$ rpki-client -vvf rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft File: 33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft (raw, json) Hash identifier: kCQoswUOBifvjgQ/Q4NTl15rTMPSSeysfBZQhKnIKqU= Subject key identifier: 51:FA:67:61:6A:F8:44:51:CD:34:28:AB:11:FF:0D:77:FE:8A:05:9D Authority key identifier: 33:DC:D8:55:DE:6E:86:6A:83:A5:70:AB:A8:A1:DE:A5:A6:E3:0E:4D Certificate issuer: /CN=33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D Certificate serial: 7484A25BB41D845C4BD9A96CFB863FCBDB2422D0 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft Manifest number: 41 Signing time: Sat 20 Jun 2026 01:36:40 +0000 Manifest this update: Sat 20 Jun 2026 01:31:40 +0000 Manifest next update: Sun 21 Jun 2026 04:04:40 +0000 Files and hashes: 1: 3130332e3232362e3233332e302f32342d3234203d3e203539323736.roa (hash: uqKW3vXwMrHK/2SgTQdiTOjsX9kzPieFPKMfbMm8/NQ=) 2: 323430303a623138303a3a2f33322d3438203d3e203539323736.roa (hash: Pp8IAqZslv9JrsHvh5t4K1Xf7pozFAooFyaeWpnY8Hw=) 3: 3130332e3232362e3233342e302f32342d3234203d3e203539323736.roa (hash: suxBsM49rj/B+/QbrRHASWUhsJL/fsUqfhAd7EFeilQ=) 4: 33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.crl (hash: Nn1Vf5rLL7yY7tzDY+bY5TJF33yQ0igfmqxrMXzT9fg=) 5: 3130332e3232362e3233322e302f32322d3234203d3e203539323736.roa (hash: U02e5KxNF9MHIRapu80B9THLjIPZwCj+D7pGERVzSdk=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.crl rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 04:04:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:84:a2:5b:b4:1d:84:5c:4b:d9:a9:6c:fb:86:3f:cb:db:24:22:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D Validity Not Before: Jun 20 01:31:40 2026 GMT Not After : Jun 21 04:04:40 2026 GMT Subject: CN=51FA67616AF84451CD3428AB11FF0D77FE8A059D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:80:9c:c0:fa:29:c5:f5:c7:8f:d3:a6:26:4b: a9:fd:6d:e4:e3:0c:07:c1:0b:36:5f:1f:16:65:71: fd:a1:17:c9:ad:56:a7:a3:fa:a6:56:a7:c1:1f:71: 70:dc:2b:18:8f:1c:da:c5:3b:28:9b:f6:89:27:d6: be:84:3a:0b:f1:df:61:02:ca:f1:cb:78:c0:47:3e: 92:f8:78:fb:d3:47:12:17:83:1c:6c:e5:ae:f3:e7: dd:e8:12:57:1b:82:68:fc:b9:1a:30:ff:73:97:b3: 89:4d:29:b5:92:ba:4d:7a:e8:39:ba:b7:a3:61:70: ae:1b:eb:6e:54:f5:f1:e6:62:7f:9b:45:a2:be:72: b2:7f:37:85:ee:92:c9:e0:5f:a9:8a:f0:9a:cf:5e: 01:94:bb:e0:2d:c7:9e:52:40:d9:55:c4:2a:c3:07: 20:62:2a:32:3f:2c:46:93:dd:0c:c2:00:89:c1:92: fc:10:c3:be:1e:ab:6d:bd:ae:50:6c:2d:a0:2b:ac: 89:1b:e3:c2:f0:62:6e:63:d9:eb:f6:49:b5:a9:83: f4:1b:96:bd:1b:e7:c6:01:98:5d:7c:eb:ec:54:c7: 70:13:15:a6:c4:61:7e:f0:57:2a:bb:60:88:46:80: f3:f4:b9:7c:79:c8:3b:37:df:10:e8:08:4c:f4:4b: c2:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:FA:67:61:6A:F8:44:51:CD:34:28:AB:11:FF:0D:77:FE:8A:05:9D X509v3 Authority Key Identifier: