This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft File: 3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft (raw, json) Hash identifier: XyEADEVCTaT6O4wIlPuNXbWi/h86vCpInS75JoV79JY= Subject key identifier: EA:35:01:53:F9:BA:7D:25:DE:70:7E:04:F0:B3:F5:4D:52:E0:45:14 Authority key identifier: 3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 Certificate issuer: /CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Certificate serial: 1A668F8F1CD345D23BCA0DA0DBE600132C47A067 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft Manifest number: 0220 Signing time: Wed 24 Dec 2025 14:22:33 +0000 Manifest this update: Wed 24 Dec 2025 14:17:33 +0000 Manifest next update: Sat 27 Dec 2025 16:21:33 +0000 Files and hashes: 1: 3130332e3235342e3136382e302f32322d3232203d3e203539313439.roa (hash: wNLC96dZ0hf5g5SQzM5GoaCW4xx90rlAQngevEb0OMg=) 2: 3130332e3235342e3137312e302f32342d3234203d3e203539313439.roa (hash: j7/0o24Y/Dntb2SDxDz2B+Eis79rWFB0ghqmTnU55LQ=) 3: 3130332e3235342e3136382e302f32342d3234203d3e203539313439.roa (hash: mvmoi8dcnfPzFCUL4IZOH3T40kp0yAQpvbAqzxB1zYc=) 4: 3130332e3235342e3137302e302f32342d3234203d3e203539313439.roa (hash: Htm5ahdXQHhKpRzE/h5i9KHcwL0XsZbOLaHTHLcsMN8=) 5: 3130332e3235342e3136392e302f32342d3234203d3e203539313439.roa (hash: sJUN/+XYslzThounXZW+MFwCm1lc8VEvrGvUm5/WqYY=) 6: 3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl (hash: VEz60YNZMUJ7lWvlFFHAMfFHWcp89vo7MZyzGIHhbvg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 16:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:66:8f:8f:1c:d3:45:d2:3b:ca:0d:a0:db:e6:00:13:2c:47:a0:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Validity Not Before: Dec 24 14:17:33 2025 GMT Not After : Dec 27 16:21:33 2025 GMT Subject: CN=EA350153F9BA7D25DE707E04F0B3F54D52E04514 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:33:b1:63:06:e0:0e:37:92:a2:56:56:1a:f1: 94:00:e9:ba:2e:a2:42:e4:73:8a:be:fc:75:aa:16: 9c:18:48:64:c1:13:cd:49:92:44:13:0c:a0:77:c2: a2:96:c7:54:fd:d0:36:78:cd:70:23:12:c8:59:ae: ee:66:96:3d:52:c0:b9:33:32:a7:11:d3:6d:d0:8e: fe:72:e8:d2:88:54:31:d0:47:58:d2:d5:bd:c7:c5: e8:66:9c:e2:57:d2:c1:4d:66:99:8c:dd:67:82:55: e8:f5:96:b0:ac:73:88:d7:9c:1f:04:83:f6:15:f3: b2:b4:c5:f8:4d:1f:df:39:dc:b0:05:4e:09:ec:c2: f9:19:5b:34:a9:6e:da:0b:81:7a:4a:53:c4:39:7f: d7:97:83:54:15:18:26:44:2e:f8:98:d9:e0:eb:09: 67:89:dd:29:9a:13:7f:04:bb:a4:2b:d8:af:3c:54: 4f:34:a6:a4:d5:97:1f:42:ff:32:32:71:6e:36:52: 30:fd:6d:ce:99:8d:42:98:cf:68:eb:7b:8a:e2:b2: b7:4f:bb:df:b6:16:0c:6e:9c:93:8a:91:86:60:e9: 62:30:15:54:30:fd:cf:17:25:c2:f3:66:88:db:25: 88:9e:f3:31:6e:46:59:8a:66:94:95:08:e3:6b:82: d0:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:35:01:53:F9:BA:7D:25:DE:70:7E:04:F0:B3:F5:4D:52:E0:45:14 X509v3 Authority Key Identifier: keyid:3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:ce:51:68:df:ca:dd:57:70:a3:a8:d3:51:33:ec:fd:f3:64: 9f:54:e0:1b:5f:5f:fb:c4:fb:35:69:19:f9:3c:89:5a:28:fb: 68:d8:46:5a:36:3e:10:c7:b6:c8:30:29:ae:e7:08:d8:43:46: e5:8e:58:6a:83:9f:05:99:e9:21:ba:59:c8:05:65:02:0f:db: c5:ed:9d:e1:3c:bb:45:e7:86:dd:74:93:ca:e8:d5:e4:0d:51: d9:1c:66:72:38:d9:9c:55:cf:53:4f:d3:d2:33:11:ec:1b:6d: ce:1c:7b:3d:94:31:cb:7d:48:b9:8a:d0:3c:7e:e1:c4:e5:88: 7f:ca:20:0f:00:52:92:53:64:c9:b0:a5:06:8f:49:74:a6:15: 1c:5d:fc:07:e5:42:40:f4:f5:d5:9e:81:5c:3a:ee:49:f0:27: 5b:21:f3:80:30:93:94:a4:77:06:34:5b:1d:07:6e:df:7e:46: 23:2f:f3:71:db:1b:ef:5f:3e:f9:9e:30:92:be:80:a8:ea:47: cf:fb:f5:9e:20:f8:e9:b2:cc:59:f2:71:0a:5e:28:92:1d:ba: 4c:2d:36:89:69:8d:5e:2b:ea:9c:36:2d:9d:e1:10:ec:92:67: ce:44:58:3d:2c:a1:8f:73:ad:1d:5c:19:7e:0f:b3:d8:af:77: 88:9e:2d:82 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGmaPjxzTRdI7yg2g2+YAEyxHoGcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0MxQzU5 RTE4MjA3NDAeFw0yNTEyMjQxNDE3MzNaFw0yNTEyMjcxNjIxMzNaMDMxMTAvBgNV BAMTKEVBMzUwMTUzRjlCQTdEMjVERTcwN0UwNEYwQjNGNTRENTJFMDQ1MTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChM7FjBuAON5KiVlYa8ZQA6bou okLkc4q+/HWqFpwYSGTBE81JkkQTDKB3wqKWx1T90DZ4zXAjEshZru5mlj1SwLkz MqcR023Qjv5y6NKIVDHQR1jS1b3HxehmnOJX0sFNZpmM3WeCVej1lrCsc4jXnB8E g/YV87K0xfhNH9853LAFTgnswvkZWzSpbtoLgXpKU8Q5f9eXg1QVGCZELviY2eDr CWeJ3SmaE38Eu6Qr2K88VE80pqTVlx9C/zIycW42UjD9bc6ZjUKYz2jre4risrdP u9+2FgxunJOKkYZg6WIwFVQw/c8XJcLzZojbJYie8zFuRlmKZpSVCONrgtBLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6jUBU/m6fSXecH4E8LP1TVLgRRQwHwYDVR0j BBgwFoAUOyup6NU1er13a27EyvfBxZ4YIHQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YWU3ZDQ2MS0wZTMyLTRlNjUtYmI4OC1kNzI0MDViMjQ0NTEvMC8zQjJCQTlFOEQ1 MzU3QUJENzc2QjZFQzRDQUY3QzFDNTlFMTgyMDc0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0MxQzU5RTE4 MjA3NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmFlN2Q0NjEtMGUzMi00ZTY1LWJi ODgtZDcyNDA1YjI0NDUxLzAvM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0Mx QzU5RTE4MjA3NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFTOUWjfyt1XcKOo01Ez7P3zZJ9U4BtfX/vE +zVpGfk8iVoo+2jYRlo2PhDHtsgwKa7nCNhDRuWOWGqDnwWZ6SG6WcgFZQIP28Xt neE8u0Xnht10k8ro1eQNUdkcZnI42ZxVz1NP09IzEewbbc4cez2UMct9SLmK0Dx+ 4cTliH/KIA8AUpJTZMmwpQaPSXSmFRxd/AflQkD09dWegVw67knwJ1sh84Awk5Sk dwY0Wx0Hbt9+RiMv83HbG+9fPvmeMJK+gKjqR8/79Z4g+OmyzFnycQpeKJIdukwt NolpjV4r6pw2LZ3hEOySZ85EWD0soY9zrR1cGX4Ps9ivd4ieLYI= -----END CERTIFICATE-----Generated at Wed Dec 24 22:05:07 2025 by rpki-client