:53:49:7b:be:d6:97:00:ce:9d:dc:ea:dd:05:b0: 95:29:ff:97:18:6b:b4:4c:59:30:ed:be:b6:2a:32: 0f:49:8b:e1:af:26:83:26:8b:7d:53:a9:1f:f2:ff: 22:52:6a:dd:23:3f:6d:1e:e1:fd:dd:8d:fb:61:ca: b9:eb:e8:a7:ce:1d:ce:8b:55:19:5c:11:92:27:fe: 96:fc:94:d9:3c:06:12:05:59:f9:46:b8:fd:22:90: cf:cd:f2:93:15:12:16:05:ef:ce:40:ca:23:af:01: e0:c7:da:6c:2a:dc:5f:e5:cd:b8:1e:34:88:fb:b5: d9:84:69:34:f5:96:e3:b2:d3:5b:e5:7a:6a:94:b5: 94:f8:92:2e:c9:f4:be:69:65:8c:b3:06:e9:d5:d0: bb:43:64:c4:bb:a5:1f:88:2e:02:c8:fd:1a:ed:5d: 67:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:F7:DD:48:86:8B:39:1C:09:91:D0:FE:F9:D6:7A:63:33:D1:5E:03 X509v3 Authority Key Identifier: keyid:CE:62:0D:0F:51:CB:0E:E1:C8:DF:26:4C:48:8C:E3:4D:0C:F3:3C:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/CE620D0F51CB0EE1C8DF264C488CE34D0CF33C1C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:39:f9:59:15:56:23:f4:ab:af:df:1c:f1:4a:ff:0e:6b:3f: b5:98:f1:f9:4a:e1:8d:ac:ce:dd:be:20:cf:36:f1:c1:bd:0f: 2c:65:b5:2d:89:95:6f:9d:4f:91:b9:3c:82:32:95:0d:8c:3d: de:86:12:9a:61:39:32:83:d3:f6:af:e6:bd:a3:f4:e3:19:8f: 70:df:a1:f3:21:8f:b4:b6:01:42:85:9f:f0:88:cf:9d:10:d8: c1:83:72:18:6a:d6:82:9b:1e:17:3c:7c:ab:f3:62:2b:46:ce: df:53:f5:8b:86:c4:c4:bd:44:35:5a:22:3a:67:06:28:a1:48: 81:c0:aa:71:9e:23:00:f8:d0:45:6e:ad:45:aa:28:e8:fb:e4: a3:e2:41:3c:0d:40:12:94:87:f5:51:aa:5b:7b:a8:86:fe:4a: 2c:cd:6f:b3:72:ce:29:f2:fa:c8:e1:d2:d5:b0:91:e0:5d:1b: ab:45:77:55:42:6b:d5:5e:cb:f5:18:11:1a:f1:a9:20:36:88: d2:12:f5:87:3e:ab:9b:d0:92:e4:42:8e:9b:2c:13:a0:04:2e: ef:24:a1:fc:59:cf:3f:b0:c5:69:f5:70:f0:b1:a2:79:94:02: ef:95:b7:a6:d4:b6:be:8f:33:f1:83:86:8e:d0:54:69:29:04: d3:fb:17:f6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSABocugie8fw67nvuMnDksym9XowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0U2MjBEMEY1MUNCMEVFMUM4REYyNjRDNDg4Q0UzNEQw Q0YzM0MxQzAeFw0yNjA2MjAwNTIxMjNaFw0yNjA2MjEwNTU0MjNaMDMxMTAvBgNV BAMTKDIyRjdERDQ4ODY4QjM5MUMwOTkxRDBGRUY5RDY3QTYzMzNEMTVFMDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhj8T6LC1r5ld00RKI30mI5I18 o3EG76Ui8oIafLG7bOI2XMMsKBlwNcdC+M+tRD9Ms6QFYba6dzGlpbvmZXUwnRqF TdiuusB9znm9cMjNXicJB12Q2IALvOFTSXu+1pcAzp3c6t0FsJUp/5cYa7RMWTDt vrYqMg9Ji+GvJoMmi31TqR/y/yJSat0jP20e4f3djfthyrnr6KfOHc6LVRlcEZIn /pb8lNk8BhIFWflGuP0ikM/N8pMVEhYF785AyiOvAeDH2mwq3F/lzbgeNIj7tdmE aTT1luOy01vlemqUtZT4ki7J9L5pZYyzBunV0LtDZMS7pR+ILgLI/RrtXWcLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIvfdSIaLORwJkdD++dZ6YzPRXgMwHwYDVR0j BBgwFoAUzmIND1HLDuHI3yZMSIzjTQzzPBwwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v OGQwM2FmMDEtZjIzOS00YTFmLTgxY2QtNDEwNmJlYmIyYTIyLzAvQ0U2MjBEMEY1 MUNCMEVFMUM4REYyNjRDNDg4Q0UzNEQwQ0YzM0MxQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DRTYyMEQwRjUxQ0IwRUUxQzhERjI2NEM0ODhDRTM0RDBDRjMz QzFDLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vOGQwM2FmMDEtZjIzOS00YTFmLTgx Y2QtNDEwNmJlYmIyYTIyLzAvQ0U2MjBEMEY1MUNCMEVFMUM4REYyNjRDNDg4Q0Uz NEQwQ0YzM0MxQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABk5+VkVViP0q6/fHPFK/w5rP7WY8flK4Y2s zt2+IM828cG9DyxltS2JlW+dT5G5PIIylQ2MPd6GEpphOTKD0/av5r2j9OMZj3Df ofMhj7S2AUKFn/CIz50Q2MGDchhq1oKbHhc8fKvzYitGzt9T9YuGxMS9RDVaIjpn BiihSIHAqnGeIwD40EVurUWqKOj75KPiQTwNQBKUh/VRqlt7qIb+SizNb7Nyziny +sjh0tWwkeBdG6tFd1VCa9Vey/UYERrxqSA2iNIS9Yc+q5vQkuRCjpssE6AELu8k ofxZzz+wxWn1cPCxonmUAu+Vt6bUtr6PM/GDho7QVGkpBNP7F/Y= -----END CERTIFICATE-----Generated at Sat Jun 20 08:51:08 2026 by rpki-client