$ rpki-client -vvf repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft File: 3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft (raw, json) Hash identifier: uBC3qjzc7uhJ1jdwppjxDKXRlB9Bq4RivMBzkMuAg+8= Subject key identifier: 40:69:8E:A9:59:1A:F3:A8:B6:A6:5A:DE:26:C3:5B:C6:26:30:29:AC Authority key identifier: 3E:0B:95:7B:58:2D:8A:EF:99:A4:9C:64:48:F9:99:3C:72:37:8B:F3 Certificate issuer: /CN=3E0B957B582D8AEF99A49C6448F9993C72378BF3 Certificate serial: 013F1925172773B208404A4DB04D01DE2C55379D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E0B957B582D8AEF99A49C6448F9993C72378BF3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft Manifest number: 0168 Signing time: Wed 25 Mar 2026 09:01:31 +0000 Manifest this update: Wed 25 Mar 2026 08:56:31 +0000 Manifest next update: Sat 28 Mar 2026 20:07:31 +0000 Files and hashes: 1: 3130332e3133322e3233302e302f32332d3234203d3e20313338313237.roa (hash: fcE9nxP4F/tonEL2jLycsAVcDyzYWrh05xw29/4haAg=) 2: 3130332e3133322e3233312e302f32342d3234203d3e20313338313237.roa (hash: WyVvseBUv5X8ksDjsVqSJfve5PyMPgdJn+/FGNUqcmk=) 3: 3E0B957B582D8AEF99A49C6448F9993C72378BF3.crl (hash: 7Q5eoQkEiIUpo2+deZAOfczbkiEKUjCubj7Jc0L8E6A=) 4: 3130332e3133322e3233302e302f32342d3234203d3e20313338313237.roa (hash: FC4YL6B+zkeYZOTJZ5N7Yi4YIq94WZ3uKMPO/1YmBIg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.crl rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E0B957B582D8AEF99A49C6448F9993C72378BF3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 20:07:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:3f:19:25:17:27:73:b2:08:40:4a:4d:b0:4d:01:de:2c:55:37:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E0B957B582D8AEF99A49C6448F9993C72378BF3 Validity Not Before: Mar 25 08:56:31 2026 GMT Not After : Mar 28 20:07:31 2026 GMT Subject: CN=40698EA9591AF3A8B6A65ADE26C35BC6263029AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:0d:0e:1e:8b:de:3a:6c:85:53:e9:3f:7c:77: e0:12:7f:a3:6a:37:d6:a3:04:08:2b:24:7b:de:63: 55:a0:df:5a:f8:e2:aa:a7:f4:1e:11:1e:fc:51:eb: d8:bb:e3:9d:ef:2c:ca:1e:20:05:3c:b0:04:69:36: 82:dd:bf:ac:3b:72:2f:5d:2d:61:9c:6e:26:06:42: 98:46:d0:ae:f6:2b:2f:f4:a4:79:f4:79:82:ac:d0: 2e:db:21:85:37:14:94:ed:9c:07:e5:04:db:db:35: 37:70:8b:54:83:aa:d8:69:13:1a:f8:83:93:4f:b4: 92:75:fc:98:32:e4:cb:5f:4a:0b:0b:31:b9:d1:90: 7c:4d:52:fd:5a:8a:07:e0:32:2a:24:fe:cf:d2:6a: e2:4a:f4:df:5a:e4:50:4e:ce:12:bf:ea:a3:84:3c: 3a:e8:15:bf:3c:91:12:57:1c:b5:e0:be:87:32:2f: 88:63:e2:21:34:5c:14:24:c6:41:94:f2:99:4a:e6: f1:71:48:ff:43:27:7d:2f:31:21:c1:6a:0d:9c:04: 33:e0:69:92:30:a8:b8:82:34:47:1a:c9:cb:02:1d: b1:c7:2d:9d:77:9d:c9:c7:37:28:d6:79:20:e8:a4: 14:02:99:b7:2d:42:5a:d1:5c:4b:ce:60:bd:11:a2: 3f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:69:8E:A9:59:1A:F3:A8:B6:A6:5A:DE:26:C3:5B:C6:26:30:29:AC