$ rpki-client -vvf repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft File: 3CA825E93FE8830376EF386786BF847CB239BE70.mft (raw, json) Hash identifier: VH04kWpr/1SaW8daouNyUp5Yaa9Bo3IzycnFfFVy89k= Subject key identifier: 01:86:6F:F9:81:A4:A2:F7:C5:E9:44:B2:DF:42:63:63:06:B3:8A:F2 Authority key identifier: 3C:A8:25:E9:3F:E8:83:03:76:EF:38:67:86:BF:84:7C:B2:39:BE:70 Certificate issuer: /CN=3CA825E93FE8830376EF386786BF847CB239BE70 Certificate serial: 3F6FA6B604DE983338D3566FD3D941DEADB7E6A4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer Subject info access: rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft Manifest number: 056C Signing time: Sun 26 Apr 2026 12:31:58 +0000 Manifest this update: Sun 26 Apr 2026 12:26:58 +0000 Manifest next update: Wed 29 Apr 2026 23:10:58 +0000 Files and hashes: 1: 3230322e3138322e35362e302f32312d3234203d3e203234323133.roa (hash: DlnKcd87VD3rZuVTk+tNhtDr4vaeUIcVlv5lIcH6uws=) 2: 3131392e38322e3232342e302f32302d3234203d3e203234323133.roa (hash: rMCMSl1s+WWM7uToBUHib02Gf8GW78oaPsE3tZQeKpc=) 3: 3CA825E93FE8830376EF386786BF847CB239BE70.crl (hash: VKws4nnzmH1K6NRRfpIZnuGUSTljWQ9M83twqzthK0w=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.crl rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Apr 2026 23:10:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:6f:a6:b6:04:de:98:33:38:d3:56:6f:d3:d9:41:de:ad:b7:e6:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3CA825E93FE8830376EF386786BF847CB239BE70 Validity Not Before: Apr 26 12:26:58 2026 GMT Not After : Apr 29 23:10:58 2026 GMT Subject: CN=01866FF981A4A2F7C5E944B2DF42636306B38AF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:8e:9b:c1:a9:e9:66:dc:59:ba:e2:78:c6:00: d8:6d:f1:00:01:94:1f:45:6b:0e:52:10:73:e2:5a: bf:9f:a9:a9:44:a6:8b:b9:26:93:96:88:22:86:3c: f9:9f:9e:38:21:0e:b0:10:7f:b9:25:2a:03:e6:e0: e7:3a:1d:0a:10:04:6d:81:13:ba:37:46:74:e3:46: ae:00:6b:6d:71:9a:d8:94:b7:f4:68:d7:fd:f0:55: ca:81:93:e6:5a:d6:a7:fe:36:4d:9a:d8:cf:43:21: a1:5a:45:69:5b:59:6f:4e:58:ca:71:a6:73:a1:9e: 25:f6:fe:43:b2:8d:af:30:e8:17:17:40:43:98:e1: e2:d5:1b:20:9d:4d:2a:19:56:50:b2:17:64:d2:f8: 5d:15:20:83:c2:e8:16:05:8f:6c:9a:9e:b6:86:0f: d5:1d:36:db:73:d2:e8:19:90:fb:f1:b0:76:e7:11: d0:a1:98:bb:32:89:ce:47:b6:da:30:12:ee:92:48: b9:96:3f:c8:c1:0a:fb:ef:83:8e:8d:9b:50:7d:23: 08:6f:ca:4e:84:dd:3c:2d:5e:bd:15:07:51:0a:3f: 14:27:80:f3:65:47:35:89:32:5a:b2:03:94:87:07: b1:90:e9:4b:0c:30:ef:4c:ca:21:5b:e8:87:15:ad: 6b:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:86:6F:F9:81:A4:A2:F7:C5:E9:44:B2:DF:42:63:63:06:B3:8A:F2 X509v3 Authority