$ rpki-client -vvf rpki-rsync.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.mft File: 0FB62F1F0D10C5EC7D72410E5637525B621C4870.mft (raw, json) Hash identifier: 2Owsxcc1SJ1En3tpMZwMFu9MKimdKSwwbc+r8boko9s= Subject key identifier: B0:5E:24:4E:7B:84:D3:6C:05:E8:A3:D3:57:0F:2F:47:F5:1D:98:A2 Authority key identifier: 0F:B6:2F:1F:0D:10:C5:EC:7D:72:41:0E:56:37:52:5B:62:1C:48:70 Certificate issuer: /CN=0FB62F1F0D10C5EC7D72410E5637525B621C4870 Certificate serial: 0D3A5392F6B22DD9E9AC1D8634B755AF63325361 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 18:52:49 +0000 Manifest this update: Tue 02 Jun 2026 18:47:49 +0000 Manifest next update: Wed 03 Jun 2026 22:18:49 +0000 Files and hashes: 1: 3136302e32322e36372e302f32342d3234203d3e20313532383134.roa (hash: ChO0wv9yKUM7ukCp9cBiuF/qy0Q/8i0Sz7WEvpLu0oo=) 2: 3136302e32322e36362e302f32332d3233203d3e20313534343130.roa (hash: x+Zmass52e0XiEEcxmz35DHW32ZXdCP/lp7OD4a3w4Y=) 3: 3136302e32322e36362e302f32342d3234203d3e20313532383134.roa (hash: 4TAm+Tq7VEmBP4/ZDSMoQRtNl/2F8B0387VCKH9srzE=) 4: 3136302e32322e36362e302f32332d3233203d3e20313532383134.roa (hash: DVbfArMTlg+UHrMZklDTYc3fTbYxFUjdyjuDCut72nE=) 5: 0FB62F1F0D10C5EC7D72410E5637525B621C4870.crl (hash: Ft5TLt5TjeUsXUm4NxdiZzbq7CGFua3Ml15XirnOsbA=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.crl rsync://rpki-rsync.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 09:47:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:3a:53:92:f6:b2:2d:d9:e9:ac:1d:86:34:b7:55:af:63:32:53:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0FB62F1F0D10C5EC7D72410E5637525B621C4870 Validity Not Before: Jun 2 18:47:49 2026 GMT Not After : Jun 3 22:18:49 2026 GMT Subject: CN=B05E244E7B84D36C05E8A3D3570F2F47F51D98A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:e0:f7:5f:96:c6:f1:8b:cb:1f:12:02:61:9f: 49:c6:6b:a7:3d:92:3b:80:40:bd:9e:ec:16:75:7e: a6:3d:46:cc:91:13:ab:83:63:c7:47:54:50:b0:2f: 31:f5:ce:b4:70:bb:c1:3a:42:9c:5f:fc:7c:55:ce: 18:bc:5e:87:58:c2:82:00:1b:32:1d:8d:23:d4:12: 34:d5:2f:d1:c9:0b:25:eb:0c:10:2e:cd:76:23:0a: d5:03:98:ed:ff:9e:ef:61:47:cc:91:09:9c:20:71: 97:a9:db:c5:e9:bb:e6:86:23:8b:72:d0:fe:fa:b5: c7:7a:85:ec:a2:4d:0c:99:58:22:0c:63:63:0f:6a: 98:10:d7:46:99:17:3e:9d:21:85:d2:10:9c:ea:b2: bf:4b:2d:c8:41:66:b5:2f:e8:c4:a0:53:7c:4d:f9: 98:bf:ae:3e:0b:a0:9d:60:c4:40:8d:f4:0c:aa:a2: 54:50:77:3d:53:43:3a:a8:13:47:fb:cc:f1:8b:1b: 36:f6:00:06:4f:07:4e:ac:51:50:ca:30:94:c7:e8: 3f:8e:b1:01:27:14:12:e7:48:ce:42:38:c9:e3:78: 7b:c1:8c:6e:95:9d:5b:2d:a7:10:06:b3:6a:36:eb: 09:09:97:f0:a4:25:5d:e0:d7:91:8d:15:86:16:f3: 34:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:5E:24:4E:7B:84:D3:6C:05:E8:A3:D3:57:0F:2F:47:F5:1D:98:A2 X509v3 Authority Key Identifier: keyid:0F:B6:2F:1F:0D:10:C5:EC:7D:72:41:0E:56:37:52:5B:62:1C:48:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/0FB62F1F0D10C5EC7D72410E5637525B621C4870.