$ rpki-client -vvf rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft File: 3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft (raw, json) Hash identifier: DiMPH/JuunDAWADQjxVPqCZMGvyu41HNVSJp77lBrj0= Subject key identifier: F8:AB:C7:3D:5E:EC:C6:2A:E7:07:9B:D5:9D:C0:E3:3A:A5:B1:6B:E5 Authority key identifier: 3F:CF:F0:90:C7:92:01:30:40:BE:10:67:68:8C:2C:B7:E3:E8:8F:AC Certificate issuer: /CN=3FCFF090C792013040BE1067688C2CB7E3E88FAC Certificate serial: 055DE63E12C280873EE3BE877F62EABCC945D539 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3FCFF090C792013040BE1067688C2CB7E3E88FAC.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft Manifest number: 0F Signing time: Tue 12 May 2026 18:03:06 +0000 Manifest this update: Tue 12 May 2026 17:58:06 +0000 Manifest next update: Wed 13 May 2026 21:08:06 +0000 Files and hashes: 1: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: hCFV5sRxdzUQ0Ef1DHuXq2DMT11lGAzTPsRSkYtMfqM=) 2: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: NHpaZqHC4NTt91PhG1pzzVx+mpzKnTbfgFJI738LnKc=) 3: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: u3QjwTKhA3xZ6qBaPve22SqHeKd1Tl3v9fzrQkdIYDM=) 4: 3FCFF090C792013040BE1067688C2CB7E3E88FAC.crl (hash: KE+H4bbOtYsKwvdTOsTjzLQZXiqV6dwU6itwHqmhMJw=) 5: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: o6UES+tryYmpIwssyMXnmFCcFcBThAbWf6TdKlMd5ls=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.crl rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3FCFF090C792013040BE1067688C2CB7E3E88FAC.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:5d:e6:3e:12:c2:80:87:3e:e3:be:87:7f:62:ea:bc:c9:45:d5:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3FCFF090C792013040BE1067688C2CB7E3E88FAC Validity Not Before: May 12 17:58:06 2026 GMT Not After : May 13 21:08:06 2026 GMT Subject: CN=F8ABC73D5EECC62AE7079BD59DC0E33AA5B16BE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:0c:37:00:e6:d5:6a:9c:7a:41:d2:f0:bc:b5: f2:79:be:a0:c0:d0:ba:8f:76:bd:99:66:b4:24:0c: 64:86:dd:3e:20:04:6e:a7:f5:e0:d3:f1:05:24:12: cb:7f:bc:c1:f4:8b:d7:a8:62:17:82:e5:a0:3d:95: c5:4a:d7:12:a3:f3:55:4d:80:60:93:35:6f:f5:5d: d2:d2:cf:c1:39:49:2f:26:8d:29:02:a8:27:7a:25: d3:4e:8e:1a:24:ef:13:f9:d2:c1:00:8d:22:9e:8c: 83:40:27:06:e5:1d:c8:52:00:25:93:13:e5:3a:67: 9f:bf:60:9c:19:1d:bc:cb:4c:66:95:a3:be:68:96: 87:76:e0:4a:4c:c2:40:a1:dc:f2:01:74:b0:a6:4b: 23:d2:9a:3b:63:cb:d2:75:8c:93:b2:21:ee:53:29: 62:c4:db:1c:91:10:95:87:44:c7:c5:43:a2:78:98: 04:bb:63:74:7e:5c:08:51:09:a0:4d:26:1c:77:71: ad:59:a4:9d:07:e7:d9:54:9c:a7:da:a0:ae:f5:f1: a9:4e:27:5a:6a:79:8a:89:5f:c5:bb:12:b1:2e:2b: 45:7e:fa:9b:4b:5c:ed:66:75:93:3d:92:74:54:70: 29:8a:11:b7:04:f3:c6:75:a2:6a:8d:c0:8a:42:0e: 4c:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:AB:C7:3D:5E:EC:C6:2A:E7:07:9B:D5:9D:C0:E3:3A:A5:B1:6B:E5 X509v3 Authority Key Identifier: keyid:3F:CF:F0:90:C7:92:01:30:40:BE:10:67:68:8C:2C:B7:E3:E8:8F:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3FCFF090C792013040BE1067688C2CB7E3E88FAC.