$ rpki-client -vvf rpki-rsync.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.mft File: 3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.mft (raw, json) Hash identifier: Cw35ak2a7RbxLv+eTzL61kPCvFkxIPdEyeogq4TXDp0= Subject key identifier: D6:9C:A6:8A:88:15:D1:23:89:B0:EB:AF:48:6C:DB:27:0A:85:E7:76 Authority key identifier: 3B:68:6C:BC:79:43:CB:0E:E9:71:41:8D:B2:F4:1C:38:17:F7:DB:0B Certificate issuer: /CN=3B686CBC7943CB0EE971418DB2F41C3817F7DB0B Certificate serial: 51BD655DDD3E4B46CBF7201E74BBB474AB971DDF Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.mft Manifest number: 0E Signing time: Tue 12 May 2026 01:33:57 +0000 Manifest this update: Tue 12 May 2026 01:28:57 +0000 Manifest next update: Wed 13 May 2026 04:55:57 +0000 Files and hashes: 1: 3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.crl (hash: BBTb2XvyZMhSCZWc+lrnsavlOq1z+Jx9eSSnniqoFQ4=) 2: 323030313a6466343a353863303a3a2f34382d3438203d3e20313533313237.roa (hash: lJ60QC6hkGeg/VLRUN+YScgOEnnAlSVZ9ySMXaFKus8=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.crl rsync://rpki-rsync.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 04:55:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:bd:65:5d:dd:3e:4b:46:cb:f7:20:1e:74:bb:b4:74:ab:97:1d:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3B686CBC7943CB0EE971418DB2F41C3817F7DB0B Validity Not Before: May 12 01:28:57 2026 GMT Not After : May 13 04:55:57 2026 GMT Subject: CN=D69CA68A8815D12389B0EBAF486CDB270A85E776 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:f2:0c:55:d8:16:d3:20:98:e6:07:92:cd:d5: 72:ff:d7:fb:46:9c:94:09:67:c8:6a:0c:f2:d5:3c: df:8a:a9:97:0e:74:f6:ae:85:2d:ab:75:46:54:2a: 16:d7:90:d9:a2:d5:e5:6a:87:06:b2:7e:e1:ed:94: 17:96:bd:56:4e:64:06:7d:de:44:dc:c0:3d:b0:d1: 10:0e:ad:9b:1b:9a:52:65:3e:2d:c4:ec:b4:25:85: e3:0d:74:ee:6c:f1:3a:7c:21:58:97:6f:2a:43:15: ef:4c:bc:ff:26:05:c8:ec:08:69:ea:ab:1c:ee:80: 27:92:2d:a2:8f:d4:39:d7:f3:b1:92:a1:55:6c:67: 1e:29:6b:a3:16:1c:dc:16:e9:ef:ca:ea:bd:86:2c: 41:a4:77:b1:0e:60:0d:ca:5a:ba:4c:15:fb:96:f6: b0:10:24:4b:c3:d8:6d:eb:00:7d:c0:3f:44:a2:a8: ea:81:7d:a2:9e:a6:5b:cc:c3:8d:5a:4a:19:7b:ae: 68:68:13:a4:d6:64:3d:42:6d:ef:51:79:69:02:41: 03:84:fe:75:50:e4:bd:e5:e3:33:0c:e9:0a:b5:9c: c7:44:53:f0:57:3d:2c:a6:ad:61:b8:c1:79:09:89: 5d:ef:8c:ca:c4:9e:b5:f0:4e:c6:37:02:1e:10:23: 37:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:9C:A6:8A:88:15:D1:23:89:B0:EB:AF:48:6C:DB:27:0A:85:E7:76 X509v3 Authority Key Identifier: