This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.mft File: 2985976A4B3081770748882703E16497964D05A6.mft (raw, json) Hash identifier: 1ClrLnyxZ5MrmIzW0cBwAmQoym4xnqhggrDGovMXYu8= Subject key identifier: BD:67:7D:20:52:42:0F:A4:3F:7F:10:5C:52:BB:B4:84:2E:27:57:96 Authority key identifier: 29:85:97:6A:4B:30:81:77:07:48:88:27:03:E1:64:97:96:4D:05:A6 Certificate issuer: /CN=2985976A4B3081770748882703E16497964D05A6 Certificate serial: 7D26219D4210FEF09FAA5229664CD6E361AC72A9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2985976A4B3081770748882703E16497964D05A6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.mft Manifest number: 0221 Signing time: Fri 19 Dec 2025 09:20:41 +0000 Manifest this update: Fri 19 Dec 2025 09:15:41 +0000 Manifest next update: Mon 22 Dec 2025 13:00:41 +0000 Files and hashes: 1: 3130332e3139372e39342e302f32342d3234203d3e20313334363233.roa (hash: fbMC3foKpfnHAAX7CqNwv+8CUIBKmVdM4iWFdYY2w+c=) 2: 3130332e3139372e39352e302f32342d3234203d3e20313334363233.roa (hash: h0i6o1md9zXeZ9ZcSa+PGKss268qYszF+iOxTtMdu4E=) 3: 3130332e3139372e39322e302f32342d3234203d3e20313334363233.roa (hash: s3jB5rGy3ygjsQ7KSNEtfVl4k8P8QCufhhtVBzaX2IQ=) 4: 323430333a38303a3a2f33322d3332203d3e20313334363233.roa (hash: 6DmXkqMFBwmOgmu7GrU8MAR3khWhl6gAoERCQcW2kCE=) 5: 2985976A4B3081770748882703E16497964D05A6.crl (hash: WSDouJ4SYVkMFSRTtjCxkXz1nIfC7rJPG2TE+CiW7qQ=) 6: 3130332e3139372e39332e302f32342d3234203d3e20313334363233.roa (hash: RrW5I2lzLuA+7ZMS1LEMZMinrm7Ftg4PYDdGcwSGY08=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.crl rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2985976A4B3081770748882703E16497964D05A6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Dec 2025 13:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:26:21:9d:42:10:fe:f0:9f:aa:52:29:66:4c:d6:e3:61:ac:72:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2985976A4B3081770748882703E16497964D05A6 Validity Not Before: Dec 19 09:15:41 2025 GMT Not After : Dec 22 13:00:41 2025 GMT Subject: CN=BD677D2052420FA43F7F105C52BBB4842E275796 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:b7:0f:8f:8d:b6:c3:7f:2d:45:36:72:24:64: 93:0e:80:35:d2:13:29:ad:08:e4:0a:a3:59:f4:b2: 6a:fd:7f:f3:88:04:d9:1f:cb:ed:e8:eb:f8:dd:bb: d9:77:45:09:83:bb:17:e8:0f:cc:14:68:6f:93:54: 48:3d:d6:8e:08:ce:c4:d4:40:fd:9f:b2:a3:3c:da: 91:e4:0e:00:6f:27:e2:46:84:60:d8:f2:32:2b:e4: 1a:7f:6a:0d:0b:59:08:55:59:f4:2e:b6:bb:18:ed: ec:b2:ec:10:1d:f8:3c:08:cb:94:53:34:1a:a7:a8: 63:47:db:3b:f7:38:9d:7b:e7:3d:f7:a4:31:ed:f7: 3f:e3:45:c4:b0:e3:11:cd:c0:32:a2:88:90:79:d1: c1:69:c1:16:fe:4d:76:a3:5f:b6:76:7f:b6:bc:f1: 2e:19:08:2b:87:16:b6:f4:ba:88:8f:27:7c:1b:e1: 30:9e:db:7a:72:3b:4a:c3:da:8e:a7:d7:de:78:25: 3a:80:64:d9:dd:af:8b:55:e1:13:56:8f:e3:cf:44: 6d:4a:9d:6c:02:28:97:76:3c:07:4e:bc:b4:e8:ae: 2c:06:65:64:1e:71:d9:f3:91:5b:0b:15:0c:0b:84: 47:9d:de:9f:1a:33:15:92:29:ca:fa:d6:6d:7d:92: 6f:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:67:7D:20:52:42:0F:A4:3F:7F:10:5C:52:BB:B4:84:2E:27:57:96 X509v3 Authority Key Identifier: keyid:29:85:97:6A:4B:30:81:77:07:48:88:27:03:E1:64:97:96:4D:05:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2985976A4B3081770748882703E16497964D05A6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3ed100df-0441-4381-a3fa-587db9e9c2f0/0/2985976A4B3081770748882703E16497964D05A6.