
$ rpki-client -vvf rpki-rsync.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/662A1D1F0B83DCEAC73D973514979A1703FA9E28.mft
File: 662A1D1F0B83DCEAC73D973514979A1703FA9E28.mft (raw, json)
Hash identifier: RLW+qvbbtm+C30wWIImsPyT1as6jZeeTxDtL7Cx/ZKI=
Subject key identifier: 84:EC:29:BA:C7:B7:6A:00:CB:A2:DE:99:F5:B8:9A:70:EE:9D:E2:8D
Authority key identifier: 66:2A:1D:1F:0B:83:DC:EA:C7:3D:97:35:14:97:9A:17:03:FA:9E:28
Certificate issuer: /CN=662A1D1F0B83DCEAC73D973514979A1703FA9E28
Certificate serial: 22FA5D29C7FC05136F0C2AE4458A372C6EA92ADC
Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/662A1D1F0B83DCEAC73D973514979A1703FA9E28.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/662A1D1F0B83DCEAC73D973514979A1703FA9E28.mft
Manifest number: 67
Signing time: Fri 17 Jul 2026 17:09:06 +0000
Manifest this update: Fri 17 Jul 2026 17:04:06 +0000
Manifest next update: Sat 18 Jul 2026 20:17:06 +0000
Files and hashes: 1: 3230322e3135392e302e302f31382d3234203d3e2039333430.roa (hash: IfGffrMHINPuRfD4RL+78GjC4IFDiYDYpPLVDptGnC4=)
2: 3230322e3135392e39362e302f31392d3234203d3e2039333430.roa (hash: wQj10i6uxR8PMgl15oZaZmKj6Dkq8me1CXWhGz38VZw=)
3: 662A1D1F0B83DCEAC73D973514979A1703FA9E28.crl (hash: vM+qgnm8/WqMjc/Nb8d7bm3l/l15G4FlQlIm5MSP5Hk=)
4: 3131372e35342e302e302f31362d3234203d3e2039333430.roa (hash: NybJNfrfr/FQtxQSfpzK5NCbywm4KAHMLV7iC5XOQDQ=)
5: 3230322e3135332e3232342e302f31392d3234203d3e2039333430.roa (hash: thp9e79q4pO0KAuvlYoAaJIJd+/sNGpgdctK2HpTH70=)
6: 3230322e35332e3232342e302f31392d3234203d3e2039333430.roa (hash: PJEb98fYS4vg3BBgZ6XrL5za6qVUTLmXWj6MOSgyH3k=)
7: 3230322e3135392e35302e302f32332d3234203d3e203435373239.roa (hash: 0DjkrTA9ouNvrCsdojisPz41tYiFCwdDrjUDolphH5E=)
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/662A1D1F0B83DCEAC73D973514979A1703FA9E28.crl
rsync://rpki-rsync.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/662A1D1F0B83DCEAC73D973514979A1703FA9E28.mft
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/662A1D1F0B83DCEAC73D973514979A1703FA9E28.cer
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 18 Jul 2026 20:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:fa:5d:29:c7:fc:05:13:6f:0c:2a:e4:45:8a:37:2c:6e:a9:2a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662A1D1F0B83DCEAC73D973514979A1703FA9E28
Validity
Not Before: Jul 17 17:04:06 2026 GMT
Not After : Jul 18 20:17:06 2026 GMT
Subject: CN=84EC29BAC7B76A00CBA2DE99F5B89A70EE9DE28D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:79:5f:37:0b:e4:fe:62:0d:7f:a8:30:2e:d8:
c1:7d:13:25:5c:78:a5:98:07:cf:ef:a8:ac:56:fe:
36:2e:be:49:4b:5a:33:fd:24:f5:2e:f2:b0:f9:46:
6a:e3:4d:4c:23:3a:34:d7:88:eb:45:8c:9d:3c:47:
5f:0a:fc:0b:c7:14:3c:03:fa:51:e7:d2:b9:6b:0c:
0a:b2:30:39:20:ac:83:c3:57:94:44:b8:66:76:26:
5e:bf:ca:35:b3:ed:ce:c2:1d:eb:82:a3:37:2a:a3:
71:41:ce:5e:4c:58:98:1c:84:0c:2b:c8:16:c4:7e:
72:67:2a:1f:f8:1d:b0:32:da:4e:86:ee:d8:91:41:
c1:8e:9b:2c:c8:a3:b0:27:67:a8:59:bc:eb:df:fb:
f9:5b:7d:5f:4a:26:10:61:0b:dc:bd:c4:f0:83:fd:
ba:56:98:67:cd:62:5e:4c:9e:e7:1f:6c:00:d2:a1:
e8:1a:6f:6c:4f:fc:80:07:76:77:3e:e6:cd:86:ca:
1a:da:e8:a6:ba:67:13:8b:c4:14:c9:66:8a:4f:77:
11:5c:e9:15:ed:fb:17:b4:18:7f:fe:38:5e:c7:98:
08:39:82:cf:aa:db:80:e0:24:bc:1c:ae:ce:58:3c:
2c:9b:5b:93:c0:0e:67:f4:08:d0:a6:06:bc:93:ee:
fb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EC:29:BA:C7:B7:6A:00:CB:A2:DE:99:F5:B8:9A:70:EE:9D:E2:8D
X509v3 Authority Key Identifier:
keyid:66:2A:1D:1F:0B:83:DC:EA:C7:3D:97:35:14:97:9A:17:03:FA:9E:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/662A1D1F0B83DCEAC73D973514979A1703FA9E28.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/662A1D1F0B83DCEAC73D973514979A1703FA9E28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/662A1D1F0B83DCEAC73D973514979A1703FA9E28.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:57:df:96:50:26:e8:dd:e9:ac:b0:1d:02:93:cd:18:03:50:
c2:35:66:20:a7:4f:2c:a2:bc:cd:ea:19:d4:bb:01:cc:8d:c8:
a4:7e:99:12:41:66:57:98:d4:b7:57:a2:88:f0:10:69:f3:2d:
d7:7e:c7:df:3f:64:7c:0e:ee:4f:c6:94:b9:46:bf:4b:09:a6:
1a:88:93:95:2e:24:cb:53:c7:24:6d:91:10:57:25:da:99:84:
1a:ea:5e:37:3e:c5:58:2f:17:cd:4f:2d:f5:9c:03:ad:07:5b:
c8:02:10:32:14:84:96:de:c1:2e:26:e7:7f:aa:54:d4:45:69:
43:9e:bd:b0:1a:6a:6e:fa:21:27:71:95:0d:16:ce:84:c2:24:
54:b6:8d:93:be:f2:e1:ae:35:5d:de:26:8f:01:87:cd:56:ec:
1f:ec:e1:2f:37:2b:8c:c6:5e:e2:e8:64:e0:88:33:44:6e:31:
05:a4:ce:7c:51:e8:aa:f8:3a:dd:5f:1a:4c:3d:a8:de:a0:47:
5e:d6:62:bf:78:c9:8f:01:18:d5:68:27:8a:ed:70:42:07:29:
60:95:4e:36:75:17:fa:f9:6d:c0:17:21:85:9a:5e:18:00:5b:
44:ed:03:08:50:e5:42:2a:3f:f4:fb:a9:8a:a2:48:7d:16:e6:
95:4b:8d:a8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUIvpdKcf8BRNvDCrkRYo3LG6pKtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYyQTFEMUYwQjgzRENFQUM3M0Q5NzM1MTQ5NzlBMTcw
M0ZBOUUyODAeFw0yNjA3MTcxNzA0MDZaFw0yNjA3MTgyMDE3MDZaMDMxMTAvBgNV
BAMTKDg0RUMyOUJBQzdCNzZBMDBDQkEyREU5OUY1Qjg5QTcwRUU5REUyOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3eV83C+T+Yg1/qDAu2MF9EyVc
eKWYB8/vqKxW/jYuvklLWjP9JPUu8rD5RmrjTUwjOjTXiOtFjJ08R18K/AvHFDwD
+lHn0rlrDAqyMDkgrIPDV5REuGZ2Jl6/yjWz7c7CHeuCozcqo3FBzl5MWJgchAwr
yBbEfnJnKh/4HbAy2k6G7tiRQcGOmyzIo7AnZ6hZvOvf+/lbfV9KJhBhC9y9xPCD
/bpWmGfNYl5MnucfbADSoegab2xP/IAHdnc+5s2Gyhra6Ka6ZxOLxBTJZopPdxFc
6RXt+xe0GH/+OF7HmAg5gs+q24DgJLwcrs5YPCybW5PADmf0CNCmBryT7vvDAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUhOwpuse3agDLot6Z9biacO6d4o0wHwYDVR0j
BBgwFoAUZiodHwuD3OrHPZc1FJeaFwP6nigwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v
ZTViMWU1N2UtYTBmMS00NjdmLWE0NmYtNTVhMzE1N2IwZDY1LzAvNjYyQTFEMUYw
QjgzRENFQUM3M0Q5NzM1MTQ5NzlBMTcwM0ZBOUUyOC5jcmwwcgYIKwYBBQUHAQEE
ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl
cG8vSUROSUMvMS82NjJBMUQxRjBCODNEQ0VBQzczRDk3MzUxNDk3OUExNzAzRkE5
RTI4LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov
L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZTViMWU1N2UtYTBmMS00NjdmLWE0
NmYtNTVhMzE1N2IwZDY1LzAvNjYyQTFEMUYwQjgzRENFQUM3M0Q5NzM1MTQ5NzlB
MTcwM0ZBOUUyOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAGFX35ZQJujd6aywHQKTzRgDUMI1ZiCnTyyi
vM3qGdS7AcyNyKR+mRJBZleY1LdXoojwEGnzLdd+x98/ZHwO7k/GlLlGv0sJphqI
k5UuJMtTxyRtkRBXJdqZhBrqXjc+xVgvF81PLfWcA60HW8gCEDIUhJbewS4m53+q
VNRFaUOevbAaam76ISdxlQ0WzoTCJFS2jZO+8uGuNV3eJo8Bh81W7B/s4S83K4zG
XuLoZOCIM0RuMQWkznxR6Kr4Ot1fGkw9qN6gR17WYr94yY8BGNVoJ4rtcEIHKWCV
TjZ1F/r5bcAXIYWaXhgAW0TtAwhQ5UIqP/T7qYqiSH0W5pVLjag=
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:55:43 2026 by rpki-client