keyid:3B:68:6C:BC:79:43:CB:0E:E9:71:41:8D:B2:F4:1C:38:17:F7:DB:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/3B686CBC7943CB0EE971418DB2F41C3817F7DB0B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:ce:dc:06:5c:90:3b:2c:47:1f:b3:08:cc:7a:2a:21:23:eb: 66:35:16:49:bd:fc:d5:f6:fc:c5:e7:65:8b:2b:de:6e:26:af: 75:1c:ae:e8:0d:75:f6:90:23:c2:5a:4b:d5:ac:9f:fd:cc:08: fd:ed:6f:33:cf:94:d6:65:9a:98:a6:a8:a4:57:b9:6a:4a:44: e6:6a:05:3f:c8:d0:2a:cb:74:a8:91:f5:56:94:6f:9d:d0:0b: 00:16:dc:16:d6:68:f3:b6:db:3d:88:00:5e:13:ef:83:a4:50: 8a:95:47:36:ee:93:74:b5:b6:7a:00:15:fc:39:7c:b3:20:c0: d1:2e:f8:20:e0:dd:9c:31:c6:15:51:e0:4b:0f:13:e0:53:35: 83:26:7b:24:f2:b1:97:57:47:bd:2b:58:25:9b:73:c9:8c:a0: f0:35:f1:b5:f3:54:d2:7b:84:57:09:e5:54:a3:cd:b7:d0:53: 31:35:68:cb:22:7f:aa:60:a5:66:b6:6c:3e:a8:9d:5c:aa:21: 17:d4:4b:06:aa:59:68:83:2a:ce:e4:1d:03:25:bc:49:00:4b: e2:a2:5c:d6:b7:f2:4d:3a:7c:74:32:0f:d6:b7:37:3d:7e:a9: 55:7d:a4:48:08:10:61:1a:ed:1a:ca:b1:79:b6:55:39:bf:af: 39:3c:57:f9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUb1lXd0+S0bL9yAedLu0dKuXHd8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0I2ODZDQkM3OTQzQ0IwRUU5NzE0MThEQjJGNDFDMzgx N0Y3REIwQjAeFw0yNjA1MTIwMTI4NTdaFw0yNjA1MTMwNDU1NTdaMDMxMTAvBgNV BAMTKEQ2OUNBNjhBODgxNUQxMjM4OUIwRUJBRjQ4NkNEQjI3MEE4NUU3NzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS8gxV2BbTIJjmB5LN1XL/1/tG nJQJZ8hqDPLVPN+KqZcOdPauhS2rdUZUKhbXkNmi1eVqhwayfuHtlBeWvVZOZAZ9 3kTcwD2w0RAOrZsbmlJlPi3E7LQlheMNdO5s8Tp8IViXbypDFe9MvP8mBcjsCGnq qxzugCeSLaKP1DnX87GSoVVsZx4pa6MWHNwW6e/K6r2GLEGkd7EOYA3KWrpMFfuW 9rAQJEvD2G3rAH3AP0SiqOqBfaKeplvMw41aShl7rmhoE6TWZD1Cbe9ReWkCQQOE /nVQ5L3l4zMM6Qq1nMdEU/BXPSymrWG4wXkJiV3vjMrEnrXwTsY3Ah4QIzeBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1pymiogV0SOJsOuvSGzbJwqF53YwHwYDVR0j BBgwFoAUO2hsvHlDyw7pcUGNsvQcOBf32wswDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjFkOTdiNDAtYzAzMS00ZTViLTliNDItZDJhZTFjOWNmOTg3LzEvM0I2ODZDQkM3 OTQzQ0IwRUU5NzE0MThEQjJGNDFDMzgxN0Y3REIwQi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zQjY4NkNCQzc5NDNDQjBFRTk3MTQxOERCMkY0MUMzODE3RjdE QjBCLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzEvM0I2ODZDQkM3OTQzQ0IwRUU5NzE0MThEQjJGNDFD MzgxN0Y3REIwQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJrO3AZckDssRx+zCMx6KiEj62Y1Fkm9/NX2 /MXnZYsr3m4mr3UcrugNdfaQI8JaS9Wsn/3MCP3tbzPPlNZlmpimqKRXuWpKROZq BT/I0CrLdKiR9VaUb53QCwAW3BbWaPO22z2IAF4T74OkUIqVRzbuk3S1tnoAFfw5 fLMgwNEu+CDg3ZwxxhVR4EsPE+BTNYMmeyTysZdXR70rWCWbc8mMoPA18bXzVNJ7 hFcJ5VSjzbfQUzE1aMsif6pgpWa2bD6onVyqIRfUSwaqWWiDKs7kHQMlvEkAS+Ki XNa38k06fHQyD9a3Nz1+qVV9pEgIEGEa7RrKsXm2VTm/rzk8V/k= -----END CERTIFICATE-----Generated at Tue May 12 22:39:56 2026 by rpki-client