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:b8:dd:63:56:10:5c:89:a0:9f:25:5b:b2:46:2e:7e:68:f7: 61:66:4d:1c:72:e7:56:08:d9:97:b8:8e:98:ae:28:97:2f:8e: b2:1a:22:46:d2:78:9c:09:d2:95:ff:01:5d:6e:f2:20:84:f4: 81:8a:7a:8b:0a:62:b2:a5:d3:26:d6:78:00:5e:31:29:d2:a3: fc:ba:a7:ed:5c:c4:28:d6:4a:6a:99:f5:48:54:f2:5f:81:72: 33:b5:94:4b:5b:76:b9:ed:13:44:6e:05:b6:df:07:30:da:5d: f1:57:f0:f2:f6:fa:01:e2:07:1b:49:56:29:65:12:fd:ab:52: b3:c7:60:24:59:0e:b6:96:55:a8:28:47:32:1a:0e:47:22:e2: 48:39:3a:b3:60:3b:bc:35:90:42:22:cc:83:f3:9a:1a:16:a5: 1d:9c:0a:fb:c6:62:33:d4:2a:c2:0f:66:71:44:38:14:60:d3: b2:da:0d:92:2f:ed:58:c7:07:9d:89:b2:70:7c:c3:c4:c0:5b: 04:c1:64:fa:70:99:09:c8:cf:23:72:d9:1e:3c:57:b5:3f:66: ee:51:82:62:b2:e7:1b:aa:fd:1d:f8:8f:9e:7f:e8:4e:00:fd: 9b:b6:c4:7c:b6:3a:fd:b0:69:ff:46:ab:01:89:6b:85:54:47: 8e:02:39:64 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBV3mPhLCgIc+476Hf2LqvMlF1TkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0ZDRkYwOTBDNzkyMDEzMDQwQkUxMDY3Njg4QzJDQjdF M0U4OEZBQzAeFw0yNjA1MTIxNzU4MDZaFw0yNjA1MTMyMTA4MDZaMDMxMTAvBgNV BAMTKEY4QUJDNzNENUVFQ0M2MkFFNzA3OUJENTlEQzBFMzNBQTVCMTZCRTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmDDcA5tVqnHpB0vC8tfJ5vqDA 0LqPdr2ZZrQkDGSG3T4gBG6n9eDT8QUkEst/vMH0i9eoYheC5aA9lcVK1xKj81VN gGCTNW/1XdLSz8E5SS8mjSkCqCd6JdNOjhok7xP50sEAjSKejINAJwblHchSACWT E+U6Z5+/YJwZHbzLTGaVo75olod24EpMwkCh3PIBdLCmSyPSmjtjy9J1jJOyIe5T KWLE2xyREJWHRMfFQ6J4mAS7Y3R+XAhRCaBNJhx3ca1ZpJ0H59lUnKfaoK718alO J1pqeYqJX8W7ErEuK0V++ptLXO1mdZM9knRUcCmKEbcE88Z1omqNwIpCDky7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU+KvHPV7sxirnB5vVncDjOqWxa+UwHwYDVR0j BBgwFoAUP8/wkMeSATBAvhBnaIwst+Poj6wwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YmRhYmMwYmEtOTIyMi00YzQ1LTgzNDItZWI4NjQzYzQ5NjdkLzAvM0ZDRkYwOTBD NzkyMDEzMDQwQkUxMDY3Njg4QzJDQjdFM0U4OEZBQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zRkNGRjA5MEM3OTIwMTMwNDBCRTEwNjc2ODhDMkNCN0UzRTg4 RkFDLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvM0ZDRkYwOTBDNzkyMDEzMDQwQkUxMDY3Njg4QzJD QjdFM0U4OEZBQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADq43WNWEFyJoJ8lW7JGLn5o92FmTRxy51YI 2Ze4jpiuKJcvjrIaIkbSeJwJ0pX/AV1u8iCE9IGKeosKYrKl0ybWeABeMSnSo/y6 p+1cxCjWSmqZ9UhU8l+BcjO1lEtbdrntE0RuBbbfBzDaXfFX8PL2+gHiBxtJVill Ev2rUrPHYCRZDraWVagoRzIaDkci4kg5OrNgO7w1kEIizIPzmhoWpR2cCvvGYjPU KsIPZnFEOBRg07LaDZIv7VjHB52JsnB8w8TAWwTBZPpwmQnIzyNy2R48V7U/Zu5R gmKy5xuq/R34j55/6E4A/Zu2xHy2Ov2waf9GqwGJa4VUR44COWQ= -----END CERTIFICATE-----Generated at Wed May 13 02:13:19 2026 by rpki-client