$ rpki-client -vvf rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.mft File: AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.mft (raw, json) Hash identifier: q/QZHPZkFvsreptcHbo6I0FMtrQ1Z7LOOrq5nR1DxsU= Subject key identifier: CC:6F:1C:07:BB:4E:39:26:BF:CA:CA:4F:57:64:81:3B:17:14:0E:98 Authority key identifier: AF:3D:1E:B6:F3:B7:4B:12:60:67:97:C3:1C:23:53:B7:80:FD:FD:FD Certificate issuer: /CN=AF3D1EB6F3B74B12606797C31C2353B780FDFDFD Certificate serial: 1076D5AC8C31E6153B05F32F28AC9E7D351DD541 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.mft Manifest number: 0E Signing time: Tue 12 May 2026 02:36:02 +0000 Manifest this update: Tue 12 May 2026 02:31:02 +0000 Manifest next update: Wed 13 May 2026 04:21:02 +0000 Files and hashes: 1: AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.crl (hash: NJ3OgLdUi2crQ867JFuQZFHYTK9401hAhNfaR3f2+Is=) 2: 3136302e32352e3131342e302f32342d3234203d3e20313533303731.roa (hash: 4yYHOQ19SUo4wUen+ovEY0nBNoIbYKAxFiddTf9qCzI=) 3: 3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa (hash: +597iuB7PbfMY+3aubsI/GkbNTaFIoKUe/CnIoipNDU=) 4: 3136302e32352e3131352e302f32342d3234203d3e20313533303731.roa (hash: odcITqAToT5yF34xeI2KwLrnQspjZLjDq5idgZAGEkU=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.crl rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 04:21:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:76:d5:ac:8c:31:e6:15:3b:05:f3:2f:28:ac:9e:7d:35:1d:d5:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF3D1EB6F3B74B12606797C31C2353B780FDFDFD Validity Not Before: May 12 02:31:02 2026 GMT Not After : May 13 04:21:02 2026 GMT Subject: CN=CC6F1C07BB4E3926BFCACA4F5764813B17140E98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:24:7d:fb:b8:05:f0:02:d8:6f:67:43:f5:c4: b9:ea:ea:e5:01:c6:80:6a:ca:39:a2:5b:68:ab:de: 20:cb:6b:62:92:ce:8b:99:ab:7c:09:7f:32:7a:c8: a8:3c:59:22:67:0c:bc:66:01:ec:d3:66:9e:46:e0: c2:0d:ac:7f:69:cf:91:28:01:f7:58:69:d2:d7:d1: 5f:60:64:ba:61:26:24:86:5c:c2:5c:87:e2:7d:ae: 9e:32:96:3b:13:c2:01:c2:20:5b:0d:ee:97:76:ad: f5:d3:fd:f3:33:b1:53:72:ea:70:96:91:bd:50:f8: e8:c3:10:45:60:7c:e6:e3:3b:cb:96:2f:91:33:1c: d0:51:bd:e8:93:e3:f9:3c:07:42:89:86:64:2c:dc: 22:a2:e6:f5:6e:5e:a8:8f:c7:2a:d0:74:64:30:f2: f6:71:38:55:e7:36:37:d5:95:f2:ba:99:e0:90:33: d0:ee:e9:44:90:ae:98:5b:4a:3b:0e:d5:c2:75:1a: 0d:5b:f7:ef:c6:6f:51:65:bd:0c:73:e8:98:5c:2c: cc:ca:e3:fb:88:9c:dc:1d:89:3e:73:d0:9a:fa:4a: 0a:39:2f:97:fd:54:ee:82:67:d9:f6:31:f1:6d:9f: 82:06:77:ae:a7:6d:04:4b:57:9d:18:72:e1:53:bd: 0a:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:6F:1C:07:BB:4E:39:26:BF:CA:CA:4F:57:64:81:3B:17:14:0E:98 X509v3 Authority Key