This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/4C44F6F543BDBB858D3656D41A36660407672BDE.mft File: 4C44F6F543BDBB858D3656D41A36660407672BDE.mft (raw, json) Hash identifier: 0PsmeusySxW+qOs7DhY5MUArwXnKwiqSfMJa/LDkrV4= Subject key identifier: 40:4C:8F:97:C6:62:91:27:A6:2D:B0:99:C4:9D:84:66:AE:88:2D:BC Authority key identifier: 4C:44:F6:F5:43:BD:BB:85:8D:36:56:D4:1A:36:66:04:07:67:2B:DE Certificate issuer: /CN=4C44F6F543BDBB858D3656D41A36660407672BDE Certificate serial: 06037DDC0A78C93B798BBE27FB2D9A867A0E477C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4C44F6F543BDBB858D3656D41A36660407672BDE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/4C44F6F543BDBB858D3656D41A36660407672BDE.mft Manifest number: 0286 Signing time: Sun 21 Dec 2025 22:21:38 +0000 Manifest this update: Sun 21 Dec 2025 22:16:38 +0000 Manifest next update: Thu 25 Dec 2025 09:27:38 +0000 Files and hashes: 1: 3130332e32392e3138352e302f32342d3234203d3e203536323630.roa (hash: vJ0JThPWN5z9ya3yGVitmhJSsuKICvURyRQCb1oSUaA=) 2: 3130332e31312e3130372e302f32342d3234203d3e203538343832.roa (hash: TW2RLqGqp5GMVEosRG1Cl0owKGLEGJyPDYB2l9dTN4E=) 3: 4C44F6F543BDBB858D3656D41A36660407672BDE.crl (hash: Zv8Z8JbVi3wIkCMpHosJ+YOhhoFOrIG5Yu/KwkK6E24=) 4: 3130332e31312e3130362e302f32342d3234203d3e203536323630.roa (hash: VWdyOYYTifudfSUwEVWa9ANGPIHpQabnls++DgVxljE=) 5: 3130332e32392e3138342e302f32332d3233203d3e203536323630.roa (hash: BmTBKF81iqbHECVQY3Ck/WKC+nTPpzrh6SVPoZTsvD4=) 6: 3130332e32392e3138342e302f32342d3234203d3e203536323630.roa (hash: LV0F6O0JrtgL58ARC8h1flo+UOdpKwAYXIa3PEvRfFg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/4C44F6F543BDBB858D3656D41A36660407672BDE.crl rsync://repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/4C44F6F543BDBB858D3656D41A36660407672BDE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4C44F6F543BDBB858D3656D41A36660407672BDE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Dec 2025 07:39:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:03:7d:dc:0a:78:c9:3b:79:8b:be:27:fb:2d:9a:86:7a:0e:47:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4C44F6F543BDBB858D3656D41A36660407672BDE Validity Not Before: Dec 21 22:16:38 2025 GMT Not After : Dec 25 09:27:38 2025 GMT Subject: CN=404C8F97C6629127A62DB099C49D8466AE882DBC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b4:b5:35:fa:ad:b3:ff:ff:61:52:b2:a4:02: 7f:30:7d:2c:8c:c2:4d:6a:98:ed:4e:6f:f6:68:f8: 81:5d:a9:d1:45:b5:c4:a9:2b:e8:37:ec:f6:65:e8: c6:99:bc:ed:03:a5:dc:fd:9c:12:0a:7a:2d:9f:b0: 10:3c:ae:ac:b6:83:78:2f:1b:cc:29:11:ae:b1:66: 0d:db:b4:f5:33:dd:6a:ce:2b:ba:0c:0f:c3:29:2f: cb:ee:f9:3e:b7:20:44:c5:84:dc:97:44:9f:ad:52: 55:fd:24:9a:59:a3:fe:07:71:9c:f9:2e:ea:61:17: 3d:08:9b:35:80:e2:df:6d:d2:45:8d:a4:55:eb:88: 8a:01:24:c8:74:ca:ca:97:47:71:71:8f:bd:25:31: 0d:c3:06:7d:28:6e:36:49:e6:4f:01:35:9e:f2:c5: 0a:08:25:21:d8:cd:bc:bc:9b:eb:84:60:ea:ce:92: 55:5d:8a:ef:7b:77:f5:b8:0e:bd:19:9e:e5:e7:42: bc:b7:db:4f:9c:f2:f7:2c:32:ee:cf:db:82:de:7a: a2:4c:e7:69:8a:f5:89:98:08:fa:ff:61:b1:1e:e8: d6:bf:bf:48:bd:45:eb:a5:1d:f2:f5:14:39:29:ea: 17:9f:5b:23:6e:55:36:df:5e:f4:83:b4:92:8e:3f: