This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/740883f3-457a-4c14-9577-67e150a2b12a/0/D2EA420344F486935839E03DF1B3C237F295C2DE.mft File: D2EA420344F486935839E03DF1B3C237F295C2DE.mft (raw, json) Hash identifier: Z12YyecowOxgxcWwntW2Xc9yeTIvSHQ/yYOD3Ki8BXk= Subject key identifier: 3E:49:9B:50:66:75:53:AE:B8:A6:7C:35:E8:EB:91:E9:02:45:70:AA Authority key identifier: D2:EA:42:03:44:F4:86:93:58:39:E0:3D:F1:B3:C2:37:F2:95:C2:DE Certificate issuer: /CN=D2EA420344F486935839E03DF1B3C237F295C2DE Certificate serial: 4D6590BB75F35868E5621B9577653E6A6F11AD27 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2EA420344F486935839E03DF1B3C237F295C2DE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/740883f3-457a-4c14-9577-67e150a2b12a/0/D2EA420344F486935839E03DF1B3C237F295C2DE.mft Manifest number: 0502 Signing time: Wed 17 Dec 2025 03:51:52 +0000 Manifest this update: Wed 17 Dec 2025 03:46:52 +0000 Manifest next update: Sat 20 Dec 2025 14:14:52 +0000 Files and hashes: 1: 3130332e3131302e3132302e302f32322d3234203d3e20313337333230.roa (hash: Z1/0hxtcuucuwACdWQq+JfghAHLR9fBRu9+nQ76ie1Y=) 2: 323430323a386163303a3a2f33322d3438203d3e20313337333230.roa (hash: oHAd0vkxRqWyozAmCufOZ+4unG6aZz/EmEBi8K1zkKg=) 3: D2EA420344F486935839E03DF1B3C237F295C2DE.crl (hash: 69qQ8jRrgeU/hdvRceulS5TZsK7q2KKZYQjY/KSJ080=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/740883f3-457a-4c14-9577-67e150a2b12a/0/D2EA420344F486935839E03DF1B3C237F295C2DE.crl rsync://repo-rpki.idnic.net/repo/740883f3-457a-4c14-9577-67e150a2b12a/0/D2EA420344F486935839E03DF1B3C237F295C2DE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2EA420344F486935839E03DF1B3C237F295C2DE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 14:14:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:65:90:bb:75:f3:58:68:e5:62:1b:95:77:65:3e:6a:6f:11:ad:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2EA420344F486935839E03DF1B3C237F295C2DE Validity Not Before: Dec 17 03:46:52 2025 GMT Not After : Dec 20 14:14:52 2025 GMT Subject: CN=3E499B50667553AEB8A67C35E8EB91E9024570AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:14:a4:6c:f3:08:ca:88:61:7c:93:c5:9c:88: 09:6e:1b:64:78:30:96:6d:bd:32:9d:eb:27:9d:36: df:72:0e:9e:9d:23:5a:6a:a5:87:40:5a:45:56:0d: f3:91:0c:e1:bb:3a:4f:d1:ae:d1:b7:f5:20:61:7f: 8a:7a:da:96:12:35:0e:fb:b1:bc:d1:5e:ef:36:3b: 2e:9e:84:7e:ee:79:af:ae:33:b1:d7:cb:92:32:f3: 6d:6d:08:79:b1:f1:4e:c3:1d:8f:31:d2:4d:bb:8a: 03:0d:a4:f7:25:35:48:f9:db:f4:ae:4e:2a:23:14: 4e:af:e6:ca:bb:83:ee:3f:34:83:5d:ea:3d:b4:b9: b7:5e:dd:f3:89:96:ce:62:bb:90:b8:7b:ad:ec:36: 3d:6d:c1:33:cf:4d:be:ed:2c:93:01:f9:b0:54:a8: ab:5f:c6:ae:49:44:cf:02:5d:11:77:78:90:98:d4: b1:57:b9:7d:d7:64:aa:bf:74:29:fd:57:82:f8:42: a1:ff:ec:40:55:eb:ef:40:7a:0c:9d:78:3b:3e:23: 88:4c:4d:0e:6b:22:9f:64:11:23:54:8d:bd:4c:8b: ca:da:4a:6a:69:a1:92:4e:f2:eb:cf:a0:6c:87:29: 38:74:b9:16:0d:26:49:75:2d:9a:df:d3:7c:50:e5: f8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:49:9B:50:66:75:53:AE:B8:A6:7C:35:E8:EB:91:E9:02:45:70:AA X509v3 