$ rpki-client -vvf rpki-rsync.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.mft File: 3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.mft (raw, json) Hash identifier: OgFFulUrLWDLr5QnoUJl9LqFijpEIcEodDnvJnpggNE= Subject key identifier: 68:F3:9C:37:51:C2:DF:8B:02:66:BE:A4:39:8D:4C:65:ED:38:B6:CB Authority key identifier: 31:14:FE:A2:82:06:14:B6:E8:BF:E3:0F:B3:E0:E4:E1:2F:EE:3F:A2 Certificate issuer: /CN=3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2 Certificate serial: 19BB3D0608D4038747A014963945241BA2A8668C Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.mft Manifest number: 2A Signing time: Tue 02 Jun 2026 08:35:37 +0000 Manifest this update: Tue 02 Jun 2026 08:30:37 +0000 Manifest next update: Wed 03 Jun 2026 12:10:37 +0000 Files and hashes: 1: 3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.crl (hash: I0SYFm9FR5Cevl44ttpqIAzoK8ItvLqPrP68tYmHyOA=) 2: 323430363a363263303a3a2f33322d3332203d3e20313431303734.roa (hash: JHt7Y4sfZDXhljzVs+do4tcZibHDOYboGApg1o5d8oY=) 3: 3130332e3135352e32342e302f32342d3234203d3e20313431303734.roa (hash: FR/6TdAfo1P3iR6uXvmbo5xbGJoxQcFRkSBLcjXonAU=) 4: 3130332e3135352e32352e302f32342d3234203d3e20313431303734.roa (hash: Q63O5LgByYAATkaug4pVt8bzE+ZHKwWLFzPYd2unh+E=) 5: 3130332e3135352e32342e302f32332d3233203d3e20313431303734.roa (hash: KtHFgiZtCU/Oo5xwU2fpqeHLtCGkwIQI7UNolZenHzM=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.crl rsync://rpki-rsync.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 12:10:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:bb:3d:06:08:d4:03:87:47:a0:14:96:39:45:24:1b:a2:a8:66:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2 Validity Not Before: Jun 2 08:30:37 2026 GMT Not After : Jun 3 12:10:37 2026 GMT Subject: CN=68F39C3751C2DF8B0266BEA4398D4C65ED38B6CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:af:f4:1e:7d:0f:40:16:03:31:d5:fa:23:37: 8b:7f:3e:a5:56:8f:12:4b:1d:a3:3d:77:90:4f:26: bf:d9:5c:73:4d:59:a1:fc:33:4a:28:19:50:42:11: 68:8b:3f:32:a9:be:b4:4f:99:b0:54:22:10:f8:66: 93:54:41:99:15:ed:81:46:9d:39:b7:71:63:e2:4d: f6:1c:79:7f:7e:d6:67:31:38:7b:48:fc:f3:9d:4d: 04:d6:62:85:f1:b9:c0:67:76:0c:09:fc:e0:a7:00: ee:34:19:66:f5:62:dd:a5:61:ae:36:b2:c6:cc:49: 8e:b6:50:3a:3a:ef:af:8b:bb:08:67:4e:be:b4:ec: e0:c5:37:86:bb:8d:0f:13:2d:e4:f8:2e:4a:28:29: 70:fb:1c:69:ef:31:2c:32:50:f6:97:6e:0b:5c:56: 10:49:5e:61:0f:e3:36:06:37:fd:e6:31:5f:03:b1: 72:da:bc:45:04:e4:61:93:90:03:17:9f:be:e5:65: 84:d2:77:16:68:00:35:9d:3f:5d:4f:06:ae:26:c7: ad:75:3e:2f:03:0d:03:e4:49:d9:a7:3e:f3:a4:b8: 56:23:c3:cb:d7:e6:7b:89:be:fd:a6:c0:d3:69:fa: 96:1e:7a:4d:92:46:85:7a:e0:d7:22:0b:03:f5:88: 3f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:F3:9C:37:51:C2:DF:8B:02:66:BE:A4:39:8D:4C:65:ED:38:B6:CB X509v3 