$ rpki-client -vvf rpki-rsync.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.mft File: 3D36B37BDE25595112D2BB921B7F36C6A161CBA1.mft (raw, json) Hash identifier: GAu1x3ZX9pEQVkO05cPUZyzj6Zqr+oeG0QyTwFgmCUk= Subject key identifier: 8F:3F:F2:C5:FA:87:57:03:AB:4B:17:62:85:72:51:3D:94:1F:64:02 Authority key identifier: 3D:36:B3:7B:DE:25:59:51:12:D2:BB:92:1B:7F:36:C6:A1:61:CB:A1 Certificate issuer: /CN=3D36B37BDE25595112D2BB921B7F36C6A161CBA1 Certificate serial: 2A6853F1DBFAF4DEEB8470CF2D06D2AE9D90E3D2 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.mft Manifest number: 0F Signing time: Tue 12 May 2026 19:40:57 +0000 Manifest this update: Tue 12 May 2026 19:35:57 +0000 Manifest next update: Wed 13 May 2026 22:18:57 +0000 Files and hashes: 1: 3D36B37BDE25595112D2BB921B7F36C6A161CBA1.crl (hash: kMuIv2l3bag2Wh6Z2oc/+e9u1u0aE71Q5xGxc/gaOvs=) 2: 3130332e3130392e32362e302f32342d3234203d3e20313337333131.roa (hash: Doi0z4NEkGv6RXLNnraqWYaR8sRBho22P+RDGrr47z8=) 3: 3130332e3130392e32342e302f32342d3234203d3e20313337333131.roa (hash: yRTCL3qqZl+3vfyw12FbHiGh+XgdfssrTdi86LJj3XA=) 4: 3130332e3130392e32372e302f32342d3234203d3e20313337333131.roa (hash: G6e1r3DRuRea+xhgobcaC8YJTmew1ogfm81bEXCrCm0=) 5: 3130332e3130392e32352e302f32342d3234203d3e20313337333131.roa (hash: hSf4M6pKMLscH8R7TfP9AjqFEoXEdb3myJnr9z/AlaE=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.crl rsync://rpki-rsync.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:68:53:f1:db:fa:f4:de:eb:84:70:cf:2d:06:d2:ae:9d:90:e3:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D36B37BDE25595112D2BB921B7F36C6A161CBA1 Validity Not Before: May 12 19:35:57 2026 GMT Not After : May 13 22:18:57 2026 GMT Subject: CN=8F3FF2C5FA875703AB4B17628572513D941F6402 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:cd:11:91:fe:fa:38:cc:61:d2:b6:fd:e0:4e: fc:20:ef:ef:8c:d8:a7:63:5d:72:e5:54:4c:38:5d: ee:7d:11:af:8c:95:b9:9f:bf:87:8a:56:06:68:8b: 7b:e6:bb:db:04:74:6b:22:dd:47:0a:17:f3:db:c6: 18:b8:2e:dc:8e:1d:81:2b:c9:df:fd:c9:3b:2c:b1: 73:12:d3:50:52:2e:bc:33:11:6b:8e:19:c1:85:a8: 8e:06:1d:31:69:eb:b4:ba:ef:21:7b:72:d7:cc:b5: c6:4a:9e:6f:e0:0e:7c:da:0a:23:9e:9a:3e:ba:b1: 9a:3f:f2:45:0a:e6:19:42:39:83:87:12:e7:36:a1: a4:4e:bc:ad:67:d0:16:b8:5c:a6:1b:fe:5f:54:0a: 10:af:a8:f1:8d:ff:ad:0b:e6:90:b4:27:4b:4d:c2: 1c:d2:9d:72:b3:d2:b3:e0:49:b8:f8:dc:86:49:9d: 8c:2c:61:af:f6:25:bd:06:7e:3d:21:87:59:d5:27: 20:ec:fd:41:67:79:d6:06:25:2f:75:ab:35:cd:db: 6f:c3:09:1b:36:c4:7b:d4:b4:07:05:13:e8:e6:1b: 5a:29:0d:41:a9:12:88:08:4b:b6:14:70:7a:bd:cf: c2:01:b2:ac:d1:87:a5:c5:92:15:54:af:fc:47:73: 71:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:3F:F2:C5:FA:87:57:03:AB:4B:17:62:85:72:51:3D:94:1F:64:02 X509v3 Authority Key Identifier: keyid:3D:36:B3:7B:DE:25:59:51:12:D2:BB:92:1B:7F:36:C6:A1:61:CB:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3D36B37BDE25595112D2BB921B7F36C6A161CBA1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:7b:70:09:3d:4c:d0:7b:a8:0e:a0:55:9e:f8:f2:b9:c0:be: 54:54:2c:21:78:17:ac:4d:1e:83:b3:d9:6b:75:b2:3c:5e:b6: 5c:6d:22:cc:32:b5:0d:83:93:b9:81:02:6a:3f:3c:65:1f:6d: a1:b4:2f:c0:47:31:84:e3:0c:7e:7d:da:38:40:06:ed:38:7d: 17:f1:1e:6f:fd:7f:cd:c3:9f:03:e8:f8:74:b2:e9:8a:28:1c: c7:95:95:f3:fe:5e:a3:b4:26:6a:08:8c:b1:cc:11:e7:28:3a: c6:18:57:b9:b4:ac:ce:8d:14:13:e1:c5:65:10:ac:78:15:3f: 8a:2a:65:e7:51:dc:b0:ad:d7:b8:d4:5e:b7:76:d3:9c:5b:d3: 97:c3:93:c7:fb:17:21:cf:e3:7a:a3:83:55:61:5e:94:db:24: fa:d7:e2:83:7a:7a:9a:84:43:d0:5b:15:92:d8:91:3e:dd:df: d0:5b:e0:b9:d3:88:e2:4e:a9:4f:56:13:48:06:4b:e3:c0:8b: 21:32:13:88:33:42:aa:31:1d:92:9e:0d:40:a1:19:c0:23:b8: df:b9:a4:7b:37:3b:ff:b2:30:f3:a5:f9:87:37:85:80:51:35: b6:41:72:39:df:77:3d:0f:6c:86:74:55:91:c3:93:a6:07:1e: 13:21:ef:32 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKmhT8dv69N7rhHDPLQbSrp2Q49IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QzNkIzN0JERTI1NTk1MTEyRDJCQjkyMUI3RjM2QzZB MTYxQ0JBMTAeFw0yNjA1MTIxOTM1NTdaFw0yNjA1MTMyMjE4NTdaMDMxMTAvBgNV BAMTKDhGM0ZGMkM1RkE4NzU3MDNBQjRCMTc2Mjg1NzI1MTNEOTQxRjY0MDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBzRGR/vo4zGHStv3gTvwg7++M 2KdjXXLlVEw4Xe59Ea+Mlbmfv4eKVgZoi3vmu9sEdGsi3UcKF/Pbxhi4LtyOHYEr yd/9yTsssXMS01BSLrwzEWuOGcGFqI4GHTFp67S67yF7ctfMtcZKnm/gDnzaCiOe mj66sZo/8kUK5hlCOYOHEuc2oaROvK1n0Ba4XKYb/l9UChCvqPGN/60L5pC0J0tN whzSnXKz0rPgSbj43IZJnYwsYa/2Jb0Gfj0hh1nVJyDs/UFnedYGJS91qzXN22/D CRs2xHvUtAcFE+jmG1opDUGpEogIS7YUcHq9z8IBsqzRh6XFkhVUr/xHc3EpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUjz/yxfqHVwOrSxdihXJRPZQfZAIwHwYDVR0j BBgwFoAUPTaze94lWVES0ruSG382xqFhy6EwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZDgzNWNiNGEtMmZiOS00MGQ3LWIxNTUtZGNjZTdjYjAwMjkzLzAvM0QzNkIzN0JE RTI1NTk1MTEyRDJCQjkyMUI3RjM2QzZBMTYxQ0JBMS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zRDM2QjM3QkRFMjU1OTUxMTJEMkJCOTIxQjdGMzZDNkExNjFD QkExLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZDgzNWNiNGEtMmZiOS00MGQ3LWIx NTUtZGNjZTdjYjAwMjkzLzAvM0QzNkIzN0JERTI1NTk1MTEyRDJCQjkyMUI3RjM2 QzZBMTYxQ0JBMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEJ7cAk9TNB7qA6gVZ748rnAvlRULCF4F6xN HoOz2Wt1sjxetlxtIswytQ2Dk7mBAmo/PGUfbaG0L8BHMYTjDH592jhABu04fRfx Hm/9f83DnwPo+HSy6YooHMeVlfP+XqO0JmoIjLHMEecoOsYYV7m0rM6NFBPhxWUQ rHgVP4oqZedR3LCt17jUXrd205xb05fDk8f7FyHP43qjg1VhXpTbJPrX4oN6epqE Q9BbFZLYkT7d39Bb4LnTiOJOqU9WE0gGS+PAiyEyE4gzQqoxHZKeDUChGcAjuN+5 pHs3O/+yMPOl+Yc3hYBRNbZBcjnfdz0PbIZ0VZHDk6YHHhMh7zI= -----END CERTIFICATE-----Generated at Wed May 13 02:36:31 2026 by rpki-client