This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft File: 3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft (raw, json) Hash identifier: KparaLAESY7VpyRphSFGBoQmgUtEi8ETtLchpf0cA4U= Subject key identifier: 8D:9D:B0:C2:6D:AF:08:BC:20:4A:91:61:BB:94:AC:69:7D:B0:80:1A Authority key identifier: 3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 Certificate issuer: /CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Certificate serial: 5EECBD95E005992ACBD13F6D437993404405B6DD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft Manifest number: 0222 Signing time: Sun 28 Dec 2025 22:42:31 +0000 Manifest this update: Sun 28 Dec 2025 22:37:31 +0000 Manifest next update: Thu 01 Jan 2026 01:45:31 +0000 Files and hashes: 1: 3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl (hash: 5rUaDrCGATraNIEVn297ZUHch23sUW4zwYMbUldzmEw=) 2: 3130332e3235342e3137302e302f32342d3234203d3e203539313439.roa (hash: Htm5ahdXQHhKpRzE/h5i9KHcwL0XsZbOLaHTHLcsMN8=) 3: 3130332e3235342e3136392e302f32342d3234203d3e203539313439.roa (hash: sJUN/+XYslzThounXZW+MFwCm1lc8VEvrGvUm5/WqYY=) 4: 3130332e3235342e3137312e302f32342d3234203d3e203539313439.roa (hash: j7/0o24Y/Dntb2SDxDz2B+Eis79rWFB0ghqmTnU55LQ=) 5: 3130332e3235342e3136382e302f32322d3232203d3e203539313439.roa (hash: wNLC96dZ0hf5g5SQzM5GoaCW4xx90rlAQngevEb0OMg=) 6: 3130332e3235342e3136382e302f32342d3234203d3e203539313439.roa (hash: mvmoi8dcnfPzFCUL4IZOH3T40kp0yAQpvbAqzxB1zYc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 Jan 2026 01:45:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:ec:bd:95:e0:05:99:2a:cb:d1:3f:6d:43:79:93:40:44:05:b6:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Validity Not Before: Dec 28 22:37:31 2025 GMT Not After : Jan 1 01:45:31 2026 GMT Subject: CN=8D9DB0C26DAF08BC204A9161BB94AC697DB0801A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:06:24:33:b9:58:3e:9b:42:0d:b3:62:63:fa: 1d:44:81:9d:cb:30:8b:1c:be:94:18:2d:08:98:b6: a2:f5:95:97:97:75:fa:3a:ad:bf:8c:1f:b4:33:62: f4:dc:22:99:4c:07:51:68:ac:04:64:b8:13:31:bb: 3e:89:bf:95:dc:a6:c3:2c:b9:65:a4:24:ec:ff:65: 4e:37:48:4c:91:ba:34:a2:3f:e8:22:bb:62:5c:15: db:63:e1:33:5d:4f:14:d2:07:21:80:3f:70:8b:18: 27:40:7a:f5:67:9d:cd:39:8c:1d:8b:5a:f5:db:00: 07:03:f4:92:10:bf:a8:5c:96:c4:db:d2:3f:9e:10: 4a:db:35:2a:5a:94:4f:dc:0e:7f:a8:32:cd:60:2d: 05:67:14:4a:d3:b5:63:15:0b:7e:cc:2f:9f:93:4c: d2:0e:9b:cb:56:c5:70:bf:8a:33:61:86:a2:2a:39: 0d:2b:03:f5:ae:90:e6:4e:bf:65:59:d8:b0:c6:5e: 96:ed:ab:73:c9:1a:86:27:1b:b9:04:74:f2:d0:ff: cf:32:e0:c6:20:6f:f9:43:d1:fc:3e:74:6a:1c:9c: 23:b8:30:4d:56:71:c0:43:02:e4:c1:f7:f2:f4:a2: 45:ab:c9:b7:b8:6f:cb:79:cd:2e:e8:c0:4c:3d:a0: a1:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:9D:B0:C2:6D:AF:08:BC:20:4A:91:61:BB:94:AC:69:7D:B0:80:1A X509v3 Authority Key Identifier: keyid:3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:1f:35:fc:66:cd:01:c1:c7:20:44:6e:48:41:d7:d7:01:0f: 5e:f5:fe:4b:31:f6:c7:86:8b:a1:0a:eb:bb:c2:35:cf:9d:8c: 06:2f:2a:cc:39:60:e6:c0:97:72:54:f0:66:a9:ac:93:bd:25: fe:90:59:93:2c:53:f2:5a:74:07:63:ba:24:0d:6c:96:71:c3: 69:93:f3:e6:ee:d4:c3:a0:6f:de:16:d5:ed:79:70:70:e4:a1: da:b1:05:b0:ef:ca:e3:8e:15:b3:f5:98:ee:f6:e5:41:b0:7f: f3:6b:62:3d:55:b9:3a:eb:a0:89:a9:f6:cd:de:d8:8b:ac:01: 73:10:21:fc:77:07:14:a0:38:bd:fb:50:4e:12:b0:6f:f8:89: c0:d0:8d:b8:07:18:26:ab:fb:10:df:43:c5:b4:1b:22:3c:bc: ae:e3:58:b5:20:1b:39:05:2c:8c:3b:b0:e3:d8:6e:ca:c1:0e: 23:f6:45:10:b4:84:6b:fe:0a:12:d0:84:53:86:e3:e3:8e:1e: d2:7b:00:b8:a4:3b:75:3f:9c:53:02:92:6e:cd:f9:bc:00:cd: 3a:9e:be:42:17:bb:5d:47:58:d7:ff:15:fc:1f:9b:76:00:9b: 97:bc:f9:3e:cd:eb:5b:eb:dd:b6:2d:e0:e7:25:ae:58:0b:87: ef:e2:f7:79 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXuy9leAFmSrL0T9tQ3mTQEQFtt0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0MxQzU5 RTE4MjA3NDAeFw0yNTEyMjgyMjM3MzFaFw0yNjAxMDEwMTQ1MzFaMDMxMTAvBgNV BAMTKDhEOURCMEMyNkRBRjA4QkMyMDRBOTE2MUJCOTRBQzY5N0RCMDgwMUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2BiQzuVg+m0INs2Jj+h1EgZ3L MIscvpQYLQiYtqL1lZeXdfo6rb+MH7QzYvTcIplMB1ForARkuBMxuz6Jv5XcpsMs uWWkJOz/ZU43SEyRujSiP+giu2JcFdtj4TNdTxTSByGAP3CLGCdAevVnnc05jB2L WvXbAAcD9JIQv6hclsTb0j+eEErbNSpalE/cDn+oMs1gLQVnFErTtWMVC37ML5+T TNIOm8tWxXC/ijNhhqIqOQ0rA/WukOZOv2VZ2LDGXpbtq3PJGoYnG7kEdPLQ/88y 4MYgb/lD0fw+dGocnCO4ME1WccBDAuTB9/L0okWrybe4b8t5zS7owEw9oKF1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUjZ2wwm2vCLwgSpFhu5SsaX2wgBowHwYDVR0j BBgwFoAUOyup6NU1er13a27EyvfBxZ4YIHQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YWU3ZDQ2MS0wZTMyLTRlNjUtYmI4OC1kNzI0MDViMjQ0NTEvMC8zQjJCQTlFOEQ1 MzU3QUJENzc2QjZFQzRDQUY3QzFDNTlFMTgyMDc0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0MxQzU5RTE4 MjA3NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmFlN2Q0NjEtMGUzMi00ZTY1LWJi ODgtZDcyNDA1YjI0NDUxLzAvM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0Mx QzU5RTE4MjA3NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKUfNfxmzQHBxyBEbkhB19cBD171/ksx9seG i6EK67vCNc+djAYvKsw5YObAl3JU8GaprJO9Jf6QWZMsU/JadAdjuiQNbJZxw2mT 8+bu1MOgb94W1e15cHDkodqxBbDvyuOOFbP1mO725UGwf/NrYj1VuTrroImp9s3e 2IusAXMQIfx3BxSgOL37UE4SsG/4icDQjbgHGCar+xDfQ8W0GyI8vK7jWLUgGzkF LIw7sOPYbsrBDiP2RRC0hGv+ChLQhFOG4+OOHtJ7ALikO3U/nFMCkm7N+bwAzTqe vkIXu11HWNf/Ffwfm3YAm5e8+T7N61vr3bYt4OclrlgLh+/i93k= -----END CERTIFICATE-----Generated at Tue Dec 30 14:57:23 2025 by rpki-client