This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: 7z3nlLKf0d5jjA5y+1HbwDUwMe+5yOOT18yyLQruMbg= Subject key identifier: 6E:66:DA:FB:FF:C8:39:E5:2D:C5:8D:35:69:B7:70:4F:6C:B5:E3:6A Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 2AF717DECE81B6314DDE9E878E400586641B47D7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: CA Signing time: Fri 19 Dec 2025 22:43:33 +0000 Manifest this update: Fri 19 Dec 2025 22:38:33 +0000 Manifest next update: Tue 23 Dec 2025 04:51:33 +0000 Files and hashes: 1: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: I98r/YvoKJnqIbKebXKfBKywu1BzE/FQD60HTUreMMU=) 2: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: abu7uf/NUuXBAtADlmXmyx+PPPCouY0Kmch27OrRHOI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 04:51:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:f7:17:de:ce:81:b6:31:4d:de:9e:87:8e:40:05:86:64:1b:47:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Dec 19 22:38:33 2025 GMT Not After : Dec 23 04:51:33 2025 GMT Subject: CN=6E66DAFBFFC839E52DC58D3569B7704F6CB5E36A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:51:e6:a5:21:54:c7:50:7d:13:4b:9a:5b:fd: 21:d2:56:86:9d:3e:4b:93:a5:95:2f:aa:63:54:f9: ae:ca:68:2d:2e:e1:cb:29:dd:be:b2:c7:53:54:3c: 8d:08:6e:47:e6:f8:79:d2:2a:19:a5:49:e2:c3:8a: 71:67:b0:60:2e:03:75:7f:5d:a9:9e:8a:4c:5a:ce: 50:cd:93:b4:f5:79:8e:47:36:df:5b:96:52:10:f4: d4:90:b8:d0:f6:96:15:72:6a:29:a9:e3:73:7c:a0: f5:c2:e4:35:f2:37:53:26:b3:cd:aa:6a:b3:a1:44: ad:e3:66:ab:3a:39:51:c4:7e:da:0f:ad:41:10:4a: 2e:fb:33:46:42:17:55:74:27:1c:5e:c8:58:98:44: 3f:8a:9d:1f:7b:ce:bc:e0:e0:f4:5a:11:9b:2d:ae: 19:d2:65:d1:cf:db:77:b7:d6:18:53:d8:78:b1:3f: 7c:03:0e:df:bc:76:ff:19:68:4e:2c:4b:de:32:62: bc:11:60:d2:96:76:cd:b9:2b:4a:fa:e5:64:d4:71: ad:83:87:ff:71:b9:f0:53:64:5c:ba:83:c7:37:91: f0:29:5d:6e:42:3f:b5:cd:b6:2e:7a:63:68:6f:de: 89:3f:29:ed:58:fb:13:69:7d:a0:83:13:52:13:23: 07:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:66:DA:FB:FF:C8:39:E5:2D:C5:8D:35:69:B7:70:4F:6C:B5:E3:6A X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:97:f0:95:d1:d8:67:47:c1:3c:b4:55:b3:08:5b:49:1c:50: c0:61:b5:3a:cb:28:8d:5a:b8:64:8e:1f:37:04:be:66:f5:a8: 1f:f5:4e:81:5e:0a:d7:43:1b:ed:5f:cf:50:cd:34:df:ee:a6: ee:1d:3a:af:ee:5a:aa:68:2e:91:42:28:c4:95:c4:9a:ef:c3: 14:e2:12:e5:a1:80:fd:e1:41:86:9b:09:69:82:6d:60:46:d0: 8e:0a:17:71:4c:de:cd:03:d0:46:f0:11:23:bb:e6:1f:ca:31: 10:34:1a:b3:ed:b7:df:41:e6:85:b4:ff:c2:69:6d:48:9a:2f: 10:fc:21:ea:45:78:d7:cd:42:ed:32:39:34:e4:20:a2:ba:0d: 65:52:2c:f4:7d:99:37:49:9d:fd:d1:eb:0c:f6:b2:ba:c6:e0: d7:5e:bb:64:66:04:03:89:b7:4d:02:fe:b6:cd:c0:9f:54:62: a2:f8:fa:81:92:b8:6b:7d:d8:71:49:11:68:d4:9d:f9:b9:55: 9d:63:db:d6:54:f5:4b:03:6f:5c:d7:9e:78:ed:33:72:ba:7a: aa:fa:c5:42:8e:9f:0c:1a:6f:fa:cf:c2:94:ab:d5:64:27:f8: 51:65:4a:39:02:fc:ab:ac:67:c7:08:9f:9a:46:57:be:fb:97: b7:52:1d:9c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKvcX3s6BtjFN3p6HjkAFhmQbR9cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNTEyMTkyMjM4MzNaFw0yNTEyMjMwNDUxMzNaMDMxMTAvBgNV BAMTKDZFNjZEQUZCRkZDODM5RTUyREM1OEQzNTY5Qjc3MDRGNkNCNUUzNkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUealIVTHUH0TS5pb/SHSVoad PkuTpZUvqmNU+a7KaC0u4csp3b6yx1NUPI0Ibkfm+HnSKhmlSeLDinFnsGAuA3V/ XameikxazlDNk7T1eY5HNt9bllIQ9NSQuND2lhVyaimp43N8oPXC5DXyN1Mms82q arOhRK3jZqs6OVHEftoPrUEQSi77M0ZCF1V0JxxeyFiYRD+KnR97zrzg4PRaEZst rhnSZdHP23e31hhT2HixP3wDDt+8dv8ZaE4sS94yYrwRYNKWds25K0r65WTUca2D h/9xufBTZFy6g8c3kfApXW5CP7XNti56Y2hv3ok/Ke1Y+xNpfaCDE1ITIwdnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUbmba+//IOeUtxY01abdwT2y142owHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC6X8JXR2GdHwTy0VbMIW0kcUMBhtTrLKI1a uGSOHzcEvmb1qB/1ToFeCtdDG+1fz1DNNN/upu4dOq/uWqpoLpFCKMSVxJrvwxTi EuWhgP3hQYabCWmCbWBG0I4KF3FM3s0D0EbwESO75h/KMRA0GrPtt99B5oW0/8Jp bUiaLxD8IepFeNfNQu0yOTTkIKK6DWVSLPR9mTdJnf3R6wz2srrG4Ndeu2RmBAOJ t00C/rbNwJ9UYqL4+oGSuGt92HFJEWjUnfm5VZ1j29ZU9UsDb1zXnnjtM3K6eqr6 xUKOnwwab/rPwpSr1WQn+FFlSjkC/KusZ8cIn5pGV777l7dSHZw= -----END CERTIFICATE-----Generated at Mon Dec 22 00:05:03 2025 by rpki-client