$ rpki-client -vvf rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft File: 3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft (raw, json) Hash identifier: T+Jh0T7DwcjPZqBTThkXqkmEdIxRyrx646O2UqY3hBQ= Subject key identifier: B6:50:8E:B8:CB:73:A9:26:5C:7A:CD:B7:23:52:31:1C:77:E2:33:95 Authority key identifier: 3F:CF:F0:90:C7:92:01:30:40:BE:10:67:68:8C:2C:B7:E3:E8:8F:AC Certificate issuer: /CN=3FCFF090C792013040BE1067688C2CB7E3E88FAC Certificate serial: 668FF177BD34A5043C1C35C2B766A084CC3AD27D Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3FCFF090C792013040BE1067688C2CB7E3E88FAC.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft Manifest number: 3E Signing time: Tue 16 Jun 2026 19:17:27 +0000 Manifest this update: Tue 16 Jun 2026 19:12:27 +0000 Manifest next update: Wed 17 Jun 2026 23:05:27 +0000 Files and hashes: 1: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: o6UES+tryYmpIwssyMXnmFCcFcBThAbWf6TdKlMd5ls=) 2: 3FCFF090C792013040BE1067688C2CB7E3E88FAC.crl (hash: oj3U28I+x3ytjrwh2GMbS8F4v+nLl3GwZQ4Wktgqi1Q=) 3: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: NHpaZqHC4NTt91PhG1pzzVx+mpzKnTbfgFJI738LnKc=) 4: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: hCFV5sRxdzUQ0Ef1DHuXq2DMT11lGAzTPsRSkYtMfqM=) 5: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: u3QjwTKhA3xZ6qBaPve22SqHeKd1Tl3v9fzrQkdIYDM=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.crl rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3FCFF090C792013040BE1067688C2CB7E3E88FAC.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 23:05:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:8f:f1:77:bd:34:a5:04:3c:1c:35:c2:b7:66:a0:84:cc:3a:d2:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3FCFF090C792013040BE1067688C2CB7E3E88FAC Validity Not Before: Jun 16 19:12:27 2026 GMT Not After : Jun 17 23:05:27 2026 GMT Subject: CN=B6508EB8CB73A9265C7ACDB72352311C77E23395 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:cb:11:dc:9d:14:06:93:3c:10:2d:ed:af:56: ba:17:a2:f0:a5:1a:93:f0:33:d5:3f:6a:ff:71:db: d0:1e:bb:40:bb:4f:65:ce:0b:0d:37:0b:a3:01:b6: bd:34:c6:65:b2:52:1c:7b:17:b2:53:ea:6e:74:83: e5:1f:ba:ef:e0:05:e9:c7:74:de:70:88:3a:61:de: ae:ae:28:e1:cd:86:8f:52:67:cc:c0:4b:64:df:21: 92:ad:c9:7a:6e:e0:46:50:ca:46:eb:c6:a4:6b:f3: 8a:49:6a:62:8a:f9:90:26:a3:d5:6c:6a:b0:3f:be: 47:84:e5:0b:9b:8d:09:7d:d8:e0:22:5b:11:3b:31: 3a:5d:12:a2:fe:f0:23:6c:62:49:00:61:3d:47:7e: 0a:3f:ff:ee:30:e5:c4:2e:a5:e9:73:a5:9c:d5:31: 40:f6:48:f3:fe:5a:fd:80:87:5c:6c:8b:1e:5a:e6: 8f:13:a1:35:59:cd:07:e5:cf:b0:ed:8a:46:5c:58: 05:86:2a:40:b7:c0:39:5d:df:bc:64:90:cd:95:7d: 7a:57:4e:ad:21:10:74:71:92:48:4b:d1:04:b4:08: fc:4f:99:47:2a:92:96:a0:b3:0f:61:4c:17:dd:6e: 9a:61:55:40:63:53:05:78:f9:81:e2:ec:37:6a:e5: af:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:50:8E:B8:CB:73:A9:26:5C:7A:CD:B7:23:52:31:1C:77:E2:33:95 X509v3 Authority Key Identifier: keyid:3F:CF:F0:90:C7:92:01:30:40:BE:10:67:68:8C:2C:B7:E3:E8:8F:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3FCFF090C792013040BE1067688C2CB7E3E88FAC.