$ rpki-client -vvf rpki-rsync.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.mft File: CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.mft (raw, json) Hash identifier: HbC7qx8odkjRiM1Zk1n0Ft+p7vMVaqeBbYjVhXYF1rE= Subject key identifier: 3D:FF:EB:DE:CB:AE:FB:20:7E:8A:98:53:14:3B:5F:A8:00:91:A9:C7 Authority key identifier: CF:E9:C1:4E:C2:F3:1A:24:1E:03:22:83:AB:ED:53:A3:F4:8D:7D:BF Certificate issuer: /CN=CFE9C14EC2F31A241E032283ABED53A3F48D7DBF Certificate serial: 21DC6CC868F840152159FB58314BCB9E8D4AA5B2 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.mft Manifest number: 0F Signing time: Tue 12 May 2026 14:19:09 +0000 Manifest this update: Tue 12 May 2026 14:14:09 +0000 Manifest next update: Wed 13 May 2026 17:17:09 +0000 Files and hashes: 1: 3130332e3136342e36392e302f32342d3234203d3e20313439343039.roa (hash: 0a0mRTJ0XyRsHSJ+cQxVKt1197ImdVbMp91dK9yMnIY=) 2: 3130332e3136342e36382e302f32332d3233203d3e20313534343130.roa (hash: mFbWoTOmfmUy9A6Zdh+QA4OmNagu//HZm5TsZoJfMkA=) 3: 3130332e3136342e36392e302f32342d3234203d3e20313534343130.roa (hash: TciBEZIFdVzpbJynXTJH57aL9koCtK5qOiPHCneTWcU=) 4: CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.crl (hash: PisV2QEuWDLH0w+ZDMvRNmIhhzgqXrR6lGXFftMT7Iw=) 5: 3130332e3136342e36382e302f32342d3234203d3e20313534343130.roa (hash: UN7kohH8Qopbcnmi1gjKLx1GBx8HbdAU7RiPemVEdmI=) 6: 3130332e3136342e36382e302f32342d3234203d3e20313439343039.roa (hash: kIk3y9Le8ITzH0gAYxjapj5XisvK0Ewo2TQq12RAexU=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.crl rsync://rpki-rsync.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:dc:6c:c8:68:f8:40:15:21:59:fb:58:31:4b:cb:9e:8d:4a:a5:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CFE9C14EC2F31A241E032283ABED53A3F48D7DBF Validity Not Before: May 12 14:14:09 2026 GMT Not After : May 13 17:17:09 2026 GMT Subject: CN=3DFFEBDECBAEFB207E8A9853143B5FA80091A9C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:8c:4a:18:d6:66:c7:1f:77:55:78:98:54:49: c4:ba:c1:fd:24:6a:08:79:99:18:bf:73:0d:1a:2d: 23:c9:5a:13:2f:de:8b:85:9c:95:0e:e8:91:b6:57: 9f:56:57:9b:d4:d4:09:71:87:f2:29:32:38:fb:dc: 3a:78:0d:36:83:e5:b2:4e:78:c9:51:e3:19:e8:bb: 37:0f:ad:a6:d9:0e:13:2d:51:1d:29:b3:df:4d:7e: 12:3b:dd:e1:fd:4d:18:0e:ff:1a:6a:76:9c:fe:d3: 8a:07:7c:76:83:df:ff:2d:ab:33:4e:78:f5:a5:16: 16:e3:e8:24:27:7b:92:3a:5f:4e:1b:6b:66:07:fb: 5c:80:6b:25:9d:b2:2e:45:df:a4:0d:e9:6c:8c:c7: 62:b0:a6:b5:4b:e2:65:1c:5c:ea:67:d7:00:bc:43: 63:b0:fb:94:1d:a2:0e:5b:fe:30:28:85:35:99:7a: 06:8e:60:86:dd:73:65:c8:b1:a5:6d:1e:90:04:d0: 61:b1:c0:7c:6a:b3:86:4b:f9:40:fa:88:70:f6:a0: 9e:a6:52:eb:ff:94:6e:ad:05:92:8e:85:82:12:e4: 67:46:bc:9f:0c:0d:55:ec:79:7c:15:55:be:d9:6c: 29:ba:d0:4d:6f:44:97:1b:09:46:ec:cb:b0:0f:29: 97:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:FF:EB:DE:CB:AE:FB:20:7E:8A:98:53:14:3B:5F:A8:00:91:A9:C7 X509v3 Authority Key Identifier: keyid:CF:E9:C1:4E:C2:F3:1A:24:1E:03:22:83:AB:ED:53:A3:F4:8D:7D:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/CFE9C14EC2F31A241E032283ABED53A3F48D7DBF.