$ rpki-client -vvf rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.mft File: 3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.mft (raw, json) Hash identifier: d93VLTBxvyHMuYbDnF4A2wQJljRWgUK9OA7IhBFwIPI= Subject key identifier: 1A:81:E7:20:4F:FF:69:49:E0:FB:1F:67:3E:81:20:8D:E9:F8:15:F5 Authority key identifier: 3A:72:0C:DD:09:E2:F9:7A:91:2B:9B:7D:F2:C3:35:29:46:1E:B9:B5 Certificate issuer: /CN=3A720CDD09E2F97A912B9B7DF2C33529461EB9B5 Certificate serial: 68D943B628E5EEB8E9B6247A08E47B6BAD62969B Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.mft Manifest number: 40 Signing time: Fri 19 Jun 2026 22:12:48 +0000 Manifest this update: Fri 19 Jun 2026 22:07:48 +0000 Manifest next update: Sun 21 Jun 2026 00:26:48 +0000 Files and hashes: 1: 3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.crl (hash: hnQA9LQuIBxzvBltVIKRiY01u4SeYcnlLBfM9YKq1rU=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.crl rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:26:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:d9:43:b6:28:e5:ee:b8:e9:b6:24:7a:08:e4:7b:6b:ad:62:96:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A720CDD09E2F97A912B9B7DF2C33529461EB9B5 Validity Not Before: Jun 19 22:07:48 2026 GMT Not After : Jun 21 00:26:48 2026 GMT Subject: CN=1A81E7204FFF6949E0FB1F673E81208DE9F815F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d6:a0:60:82:14:14:b3:61:b3:39:84:71:2d: bc:fb:61:af:3d:5c:cf:40:17:3c:39:56:1f:24:0c: d5:b2:c5:9e:98:9c:5d:f0:3b:c1:13:e9:ac:a1:1f: 0b:ca:45:3d:ed:6c:a0:53:15:dc:5c:6d:bc:7d:70: a4:89:a0:3f:fc:dc:da:b6:7a:37:f1:60:38:52:e2: 3c:2a:5a:4c:e3:9f:d0:6e:ab:89:4e:56:d8:1a:e3: 04:fd:1e:c9:76:9b:34:4e:7e:3e:38:54:3d:f8:64: 3f:b5:6e:93:93:5f:ef:67:07:27:07:2c:09:ea:f4: d8:57:46:89:c5:4a:2e:c0:71:6f:c0:e8:af:65:d8: a9:07:0e:7a:6e:f1:82:85:99:02:0b:55:4a:60:bb: c3:af:33:3f:ad:b3:54:63:f1:50:b3:0f:a3:02:c5: 11:f9:6d:ab:77:5f:58:46:88:1c:29:e3:f5:a9:b5: bb:b8:09:87:96:13:60:ae:b3:4e:5b:9e:e8:a6:37: e7:46:81:84:f4:eb:66:d2:72:e2:3b:fe:0a:54:33: a3:1c:c4:45:02:33:59:73:3b:6d:12:ea:b2:fe:51: d5:79:a7:65:29:5e:ca:e7:48:87:df:7c:ee:ef:3d: 82:3b:63:61:0e:23:2a:b8:a7:ba:05:f9:05:7e:83: 22:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:81:E7:20:4F:FF:69:49:E0:FB:1F:67:3E:81:20:8D:E9:F8:15:F5 X509v3 Authority Key Identifier: keyid:3A:72:0C:DD:09:E2:F9:7A:91:2B:9B:7D:F2:C3:35:29:46:1E:B9:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:14:ab:39:43:96:f0:28:e9:43:cd:94:2b:0a:f4:5d:05:47: 