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/3FCFF090C792013040BE1067688C2CB7E3E88FAC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:45:5a:ee:4b:6b:07:2d:aa:ae:f5:ec:ff:b2:c7:d5:e0:b5: e2:d1:92:ca:06:11:39:f5:97:61:0a:46:2d:7f:c0:52:10:b5: cb:76:eb:a3:bb:59:84:f0:d6:fd:7f:25:b0:4e:cd:55:f8:fd: 23:bc:23:b8:9e:85:2b:d1:cc:40:b1:2e:67:71:aa:82:58:df: 08:0a:b0:ce:71:7a:ce:ac:3e:70:ca:43:9e:75:22:ba:b0:0f: ea:e3:f6:c4:f2:0b:22:d8:c3:3b:e8:33:67:c3:0f:3c:36:4f: e4:bd:f9:f4:8b:32:c4:4d:31:e6:f9:da:13:e0:38:28:b0:7d: 64:ba:14:6b:40:b1:dd:aa:22:82:86:48:61:f2:b1:95:f9:4a: 08:14:0e:b4:d3:e5:21:1d:fb:2d:46:41:9a:4b:90:54:97:a5: 55:82:65:d6:ed:52:9d:ea:de:e5:c2:6f:cf:34:56:48:c4:ce: d7:2b:45:46:7a:27:45:46:57:81:dc:5e:bd:5d:84:30:04:23: 1d:8a:b6:87:7d:00:16:24:fd:45:b1:f8:ed:7d:19:de:7d:6f: c4:dc:c6:8a:81:ac:fd:4d:f0:69:90:1f:26:d2:d9:74:86:f8: 81:c9:a9:ed:9b:a2:83:24:ee:30:cb:fd:e7:31:af:da:cc:7e: 75:e3:60:cf -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZo/xd700pQQ8HDXCt2aghMw60n0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0ZDRkYwOTBDNzkyMDEzMDQwQkUxMDY3Njg4QzJDQjdF M0U4OEZBQzAeFw0yNjA2MTYxOTEyMjdaFw0yNjA2MTcyMzA1MjdaMDMxMTAvBgNV BAMTKEI2NTA4RUI4Q0I3M0E5MjY1QzdBQ0RCNzIzNTIzMTFDNzdFMjMzOTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDayxHcnRQGkzwQLe2vVroXovCl GpPwM9U/av9x29Aeu0C7T2XOCw03C6MBtr00xmWyUhx7F7JT6m50g+Ufuu/gBenH dN5wiDph3q6uKOHNho9SZ8zAS2TfIZKtyXpu4EZQykbrxqRr84pJamKK+ZAmo9Vs arA/vkeE5QubjQl92OAiWxE7MTpdEqL+8CNsYkkAYT1Hfgo//+4w5cQupelzpZzV MUD2SPP+Wv2Ah1xsix5a5o8ToTVZzQflz7DtikZcWAWGKkC3wDld37xkkM2VfXpX Tq0hEHRxkkhL0QS0CPxPmUcqkpagsw9hTBfdbpphVUBjUwV4+YHi7Ddq5a/5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUtlCOuMtzqSZces23I1IxHHfiM5UwHwYDVR0j BBgwFoAUP8/wkMeSATBAvhBnaIwst+Poj6wwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YmRhYmMwYmEtOTIyMi00YzQ1LTgzNDItZWI4NjQzYzQ5NjdkLzAvM0ZDRkYwOTBD NzkyMDEzMDQwQkUxMDY3Njg4QzJDQjdFM0U4OEZBQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zRkNGRjA5MEM3OTIwMTMwNDBCRTEwNjc2ODhDMkNCN0UzRTg4 RkFDLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvM0ZDRkYwOTBDNzkyMDEzMDQwQkUxMDY3Njg4QzJD QjdFM0U4OEZBQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFxFWu5Lawctqq717P+yx9XgteLRksoGETn1 l2EKRi1/wFIQtct266O7WYTw1v1/JbBOzVX4/SO8I7iehSvRzECxLmdxqoJY3wgK sM5xes6sPnDKQ551IrqwD+rj9sTyCyLYwzvoM2fDDzw2T+S9+fSLMsRNMeb52hPg OCiwfWS6FGtAsd2qIoKGSGHysZX5SggUDrTT5SEd+y1GQZpLkFSXpVWCZdbtUp3q 3uXCb880VkjEztcrRUZ6J0VGV4HcXr1dhDAEIx2Ktod9ABYk/UWx+O19Gd59b8Tc xoqBrP1N8GmQHybS2XSG+IHJqe2booMk7jDL/ecxr9rMfnXjYM8= -----END CERTIFICATE-----Generated at Wed Jun 17 09:43:59 2026 by rpki-client