This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/67db23b7-9159-46c7-8853-06654ae47aed/0/20ABF702057AD5F01207F6C578160654EB44C914.mft File: 20ABF702057AD5F01207F6C578160654EB44C914.mft (raw, json) Hash identifier: SfsFZLPDSSpM8jvC1+gd8ISOfYRXAuuiGzQcXNGCeHE= Subject key identifier: C2:3C:A0:37:C1:CB:64:29:2A:86:30:A5:70:7E:6F:C2:14:F9:C7:EC Authority key identifier: 20:AB:F7:02:05:7A:D5:F0:12:07:F6:C5:78:16:06:54:EB:44:C9:14 Certificate issuer: /CN=20ABF702057AD5F01207F6C578160654EB44C914 Certificate serial: 3DF11F06FC61C7B234CBC27A08C08056A81EA674 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20ABF702057AD5F01207F6C578160654EB44C914.cer Subject info access: rsync://repo-rpki.idnic.net/repo/67db23b7-9159-46c7-8853-06654ae47aed/0/20ABF702057AD5F01207F6C578160654EB44C914.mft Manifest number: 01FC Signing time: Tue 23 Dec 2025 08:20:43 +0000 Manifest this update: Tue 23 Dec 2025 08:15:43 +0000 Manifest next update: Fri 26 Dec 2025 14:29:43 +0000 Files and hashes: 1: 3130332e3230392e312e302f32342d3234203d3e20313334363530.roa (hash: giWrIN8j+wY4pRI/HaMvfZbbTtdidSjlnNRfZ7I7NOU=) 2: 20ABF702057AD5F01207F6C578160654EB44C914.crl (hash: 2FfpGiyIEFn9QVrPM9OBE6FsstAWCc2IJe6gp9h7pnw=) 3: 3130332e3136342e38302e302f32342d3234203d3e20313334363530.roa (hash: OD/D5T7a6GncQciIiADZaQN4vuFZ+yDbdXQnN4HIA9Q=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/67db23b7-9159-46c7-8853-06654ae47aed/0/20ABF702057AD5F01207F6C578160654EB44C914.crl rsync://repo-rpki.idnic.net/repo/67db23b7-9159-46c7-8853-06654ae47aed/0/20ABF702057AD5F01207F6C578160654EB44C914.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20ABF702057AD5F01207F6C578160654EB44C914.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 14:29:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:f1:1f:06:fc:61:c7:b2:34:cb:c2:7a:08:c0:80:56:a8:1e:a6:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20ABF702057AD5F01207F6C578160654EB44C914 Validity Not Before: Dec 23 08:15:43 2025 GMT Not After : Dec 26 14:29:43 2025 GMT Subject: CN=C23CA037C1CB64292A8630A5707E6FC214F9C7EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:9a:73:8f:d9:cd:49:ad:c5:e7:b9:ab:df:3e: c6:65:e4:41:db:6f:7e:f0:95:ba:df:f4:b5:d5:42: 3b:73:b6:d2:d6:ab:36:3f:44:67:92:7f:b0:0e:61: ff:c1:7e:09:b5:c8:9f:f4:4c:6f:d2:c4:b2:17:08: db:7e:33:0d:bc:df:b9:d0:f3:99:39:23:0b:3d:fc: 19:bc:1f:71:77:16:2f:c6:a3:1b:9e:29:da:43:2c: e1:98:7d:50:11:23:66:9e:c2:c8:6d:aa:c8:40:1f: dd:b1:7c:19:32:05:c8:4b:71:0f:43:f7:d0:2e:6b: fd:a0:8a:74:b4:b0:02:bc:fd:c4:91:05:af:6f:17: bb:af:8d:9d:ed:89:e7:a8:99:be:4d:b0:0e:bc:f7: dd:b4:c3:41:75:29:2e:68:a2:96:22:a1:7b:27:66: 7b:b0:73:d0:41:a4:65:49:9c:34:25:af:b6:64:e3: cb:58:e4:89:07:b9:9e:5a:6c:a9:82:6a:9d:da:50: a5:f3:06:f8:d1:1d:e9:b7:aa:a3:03:ce:6e:25:aa: 45:fc:b7:24:29:01:38:52:ee:25:f8:8a:43:13:57: ef:ab:54:21:c9:30:10:0b:25:be:93:c1:e4:bd:ba: 0a:ca:cf:e9:17:3a:68:0d:ab:c2:1f:8f:7d:03:e9: f2:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:3C:A0:37:C1:CB:64:29:2A:86:30:A5:70:7E:6F:C2:14:F9:C7:EC X509v3 Authority Key Identifier: keyid:20:AB:F7:02:05:7A:D5:F0:12:07:F6:C5:78:16:06:54:EB:44:C9:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/67db23b7-9159-46c7-8853-06654ae47aed/0/20ABF702057AD5F01207F6C578160654EB44C914.