78:75:b9:09:21:8f:aa:fc:e9:c4:ee:a2:14:0f:59:01:43:4e: 3e:1c:57:1f:fe:bc:89:72:24:2d:06:d8:da:9d:1f:8d:f0:5b: 2d:7e:aa:28:a6:e8:40:26:42:7c:68:b9:96:b1:11:9d:a7:11: 19:75:c8:9c:80:7f:80:74:4f:a0:31:92:72:83:43:69:ca:1e: b2:2f:11:16:59:3b:59:27:f8:03:df:33:60:cd:c8:49:d4:96: cd:f5:c6:9b:37:ce:98:93:ad:50:4a:22:17:61:ba:ba:7a:94: f9:b5:02:bb:9e:5e:fa:18:f4:41:80:9e:d2:e8:ae:67:91:9f: 29:7c:50:7b:8b:3b:ba:03:db:01:5f:4b:1a:84:fc:80:ba:a9: 3a:01:db:b1:b1:6f:97:80:a5:00:b4:f9:75:4e:f1:e5:51:34: 22:28:1a:71:16:13:e3:eb:99:37:1c:e5:c3:43:1c:96:7a:ed: dc:90:fb:80:62:da:f8:98:a4:08:2b:9f:ea:43:23:c9:52:e5: b4:3a:a3:ea:f6:49:e1:4f:8f:c0:91:a4:6a:d4:de:dc:18:3c: 28:7a:d3:85:62:c2:fd:ff:1a:b9:64:b3:d6:5d:1a:44:68:ea: 5d:b3:82:75 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaNlDtijl7rjptiR6COR7a61ilpswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0E3MjBDREQwOUUyRjk3QTkxMkI5QjdERjJDMzM1Mjk0 NjFFQjlCNTAeFw0yNjA2MTkyMjA3NDhaFw0yNjA2MjEwMDI2NDhaMDMxMTAvBgNV BAMTKDFBODFFNzIwNEZGRjY5NDlFMEZCMUY2NzNFODEyMDhERTlGODE1RjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC31qBgghQUs2GzOYRxLbz7Ya89 XM9AFzw5Vh8kDNWyxZ6YnF3wO8ET6ayhHwvKRT3tbKBTFdxcbbx9cKSJoD/83Nq2 ejfxYDhS4jwqWkzjn9Buq4lOVtga4wT9Hsl2mzROfj44VD34ZD+1bpOTX+9nBycH LAnq9NhXRonFSi7AcW/A6K9l2KkHDnpu8YKFmQILVUpgu8OvMz+ts1Rj8VCzD6MC xRH5bat3X1hGiBwp4/Wptbu4CYeWE2Cus05bnuimN+dGgYT062bScuI7/gpUM6Mc xEUCM1lzO20S6rL+UdV5p2UpXsrnSIfffO7vPYI7Y2EOIyq4p7oF+QV+gyJxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGoHnIE//aUng+x9nPoEgjen4FfUwHwYDVR0j BBgwFoAUOnIM3Qni+XqRK5t98sM1KUYeubUwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NmJhYzYxOWItMjFlNi00MWQ2LThlOTQtNTgwNDUzOGM1NDNlLzAvM0E3MjBDREQw OUUyRjk3QTkxMkI5QjdERjJDMzM1Mjk0NjFFQjlCNS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zQTcyMENERDA5RTJGOTdBOTEyQjlCN0RGMkMzMzUyOTQ2MUVC OUI1LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNmJhYzYxOWItMjFlNi00MWQ2LThl OTQtNTgwNDUzOGM1NDNlLzAvM0E3MjBDREQwOUUyRjk3QTkxMkI5QjdERjJDMzM1 Mjk0NjFFQjlCNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGgUqzlDlvAo6UPNlCsK9F0FR3h1uQkhj6r8 6cTuohQPWQFDTj4cVx/+vIlyJC0G2NqdH43wWy1+qiim6EAmQnxouZaxEZ2nERl1 yJyAf4B0T6AxknKDQ2nKHrIvERZZO1kn+APfM2DNyEnUls31xps3zpiTrVBKIhdh urp6lPm1ArueXvoY9EGAntLormeRnyl8UHuLO7oD2wFfSxqE/IC6qToB27Gxb5eA pQC0+XVO8eVRNCIoGnEWE+PrmTcc5cNDHJZ67dyQ+4Bi2viYpAgrn+pDI8lS5bQ6 o+r2SeFPj8CRpGrU3twYPCh604Viwv3/Grlks9ZdGkRo6l2zgnU= -----END CERTIFICATE-----Generated at Sat Jun 20 09:15:34 2026 by rpki-client