$ rpki-client -vvf rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.mft File: 3028A8BB1ECF7550222580449D4FA78158DBF42A.mft (raw, json) Hash identifier: o2sG9YjcNYUbpt74nT+hwmX40WPL9bWPvN8ZSdZZJCg= Subject key identifier: 67:E9:E8:04:57:A7:F3:F7:90:9E:D0:90:B9:D5:FC:80:BC:F3:D7:F2 Authority key identifier: 30:28:A8:BB:1E:CF:75:50:22:25:80:44:9D:4F:A7:81:58:DB:F4:2A Certificate issuer: /CN=3028A8BB1ECF7550222580449D4FA78158DBF42A Certificate serial: 0C2AB28A493D976FE72D4970D588BBFEEB08ADB5 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.mft Manifest number: 40 Signing time: Thu 18 Jun 2026 14:14:04 +0000 Manifest this update: Thu 18 Jun 2026 14:09:04 +0000 Manifest next update: Fri 19 Jun 2026 14:16:04 +0000 Files and hashes: 1: 3136302e32352e3135362e302f32342d3234203d3e20313533303838.roa (hash: EAY48hYNH/6TUE1xmrb2C7cSV9ZpqN9x7POku5Es1R0=) 2: 3028A8BB1ECF7550222580449D4FA78158DBF42A.crl (hash: Q4iYLPMZ9B025WPui4FyfkeK9mNL7ulJF6AKCD5jF5U=) Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.crl rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Jun 2026 08:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:2a:b2:8a:49:3d:97:6f:e7:2d:49:70:d5:88:bb:fe:eb:08:ad:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3028A8BB1ECF7550222580449D4FA78158DBF42A Validity Not Before: Jun 18 14:09:04 2026 GMT Not After : Jun 19 14:16:04 2026 GMT Subject: CN=67E9E80457A7F3F7909ED090B9D5FC80BCF3D7F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:f0:4e:cd:1b:93:58:d0:ea:85:66:21:1f:62: d7:9a:aa:63:25:6a:39:61:98:2a:a6:67:ee:fe:f4: bb:e5:c7:00:fb:1a:df:ea:5b:26:73:11:43:5f:60: bf:3a:ee:bb:42:7a:2e:66:3d:32:e4:2f:4c:2e:05: 38:37:bb:80:c5:cf:b3:bf:8d:a3:a1:ce:bb:58:e7: 37:92:e4:a4:db:1b:3e:d3:c5:d8:63:cd:5a:4e:08: 86:17:62:1d:bb:3c:b2:5c:91:d1:30:94:18:be:f3: 16:13:a9:c1:ed:0d:1b:92:96:08:50:cd:a2:23:1a: 79:b3:ac:96:47:ec:49:19:4d:aa:2c:af:f4:47:61: 51:70:de:77:46:64:62:3f:5b:fb:d6:93:30:a2:81: 31:a5:54:3a:ce:a0:98:e6:a8:9f:68:99:00:f5:72: 1b:c2:d6:ba:26:89:2c:3e:d9:1b:73:84:64:28:12: 8f:03:59:41:cb:a9:74:c4:be:5f:90:fc:2a:e5:c7: ed:db:2b:3a:6b:52:2f:21:58:e7:fb:81:21:e1:c5: 40:c6:5b:a6:d9:8c:2e:8a:2f:74:33:cd:af:c0:23: d3:d0:de:f6:6c:f9:7a:d1:be:86:00:c9:cb:65:83: cb:be:f0:53:8c:d1:74:1a:88:68:5a:f1:66:ba:1d: cb:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:E9:E8:04:57:A7:F3:F7:90:9E:D0:90:B9:D5:FC:80:BC:F3:D7:F2 X509v3 Authority Key Identifier: keyid:30:28:A8:BB:1E:CF:75:50:22:25:80:44:9D:4F:A7:81:58:DB:F4:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:c6:b4:b7:09:67:9b:90:d8:bb:69:2b:0e:aa:55:49:8a:ea: 