This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft File: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft (raw, json) Hash identifier: nGcmhWCF/qVqeuFJtjE7pr9BfzpIj61lSsfRG5c5RtY= Subject key identifier: 0D:EB:E7:8B:87:93:73:6B:59:7E:24:B2:4F:93:C9:E2:2E:7C:94:18 Authority key identifier: BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 Certificate issuer: /CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Certificate serial: 183807126B15265F5B3D4B5499A85A7060C63D4C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft Manifest number: 0209 Signing time: Thu 18 Dec 2025 17:00:54 +0000 Manifest this update: Thu 18 Dec 2025 16:55:54 +0000 Manifest next update: Mon 22 Dec 2025 00:07:54 +0000 Files and hashes: 1: 3130332e32302e38342e302f32342d3234203d3e20313530323337.roa (hash: Q4o71jeTV80A1Kcs2rXwd40dCqE8n3Drpr6hWhmrWZg=) 2: 3130332e32302e38352e302f32342d3234203d3e20313530323337.roa (hash: /Ll9XnZwq9kQ7KqFTm1tz2GQbHOFyxKz40lfWdvRTyg=) 3: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl (hash: rdFqMuAIea0I1Rna6DaSXI+8KdBDrKrtqljLpyRooDo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Dec 2025 00:07:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:38:07:12:6b:15:26:5f:5b:3d:4b:54:99:a8:5a:70:60:c6:3d:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Validity Not Before: Dec 18 16:55:54 2025 GMT Not After : Dec 22 00:07:54 2025 GMT Subject: CN=0DEBE78B8793736B597E24B24F93C9E22E7C9418 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:86:4f:90:4f:93:7c:14:e4:1d:8e:1d:e1:82: 93:44:d0:24:f1:4a:2a:4e:93:d8:69:57:6d:b6:50: e9:12:40:b9:3d:5d:05:6f:8d:da:d7:85:02:70:02: 82:a0:cc:a1:0f:52:39:e4:18:f5:00:41:ff:06:f3: 94:35:a7:d5:9f:03:65:43:8b:77:dc:06:5e:8d:62: ef:8d:34:d2:23:b1:77:4e:57:4e:50:63:18:97:01: da:39:58:80:26:f4:7b:da:fd:09:69:50:e6:9c:cc: f6:12:6c:a2:72:6e:44:53:23:7a:7d:51:d1:a4:c4: 05:c8:9d:59:2d:08:cf:35:11:51:96:65:ad:29:82: a0:a3:a3:66:29:30:70:23:83:be:b2:2e:8f:dc:a7: 08:b6:1c:1a:b0:8b:82:59:80:57:17:20:01:7f:b9: da:ee:83:c4:58:5c:28:d1:47:b3:22:28:9b:84:e1: e0:4d:a8:83:f9:be:84:da:e2:bf:6a:c7:e3:3d:95: 9e:d2:bc:af:8a:54:32:f0:c1:be:51:20:ac:4c:43: fd:6b:25:1a:23:4b:5a:67:1d:24:9f:03:b9:5d:11: 83:08:6a:dc:4f:d7:ff:cb:15:26:54:b1:44:81:5c: 22:e9:5f:b2:1f:72:f5:26:7a:2c:de:ac:45:ea:00: 1e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:EB:E7:8B:87:93:73:6B:59:7E:24:B2:4F:93:C9:E2:2E:7C:94:18 X509v3 Authority Key Identifier: keyid:BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:57:72:2c:cc:f2:b7:2b:cf:de:42:ba:45:35:53:a3:85:ab: 73:b3:04:55:54:6c:d7:fa:75:0e:5e:e0:5b:af:36:d7:89:bb: 8e:6b:b8:e1:fd:91:3d:8c:da:dc:fb:5f:42:bf:21:52:1f:9c: a7:f2:bc:27:2e:f3:0f:6b:f8:68:e9:93:13:26:f5:a8:0b:a3: b7:b9:6f:d7:c0:cc:ef:64:89:b6:f3:3f:9a:bb:3a:00:8d:00: 70:6f:69:41:fc:a3:88:17:03:eb:70:ed:fc:0b:fc:56:0d:8f: d5:20:9f:f2:b5:3c:07:55:29:a8:ba:5e:83:26:3e:61:8d:df: c8:78:5a:c9:e1:78:7e:72:3e:a6:37:7c:d9:d9:0c:4c:e2:45: a3:c8:49:b8:fc:e5:7d:72:57:13:a9:d4:af:f6:dd:5e:d1:75: 89:7a:23:db:a0:13:bd:93:d8:cc:34:7a:1a:b2:ed:91:82:38: 92:7f:f2:e5:d9:74:00:24:eb:72:e3:c7:64:09:25:f7:02:57: da:9a:54:85:3e:ce:5b:93:f0:ce:9e:a4:d6:f2:4b:d2:60:20: 17:1a:49:84:b2:1e:f1:31:57:4c:7b:94:46:8b:8e:fa:b8:6c: ea:55:23:c5:55:91:5d:9d:3a:b5:ca:d9:80:1c:d3:b8:bc:4b: 1a:7b:d8:3d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGDgHEmsVJl9bPUtUmahacGDGPUwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3 OURGRkZEMDAeFw0yNTEyMTgxNjU1NTRaFw0yNTEyMjIwMDA3NTRaMDMxMTAvBgNV BAMTKDBERUJFNzhCODc5MzczNkI1OTdFMjRCMjRGOTNDOUUyMkU3Qzk0MTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8hk+QT5N8FOQdjh3hgpNE0CTx SipOk9hpV222UOkSQLk9XQVvjdrXhQJwAoKgzKEPUjnkGPUAQf8G85Q1p9WfA2VD i3fcBl6NYu+NNNIjsXdOV05QYxiXAdo5WIAm9Hva/QlpUOaczPYSbKJybkRTI3p9 UdGkxAXInVktCM81EVGWZa0pgqCjo2YpMHAjg76yLo/cpwi2HBqwi4JZgFcXIAF/ udrug8RYXCjRR7MiKJuE4eBNqIP5voTa4r9qx+M9lZ7SvK+KVDLwwb5RIKxMQ/1r JRojS1pnHSSfA7ldEYMIatxP1//LFSZUsUSBXCLpX7IfcvUmeizerEXqAB6pAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUDevni4eTc2tZfiSyT5PJ4i58lBgwHwYDVR0j BBgwFoAUvQynu37hRZehcfGx4+MSennf/9AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZDdhNzFiYy1mOTEwLTRiOGMtOWNmZi0wODU3ZDVmMmQzN2YvMC9CRDBDQTdCQjdF RTE0NTk3QTE3MUYxQjFFM0UzMTI3QTc5REZGRkQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3OURG RkZEMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2Q3YTcxYmMtZjkxMC00YjhjLTlj ZmYtMDg1N2Q1ZjJkMzdmLzAvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEy N0E3OURGRkZEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAtXcizM8rcrz95CukU1U6OFq3OzBFVUbNf6 dQ5e4FuvNteJu45ruOH9kT2M2tz7X0K/IVIfnKfyvCcu8w9r+GjpkxMm9agLo7e5 b9fAzO9kibbzP5q7OgCNAHBvaUH8o4gXA+tw7fwL/FYNj9Ugn/K1PAdVKai6XoMm PmGN38h4WsnheH5yPqY3fNnZDEziRaPISbj85X1yVxOp1K/23V7RdYl6I9ugE72T 2Mw0ehqy7ZGCOJJ/8uXZdAAk63Ljx2QJJfcCV9qaVIU+zluT8M6epNbyS9JgIBca SYSyHvExV0x7lEaLjvq4bOpVI8VVkV2dOrXK2YAc07i8Sxp72D0= -----END CERTIFICATE-----Generated at Fri Dec 19 13:48:53 2025 by rpki-client