Authority Key Identifier: keyid:D2:EA:42:03:44:F4:86:93:58:39:E0:3D:F1:B3:C2:37:F2:95:C2:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/740883f3-457a-4c14-9577-67e150a2b12a/0/D2EA420344F486935839E03DF1B3C237F295C2DE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2EA420344F486935839E03DF1B3C237F295C2DE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/740883f3-457a-4c14-9577-67e150a2b12a/0/D2EA420344F486935839E03DF1B3C237F295C2DE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:b3:0b:7c:28:ea:61:2f:84:78:e1:99:2e:1c:f0:4c:b0:2c: 0d:68:b6:6b:80:fc:b3:a1:e5:93:b0:49:80:95:a3:2d:00:90: c8:cc:72:20:d8:ae:c8:c2:69:e2:0c:6f:53:53:04:cf:20:05: dd:49:98:b3:bf:b4:c9:9b:79:e9:14:e2:f1:c6:5e:36:5b:b1: 0d:89:c5:48:96:1d:93:68:4c:f7:cf:45:53:79:51:56:6e:ac: 94:98:8e:64:86:0e:4b:24:14:25:24:12:6a:5b:83:46:04:9b: fe:e2:08:b3:14:cc:aa:2c:c5:ca:90:9b:3e:03:71:5b:09:e5: 1f:b8:6d:6e:e5:52:09:7b:b6:84:eb:2a:40:60:4b:93:b6:f2: f5:33:91:6a:6a:8c:d3:18:5c:bb:59:e8:e8:69:fc:8b:a5:0b: 50:62:01:f1:38:2c:67:24:f5:83:e7:b5:9b:3f:3e:3d:c0:2f: 02:3a:83:ed:ad:39:3c:56:43:34:97:bf:a3:80:86:98:24:1a: 1d:79:36:6f:7a:68:8d:f1:c2:2e:8d:04:7e:32:2c:52:6d:19: 83:8d:41:97:5a:fa:c7:ae:c8:b8:8b:94:a8:64:34:38:f4:79: 29:0e:fd:0b:65:d0:b9:22:f6:e7:08:43:c1:45:f0:17:52:ad: ed:c6:e0:25 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUTWWQu3XzWGjlYhuVd2U+am8RrScwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDJFQTQyMDM0NEY0ODY5MzU4MzlFMDNERjFCM0MyMzdG Mjk1QzJERTAeFw0yNTEyMTcwMzQ2NTJaFw0yNTEyMjAxNDE0NTJaMDMxMTAvBgNV BAMTKDNFNDk5QjUwNjY3NTUzQUVCOEE2N0MzNUU4RUI5MUU5MDI0NTcwQUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzFKRs8wjKiGF8k8WciAluG2R4 MJZtvTKd6yedNt9yDp6dI1pqpYdAWkVWDfORDOG7Ok/RrtG39SBhf4p62pYSNQ77 sbzRXu82Oy6ehH7uea+uM7HXy5Iy821tCHmx8U7DHY8x0k27igMNpPclNUj52/Su TiojFE6v5sq7g+4/NINd6j20ubde3fOJls5iu5C4e63sNj1twTPPTb7tLJMB+bBU qKtfxq5JRM8CXRF3eJCY1LFXuX3XZKq/dCn9V4L4QqH/7EBV6+9AegydeDs+I4hM TQ5rIp9kESNUjb1Mi8raSmppoZJO8uvPoGyHKTh0uRYNJkl1LZrf03xQ5fhDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUPkmbUGZ1U664pnw16OuR6QJFcKowHwYDVR0j BBgwFoAU0upCA0T0hpNYOeA98bPCN/KVwt4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 NDA4ODNmMy00NTdhLTRjMTQtOTU3Ny02N2UxNTBhMmIxMmEvMC9EMkVBNDIwMzQ0 RjQ4NjkzNTgzOUUwM0RGMUIzQzIzN0YyOTVDMkRFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDJFQTQyMDM0NEY0ODY5MzU4MzlFMDNERjFCM0MyMzdGMjk1 QzJERS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzQwODgzZjMtNDU3YS00YzE0LTk1 NzctNjdlMTUwYTJiMTJhLzAvRDJFQTQyMDM0NEY0ODY5MzU4MzlFMDNERjFCM0My MzdGMjk1QzJERS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEKzC3wo6mEvhHjhmS4c8EywLA1otmuA/LOh 5ZOwSYCVoy0AkMjMciDYrsjCaeIMb1NTBM8gBd1JmLO/tMmbeekU4vHGXjZbsQ2J xUiWHZNoTPfPRVN5UVZurJSYjmSGDkskFCUkEmpbg0YEm/7iCLMUzKosxcqQmz4D cVsJ5R+4bW7lUgl7toTrKkBgS5O28vUzkWpqjNMYXLtZ6Ohp/IulC1BiAfE4LGck 9YPntZs/Pj3ALwI6g+2tOTxWQzSXv6OAhpgkGh15Nm96aI3xwi6NBH4yLFJtGYON QZda+seuyLiLlKhkNDj0eSkO/Qtl0Lki9ucIQ8FF8BdSre3G4CU= -----END CERTIFICATE-----Generated at Fri Dec 19 18:15:05 2025 by rpki-client