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:8d:6e:cd:90:7d:f0:9c:15:64:d1:10:a3:11:7f:96:63:f2: 8f:b6:f9:3e:f0:29:81:3d:94:00:d1:be:c0:fd:56:cd:f1:99: c5:7f:7d:85:96:32:75:a4:ed:04:38:ca:97:c8:7c:7d:34:34: fd:06:ab:bc:81:68:17:25:d0:d3:6f:a4:c2:01:fa:52:7d:88: 56:b3:49:66:88:3b:c9:92:35:53:66:78:ac:46:b4:9e:36:b6: 59:98:49:3d:28:46:91:83:80:20:20:59:9f:26:e2:29:b5:b9: 52:57:e1:c2:58:15:6b:fd:50:d0:cc:16:e7:2a:08:31:42:5b: 58:06:6f:e1:9b:16:65:f0:70:12:83:1e:cd:e8:a2:00:fc:e8: 95:f7:d5:45:3b:ef:ce:88:79:53:d6:30:23:80:09:3c:56:cd: a4:97:8f:bb:0c:92:6f:49:6c:af:a3:50:0f:87:4b:5f:dd:79: 24:01:3d:8b:8e:f8:e6:24:9c:19:11:56:36:a5:0c:d9:ed:74: c4:c3:9b:7c:0b:84:72:9b:7f:61:c6:a0:10:1e:65:69:52:7e: 25:5e:fb:95:f8:0a:d0:9f:d9:a6:1c:60:d9:b0:55:4e:5a:0c: d9:1c:94:65:d0:36:de:5e:0c:62:19:29:7c:de:74:b4:7c:b1: 79:f8:2f:9c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDTpTkvayLdnprB2GNLdVr2MyU2EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEZCNjJGMUYwRDEwQzVFQzdENzI0MTBFNTYzNzUyNUI2 MjFDNDg3MDAeFw0yNjA2MDIxODQ3NDlaFw0yNjA2MDMyMjE4NDlaMDMxMTAvBgNV BAMTKEIwNUUyNDRFN0I4NEQzNkMwNUU4QTNEMzU3MEYyRjQ3RjUxRDk4QTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK4Pdflsbxi8sfEgJhn0nGa6c9 kjuAQL2e7BZ1fqY9RsyRE6uDY8dHVFCwLzH1zrRwu8E6Qpxf/HxVzhi8XodYwoIA GzIdjSPUEjTVL9HJCyXrDBAuzXYjCtUDmO3/nu9hR8yRCZwgcZep28Xpu+aGI4ty 0P76tcd6heyiTQyZWCIMY2MPapgQ10aZFz6dIYXSEJzqsr9LLchBZrUv6MSgU3xN +Zi/rj4LoJ1gxECN9AyqolRQdz1TQzqoE0f7zPGLGzb2AAZPB06sUVDKMJTH6D+O sQEnFBLnSM5COMnjeHvBjG6VnVstpxAGs2o26wkJl/CkJV3g15GNFYYW8zS3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUsF4kTnuE02wF6KPTVw8vR/UdmKIwHwYDVR0j BBgwFoAUD7YvHw0Qxex9ckEOVjdSW2IcSHAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v OWRiOTI3ZGYtYmM5Yy00YmU2LWExZmEtMmUxMjVjNDY5ZjcxLzAvMEZCNjJGMUYw RDEwQzVFQzdENzI0MTBFNTYzNzUyNUI2MjFDNDg3MC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC8wRkI2MkYxRjBEMTBDNUVDN0Q3MjQxMEU1NjM3NTI1QjYyMUM0 ODcwLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vOWRiOTI3ZGYtYmM5Yy00YmU2LWEx ZmEtMmUxMjVjNDY5ZjcxLzAvMEZCNjJGMUYwRDEwQzVFQzdENzI0MTBFNTYzNzUy NUI2MjFDNDg3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADWNbs2QffCcFWTREKMRf5Zj8o+2+T7wKYE9 lADRvsD9Vs3xmcV/fYWWMnWk7QQ4ypfIfH00NP0Gq7yBaBcl0NNvpMIB+lJ9iFaz SWaIO8mSNVNmeKxGtJ42tlmYST0oRpGDgCAgWZ8m4im1uVJX4cJYFWv9UNDMFucq CDFCW1gGb+GbFmXwcBKDHs3oogD86JX31UU7786IeVPWMCOACTxWzaSXj7sMkm9J bK+jUA+HS1/deSQBPYuO+OYknBkRVjalDNntdMTDm3wLhHKbf2HGoBAeZWlSfiVe +5X4CtCf2aYcYNmwVU5aDNkclGXQNt5eDGIZKXzedLR8sXn4L5w= -----END CERTIFICATE-----Generated at Tue Jun 2 21:32:12 2026 by rpki-client