Identifier: keyid:AF:3D:1E:B6:F3:B7:4B:12:60:67:97:C3:1C:23:53:B7:80:FD:FD:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:56:dc:fb:fa:12:7e:e7:d9:d6:f4:4a:19:85:bd:91:aa:46: 36:51:82:f2:47:86:78:a8:60:72:2d:b8:06:60:5e:42:eb:b1: 34:6e:f5:20:3f:89:03:e8:3e:2d:dd:b4:63:08:53:b2:9a:30: 10:0b:e8:90:98:c9:d8:ed:ba:2f:66:59:71:b1:c5:c2:db:67: 53:b4:46:06:0f:b2:78:47:ab:a4:82:73:f5:9b:16:dd:43:2c: a4:b2:3e:38:3b:00:2e:44:25:ad:1f:2b:b7:15:bc:e8:5f:e1: f2:b2:54:9d:cd:6e:e8:e2:ab:9a:63:50:99:d6:82:13:8a:93: 81:3d:41:3f:4e:e6:80:1a:a5:6b:3c:75:dd:47:e4:f3:28:9a: fb:fd:5a:46:f4:16:3a:82:00:30:5e:d6:f1:62:8a:b1:db:1c: 2d:dc:89:7f:ae:b9:ca:30:d2:c5:f9:91:61:b5:36:24:2e:36: 49:db:fc:a8:20:27:9e:f0:58:5a:e9:fd:15:51:e7:cc:e1:d7: 06:3c:a7:39:14:df:6f:35:e6:37:eb:d6:2a:f4:f3:d9:54:6f: 08:5d:68:c4:b0:52:3b:9a:5d:97:ec:bd:c8:ff:dd:71:c6:e0: 1f:6c:55:6b:80:a2:35:1c:e3:c3:ee:00:1a:87:17:a5:b7:60: e1:e3:df:e3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUEHbVrIwx5hU7BfMvKKyefTUd1UEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUYzRDFFQjZGM0I3NEIxMjYwNjc5N0MzMUMyMzUzQjc4 MEZERkRGRDAeFw0yNjA1MTIwMjMxMDJaFw0yNjA1MTMwNDIxMDJaMDMxMTAvBgNV BAMTKENDNkYxQzA3QkI0RTM5MjZCRkNBQ0E0RjU3NjQ4MTNCMTcxNDBFOTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkJH37uAXwAthvZ0P1xLnq6uUB xoBqyjmiW2ir3iDLa2KSzouZq3wJfzJ6yKg8WSJnDLxmAezTZp5G4MINrH9pz5Eo AfdYadLX0V9gZLphJiSGXMJch+J9rp4yljsTwgHCIFsN7pd2rfXT/fMzsVNy6nCW kb1Q+OjDEEVgfObjO8uWL5EzHNBRveiT4/k8B0KJhmQs3CKi5vVuXqiPxyrQdGQw 8vZxOFXnNjfVlfK6meCQM9Du6USQrphbSjsO1cJ1Gg1b9+/Gb1FlvQxz6JhcLMzK 4/uInNwdiT5z0Jr6Sgo5L5f9VO6CZ9n2MfFtn4IGd66nbQRLV50YcuFTvQqLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzG8cB7tOOSa/yspPV2SBOxcUDpgwHwYDVR0j BBgwFoAUrz0etvO3SxJgZ5fDHCNTt4D9/f0wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YzY3ODYwZTMtNmFkOC00N2E1LTk0YzAtOTNmZmQyNDcyODY1LzAvQUYzRDFFQjZG M0I3NEIxMjYwNjc5N0MzMUMyMzUzQjc4MEZERkRGRC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC9BRjNEMUVCNkYzQjc0QjEyNjA2Nzk3QzMxQzIzNTNCNzgwRkRG REZELmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYzY3ODYwZTMtNmFkOC00N2E1LTk0 YzAtOTNmZmQyNDcyODY1LzAvQUYzRDFFQjZGM0I3NEIxMjYwNjc5N0MzMUMyMzUz Qjc4MEZERkRGRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJZW3Pv6En7n2db0ShmFvZGqRjZRgvJHhnio YHItuAZgXkLrsTRu9SA/iQPoPi3dtGMIU7KaMBAL6JCYydjtui9mWXGxxcLbZ1O0 RgYPsnhHq6SCc/WbFt1DLKSyPjg7AC5EJa0fK7cVvOhf4fKyVJ3Nbujiq5pjUJnW ghOKk4E9QT9O5oAapWs8dd1H5PMomvv9Wkb0FjqCADBe1vFiirHbHC3ciX+uucow 0sX5kWG1NiQuNknb/KggJ57wWFrp/RVR58zh1wY8pzkU32815jfr1ir089lUbwhd aMSwUjuaXZfsvcj/3XHG4B9sVWuAojUc48PuABqHF6W3YOHj3+M= -----END CERTIFICATE-----Generated at Tue May 12 22:19:47 2026 by rpki-client