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:2c:86:95:5a:67:0f:fe:98:60:42:64:63:3d:70:8e:db:4f: d3:11:42:e6:15:2e:98:57:f9:74:cd:3f:4c:23:cc:5a:16:0d: 24:48:8b:0d:b6:cd:2f:35:ea:0a:c3:27:0a:80:38:23:b3:70: c0:46:d0:95:b2:f5:05:d6:07:b3:f4:62:cb:8f:c3:99:de:b0: 70:24:c6:d4:77:c3:27:67:8d:8c:e1:26:9f:a7:d3:2f:8c:82: 06:aa:4c:09:a8:25:8f:ef:32:ef:49:a5:58:f0:8a:87:68:f2: 8f:e9:bb:24:e2:17:0b:25:6d:af:04:a5:66:54:0d:b0:ef:a6: 35:70:7d:1d:7c:a1:6a:4c:dd:fd:fd:af:44:ec:0c:b2:70:6d: a9:be:b4:87:57:ff:0a:d4:78:6c:c2:bb:6a:62:09:70:a7:68: 77:53:cb:e8:04:4e:3d:a3:26:0e:5f:a4:44:23:1b:a2:0b:b0: c1:47:7e:fa:01:a5:0b:b1:6a:b2:84:6b:94:f0:f5:b8:a1:1f: 24:ff:e0:df:4e:db:03:1e:3d:b2:f1:e4:f3:d8:34:60:fc:2a: 40:7e:8b:ef:24:c3:65:35:41:d0:95:e8:a1:9c:47:36:92:8a: a2:2f:85:cb:42:7b:7e:8e:3d:d3:5a:60:56:4b:bb:8f:2e:84: 2d:02:1c:c2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfSYhnUIQ/vCfqlIpZkzW42GscqkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjk4NTk3NkE0QjMwODE3NzA3NDg4ODI3MDNFMTY0OTc5 NjREMDVBNjAeFw0yNTEyMTkwOTE1NDFaFw0yNTEyMjIxMzAwNDFaMDMxMTAvBgNV BAMTKEJENjc3RDIwNTI0MjBGQTQzRjdGMTA1QzUyQkJCNDg0MkUyNzU3OTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGtw+PjbbDfy1FNnIkZJMOgDXS EymtCOQKo1n0smr9f/OIBNkfy+3o6/jdu9l3RQmDuxfoD8wUaG+TVEg91o4IzsTU QP2fsqM82pHkDgBvJ+JGhGDY8jIr5Bp/ag0LWQhVWfQutrsY7eyy7BAd+DwIy5RT NBqnqGNH2zv3OJ175z33pDHt9z/jRcSw4xHNwDKiiJB50cFpwRb+TXajX7Z2f7a8 8S4ZCCuHFrb0uoiPJ3wb4TCe23pyO0rD2o6n1954JTqAZNndr4tV4RNWj+PPRG1K nWwCKJd2PAdOvLToriwGZWQecdnzkVsLFQwLhEed3p8aMxWSKcr61m19km+tAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUvWd9IFJCD6Q/fxBcUru0hC4nV5YwHwYDVR0j BBgwFoAUKYWXakswgXcHSIgnA+Fkl5ZNBaYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZWQxMDBkZi0wNDQxLTQzODEtYTNmYS01ODdkYjllOWMyZjAvMC8yOTg1OTc2QTRC MzA4MTc3MDc0ODg4MjcwM0UxNjQ5Nzk2NEQwNUE2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjk4NTk3NkE0QjMwODE3NzA3NDg4ODI3MDNFMTY0OTc5NjRE MDVBNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2VkMTAwZGYtMDQ0MS00MzgxLWEz ZmEtNTg3ZGI5ZTljMmYwLzAvMjk4NTk3NkE0QjMwODE3NzA3NDg4ODI3MDNFMTY0 OTc5NjREMDVBNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIYshpVaZw/+mGBCZGM9cI7bT9MRQuYVLphX +XTNP0wjzFoWDSRIiw22zS816grDJwqAOCOzcMBG0JWy9QXWB7P0YsuPw5nesHAk xtR3wydnjYzhJp+n0y+MggaqTAmoJY/vMu9JpVjwiodo8o/puyTiFwslba8EpWZU DbDvpjVwfR18oWpM3f39r0TsDLJwbam+tIdX/wrUeGzCu2piCXCnaHdTy+gETj2j Jg5fpEQjG6ILsMFHfvoBpQuxarKEa5Tw9bihHyT/4N9O2wMePbLx5PPYNGD8KkB+ i+8kw2U1QdCV6KGcRzaSiqIvhctCe36OPdNaYFZLu48uhC0CHMI= -----END CERTIFICATE-----Generated at Sun Dec 21 03:00:58 2025 by rpki-client