keyid:33:DC:D8:55:DE:6E:86:6A:83:A5:70:AB:A8:A1:DE:A5:A6:E3:0E:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/bf542bc4-74dc-45dd-b659-745ca2aca333/0/33DCD855DE6E866A83A570ABA8A1DEA5A6E30E4D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:1b:ec:22:ac:a7:fa:67:9f:71:34:2f:14:fc:6a:fd:a8:87: 8e:65:d4:59:bb:8b:cf:0a:29:91:49:f5:26:67:73:ed:fc:c3: 18:9a:e5:8a:98:cf:d8:d7:23:54:d3:9e:78:a9:34:1e:38:2c: 49:84:f0:08:06:e3:1e:dd:7f:fd:8b:ac:d7:98:6e:ce:7d:8c: 96:93:88:c7:8b:48:74:76:ba:45:6b:d2:da:86:ca:31:e4:59: 03:71:95:b0:3c:55:ec:92:07:eb:c1:a2:d7:b2:34:9c:af:09: ed:e9:95:f2:79:b5:7a:2f:43:5a:a4:34:2a:81:4e:1a:76:e1: 6d:dd:7c:68:a8:5c:3c:2f:a3:b9:6f:6b:8e:19:48:e4:db:3e: 0e:40:5c:a6:ed:1b:11:75:d8:1a:bb:8e:56:35:88:06:e2:ed: 62:a1:f3:a0:73:22:a7:87:67:7c:9e:02:29:e9:6f:59:06:2e: dd:fa:3d:8e:81:d1:cc:c7:f5:54:50:94:40:91:6a:00:23:b8: 81:de:a5:5c:57:8f:8e:55:76:9f:18:74:9f:f1:4b:10:16:4f: dd:90:93:29:66:a8:37:62:03:04:eb:ae:0c:21:a9:21:22:4d: 45:35:c7:94:7a:87:1e:52:1b:e0:4a:1f:89:ad:ec:b9:fc:c1: ff:f8:e8:05 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdISiW7QdhFxL2als+4Y/y9skItAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzNEQ0Q4NTVERTZFODY2QTgzQTU3MEFCQThBMURFQTVB NkUzMEU0RDAeFw0yNjA2MjAwMTMxNDBaFw0yNjA2MjEwNDA0NDBaMDMxMTAvBgNV BAMTKDUxRkE2NzYxNkFGODQ0NTFDRDM0MjhBQjExRkYwRDc3RkU4QTA1OUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqgJzA+inF9ceP06YmS6n9beTj DAfBCzZfHxZlcf2hF8mtVqej+qZWp8EfcXDcKxiPHNrFOyib9okn1r6EOgvx32EC yvHLeMBHPpL4ePvTRxIXgxxs5a7z593oElcbgmj8uRow/3OXs4lNKbWSuk166Dm6 t6NhcK4b625U9fHmYn+bRaK+crJ/N4XuksngX6mK8JrPXgGUu+Atx55SQNlVxCrD ByBiKjI/LEaT3QzCAInBkvwQw74eq229rlBsLaArrIkb48LwYm5j2ev2SbWpg/Qb lr0b58YBmF186+xUx3ATFabEYX7wVyq7YIhGgPP0uXx5yDs33xDoCEz0S8IvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUUfpnYWr4RFHNNCirEf8Nd/6KBZ0wHwYDVR0j BBgwFoAUM9zYVd5uhmqDpXCrqKHepabjDk0wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YmY1NDJiYzQtNzRkYy00NWRkLWI2NTktNzQ1Y2EyYWNhMzMzLzAvMzNEQ0Q4NTVE RTZFODY2QTgzQTU3MEFCQThBMURFQTVBNkUzMEU0RC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zM0RDRDg1NURFNkU4NjZBODNBNTcwQUJBOEExREVBNUE2RTMw RTRELmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYmY1NDJiYzQtNzRkYy00NWRkLWI2 NTktNzQ1Y2EyYWNhMzMzLzAvMzNEQ0Q4NTVERTZFODY2QTgzQTU3MEFCQThBMURF QTVBNkUzMEU0RC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABcb7CKsp/pnn3E0LxT8av2oh45l1Fm7i88K KZFJ9SZnc+38wxia5YqYz9jXI1TTnnipNB44LEmE8AgG4x7df/2LrNeYbs59jJaT iMeLSHR2ukVr0tqGyjHkWQNxlbA8VeySB+vBoteyNJyvCe3plfJ5tXovQ1qkNCqB Thp24W3dfGioXDwvo7lva44ZSOTbPg5AXKbtGxF12Bq7jlY1iAbi7WKh86BzIqeH Z3yeAinpb1kGLt36PY6B0czH9VRQlECRagAjuIHepVxXj45Vdp8YdJ/xSxAWT92Q kylmqDdiAwTrrgwhqSEiTUU1x5R6hx5SG+BKH4mt7Ln8wf/46AU= -----END CERTIFICATE-----Generated at Sat Jun 20 09:21:13 2026 by rpki-client