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:3b:55:64:2e:9a:d4:ac:f1:1f:09:ba:1f:06:8c:0e:c5:66: 95:16:3a:98:b2:e1:2f:72:0d:8e:91:03:32:a8:79:63:39:a1: f7:de:82:ea:78:3b:2d:d1:72:15:d5:50:b3:c5:2b:e9:bc:c8: 9c:8a:b9:40:42:1d:04:b9:33:94:94:ba:8d:29:c5:2c:88:76: 1b:9a:b2:7a:a3:59:21:f4:64:6c:6b:6d:82:a4:6f:29:98:88: d6:33:bd:0b:84:2d:0e:be:b7:4e:0b:bd:82:18:b1:1a:72:97: 16:53:67:12:4d:9e:b3:bb:5f:96:0e:9e:9a:07:fc:a5:f2:4a: 1e:13:36:e4:57:75:b9:d1:86:94:67:32:5d:53:65:b2:53:ee: fd:9f:89:41:1c:90:50:75:55:a0:a7:7c:1b:bc:89:ab:13:70: 0c:48:aa:80:5c:8f:ee:4d:ab:30:1a:32:5c:fa:3c:a3:e0:28: 35:96:5e:e4:48:50:f8:a4:36:59:3d:ee:d0:7c:e6:6e:0f:a3: a6:c0:ca:c1:35:b0:34:4a:f4:ad:fa:29:d9:d2:20:e1:67:bd: a2:d6:f4:3f:66:9d:80:45:57:28:4f:4e:4e:fd:e9:61:70:e0: 7b:d4:db:04:3c:f0:d2:9a:45:5e:5e:56:e0:bc:be:02:0b:db: 3d:ee:b5:c0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIdxsyGj4QBUhWftYMUvLno1KpbIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0ZFOUMxNEVDMkYzMUEyNDFFMDMyMjgzQUJFRDUzQTNG NDhEN0RCRjAeFw0yNjA1MTIxNDE0MDlaFw0yNjA1MTMxNzE3MDlaMDMxMTAvBgNV BAMTKDNERkZFQkRFQ0JBRUZCMjA3RThBOTg1MzE0M0I1RkE4MDA5MUE5QzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJjEoY1mbHH3dVeJhUScS6wf0k agh5mRi/cw0aLSPJWhMv3ouFnJUO6JG2V59WV5vU1Alxh/IpMjj73Dp4DTaD5bJO eMlR4xnouzcPrabZDhMtUR0ps99NfhI73eH9TRgO/xpqdpz+04oHfHaD3/8tqzNO ePWlFhbj6CQne5I6X04ba2YH+1yAayWdsi5F36QN6WyMx2KwprVL4mUcXOpn1wC8 Q2Ow+5Qdog5b/jAohTWZegaOYIbdc2XIsaVtHpAE0GGxwHxqs4ZL+UD6iHD2oJ6m Uuv/lG6tBZKOhYIS5GdGvJ8MDVXseXwVVb7ZbCm60E1vRJcbCUbsy7APKZePAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUPf/r3suu+yB+iphTFDtfqACRqccwHwYDVR0j BBgwFoAUz+nBTsLzGiQeAyKDq+1To/SNfb8wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v M2RiNmIzYmMtZmE2NS00OWYzLWFmNjEtMGQ1ZGMzOTMzNGExLzAvQ0ZFOUMxNEVD MkYzMUEyNDFFMDMyMjgzQUJFRDUzQTNGNDhEN0RCRi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DRkU5QzE0RUMyRjMxQTI0MUUwMzIyODNBQkVENTNBM0Y0OEQ3 REJGLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vM2RiNmIzYmMtZmE2NS00OWYzLWFm NjEtMGQ1ZGMzOTMzNGExLzAvQ0ZFOUMxNEVDMkYzMUEyNDFFMDMyMjgzQUJFRDUz QTNGNDhEN0RCRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGQ7VWQumtSs8R8Juh8GjA7FZpUWOpiy4S9y DY6RAzKoeWM5offegup4Oy3RchXVULPFK+m8yJyKuUBCHQS5M5SUuo0pxSyIdhua snqjWSH0ZGxrbYKkbymYiNYzvQuELQ6+t04LvYIYsRpylxZTZxJNnrO7X5YOnpoH /KXySh4TNuRXdbnRhpRnMl1TZbJT7v2fiUEckFB1VaCnfBu8iasTcAxIqoBcj+5N qzAaMlz6PKPgKDWWXuRIUPikNlk97tB85m4Po6bAysE1sDRK9K36KdnSIOFnvaLW 9D9mnYBFVyhPTk796WFw4HvU2wQ88NKaRV5eVuC8vgIL2z3utcA= -----END CERTIFICATE-----Generated at Tue May 12 22:46:59 2026 by rpki-client