$ rpki-client -vvf rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft File: A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft (raw, json) Hash identifier: nPmVHrc793hLFinZCZrTs/73e/pGb7MpitCmgXwvYuw= Subject key identifier: 9E:25:6B:0C:E6:5B:7B:D3:32:36:2A:8F:0B:41:3B:90:DD:C2:AE:59 Authority key identifier: A3:CE:6E:B5:31:A8:95:1D:24:A3:7D:F2:7A:01:EB:39:65:1D:7E:CA Certificate issuer: /CN=A91FD4CC0000/serialNumber=A3CE6EB531A8951D24A37DF27A01EB39651D7ECA Certificate serial: 47B3D12DF039D12434E56A2D10330EEE569E71EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft Manifest number: A4 Signing time: Fri 27 Mar 2026 17:31:31 +0000 Manifest this update: Fri 27 Mar 2026 17:26:31 +0000 Manifest next update: Sat 28 Mar 2026 20:21:31 +0000 Files and hashes: 1: A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl (hash: +1Jonb7P0ZzGdh99ETSr75tk15FCA4MmYThZpAM7TXU=) 2: 323430333a373163303a3a2f33322d3438203d3e2033323538.roa (hash: A+n33m7aMq8dWmlNODuImDbmHluR0nRCgY8pOPk9SGU=) 3: 3130332e3132312e3230382e302f32322d3234203d3e2033323538.roa (hash: m8YqiID+Q725PKBIKrUauO2lTKAbZU016aARa/XfmOg=) Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 20:21:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:b3:d1:2d:f0:39:d1:24:34:e5:6a:2d:10:33:0e:ee:56:9e:71:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD4CC0000, serialNumber=A3CE6EB531A8951D24A37DF27A01EB39651D7ECA Validity Not Before: Mar 27 17:26:31 2026 GMT Not After : Mar 28 20:21:31 2026 GMT Subject: CN=9E256B0CE65B7BD332362A8F0B413B90DDC2AE59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:97:bb:98:3f:c9:14:1a:eb:99:bc:01:f3:e2: 53:48:63:6f:be:e2:ce:d5:49:7c:35:70:a2:7a:42: a4:3a:a5:88:73:7b:1f:7b:c8:54:36:3b:be:2c:65: 97:2b:77:0d:32:eb:cd:63:63:e5:79:9d:cb:0c:38: 52:09:9c:94:61:5e:de:a7:21:7b:e5:6b:27:5f:e5: d2:11:d1:63:32:d6:1f:4f:2a:95:12:ee:1a:e2:3b: 9f:26:a4:35:38:d3:02:f9:5c:99:54:ba:9c:48:a2: a1:d7:0a:ef:dd:8e:59:49:0c:7b:b8:98:1f:6b:2e: ee:dc:9a:91:fd:8e:18:34:d9:56:a1:3d:5b:38:f4: 03:ef:30:0f:a5:60:20:41:f1:68:1a:60:4c:ae:0f: f9:ad:9c:0b:a1:e3:6c:8a:7d:4d:44:68:20:fe:4c: 34:11:10:97:6d:cc:7d:db:29:13:26:8c:5f:53:88: 72:ff:7b:22:d5:43:99:dc:d7:6d:0b:37:f5:e7:71: 01:8c:b6:d8:2c:ba:71:f0:bf:f9:2c:79:ed:45:33: b3:d8:c2:9c:b3:60:a0:5e:1a:10:a3:cb:be:68:5b: 15:f4:c8:8d:96:75:a6:97:5e:48:11:61:64:47:bc: 4a:40:c3:93:ca:93:a2:70:30:91:8e:97:03:54:22: 41:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:25:6B:0C:E6:5B:7B:D3:32:36:2A:8F:0B:41:3B:90:DD:C2:AE:59 X509v3 Authority Key Identifier: keyid:A3:CE:6E:B5:31:A8:95:1D:24:A3:7D:F2:7A:01:EB:39:65:1D:7E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:a0:12:5d:37:04:5c:3f:ad:28:fd:7f:92:a1:15:c7:2f:0d: 12:13:a9:1d:e9:07:e8:f6:0f:85:53:90:bc:90:99:08:2f:5f: ac:37:cf:38:80:6e:b9:9b:8f:90:ca:a6:e8:b4:52:d4:03:ab: 76:ad:d9:44:b4:68:79:7c:7a:10:5f:ab:fe:a1:81:78:be:a2: fa:fc:4e:db:2b:b1:7c:c2:a7:5f:90:92:2a:55:e4:fe:39:63: 75:50:b3:c0:92:55:2e:be:52:c0:53:a0:06:0e:c8:52:91:a0: 98:bc:0b:a8:f4:9c:31:49:8b:09:e2:c6:04:de:b2:5b:83:57: 4c:9e:eb:39:a3:27:30:e6:0c:7f:ee:55:7f:5a:3f:6d:68:83: 00:1a:25:bd:d2:8a:32:52:25:f6:de:41:0c:a3:9f:50:0a:3a: 5f:30:45:5c:0b:4a:10:d1:b5:9f:8a:f0:1c:51:42:ae:d1:32: 93:1e:7d:15:44:fe:cf:0e:42:72:1c:ae:f2:ca:4f:c1:ca:17: b0:42:ce:e5:50:2b:b3:59:09:f2:11:55:7c:ab:88:35:2c:1e: de:5f:15:ba:95:ff:f3:f2:94:15:5a:51:c9:c5:00:2a:5f:cc: 65:6b:41:58:e8:2c:36:92:02:70:ff:25:28:6a:28:6f:32:a0: cd:59:da:3a -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUR7PRLfA50SQ05WotEDMO7laeceowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkQ0Q0MwMDAwMTEwLwYDVQQFEyhBM0NFNkVCNTMx QTg5NTFEMjRBMzdERjI3QTAxRUIzOTY1MUQ3RUNBMB4XDTI2MDMyNzE3MjYzMVoX DTI2MDMyODIwMjEzMVowMzExMC8GA1UEAxMoOUUyNTZCMENFNjVCN0JEMzMyMzYy QThGMEI0MTNCOTBEREMyQUU1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANKXu5g/yRQa65m8AfPiU0hjb77iztVJfDVwonpCpDqliHN7H3vIVDY7vixl lyt3DTLrzWNj5Xmdyww4UgmclGFe3qche+VrJ1/l0hHRYzLWH08qlRLuGuI7nyak NTjTAvlcmVS6nEiiodcK792OWUkMe7iYH2su7tyakf2OGDTZVqE9Wzj0A+8wD6Vg IEHxaBpgTK4P+a2cC6HjbIp9TURoIP5MNBEQl23MfdspEyaMX1OIcv97ItVDmdzX bQs39edxAYy22Cy6cfC/+Sx57UUzs9jCnLNgoF4aEKPLvmhbFfTIjZZ1ppdeSBFh ZEe8SkDDk8qTonAwkY6XA1QiQdMCAwEAAaOCAfUwggHxMB0GA1UdDgQWBBSeJWsM 5lt70zI2Ko8LQTuQ3cKuWTAfBgNVHSMEGDAWgBSjzm61MaiVHSSjffJ6Aes5ZR1+ yjAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU5L0EzQ0U2RUI1MzFBODk1MUQyNEEzN0RGMjdB MDFFQjM5NjUxRDdFQ0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL284NXV0VEdvbFIwa28zM3llZ0hyT1dVZGZzby5j ZXIwagYIKwYBBQUHAQsEXjBcMFoGCCsGAQUFBzALhk5yc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTkvQTNDRTZFQjUzMUE4OTUxRDI0QTM3REYyN0EwMUVC Mzk2NTFEN0VDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAqgEl03BFw/rSj9f5KhFccvDRITqR3pB+j2 D4VTkLyQmQgvX6w3zziAbrmbj5DKpui0UtQDq3at2US0aHl8ehBfq/6hgXi+ovr8 TtsrsXzCp1+QkipV5P45Y3VQs8CSVS6+UsBToAYOyFKRoJi8C6j0nDFJiwnixgTe sluDV0ye6zmjJzDmDH/uVX9aP21ogwAaJb3SijJSJfbeQQyjn1AKOl8wRVwLShDR tZ+K8BxRQq7RMpMefRVE/s8OQnIcrvLKT8HKF7BCzuVQK7NZCfIRVXyriDUsHt5f FbqV//PylBVaUcnFACpfzGVrQVjoLDaSAnD/JShqKG8yoM1Z2jo= -----END CERTIFICATE-----Generated at Sat Mar 28 10:25:23 2026 by rpki-client