This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft File: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft (raw, json) Hash identifier: wDUbkYuri3b121YYAF/tVM5QOAqT57+BhVQ1yQJebFk= Subject key identifier: 0F:B5:4F:8E:28:53:74:5E:D3:29:B3:67:BF:A5:76:16:1C:42:93:17 Authority key identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F Certificate issuer: /CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Certificate serial: 0B13EEC7606E33EFD09612F6BEC90D19E017B61F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft Manifest number: 0214 Signing time: Sun 21 Dec 2025 04:50:58 +0000 Manifest this update: Sun 21 Dec 2025 04:45:58 +0000 Manifest next update: Wed 24 Dec 2025 11:26:58 +0000 Files and hashes: 1: 3130332e31302e3235332e302f32342d3234203d3e203536323539.roa (hash: HvzvMBj5qU+NExWSjTWqrdpmvH/WBtBrlcSKkhbhERc=) 2: 3130332e32382e3136332e302f32342d3234203d3e203536323539.roa (hash: NAFqFIaSAImXyE9eWh33YjJ4/n4BJqvDNhOBlZ2+l28=) 3: 3130332e36352e39362e302f32332d3234203d3e203536323539.roa (hash: GJQ3NUFsB2nVnSk1uRZagjtzrc7ng31cjwY1HHOp2FQ=) 4: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl (hash: ENiszfIeMf3UxjTAMtMqEfpGHz6Y2Kfs81IWgafkwR0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Dec 2025 07:39:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:13:ee:c7:60:6e:33:ef:d0:96:12:f6:be:c9:0d:19:e0:17:b6:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Validity Not Before: Dec 21 04:45:58 2025 GMT Not After : Dec 24 11:26:58 2025 GMT Subject: CN=0FB54F8E2853745ED329B367BFA576161C429317 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:3e:58:49:08:7e:f5:3a:2b:c9:06:d9:bb:e8: a4:59:65:5d:e2:3f:91:58:be:80:f6:8b:56:ec:3b: 5f:07:4f:fa:de:55:ed:c2:7a:3b:ad:72:a5:de:a6: 51:a6:20:c8:32:e8:5f:d6:27:dc:d8:ec:fb:c1:2c: 15:d8:ee:83:82:5b:a0:7b:12:42:87:fd:f5:fd:aa: 96:1a:73:08:7d:be:67:9f:c8:cf:af:3d:33:b3:64: 3e:95:e8:38:c8:b1:49:77:62:21:12:fa:d2:a5:60: ea:03:01:4d:f1:bf:54:8b:a4:48:68:32:80:88:e6: 3b:5e:19:d5:28:92:c2:d8:81:ea:37:1d:ab:f5:e2: 36:7f:bf:14:bd:fc:99:1f:77:4b:09:77:44:53:9f: 98:56:06:f1:5b:a1:b8:b2:a0:08:34:e8:26:bf:92: a7:c8:e2:1e:73:b5:99:2e:e6:2c:bf:17:57:38:d9: 31:0e:4e:ab:b0:a3:91:2b:6d:c8:ba:26:b5:fc:d3: d1:5b:91:c3:f7:d0:5d:84:d0:38:cf:e0:5d:08:6a: bd:0d:f1:84:d7:96:0b:98:7e:04:ae:40:45:63:ee: 76:80:78:d8:22:8e:06:49:f7:4b:8a:c0:e2:c1:c2: ac:e1:7e:ba:12:93:88:34:7b:c4:e5:06:16:62:f5: d2:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:B5:4F:8E:28:53:74:5E:D3:29:B3:67:BF:A5:76:16:1C:42:93:17 X509v3 Authority