4c:0c:1f:09:f6:ea:de:3a:2a:54:24:73:24:8c:61:39:ea:9c: e6:a1:53:19:c6:d4:68:ae:c0:ff:a0:3f:c9:9c:87:0b:c0:a1: f4:2c:e8:ca:4c:07:0e:a5:9c:20:09:bb:87:8b:d6:b4:7d:74: 22:00:70:b5:43:a6:76:ae:c5:cc:2b:54:cb:9b:db:14:62:d7: 6d:1c:84:d7:26:f5:d3:6b:8b:09:4f:24:b2:10:95:56:05:80: a1:f6:5f:78:ad:61:4b:88:83:ed:30:d9:5d:af:4b:ba:43:d0: 91:e1:9f:06:08:53:15:98:2f:86:2f:0f:50:81:d0:34:ee:ab: 42:39:0f:2d:99:30:e0:eb:62:38:18:f4:42:bc:03:15:d8:1c: 68:a5:47:92:e8:4f:e5:cf:b1:f7:14:70:ae:60:b8:ab:7b:32: ee:f3:2e:e6:5f:7e:d3:9a:bd:ff:8a:6b:eb:dc:d3:12:61:91: b5:2f:99:6a:1b:94:a2:e0:b6:5f:be:02:43:6f:3f:96:22:f2: 55:14:9c:71:bf:24:97:76:04:54:9a:49:66:1c:5a:f0:01:d2: b1:a0:c6:3c:63:89:c5:ed:c3:f2:d0:d4:bc:13:f8:9b:44:c7: 14:21:f5:6e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDCqyikk9l2/nLUlw1Yi7/usIrbUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzAyOEE4QkIxRUNGNzU1MDIyMjU4MDQ0OUQ0RkE3ODE1 OERCRjQyQTAeFw0yNjA2MTgxNDA5MDRaFw0yNjA2MTkxNDE2MDRaMDMxMTAvBgNV BAMTKDY3RTlFODA0NTdBN0YzRjc5MDlFRDA5MEI5RDVGQzgwQkNGM0Q3RjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU8E7NG5NY0OqFZiEfYteaqmMl ajlhmCqmZ+7+9LvlxwD7Gt/qWyZzEUNfYL867rtCei5mPTLkL0wuBTg3u4DFz7O/ jaOhzrtY5zeS5KTbGz7TxdhjzVpOCIYXYh27PLJckdEwlBi+8xYTqcHtDRuSlghQ zaIjGnmzrJZH7EkZTaosr/RHYVFw3ndGZGI/W/vWkzCigTGlVDrOoJjmqJ9omQD1 chvC1romiSw+2RtzhGQoEo8DWUHLqXTEvl+Q/Crlx+3bKzprUi8hWOf7gSHhxUDG W6bZjC6KL3Qzza/AI9PQ3vZs+XrRvoYAyctlg8u+8FOM0XQaiGha8Wa6Hcv1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZ+noBFen8/eQntCQudX8gLzz1/IwHwYDVR0j BBgwFoAUMCioux7PdVAiJYBEnU+ngVjb9CowDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YWFmZGQ2ZjktYjc5OS00YTk2LTllMmEtMWZlZjY5YmZhNTk3LzAvMzAyOEE4QkIx RUNGNzU1MDIyMjU4MDQ0OUQ0RkE3ODE1OERCRjQyQS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC8zMDI4QThCQjFFQ0Y3NTUwMjIyNTgwNDQ5RDRGQTc4MTU4REJG NDJBLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vYWFmZGQ2ZjktYjc5OS00YTk2LTll MmEtMWZlZjY5YmZhNTk3LzAvMzAyOEE4QkIxRUNGNzU1MDIyMjU4MDQ0OUQ0RkE3 ODE1OERCRjQyQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACHGtLcJZ5uQ2LtpKw6qVUmK6kwMHwn26t46 KlQkcySMYTnqnOahUxnG1GiuwP+gP8mchwvAofQs6MpMBw6lnCAJu4eL1rR9dCIA cLVDpnauxcwrVMub2xRi120chNcm9dNriwlPJLIQlVYFgKH2X3itYUuIg+0w2V2v S7pD0JHhnwYIUxWYL4YvD1CB0DTuq0I5Dy2ZMODrYjgY9EK8AxXYHGilR5LoT+XP sfcUcK5guKt7Mu7zLuZfftOavf+Ka+vc0xJhkbUvmWoblKLgtl++AkNvP5Yi8lUU nHG/JJd2BFSaSWYcWvAB0rGgxjxjicXtw/LQ1LwT+JtExxQh9W4= -----END CERTIFICATE-----Generated at Thu Jun 18 17:13:24 2026 by rpki-client