Authority Key Identifier: keyid:31:14:FE:A2:82:06:14:B6:E8:BF:E3:0F:B3:E0:E4:E1:2F:EE:3F:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/3114FEA2820614B6E8BFE30FB3E0E4E12FEE3FA2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:20:37:52:b4:00:91:36:cf:70:ea:ae:f9:0d:98:ab:a9:d7: e0:ef:fd:f6:c9:58:d7:28:3f:25:55:38:d2:72:f8:c4:38:b3: a6:ae:4d:77:4b:34:47:3e:b4:3d:2d:ba:5a:28:ba:33:bc:b1: f1:ed:fa:1f:f0:39:33:63:bb:89:d4:da:bf:33:c4:8b:bb:14: 84:e6:8f:44:f7:d1:97:e7:3a:7b:50:c4:18:5f:f1:3c:ed:af: f4:6b:6a:27:df:73:37:e3:70:26:62:b4:3c:dc:70:f0:e8:31: b5:ac:e6:fd:3a:2d:a7:ea:f4:71:14:f5:35:f8:79:ca:4f:c4: 15:2c:2c:fa:86:04:d9:d7:a2:1c:18:5b:fd:96:ad:c9:d4:37: b4:28:e1:e6:90:53:c1:21:fe:94:02:fc:a1:d3:47:8c:cc:80: d5:19:f6:65:28:08:f0:7a:5b:e1:01:18:62:b6:3e:d7:a2:06: 17:ee:27:f1:59:3e:09:ba:c1:96:ba:1e:01:72:b1:dd:74:97: c6:af:43:f7:e7:a8:b1:2c:2f:72:58:f2:2a:a1:18:e2:8d:29: 11:b0:2e:c1:5e:d7:c6:ba:0f:bb:68:e8:90:db:47:32:67:be: a5:df:da:f2:da:bd:ed:4a:76:b2:41:00:6b:08:1b:d6:bf:f9: 8c:30:33:6d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGbs9BgjUA4dHoBSWOUUkG6KoZowwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzExNEZFQTI4MjA2MTRCNkU4QkZFMzBGQjNFMEU0RTEy RkVFM0ZBMjAeFw0yNjA2MDIwODMwMzdaFw0yNjA2MDMxMjEwMzdaMDMxMTAvBgNV BAMTKDY4RjM5QzM3NTFDMkRGOEIwMjY2QkVBNDM5OEQ0QzY1RUQzOEI2Q0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtr/QefQ9AFgMx1fojN4t/PqVW jxJLHaM9d5BPJr/ZXHNNWaH8M0ooGVBCEWiLPzKpvrRPmbBUIhD4ZpNUQZkV7YFG nTm3cWPiTfYceX9+1mcxOHtI/POdTQTWYoXxucBndgwJ/OCnAO40GWb1Yt2lYa42 ssbMSY62UDo676+LuwhnTr607ODFN4a7jQ8TLeT4LkooKXD7HGnvMSwyUPaXbgtc VhBJXmEP4zYGN/3mMV8DsXLavEUE5GGTkAMXn77lZYTSdxZoADWdP11PBq4mx611 Pi8DDQPkSdmnPvOkuFYjw8vX5nuJvv2mwNNp+pYeek2SRoV64NciCwP1iD9LAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUaPOcN1HC34sCZr6kOY1MZe04tsswHwYDVR0j BBgwFoAUMRT+ooIGFLbov+MPs+Dk4S/uP6IwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v OTA3NjA4Y2UtYzNmOC00NGViLWFlZTctYjc4NGFlMjBjOWM3LzAvMzExNEZFQTI4 MjA2MTRCNkU4QkZFMzBGQjNFMEU0RTEyRkVFM0ZBMi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zMTE0RkVBMjgyMDYxNEI2RThCRkUzMEZCM0UwRTRFMTJGRUUz RkEyLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vOTA3NjA4Y2UtYzNmOC00NGViLWFl ZTctYjc4NGFlMjBjOWM3LzAvMzExNEZFQTI4MjA2MTRCNkU4QkZFMzBGQjNFMEU0 RTEyRkVFM0ZBMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABQgN1K0AJE2z3DqrvkNmKup1+Dv/fbJWNco PyVVONJy+MQ4s6auTXdLNEc+tD0tulooujO8sfHt+h/wOTNju4nU2r8zxIu7FITm j0T30ZfnOntQxBhf8Tztr/RraiffczfjcCZitDzccPDoMbWs5v06Lafq9HEU9TX4 ecpPxBUsLPqGBNnXohwYW/2WrcnUN7Qo4eaQU8Eh/pQC/KHTR4zMgNUZ9mUoCPB6 W+EBGGK2PteiBhfuJ/FZPgm6wZa6HgFysd10l8avQ/fnqLEsL3JY8iqhGOKNKRGw LsFe18a6D7to6JDbRzJnvqXf2vLave1KdrJBAGsIG9a/+YwwM20= -----END CERTIFICATE-----Generated at Wed Jun 3 03:53:53 2026 by rpki-client