cc:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:4C:8F:97:C6:62:91:27:A6:2D:B0:99:C4:9D:84:66:AE:88:2D:BC X509v3 Authority Key Identifier: keyid:4C:44:F6:F5:43:BD:BB:85:8D:36:56:D4:1A:36:66:04:07:67:2B:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/4C44F6F543BDBB858D3656D41A36660407672BDE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4C44F6F543BDBB858D3656D41A36660407672BDE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/85f2c66c-1f87-4d98-a467-3218b645b3ac/0/4C44F6F543BDBB858D3656D41A36660407672BDE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:d9:59:38:d4:3b:cf:a3:13:d0:d7:c4:86:7f:ad:e1:3c:49: 6c:2e:72:7e:8d:78:65:5b:e7:8e:01:a8:6f:a8:63:9f:c6:0b: 46:97:85:ab:51:c2:cc:4c:7d:9a:06:8a:40:a3:24:cf:98:03: b2:99:82:5b:e4:00:2e:e1:59:bb:ab:c9:11:08:9a:a1:bc:f1: 02:37:c7:77:e5:d4:96:a5:31:4b:1e:0f:9e:d3:c9:1e:a2:6c: a9:3b:7f:c5:2f:4a:2b:b0:49:e7:06:12:78:bc:22:13:36:e7: b8:f6:ef:2e:78:ea:ff:68:6f:20:8b:77:a4:37:df:78:17:68: c7:66:ff:d7:68:63:9a:d1:01:20:cf:2e:b7:26:05:6e:51:13: 28:8a:96:69:a9:ea:83:55:74:57:0e:54:ce:ec:49:ca:47:e5: 21:84:1d:ae:09:27:08:85:13:d2:87:5e:49:11:d5:6c:e8:a7: 37:fa:03:bd:86:68:81:5b:20:15:1b:43:e7:57:34:f1:a6:1f: 0c:0d:73:ab:e9:de:5c:11:88:77:29:4f:4b:16:3a:4a:2c:40: ea:34:56:be:28:1f:fc:7c:ca:2c:a7:53:18:be:6d:47:77:9e: 96:f4:eb:c8:13:14:0a:a1:02:15:b8:cb:a9:d8:25:89:ce:c8: c1:0e:b0:fe -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBgN93Ap4yTt5i74n+y2ahnoOR3wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEM0NEY2RjU0M0JEQkI4NThEMzY1NkQ0MUEzNjY2MDQw NzY3MkJERTAeFw0yNTEyMjEyMjE2MzhaFw0yNTEyMjUwOTI3MzhaMDMxMTAvBgNV BAMTKDQwNEM4Rjk3QzY2MjkxMjdBNjJEQjA5OUM0OUQ4NDY2QUU4ODJEQkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCstLU1+q2z//9hUrKkAn8wfSyM wk1qmO1Ob/Zo+IFdqdFFtcSpK+g37PZl6MaZvO0Dpdz9nBIKei2fsBA8rqy2g3gv G8wpEa6xZg3btPUz3WrOK7oMD8MpL8vu+T63IETFhNyXRJ+tUlX9JJpZo/4HcZz5 LuphFz0ImzWA4t9t0kWNpFXriIoBJMh0ysqXR3Fxj70lMQ3DBn0objZJ5k8BNZ7y xQoIJSHYzby8m+uEYOrOklVdiu97d/W4Dr0ZnuXnQry320+c8vcsMu7P24LeeqJM 52mK9YmYCPr/YbEe6Na/v0i9ReulHfL1FDkp6hefWyNuVTbfXvSDtJKOP8wRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQEyPl8ZikSemLbCZxJ2EZq6ILbwwHwYDVR0j BBgwFoAUTET29UO9u4WNNlbUGjZmBAdnK94wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NWYyYzY2Yy0xZjg3LTRkOTgtYTQ2Ny0zMjE4YjY0NWIzYWMvMC80QzQ0RjZGNTQz QkRCQjg1OEQzNjU2RDQxQTM2NjYwNDA3NjcyQkRFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEM0NEY2RjU0M0JEQkI4NThEMzY1NkQ0MUEzNjY2MDQwNzY3 MkJERS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODVmMmM2NmMtMWY4Ny00ZDk4LWE0 NjctMzIxOGI2NDViM2FjLzAvNEM0NEY2RjU0M0JEQkI4NThEMzY1NkQ0MUEzNjY2 MDQwNzY3MkJERS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHDZWTjUO8+jE9DXxIZ/reE8SWwucn6NeGVb 544BqG+oY5/GC0aXhatRwsxMfZoGikCjJM+YA7KZglvkAC7hWburyREImqG88QI3 x3fl1JalMUseD57TyR6ibKk7f8UvSiuwSecGEni8IhM257j27y546v9obyCLd6Q3 33gXaMdm/9doY5rRASDPLrcmBW5REyiKlmmp6oNVdFcOVM7sScpH5SGEHa4JJwiF E9KHXkkR1Wzopzf6A72GaIFbIBUbQ+dXNPGmHwwNc6vp3lwRiHcpT0sWOkosQOo0 Vr4oH/x8yiynUxi+bUd3npb068gTFAqhAhW4y6nYJYnOyMEOsP4= -----END CERTIFICATE-----Generated at Tue Dec 23 18:54:29 2025 by rpki-client