This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft File: 36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft (raw, json) Hash identifier: 0ffjSE1aEYrZPPR2AGNAGOzAdWw7cFgmD31+Ju1R8dY= Subject key identifier: 2D:C2:B0:4B:60:8A:3A:2B:6F:C8:3F:DB:78:B5:B6:C4:67:75:AE:DE Authority key identifier: 36:E6:8E:2A:26:4E:18:BF:D9:F4:9E:47:2D:0D:26:7E:E4:9E:8A:17 Certificate issuer: /CN=36E68E2A264E18BFD9F49E472D0D267EE49E8A17 Certificate serial: 0EEEF3A7E43FB8CC475E84F441F2AAF22A3BC5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.cer Subject info access: rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft Manifest number: 038A Signing time: Sat 20 Dec 2025 09:32:18 +0000 Manifest this update: Sat 20 Dec 2025 09:27:18 +0000 Manifest next update: Tue 23 Dec 2025 13:52:18 +0000 Files and hashes: 1: 3130332e3136392e3133322e302f32342d3234203d3e20313432333431.roa (hash: mdAnNzPQX1fBQRxqx/liQc+y8HoOIQ1ZRmWeSXm/9lE=) 2: 3130332e3136392e3133322e302f32332d3233203d3e20313432333431.roa (hash: OqgAqdXTkd1D2NhPAZ/UZhCfurgUG69NUxmVZKteHcQ=) 3: 36E68E2A264E18BFD9F49E472D0D267EE49E8A17.crl (hash: XRUN7joqgYCaWSqMfj6JasnuiGKo2+F9W8NxWH7T3No=) 4: 3130332e3136392e3133332e302f32342d3234203d3e20313432333431.roa (hash: XIli98cQ5DslYaylLZi+5Ts9pki82Z8fAKzqEWLUjbk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.crl rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 13:52:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:ee:f3:a7:e4:3f:b8:cc:47:5e:84:f4:41:f2:aa:f2:2a:3b:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36E68E2A264E18BFD9F49E472D0D267EE49E8A17 Validity Not Before: Dec 20 09:27:18 2025 GMT Not After : Dec 23 13:52:18 2025 GMT Subject: CN=2DC2B04B608A3A2B6FC83FDB78B5B6C46775AEDE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:42:5b:c9:fd:f5:4d:cc:af:fa:9d:b0:04:e2: ea:1c:3f:26:6b:93:65:25:fc:35:0f:54:6b:a0:91: 68:f6:2a:04:95:2e:49:55:3f:a9:86:9a:cb:33:dc: 5f:02:cd:6f:24:6e:51:2d:d6:56:fd:db:4b:2c:1f: 5a:8b:4d:29:a6:1a:8d:2c:cb:f5:59:94:91:bf:39: 22:51:fa:11:76:cf:6f:6d:56:d6:10:e4:50:2e:85: c1:3a:3c:12:89:64:ac:2e:d3:18:e9:09:4f:74:4d: 43:0a:54:52:9f:4f:c2:70:0e:d5:3a:da:c6:2b:b3: ff:cb:1e:8f:b1:04:87:98:cb:ab:81:f2:cb:66:91: 7b:20:94:89:6a:93:bb:68:32:05:ad:bd:96:1d:78: 43:dc:2a:e2:9c:f2:16:83:d6:98:b7:98:ca:20:f7: 96:dc:8c:d3:d8:73:0b:23:7b:73:7b:96:f8:d0:1c: 61:74:36:94:c4:ea:4c:b3:33:51:83:f5:29:c0:77: 1f:f4:ae:d1:eb:36:88:e7:de:69:0c:a4:02:4c:14: 44:09:1e:6b:48:61:ed:db:87:8e:18:f2:05:8b:53: f4:94:05:fb:1b:66:09:37:84:31:be:16:cf:9b:df: bd:42:55:37:07:d2:d7:63:0a:da:4e:37:4f:64:f8: 12:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:C2:B0:4B:60:8A:3A:2B:6F:C8:3F:DB:78:B5:B6:C4:67:75:AE:DE X509v3 Authority Key Identifier: keyid:36:E6:8E:2A:26:4E:18:BF:D9:F4:9E:47:2D:0D:26:7E:E4:9E:8A:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:0e:55:c7:f5:fd:bf:a2:de:df:02:4c:9f:f0:18:0d:8f:6a: d8:ca:5b:dc:0e:41:cc:78:77:c6:40:39:76:47:4c:03:56:ca: 31:0c:a0:4f:cb:e4:91:5a:57:75:3d:15:14:ca:b2:a6:bb:b4: 9e:65:ab:ec:cf:30:f0:fc:d5:d8:2e:b2:6b:7c:fb:ec:41:f4: bf:2c:b6:b4:f3:b2:c3:e5:d3:40:1b:21:4e:51:09:64:24:8a: 5c:40:e2:8d:27:77:61:6a:e9:91:54:56:93:98:b9:1f:bf:a1: 66:cc:08:fe:18:bd:e5:58:14:40:24:9b:2f:85:14:91:d5:f7: 24:59:03:d5:0f:5d:fb:d6:19:4f:22:98:50:52:64:ca:33:a9: 50:e0:04:07:dd:5b:f7:dc:ed:8d:e2:33:6b:30:d2:87:01:49: e1:a2:93:a0:69:14:15:ed:3d:47:86:58:23:72:34:17:94:31: aa:7c:05:41:da:18:e1:c0:f9:6a:54:87:08:54:49:34:a1:51: cf:90:ec:93:22:ac:a8:57:ee:d8:b9:3d:ab:76:8f:89:aa:c2: 22:d2:46:cd:e9:7c:48:2f:32:7f:05:32:53:4a:0a:34:9c:74: a0:98:c6:8b:e8:3e:a2:b6:ca:69:80:a9:2b:f4:9b:23:36:36: e5:cd:2b:88 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgITDu7zp+Q/uMxHXoT0QfKq8io7xTANBgkqhkiG9w0BAQsF ADAzMTEwLwYDVQQDEygzNkU2OEUyQTI2NEUxOEJGRDlGNDlFNDcyRDBEMjY3RUU0 OUU4QTE3MB4XDTI1MTIyMDA5MjcxOFoXDTI1MTIyMzEzNTIxOFowMzExMC8GA1UE AxMoMkRDMkIwNEI2MDhBM0EyQjZGQzgzRkRCNzhCNUI2QzQ2Nzc1QUVERTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRCW8n99U3Mr/qdsATi6hw/JmuT ZSX8NQ9Ua6CRaPYqBJUuSVU/qYaayzPcXwLNbyRuUS3WVv3bSywfWotNKaYajSzL 9VmUkb85IlH6EXbPb21W1hDkUC6FwTo8EolkrC7TGOkJT3RNQwpUUp9PwnAO1Tra xiuz/8sej7EEh5jLq4Hyy2aReyCUiWqTu2gyBa29lh14Q9wq4pzyFoPWmLeYyiD3 ltyM09hzCyN7c3uW+NAcYXQ2lMTqTLMzUYP1KcB3H/Su0es2iOfeaQykAkwURAke a0hh7duHjhjyBYtT9JQF+xtmCTeEMb4Wz5vfvUJVNwfS12MK2k43T2T4Ei8CAwEA AaOCAjwwggI4MB0GA1UdDgQWBBQtwrBLYIo6K2/IP9t4tbbEZ3Wu3jAfBgNVHSME GDAWgBQ25o4qJk4Yv9n0nkctDSZ+5J6KFzAOBgNVHQ8BAf8EBAMCB4AwgYUGA1Ud HwR+MHwweqB4oHaGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg3 ZDIwMzFiLTI3NjEtNGMzNi1iNjkwLTViNjlkMTU2OWJhZS8wLzM2RTY4RTJBMjY0 RTE4QkZEOUY0OUU0NzJEMEQyNjdFRTQ5RThBMTcuY3JsMHQGCCsGAQUFBwEBBGgw ZjBkBggrBgEFBQcwAoZYcnN5bmM6Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8v SUROSUMtSUQvMi8zNkU2OEUyQTI2NEUxOEJGRDlGNDlFNDcyRDBEMjY3RUU0OUU4 QTE3LmNlcjCBkwYIKwYBBQUHAQsEgYYwgYMwgYAGCCsGAQUFBzALhnRyc3luYzov L3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84N2QyMDMxYi0yNzYxLTRjMzYtYjY5 MC01YjY5ZDE1NjliYWUvMC8zNkU2OEUyQTI2NEUxOEJGRDlGNDlFNDcyRDBEMjY3 RUU0OUU4QTE3Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADANBgkqhkiG9w0BAQsFAAOCAQEAYQ5Vx/X9v6Le3wJMn/AYDY9q2Mpb3A5BzHh3 xkA5dkdMA1bKMQygT8vkkVpXdT0VFMqypru0nmWr7M8w8PzV2C6ya3z77EH0vyy2 tPOyw+XTQBshTlEJZCSKXEDijSd3YWrpkVRWk5i5H7+hZswI/hi95VgUQCSbL4UU kdX3JFkD1Q9d+9YZTyKYUFJkyjOpUOAEB91b99ztjeIzazDShwFJ4aKToGkUFe09 R4ZYI3I0F5QxqnwFQdoY4cD5alSHCFRJNKFRz5DskyKsqFfu2Lk9q3aPiarCItJG zel8SC8yfwUyU0oKNJx0oJjGi+g+orbKaYCpK/SbIzY25c0riA== -----END CERTIFICATE-----Generated at Mon Dec 22 08:06:48 2025 by rpki-client