$ rpki-client -vvf repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft File: 3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft (raw, json) Hash identifier: g5uVsHTn9FmV/mfrRmQ+T0BupELm761+9tSUDo2Cd9Y= Subject key identifier: D4:91:2C:67:5E:62:A9:4E:4B:0E:44:F3:89:F3:F5:F9:59:E0:78:38 Authority key identifier: 3E:CE:7D:2E:9C:2F:F3:D5:D3:0D:29:4D:74:92:C3:FE:F6:51:BA:AA Certificate issuer: /CN=3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA Certificate serial: 07737D65A702F73C7D227181F24F5AFA57D69EDD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft Manifest number: 03B5 Signing time: Fri 17 Apr 2026 20:32:13 +0000 Manifest this update: Fri 17 Apr 2026 20:27:13 +0000 Manifest next update: Mon 20 Apr 2026 20:45:13 +0000 Files and hashes: 1: 3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl (hash: f6obTLdCtCoqMDwM6WUoKlEsQbLrYHyGj6XRvWLCntc=) 2: 3130332e3137312e3138322e302f32342d3234203d3e20313432333735.roa (hash: lPqYVTgcLQCHKvr5EjKBo1vqOUFedVpnKD0PBfrckZ4=) 3: 3130332e3137312e3138332e302f32342d3234203d3e20313432333735.roa (hash: //zquDXouiLBNlJyTbiIiX2XMyjS3OOuOm+C49S1bEQ=) 4: 3130332e3137312e3138322e302f32332d3233203d3e20313432333735.roa (hash: ZekPVbkZv4xzJt/yLeKvpGj167I44IK/Nn+MbKBEWIw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 20:45:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:73:7d:65:a7:02:f7:3c:7d:22:71:81:f2:4f:5a:fa:57:d6:9e:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA Validity Not Before: Apr 17 20:27:13 2026 GMT Not After : Apr 20 20:45:13 2026 GMT Subject: CN=D4912C675E62A94E4B0E44F389F3F5F959E07838 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:37:53:7e:36:59:87:94:bb:fc:e7:21:52:d4: 1c:ab:a0:57:c8:61:97:13:ec:3d:59:74:61:62:fd: 3d:22:8d:8a:2c:08:60:f7:67:67:d9:a7:43:1d:bb: f9:a4:33:ab:8b:25:cc:a5:81:b5:96:80:98:7c:21: e7:05:4d:46:0e:89:08:06:6f:d8:4f:3d:fe:55:9b: 37:c8:66:ff:6f:ed:bf:38:c9:77:97:46:a8:44:ed: 18:87:d4:76:92:c2:58:8f:82:41:d5:c2:5b:df:cb: de:b7:6e:d4:32:88:8f:6c:e1:6e:c4:78:10:74:17: 72:53:d1:b2:3e:64:f3:6c:e0:5f:6a:e5:e0:2a:b0: fa:6d:1f:af:10:03:ea:80:46:90:c5:ed:55:29:9d: 81:50:40:d7:82:be:86:96:5d:2a:f8:0f:a3:0d:00: 6f:39:b6:6d:52:b1:05:02:e8:f6:73:9d:cd:2b:15: 27:3c:10:38:db:c8:50:4d:0b:80:30:c8:e2:79:6b: e6:bf:3d:f7:c7:fb:e8:7b:8e:23:6e:02:f9:21:44: 83:19:2c:7c:ef:41:12:8a:9a:26:b2:97:c2:84:8d: fc:1e:23:d0:31:e2:aa:06:a4:13:d1:18:87:95:6e: 74:f9:46:e8:d5:d3:fc:da:88:a3:06:dc:db:75:d3: c9:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:91:2C:67:5E:62:A9:4E:4B:0E:44:F3:89:F3:F5:F9:59:E0:78:38 X509v3 Authority Key Identifier: keyid:3E:CE:7D:2E:9C:2F:F3:D5:D3:0D:29:4D:74:92:C3:FE:F6:51:BA:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:7a:dc:5e:4e:73:66:85:e6:77:b0:8a:71:52:1a:89:76:8c: 38:30:85:23:d3:57:10:9d:c9:ed:a5:df:5e:26:76:20:6c:04: 5e:64:49:fe:10:b7:20:35:68:6c:d5:3b:06:67:4d:79:d9:25: 79:58:00:39:24:e2:75:87:7d:c7:95:21:09:c8:ed:99:fa:b5: dc:5a:5e:da:c6:20:28:b2:82:8b:cb:55:40:86:4b:2b:c9:08: 56:b4:45:a3:c6:bb:eb:cb:fd:22:7f:d9:7e:8d:d0:34:a4:94: 16:c6:d3:b4:fe:5d:5a:81:af:2e:7f:e8:ff:1b:64:f1:a8:a3: 27:2f:fb:44:d9:e0:0e:c5:57:47:79:85:0f:03:32:0a:d4:87: 06:3a:ab:7d:32:46:28:e3:78:76:ff:7f:3d:c5:1c:26:28:7f: 12:eb:09:5d:69:cf:61:4d:f8:3a:3a:44:2a:05:64:e8:47:76: d0:f0:a0:3f:94:2c:47:61:77:98:a1:03:0d:01:9d:12:23:6f: 89:0a:c0:63:bf:28:3f:a2:2e:10:06:c1:07:47:a2:3b:e0:76: 04:f6:41:9e:81:45:4c:d3:c9:a6:86:51:f1:fe:77:5b:cb:fc: 91:21:4a:b0:e3:e7:a7:62:98:46:ca:04:c4:c0:0d:a3:d2:91: 6d:f0:8b:8e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUB3N9ZacC9zx9InGB8k9a+lfWnt0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMzRkVG NjUxQkFBQTAeFw0yNjA0MTcyMDI3MTNaFw0yNjA0MjAyMDQ1MTNaMDMxMTAvBgNV BAMTKEQ0OTEyQzY3NUU2MkE5NEU0QjBFNDRGMzg5RjNGNUY5NTlFMDc4MzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2N1N+NlmHlLv85yFS1ByroFfI YZcT7D1ZdGFi/T0ijYosCGD3Z2fZp0Mdu/mkM6uLJcylgbWWgJh8IecFTUYOiQgG b9hPPf5VmzfIZv9v7b84yXeXRqhE7RiH1HaSwliPgkHVwlvfy963btQyiI9s4W7E eBB0F3JT0bI+ZPNs4F9q5eAqsPptH68QA+qARpDF7VUpnYFQQNeCvoaWXSr4D6MN AG85tm1SsQUC6PZznc0rFSc8EDjbyFBNC4AwyOJ5a+a/PffH++h7jiNuAvkhRIMZ LHzvQRKKmiayl8KEjfweI9Ax4qoGpBPRGIeVbnT5RujV0/zaiKMG3Nt108nlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1JEsZ15iqU5LDkTzifP1+VngeDgwHwYDVR0j BBgwFoAUPs59Lpwv89XTDSlNdJLD/vZRuqowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l MzUwNWNiMy1iNTVlLTQwZTQtYWM3OS02MzY1NjA2ZjRlZjkvMC8zRUNFN0QyRTlD MkZGM0Q1RDMwRDI5NEQ3NDkyQzNGRUY2NTFCQUFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMzRkVGNjUx QkFBQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTM1MDVjYjMtYjU1ZS00MGU0LWFj NzktNjM2NTYwNmY0ZWY5LzAvM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMz RkVGNjUxQkFBQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAK563F5Oc2aF5newinFSGol2jDgwhSPTVxCd ye2l314mdiBsBF5kSf4QtyA1aGzVOwZnTXnZJXlYADkk4nWHfceVIQnI7Zn6tdxa XtrGICiygovLVUCGSyvJCFa0RaPGu+vL/SJ/2X6N0DSklBbG07T+XVqBry5/6P8b ZPGooycv+0TZ4A7FV0d5hQ8DMgrUhwY6q30yRijjeHb/fz3FHCYofxLrCV1pz2FN +Do6RCoFZOhHdtDwoD+ULEdhd5ihAw0BnRIjb4kKwGO/KD+iLhAGwQdHojvgdgT2 QZ6BRUzTyaaGUfH+d1vL/JEhSrDj56dimEbKBMTADaPSkW3wi44= -----END CERTIFICATE-----Generated at Sat Apr 18 07:46:14 2026 by rpki-client