Key Identifier: keyid:3C:A8:25:E9:3F:E8:83:03:76:EF:38:67:86:BF:84:7C:B2:39:BE:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:84:6f:90:35:0d:64:0a:c5:2d:86:95:d7:c9:ef:1a:01:25: 49:0d:27:e3:c0:85:fa:69:62:a5:e9:83:6b:98:0f:ea:3c:70: 38:be:cc:05:5f:ec:e4:d2:73:e3:62:48:ea:1b:8b:89:4e:c6: 9a:6d:56:81:78:b4:ec:25:bf:b9:fd:be:dd:f0:87:7f:cd:f6: 88:ac:67:47:a2:04:c8:33:f6:b2:bf:8d:f4:36:81:b5:76:29: 19:93:6b:cd:66:86:bd:ce:eb:76:8e:66:4d:d8:8a:a2:4e:61: 71:b9:61:2b:45:04:b7:1d:a8:eb:1e:0d:c7:35:f9:96:4f:fe: 4d:d4:e4:3c:cd:7d:a9:3f:5c:03:a5:a1:34:84:15:9c:a1:17: 40:39:22:b0:8e:c3:05:45:85:14:18:52:fe:ca:a6:9f:2f:db: d0:95:3c:b1:a8:c7:11:6e:61:3b:97:9e:bd:ac:3f:fd:e0:92: 21:f0:62:ae:4f:45:0e:d3:3d:d8:64:00:53:92:c6:a9:46:83: b7:8f:ad:40:96:d6:ea:58:40:74:d9:ef:4e:0b:e4:d8:ec:50: 36:5f:e7:2f:dc:c3:fa:63:16:49:5d:77:34:fb:18:c2:35:2a: e1:c1:d5:9c:b0:78:15:7c:ae:19:45:67:54:36:e7:08:f4:3a: 4b:66:6e:45 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUP2+mtgTemDM401Zv09lB3q235qQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0N0NC MjM5QkU3MDAeFw0yNjA0MjYxMjI2NThaFw0yNjA0MjkyMzEwNThaMDMxMTAvBgNV BAMTKDAxODY2RkY5ODFBNEEyRjdDNUU5NDRCMkRGNDI2MzYzMDZCMzhBRjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNjpvBqelm3Fm64njGANht8QAB lB9Faw5SEHPiWr+fqalEpou5JpOWiCKGPPmfnjghDrAQf7klKgPm4Oc6HQoQBG2B E7o3RnTjRq4Aa21xmtiUt/Ro1/3wVcqBk+Za1qf+Nk2a2M9DIaFaRWlbWW9OWMpx pnOhniX2/kOyja8w6BcXQEOY4eLVGyCdTSoZVlCyF2TS+F0VIIPC6BYFj2yanraG D9UdNttz0ugZkPvxsHbnEdChmLsyic5HttowEu6SSLmWP8jBCvvvg46Nm1B9Iwhv yk6E3TwtXr0VB1EKPxQngPNlRzWJMlqyA5SHB7GQ6UsMMO9MyiFb6IcVrWtNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUAYZv+YGkovfF6USy30JjYwazivIwHwYDVR0j BBgwFoAUPKgl6T/ogwN27zhnhr+EfLI5vnAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w OGI4YzFiNS0zYmU4LTRhYTctYTRjNi0yMWJjYzhmM2ZhNDAvMC8zQ0E4MjVFOTNG RTg4MzAzNzZFRjM4Njc4NkJGODQ3Q0IyMzlCRTcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0N0NCMjM5 QkU3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDhiOGMxYjUtM2JlOC00YWE3LWE0 YzYtMjFiY2M4ZjNmYTQwLzAvM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0 N0NCMjM5QkU3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEeEb5A1DWQKxS2GldfJ7xoBJUkNJ+PAhfpp YqXpg2uYD+o8cDi+zAVf7OTSc+NiSOobi4lOxpptVoF4tOwlv7n9vt3wh3/N9ois Z0eiBMgz9rK/jfQ2gbV2KRmTa81mhr3O63aOZk3YiqJOYXG5YStFBLcdqOseDcc1 +ZZP/k3U5DzNfak/XAOloTSEFZyhF0A5IrCOwwVFhRQYUv7Kpp8v29CVPLGoxxFu YTuXnr2sP/3gkiHwYq5PRQ7TPdhkAFOSxqlGg7ePrUCW1upYQHTZ704L5NjsUDZf 5y/cw/pjFklddzT7GMI1KuHB1ZyweBV8rhlFZ1Q25wj0OktmbkU= -----END CERTIFICATE-----Generated at Mon Apr 27 19:49:06 2026 by rpki-client