This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft File: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft (raw, json) Hash identifier: JU/GvMIeBSzZwCdGc6UxjAWVcWQWXh3MW+d/aeNY0J4= Subject key identifier: DC:87:61:DF:17:23:F4:C1:66:D0:08:C7:FB:E4:EF:A4:8C:0F:80:14 Authority key identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 Certificate issuer: /CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Certificate serial: 4E5EFBE3F7654FF29EEA9CA349F184FBAA2DD936 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft Manifest number: 01BA Signing time: Wed 17 Dec 2025 01:10:43 +0000 Manifest this update: Wed 17 Dec 2025 01:05:43 +0000 Manifest next update: Sat 20 Dec 2025 01:57:43 +0000 Files and hashes: 1: 3130332e3137372e3231392e302f32342d3234203d3e20313331373639.roa (hash: fU1tQ4gaeWNhq2F1RA67XHvI+/xcbSrzocYJJCxhg9Q=) 2: 3130332e3137372e3231382e302f32342d3234203d3e20313331373639.roa (hash: geET9/YOwUtWNeEIEWu0ZCElrUfY/yNFJvOG/4u0aBI=) 3: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl (hash: p/zqOwz2yxJCi257ng7jA9lBmEVHchEEbJ5AL7F3F7Q=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 01:57:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:5e:fb:e3:f7:65:4f:f2:9e:ea:9c:a3:49:f1:84:fb:aa:2d:d9:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Validity Not Before: Dec 17 01:05:43 2025 GMT Not After : Dec 20 01:57:43 2025 GMT Subject: CN=DC8761DF1723F4C166D008C7FBE4EFA48C0F8014 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:4b:99:39:1b:e2:7b:13:0f:b4:80:7f:26:76: c1:ba:7f:94:56:2a:ca:28:40:40:9d:85:0a:4b:10: b5:7e:4c:f8:81:fb:f3:54:ea:d3:b0:18:e8:da:f0: 89:d0:7a:9e:21:a3:8d:5e:ea:35:af:d4:86:f8:84: 7e:36:b9:7c:7e:e9:f6:18:3c:78:35:b7:ce:15:ac: 56:40:bc:ff:28:2a:63:cb:f5:ff:f5:d2:2c:e3:e0: d3:ee:73:9a:03:f8:03:fc:ab:0b:ee:e8:79:41:ae: bb:09:3f:19:cf:8f:df:76:68:30:73:fc:c8:d9:76: 64:7c:ab:91:b0:ac:b3:c7:af:8c:03:66:7a:2f:c1: 45:ab:3c:80:44:1f:26:2e:58:c0:89:f4:4c:9e:f6: 25:af:2c:49:06:21:02:7d:be:45:7d:3d:cf:78:7b: 95:11:f2:34:98:1b:9c:76:58:11:da:29:28:1a:52: 3e:3c:77:5c:ee:92:b4:91:1f:bb:42:eb:7e:1f:98: 03:33:da:47:08:d0:e2:8a:53:08:30:24:82:f5:67: 75:a6:6f:c3:db:ec:2c:67:1a:7c:f4:a8:ed:22:a1: cd:4e:d8:bf:ae:84:2c:a0:6e:0a:3d:33:42:6e:71: b7:a9:58:20:39:71:d4:8f:93:49:a1:10:73:ca:d9: e8:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:87:61:DF:17:23:F4:C1:66:D0:08:C7:FB:E4:EF:A4:8C:0F:80:14 X509v3 Authority Key Identifier: keyid:2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:4c:15:dc:ce:ca:a7:e7:2d:b0:06:4a:97:6f:72:93:76:99: a0:b8:d1:87:bc:a8:e3:51:29:03:6c:1f:ac:64:13:93:83:f5: ee:39:44:3a:8e:d8:84:45:75:8b:1f:41:d1:d7:63:06:76:60: 39:a8:8b:14:fa:57:c1:e8:b3:ff:7a:76:9d:66:19:53:63:bf: e3:c5:d5:2a:6a:54:bc:4c:b6:03:a5:87:6e:ff:fb:6a:91:fc: e3:19:8a:d8:78:ca:c0:ec:3f:13:99:c0:b9:60:11:cb:31:81: c6:f7:88:9a:1b:26:1b:c0:74:f2:06:ca:0f:68:9d:55:e3:47: 22:3f:75:09:28:fb:f9:fa:a9:46:b9:35:0e:30:58:9a:24:88: 75:86:d0:54:14:87:42:7d:69:f2:c9:7e:3e:7c:80:22:6e:73: 08:6f:2f:f8:cb:a1:46:2c:ad:a7:0d:a3:af:62:04:8c:75:89: a0:ec:47:31:7b:56:a2:8f:74:b2:c7:fd:95:6e:61:eb:2a:5c: 44:40:0f:ba:a4:ef:d6:75:00:67:19:21:3e:60:52:9a:0c:e5: 9e:f0:be:4b:25:68:b5:23:40:39:d3:b6:bf:67:98:3b:8d:86: d9:3d:ea:80:be:28:ee:98:1d:71:3d:04:8a:07:91:2a:20:2d: 66:25:9d:37 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUTl774/dlT/Ke6pyjSfGE+6ot2TYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2Nzcz RjNFNkYxNjAeFw0yNTEyMTcwMTA1NDNaFw0yNTEyMjAwMTU3NDNaMDMxMTAvBgNV BAMTKERDODc2MURGMTcyM0Y0QzE2NkQwMDhDN0ZCRTRFRkE0OEMwRjgwMTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNS5k5G+J7Ew+0gH8mdsG6f5RW KsooQECdhQpLELV+TPiB+/NU6tOwGOja8InQep4ho41e6jWv1Ib4hH42uXx+6fYY PHg1t84VrFZAvP8oKmPL9f/10izj4NPuc5oD+AP8qwvu6HlBrrsJPxnPj992aDBz /MjZdmR8q5GwrLPHr4wDZnovwUWrPIBEHyYuWMCJ9Eye9iWvLEkGIQJ9vkV9Pc94 e5UR8jSYG5x2WBHaKSgaUj48d1zukrSRH7tC634fmAMz2kcI0OKKUwgwJIL1Z3Wm b8Pb7CxnGnz0qO0ioc1O2L+uhCygbgo9M0JucbepWCA5cdSPk0mhEHPK2eijAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU3Idh3xcj9MFm0AjH++TvpIwPgBQwHwYDVR0j BBgwFoAUKq+oFBTtyxAyI18iQP4Gdz8+bxYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWI4ZTYwZi1mOTkzLTQ1MzQtOWRhMC1mMjg1YTg2MDNmNjkvMC8yQUFGQTgxNDE0 RURDQjEwMzIyMzVGMjI0MEZFMDY3NzNGM0U2RjE2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2NzczRjNF NkYxNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FiOGU2MGYtZjk5My00NTM0LTlk YTAtZjI4NWE4NjAzZjY5LzAvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2 NzczRjNFNkYxNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGVMFdzOyqfnLbAGSpdvcpN2maC40Ye8qONR KQNsH6xkE5OD9e45RDqO2IRFdYsfQdHXYwZ2YDmoixT6V8Hos/96dp1mGVNjv+PF 1SpqVLxMtgOlh27/+2qR/OMZith4ysDsPxOZwLlgEcsxgcb3iJobJhvAdPIGyg9o nVXjRyI/dQko+/n6qUa5NQ4wWJokiHWG0FQUh0J9afLJfj58gCJucwhvL/jLoUYs racNo69iBIx1iaDsRzF7VqKPdLLH/ZVuYesqXERAD7qk79Z1AGcZIT5gUpoM5Z7w vkslaLUjQDnTtr9nmDuNhtk96oC+KO6YHXE9BIoHkSogLWYlnTc= -----END CERTIFICATE-----Generated at Fri Dec 19 11:35:14 2025 by rpki-client