This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: 80YbypptOYZg8Dg/WvjH6qOJnkrxT4ZDTG1jOJFG+2o= Subject key identifier: 27:7C:F8:4A:CC:01:7C:94:12:6F:8D:E7:ED:9A:1C:65:0C:25:C8:CF Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 158511F12617E15967572EBBD46318B4E00E0050 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 024C Signing time: Tue 23 Dec 2025 22:22:36 +0000 Manifest this update: Tue 23 Dec 2025 22:17:36 +0000 Manifest next update: Sat 27 Dec 2025 05:52:36 +0000 Files and hashes: 1: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: Qw+vgKvdYFSwE/C8GFMjjNVdaiNG0e75RT/1LBAdw20=) 2: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: HNI0ArO+KsvaMgGqtyRRpqs1evvFTKgd+Siy8K2ur7A=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 05:52:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:85:11:f1:26:17:e1:59:67:57:2e:bb:d4:63:18:b4:e0:0e:00:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Dec 23 22:17:36 2025 GMT Not After : Dec 27 05:52:36 2025 GMT Subject: CN=277CF84ACC017C94126F8DE7ED9A1C650C25C8CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:86:bf:f4:8e:f2:f1:92:ee:27:a6:00:04:06: bf:01:6a:2d:9b:57:24:06:f4:9f:ab:1a:e6:62:5f: 73:69:07:39:09:bd:2e:20:c6:39:5c:ef:35:bb:39: 59:36:b1:3e:fe:bb:c3:0c:e8:f3:c7:cc:b4:66:41: 6b:33:70:38:6a:a7:2e:6b:2c:0a:bd:49:e8:58:98: 07:fc:6e:ed:7d:25:70:4c:4a:ae:73:d6:52:9a:31: 0c:07:16:79:d3:e7:56:16:ef:41:e7:02:13:e1:29: 64:49:f5:67:a7:af:12:ac:84:60:a8:1d:d3:a2:b4: 55:81:65:cb:9e:5f:8f:9e:5b:df:41:72:95:c7:5e: f9:13:14:79:42:45:fe:54:ea:35:a5:ab:00:1c:6c: ad:f5:65:37:6d:56:0e:a1:ab:f8:1b:a2:86:49:f8: a7:7d:11:99:9b:08:43:df:5a:41:e9:72:27:18:66: 0e:96:20:eb:16:55:17:cb:b8:c6:30:d7:53:88:67: 06:14:70:97:4c:24:42:43:ef:5b:b0:d4:d4:5e:12: 08:b7:a7:d1:a6:92:43:ce:a9:e5:63:85:68:86:17: 73:0e:8a:52:03:65:b2:f2:73:0c:40:ba:a1:0e:ee: c0:1c:b1:57:45:43:7d:23:04:b9:17:85:52:36:59: 6a:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:7C:F8:4A:CC:01:7C:94:12:6F:8D:E7:ED:9A:1C:65:0C:25:C8:CF X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:76:79:ea:b1:89:68:59:b1:d6:97:76:5a:37:8e:a6:2f:5b: bb:3c:35:32:82:f0:76:b3:70:dc:21:2c:3b:88:e5:72:4b:f7: 60:37:19:7c:69:17:cf:68:b3:5e:af:01:f5:fd:1c:92:9e:cf: c8:b0:83:c1:4d:d0:f6:4e:33:af:6f:37:dd:ac:13:a7:79:b2: 5b:97:b7:31:5d:01:ca:f3:9b:9d:6f:da:94:75:7f:66:e1:0c: 40:8e:51:bf:ea:2d:eb:e9:e4:b1:1c:3e:e3:f5:eb:9a:e7:60: 3f:f6:47:fa:3a:eb:2a:c5:8d:c9:f6:f4:d8:6c:cf:a3:57:66: fa:11:d7:48:cc:9f:7a:9c:c4:d1:b2:c5:1d:76:86:db:65:08: 72:d5:17:26:d8:90:25:a2:61:4a:59:2d:a5:b6:83:25:44:e9: 97:d1:51:3d:71:ec:fc:d4:5e:0c:79:e4:95:a7:c7:52:d1:f5: a8:4f:2f:4e:7c:df:e4:c9:c8:8c:ba:76:c7:c0:09:ac:dd:84: e1:2b:fa:45:41:9f:f2:80:47:82:55:9e:cc:38:f2:19:6b:96: b8:48:ff:f7:6a:e9:6c:ad:d0:92:f4:f0:e3:fb:51:26:bf:cb: 59:ce:ad:e0:dd:7a:0a:66:fe:48:fd:48:0b:98:b5:fd:46:a2: 59:41:bb:6e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFYUR8SYX4VlnVy671GMYtOAOAFAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNTEyMjMyMjE3MzZaFw0yNTEyMjcwNTUyMzZaMDMxMTAvBgNV BAMTKDI3N0NGODRBQ0MwMTdDOTQxMjZGOERFN0VEOUExQzY1MEMyNUM4Q0YwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCchr/0jvLxku4npgAEBr8Bai2b VyQG9J+rGuZiX3NpBzkJvS4gxjlc7zW7OVk2sT7+u8MM6PPHzLRmQWszcDhqpy5r LAq9SehYmAf8bu19JXBMSq5z1lKaMQwHFnnT51YW70HnAhPhKWRJ9WenrxKshGCo HdOitFWBZcueX4+eW99BcpXHXvkTFHlCRf5U6jWlqwAcbK31ZTdtVg6hq/gbooZJ +Kd9EZmbCEPfWkHpcicYZg6WIOsWVRfLuMYw11OIZwYUcJdMJEJD71uw1NReEgi3 p9GmkkPOqeVjhWiGF3MOilIDZbLycwxAuqEO7sAcsVdFQ30jBLkXhVI2WWr/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUJ3z4SswBfJQSb43n7ZocZQwlyM8wHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHZ2eeqxiWhZsdaXdlo3jqYvW7s8NTKC8Haz cNwhLDuI5XJL92A3GXxpF89os16vAfX9HJKez8iwg8FN0PZOM69vN92sE6d5sluX tzFdAcrzm51v2pR1f2bhDECOUb/qLevp5LEcPuP165rnYD/2R/o66yrFjcn29Nhs z6NXZvoR10jMn3qcxNGyxR12httlCHLVFybYkCWiYUpZLaW2gyVE6ZfRUT1x7PzU Xgx55JWnx1LR9ahPL0583+TJyIy6dsfACazdhOEr+kVBn/KAR4JVnsw48hlrlrhI //dq6Wyt0JL08OP7USa/y1nOreDdegpm/kj9SAuYtf1GollBu24= -----END CERTIFICATE-----Generated at Wed Dec 24 23:57:27 2025 by rpki-client