X509v3 Authority Key Identifier: keyid:3E:0B:95:7B:58:2D:8A:EF:99:A4:9C:64:48:F9:99:3C:72:37:8B:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E0B957B582D8AEF99A49C6448F9993C72378BF3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:b8:0e:03:61:6b:9a:dd:0a:70:15:e5:29:c3:a7:40:f7:c6: 17:3b:5d:de:87:82:36:11:3d:74:02:cd:a1:44:33:0b:17:26: 71:c5:66:9b:de:17:fd:9e:a8:ef:f5:62:37:87:2b:90:0f:90: 36:d8:14:e3:98:35:d3:6d:04:4e:dd:5d:1f:56:bc:a6:0f:27: ec:a4:84:55:c2:c5:3b:0e:e4:91:ad:3b:ec:97:a5:e4:9e:cb: e8:c9:ec:ad:1b:17:e7:0b:ac:5e:51:0d:62:14:f9:40:3a:25: 8c:af:ab:c7:3b:09:be:94:10:f1:08:0f:fb:cf:83:83:54:9e: e2:84:69:bf:ce:6a:e3:5f:90:36:f2:7b:57:3f:c0:e0:a7:c8: 61:f5:d1:d2:e0:34:b9:48:00:ac:8d:33:89:25:3b:36:96:15: 36:36:e8:89:7f:e8:91:09:2b:23:93:41:d5:08:b3:d5:3b:a4: 67:2b:3c:9c:1d:5d:68:3b:75:f1:b9:b2:9b:44:4f:be:5a:fd: f4:c6:cf:e3:1e:4d:6a:e1:5a:10:42:d8:58:da:e0:27:8b:1d: 8e:20:bc:1d:3f:8d:c2:cb:03:d9:6d:ff:3c:3c:f6:a5:89:88: 79:44:eb:90:b1:d7:e0:3a:1c:05:46:fa:4c:23:c4:bb:f1:01: e5:06:ed:65 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAT8ZJRcnc7IIQEpNsE0B3ixVN50wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0UwQjk1N0I1ODJEOEFFRjk5QTQ5QzY0NDhGOTk5M0M3 MjM3OEJGMzAeFw0yNjAzMjUwODU2MzFaFw0yNjAzMjgyMDA3MzFaMDMxMTAvBgNV BAMTKDQwNjk4RUE5NTkxQUYzQThCNkE2NUFERTI2QzM1QkM2MjYzMDI5QUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsDQ4ei946bIVT6T98d+ASf6Nq N9ajBAgrJHveY1Wg31r44qqn9B4RHvxR69i7453vLMoeIAU8sARpNoLdv6w7ci9d LWGcbiYGQphG0K72Ky/0pHn0eYKs0C7bIYU3FJTtnAflBNvbNTdwi1SDqthpExr4 g5NPtJJ1/Jgy5MtfSgsLMbnRkHxNUv1aigfgMiok/s/SauJK9N9a5FBOzhK/6qOE PDroFb88kRJXHLXgvocyL4hj4iE0XBQkxkGU8plK5vFxSP9DJ30vMSHBag2cBDPg aZIwqLiCNEcaycsCHbHHLZ13ncnHNyjWeSDopBQCmbctQlrRXEvOYL0Roj/xAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQGmOqVka86i2plreJsNbxiYwKawwHwYDVR0j BBgwFoAUPguVe1gtiu+ZpJxkSPmZPHI3i/MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZWRjOWU0Zi04MTgwLTQxZDYtYjA4ZC04ZWU1YThhNzBhMDUvMC8zRTBCOTU3QjU4 MkQ4QUVGOTlBNDlDNjQ0OEY5OTkzQzcyMzc4QkYzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0UwQjk1N0I1ODJEOEFFRjk5QTQ5QzY0NDhGOTk5M0M3MjM3 OEJGMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGVkYzllNGYtODE4MC00MWQ2LWIw OGQtOGVlNWE4YTcwYTA1LzAvM0UwQjk1N0I1ODJEOEFFRjk5QTQ5QzY0NDhGOTk5 M0M3MjM3OEJGMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACq4DgNha5rdCnAV5SnDp0D3xhc7Xd6HgjYR PXQCzaFEMwsXJnHFZpveF/2eqO/1YjeHK5APkDbYFOOYNdNtBE7dXR9WvKYPJ+yk hFXCxTsO5JGtO+yXpeSey+jJ7K0bF+cLrF5RDWIU+UA6JYyvq8c7Cb6UEPEID/vP g4NUnuKEab/OauNfkDbye1c/wOCnyGH10dLgNLlIAKyNM4klOzaWFTY26Il/6JEJ KyOTQdUIs9U7pGcrPJwdXWg7dfG5sptET75a/fTGz+MeTWrhWhBC2Fja4CeLHY4g vB0/jcLLA9lt/zw89qWJiHlE65Cx1+A6HAVG+kwjxLvxAeUG7WU= -----END CERTIFICATE-----Generated at Thu Mar 26 16:46:42 2026 by rpki-client