
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft
File: C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft (raw, json)
Hash identifier: 442UVai1/G/Y/f2vb/cd7/2HRMYfkrqVO4qk57tRKfw=
Subject key identifier: 17:29:F7:1C:58:BE:AC:DD:0A:F0:11:0C:37:D0:EE:E9:B7:25:7D:02
Authority key identifier: C4:E6:C3:DA:EB:74:BE:45:20:7E:B8:0D:ED:F1:FF:D5:4B:C0:01:9E
Certificate issuer: /CN=A91443440000/serialNumber=C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E
Certificate serial: 6A03FC9D51E3FDB961D6524D8E130C2BFCB1715F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft
Manifest number: 032D
Signing time: Fri 17 Jul 2026 23:23:01 +0000
Manifest this update: Fri 17 Jul 2026 23:18:01 +0000
Manifest next update: Sun 19 Jul 2026 01:35:01 +0000
Files and hashes: 1: 3136302e33302e32352e302f32342d3234203d3e20313533313736.roa (hash: /kUIE99bCsbCmIiQPzpAlxDF+o+xvCZcWPfm8GnkM3k=)
2: C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl (hash: k3IqBRiBuWTvRUMMOebU8H36u0EDqNFamse+Sq74dIM=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl
rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 Jul 2026 01:35:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:03:fc:9d:51:e3:fd:b9:61:d6:52:4d:8e:13:0c:2b:fc:b1:71:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91443440000, serialNumber=C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E
Validity
Not Before: Jul 17 23:18:01 2026 GMT
Not After : Jul 19 01:35:01 2026 GMT
Subject: CN=1729F71C58BEACDD0AF0110C37D0EEE9B7257D02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5f:cf:26:c1:1b:9a:b4:5a:56:fd:4f:d4:21:
bb:fb:29:4c:a9:7d:d1:27:0d:c0:f2:2e:cd:7e:2d:
8f:77:9e:9d:02:a4:d4:e7:eb:5b:b7:eb:dd:e4:dc:
c0:63:39:f0:e0:f6:e8:eb:e6:f8:dd:cc:f5:5f:30:
40:18:ff:84:47:f0:3f:36:73:0d:b8:a4:38:d9:96:
79:ca:42:b8:98:65:1e:29:b5:e4:8e:78:c9:5d:15:
6b:c7:ba:39:44:90:e4:ee:de:2b:39:a3:f7:bb:40:
60:be:cb:b7:98:03:b0:53:31:0d:a7:d7:09:5d:7a:
8e:e5:46:89:d4:12:32:ee:bd:e0:c4:37:c1:04:4e:
84:40:62:c7:93:c2:cf:a7:ce:a4:19:ff:ed:9f:ac:
6d:37:f1:b2:47:23:e1:39:a3:e3:05:3d:e0:77:00:
a7:d6:dc:dd:0e:78:f7:0f:d8:11:ad:b1:fa:f5:ce:
46:eb:a1:62:f8:7d:3c:1f:3a:53:ff:2c:ac:3e:77:
e4:ea:e5:76:ce:8b:78:94:b1:53:65:f8:5b:04:81:
42:a0:07:3f:aa:8e:7a:bf:e2:05:2b:42:6d:49:12:
f8:4c:60:cf:df:97:59:6f:d4:fd:57:6c:79:4d:b0:
3d:2e:f0:00:11:0d:fd:dd:c1:be:b5:e7:81:6d:cf:
c1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:29:F7:1C:58:BE:AC:DD:0A:F0:11:0C:37:D0:EE:E9:B7:25:7D:02
X509v3 Authority Key Identifier:
keyid:C4:E6:C3:DA:EB:74:BE:45:20:7E:B8:0D:ED:F1:FF:D5:4B:C0:01:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:b6:46:39:3a:88:be:c1:ae:65:2a:d0:0f:1b:38:55:88:18:
b0:25:12:97:55:4b:49:74:14:6b:7e:0e:f8:8a:91:1a:55:bf:
0b:2a:60:4f:3d:fb:03:d4:cb:73:7d:8b:4a:20:b0:da:01:ae:
e8:d2:ca:bb:96:0e:95:c9:fd:cd:fc:ad:1f:cf:da:3a:5b:71:
6d:e0:5c:18:e1:e4:fd:2b:79:b7:73:31:ff:b3:fa:3a:c5:b8:
fe:e2:79:81:be:26:15:73:33:d1:d0:1d:d1:80:83:e5:ea:52:
3c:ee:9a:78:07:0f:58:2c:08:96:bd:73:1f:a2:c3:b7:ea:db:
9a:9a:99:79:81:b8:ff:70:27:49:8f:74:33:87:d3:f8:3d:8e:
7c:a3:52:fc:9d:e4:3e:ec:c7:41:4f:ff:b2:95:99:9a:9c:79:
e6:a3:42:cd:7c:40:63:b3:5d:fd:2c:dc:14:65:97:e6:5d:74:
8e:6d:9c:53:a6:df:52:e8:e8:06:34:2f:4a:b1:0b:f8:28:67:
ce:78:1b:4c:14:2b:de:28:04:13:4a:7e:b1:4b:4b:e9:50:05:
be:69:5d:35:96:e1:c0:b2:77:93:41:66:80:a9:73:71:36:85:
33:5c:da:71:98:8a:1f:fa:28:c2:e2:81:a2:b7:ac:96:db:b5:
ed:d8:b8:94
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUagP8nVHj/blh1lJNjhMMK/yxcV8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDQzNDQwMDAwMTEwLwYDVQQFEyhDNEU2QzNEQUVC
NzRCRTQ1MjA3RUI4MERFREYxRkZENTRCQzAwMTlFMB4XDTI2MDcxNzIzMTgwMVoX
DTI2MDcxOTAxMzUwMVowMzExMC8GA1UEAxMoMTcyOUY3MUM1OEJFQUNERDBBRjAx
MTBDMzdEMEVFRTlCNzI1N0QwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdfzybBG5q0Wlb9T9Qhu/spTKl90ScNwPIuzX4tj3eenQKk1OfrW7fr3eTc
wGM58OD26Ovm+N3M9V8wQBj/hEfwPzZzDbikONmWecpCuJhlHim15I54yV0Va8e6
OUSQ5O7eKzmj97tAYL7Lt5gDsFMxDafXCV16juVGidQSMu694MQ3wQROhEBix5PC
z6fOpBn/7Z+sbTfxskcj4Tmj4wU94HcAp9bc3Q549w/YEa2x+vXORuuhYvh9PB86
U/8srD535Orlds6LeJSxU2X4WwSBQqAHP6qOer/iBStCbUkS+Exgz9+XWW/U/Vds
eU2wPS7wABEN/d3BvrXngW3PwSUCAwEAAaOCAmEwggJdMB0GA1UdDgQWBBQXKfcc
WL6s3QrwEQw30O7ptyV9AjAfBgNVHSMEGDAWgBTE5sPa63S+RSB+uA3t8f/VS8AB
njAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84ZDVjZDE0ZS01
ZjYzLTRmMWMtOTRlMy0yNzA1MGMyNjY0ODAvMi9DNEU2QzNEQUVCNzRCRTQ1MjA3
RUI4MERFREYxRkZENTRCQzAwMTlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYB
BQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0EyNEYy
MDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi94T2JEMnV0MHZrVWdmcmdON2ZIXzFV
dkFBWjQuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGQ1Y2QxNGUt
NWY2My00ZjFjLTk0ZTMtMjcwNTBjMjY2NDgwLzIvQzRFNkMzREFFQjc0QkU0NTIw
N0VCODBERURGMUZGRDU0QkMwMDE5RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF
BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAIS2Rjk6iL7BrmUq0A8b
OFWIGLAlEpdVS0l0FGt+DviKkRpVvwsqYE89+wPUy3N9i0ogsNoBrujSyruWDpXJ
/c38rR/P2jpbcW3gXBjh5P0rebdzMf+z+jrFuP7ieYG+JhVzM9HQHdGAg+XqUjzu
mngHD1gsCJa9cx+iw7fq25qamXmBuP9wJ0mPdDOH0/g9jnyjUvyd5D7sx0FP/7KV
mZqceeajQs18QGOzXf0s3BRll+ZddI5tnFOm31Lo6AY0L0qxC/goZ854G0wUK94o
BBNKfrFLS+lQBb5pXTWW4cCyd5NBZoCpc3E2hTNc2nGYih/6KMLigaK3rJbbte3Y
uJQ=
-----END CERTIFICATE-----
Generated at Sat Jul 18 03:27:24 2026 by rpki-client