Key Identifier: keyid:3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b9:25:aa:9d:91:c9:38:b5:3d:a4:17:b9:a9:e5:11:a7:4e:a8: b1:e6:05:26:23:d2:03:ae:5c:32:cb:62:b1:b0:bc:a4:bb:10: 9b:2a:c9:b3:73:99:df:82:a2:29:f1:50:5f:eb:54:cf:9d:55: a8:36:ed:9a:5a:cc:0d:0e:f4:cc:41:ec:75:a8:f5:83:f3:5a: 15:88:2d:86:9b:e4:a0:c7:df:61:d8:26:dd:54:cc:93:41:11: b4:37:f7:0a:5f:d9:d3:91:de:21:9b:c8:c3:47:68:c1:29:12: 0d:d2:2e:e6:3a:48:c6:81:a3:32:26:35:e7:f9:ba:bc:aa:ee: 15:e9:5c:52:93:53:c5:bc:1a:0e:d7:35:af:51:e9:51:ee:f6: 63:6f:6b:05:34:5f:30:4e:4c:2a:b5:85:98:7d:5b:7b:97:ca: db:c2:e5:c4:80:f2:ae:c3:0f:8b:70:a6:50:23:93:b6:9e:37: f7:e9:ed:80:0d:bc:73:4c:c2:08:15:4a:8f:d6:47:ce:fa:07: b7:72:18:d2:7c:84:54:92:bf:14:c3:84:ba:f6:93:bf:77:c4: 56:d2:49:87:c5:91:7a:1d:00:ef:e5:43:7c:70:0d:35:26:4c: 60:5d:97:a7:94:2b:46:fc:e2:fe:fb:9c:df:24:aa:bd:84:7c: a2:fd:c9:40 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCxPux2BuM+/QlhL2vskNGeAXth8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4 NUMzNUU0RjAeFw0yNTEyMjEwNDQ1NThaFw0yNTEyMjQxMTI2NThaMDMxMTAvBgNV BAMTKDBGQjU0RjhFMjg1Mzc0NUVEMzI5QjM2N0JGQTU3NjE2MUM0MjkzMTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiPlhJCH71OivJBtm76KRZZV3i P5FYvoD2i1bsO18HT/reVe3CejutcqXeplGmIMgy6F/WJ9zY7PvBLBXY7oOCW6B7 EkKH/fX9qpYacwh9vmefyM+vPTOzZD6V6DjIsUl3YiES+tKlYOoDAU3xv1SLpEho MoCI5jteGdUoksLYgeo3Hav14jZ/vxS9/Jkfd0sJd0RTn5hWBvFbobiyoAg06Ca/ kqfI4h5ztZku5iy/F1c42TEOTquwo5Erbci6JrX809FbkcP30F2E0DjP4F0Iar0N 8YTXlguYfgSuQEVj7naAeNgijgZJ90uKwOLBwqzhfroSk4g0e8TlBhZi9dIxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUD7VPjihTdF7TKbNnv6V2FhxCkxcwHwYDVR0j BBgwFoAUPXifr19+vmk4xMcj3NLu14XDXk8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZDk3MDAzMi0wOGVhLTQ4OTAtYmRiYS02MzA5YTQ5NzkxN2QvMC8zRDc4OUZBRjVG N0VCRTY5MzhDNEM3MjNEQ0QyRUVENzg1QzM1RTRGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4NUMz NUU0Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGQ5NzAwMzItMDhlYS00ODkwLWJk YmEtNjMwOWE0OTc5MTdkLzAvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVF RDc4NUMzNUU0Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALklqp2RyTi1PaQXuanlEadOqLHmBSYj0gOu XDLLYrGwvKS7EJsqybNzmd+CoinxUF/rVM+dVag27ZpazA0O9MxB7HWo9YPzWhWI LYab5KDH32HYJt1UzJNBEbQ39wpf2dOR3iGbyMNHaMEpEg3SLuY6SMaBozImNef5 uryq7hXpXFKTU8W8Gg7XNa9R6VHu9mNvawU0XzBOTCq1hZh9W3uXytvC5cSA8q7D D4twplAjk7aeN/fp7YANvHNMwggVSo/WR876B7dyGNJ8hFSSvxTDhLr2k793xFbS SYfFkXodAO/lQ3xwDTUmTGBdl6eUK0b84v77nN8kqr2EfKL9yUA= -----END CERTIFICATE-----Generated at Mon Dec 22 12:17:34 2025 by rpki-client