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20ABF702057AD5F01207F6C578160654EB44C914.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/67db23b7-9159-46c7-8853-06654ae47aed/0/20ABF702057AD5F01207F6C578160654EB44C914.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:ee:d5:53:c1:8a:86:66:ca:18:2c:40:74:a2:93:97:74:22: 9f:25:c0:a6:b3:b9:ed:36:e2:82:1c:db:4e:a2:33:8a:19:00: 4a:49:c9:22:03:d5:e6:37:7a:34:ad:ef:68:b8:a2:56:f7:2d: 4f:72:52:24:a2:74:d7:e0:8d:de:d0:3b:55:58:2c:28:de:e7: 1c:43:66:7f:67:bd:02:b7:7c:84:e4:6b:ab:63:73:35:c8:07: 6e:f5:48:00:17:fc:cf:a5:c0:c4:3b:fc:b7:55:8c:aa:ae:a0: 14:08:3f:ed:3c:98:91:38:82:69:70:86:d5:8c:14:4a:f3:dd: 2e:a9:cb:ac:3d:66:4c:ba:b2:90:e9:20:a3:61:1e:89:e1:23: ef:49:49:46:56:f2:fa:34:60:7f:6d:1e:4d:a7:bb:0d:47:d9: 66:20:e9:2c:d0:5c:3d:81:a3:ee:55:7f:1c:75:ab:83:76:b6: 66:0c:ef:73:78:d9:be:3d:70:9e:32:dd:16:66:60:57:89:29: 2f:71:8f:ce:d5:7a:a6:9c:2f:0a:24:6c:28:1a:35:53:61:dc: 5b:20:a0:80:99:8d:3f:b1:9d:a3:48:7f:50:97:38:14:01:a5: 38:23:da:70:b0:b4:90:cc:7e:d6:f5:cd:05:ee:4b:55:98:c5: e6:4f:f9:cb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPfEfBvxhx7I0y8J6CMCAVqgepnQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBBQkY3MDIwNTdBRDVGMDEyMDdGNkM1NzgxNjA2NTRF QjQ0QzkxNDAeFw0yNTEyMjMwODE1NDNaFw0yNTEyMjYxNDI5NDNaMDMxMTAvBgNV BAMTKEMyM0NBMDM3QzFDQjY0MjkyQTg2MzBBNTcwN0U2RkMyMTRGOUM3RUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEmnOP2c1JrcXnuavfPsZl5EHb b37wlbrf9LXVQjtzttLWqzY/RGeSf7AOYf/Bfgm1yJ/0TG/SxLIXCNt+Mw2837nQ 85k5Iws9/Bm8H3F3Fi/GoxueKdpDLOGYfVARI2aewshtqshAH92xfBkyBchLcQ9D 99Aua/2ginS0sAK8/cSRBa9vF7uvjZ3tieeomb5NsA689920w0F1KS5oopYioXsn Znuwc9BBpGVJnDQlr7Zk48tY5IkHuZ5abKmCap3aUKXzBvjRHem3qqMDzm4lqkX8 tyQpAThS7iX4ikMTV++rVCHJMBALJb6TweS9ugrKz+kXOmgNq8Ifj30D6fKXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUwjygN8HLZCkqhjClcH5vwhT5x+wwHwYDVR0j BBgwFoAUIKv3AgV61fASB/bFeBYGVOtEyRQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 N2RiMjNiNy05MTU5LTQ2YzctODg1My0wNjY1NGFlNDdhZWQvMC8yMEFCRjcwMjA1 N0FENUYwMTIwN0Y2QzU3ODE2MDY1NEVCNDRDOTE0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBBQkY3MDIwNTdBRDVGMDEyMDdGNkM1NzgxNjA2NTRFQjQ0 QzkxNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjdkYjIzYjctOTE1OS00NmM3LTg4 NTMtMDY2NTRhZTQ3YWVkLzAvMjBBQkY3MDIwNTdBRDVGMDEyMDdGNkM1NzgxNjA2 NTRFQjQ0QzkxNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHvu1VPBioZmyhgsQHSik5d0Ip8lwKazue02 4oIc206iM4oZAEpJySID1eY3ejSt72i4olb3LU9yUiSidNfgjd7QO1VYLCje5xxD Zn9nvQK3fITka6tjczXIB271SAAX/M+lwMQ7/LdVjKquoBQIP+08mJE4gmlwhtWM FErz3S6py6w9Zky6spDpIKNhHonhI+9JSUZW8vo0YH9tHk2nuw1H2WYg6SzQXD2B o+5Vfxx1q4N2tmYM73N42b49cJ4y3RZmYFeJKS9xj87VeqacLwokbCgaNVNh3Fsg oICZjT+xnaNIf1CXOBQBpTgj2nCwtJDMftb1zQXuS1WYxeZP+cs= -----END CERTIFICATE-----Generated at Thu Dec 25 07:08:17 2025 by rpki-client