This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/90de231f-fb8a-427a-aa36-0a3fc972328d/0/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.mft File: 4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.mft (raw, json) Hash identifier: C9wQW7vUwnuqww8JqROr7LzYJGSAMZqM13D35IHHsH8= Subject key identifier: 86:68:02:C9:D2:52:4B:F1:A1:FB:1D:2F:19:0E:90:18:44:43:9B:FF Authority key identifier: 4D:EF:BD:D9:85:4B:E8:D1:E2:8F:73:30:A0:B8:02:C3:EE:6A:D1:F9 Certificate issuer: /CN=4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9 Certificate serial: 4FA0DC197BFA9E5F8B452028864B78D2F395433F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/90de231f-fb8a-427a-aa36-0a3fc972328d/0/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.mft Manifest number: 0540 Signing time: Sat 20 Dec 2025 12:10:02 +0000 Manifest this update: Sat 20 Dec 2025 12:05:02 +0000 Manifest next update: Tue 23 Dec 2025 22:49:02 +0000 Files and hashes: 1: 3130332e3132352e3131372e302f32342d3234203d3e20313338313032.roa (hash: DvXqXB3KDxEUrIvLC7HCxRYW39FKt6kOul7sjWDdzKs=) 2: 3130332e3132352e3131362e302f32342d3234203d3e20313338313032.roa (hash: Rijq6K1g57KijomhL6W8vMskGlfJbmrteuOacH80VQM=) 3: 3130332e3132352e3131382e302f32342d3234203d3e20313338313032.roa (hash: hxX9wVbrBCOouQsOFqq88JkVfKelw0pXrTTftPM/8Pg=) 4: 4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.crl (hash: 3sGjEGh8+hqD5JDtqhf2kYWFu0t5EP24r5Nk5aH213k=) 5: 3130332e3132352e3131392e302f32342d3234203d3e20313338313032.roa (hash: yF5QYDSmZl11Br5OhVCNQy6ELbgnz0I3Y8PMUZejcuI=) 6: 3130332e3132352e3131362e302f32322d3232203d3e20313338313032.roa (hash: ap/TAn2i+zkksu9/CGCNCkYifXPZgmxnJOJkOH4ZWr8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/90de231f-fb8a-427a-aa36-0a3fc972328d/0/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.crl rsync://repo-rpki.idnic.net/repo/90de231f-fb8a-427a-aa36-0a3fc972328d/0/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 22:49:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:a0:dc:19:7b:fa:9e:5f:8b:45:20:28:86:4b:78:d2:f3:95:43:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9 Validity Not Before: Dec 20 12:05:02 2025 GMT Not After : Dec 23 22:49:02 2025 GMT Subject: CN=866802C9D2524BF1A1FB1D2F190E901844439BFF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b6:1d:f8:3e:81:25:35:a4:51:54:c2:3f:74: b8:60:fc:8a:22:66:af:02:58:b9:78:99:d7:58:41: fc:7f:3d:ca:bd:98:39:47:1e:94:25:2e:65:b9:cd: 96:dd:97:1c:69:48:50:b6:27:da:97:d9:88:3a:da: 83:22:cd:2a:e9:73:f4:6c:5d:9f:f6:2c:53:42:68: ff:f3:04:d2:8a:35:0d:55:ff:c8:2c:dc:53:c1:53: 9f:1a:c8:4f:1b:f3:96:4b:03:4b:86:4d:ce:e6:fc: aa:d3:6f:b7:19:56:f3:1f:1f:68:0a:1c:b1:1a:ca: 5a:c2:43:bc:f2:24:2b:d2:00:4f:f9:e4:b4:37:88: 77:6e:e0:38:7b:a6:f4:f4:dd:d1:ae:2a:41:b6:b3: c3:67:37:47:4a:a0:23:ea:ff:50:00:9b:7a:8b:d7: f7:2d:c0:c3:17:45:a1:30:de:2e:4e:78:57:64:2c: b6:63:92:5b:59:42:c2:45:e8:08:32:83:c0:18:21: 5a:59:45:cb:30:a5:d1:a4:71:48:f5:c6:c5:16:28: 1f:39:83:18:44:d7:94:30:d2:2b:d0:fb:d9:72:c5: 36:94:7d:a5:7c:c2:89:40:cd:f6:2a:7e:90:cf:ce: 38:2e:c1:9a:f7:67:dc:e7:6d:09:81:78:bf:75:10: 7c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:68:02:C9:D2:52:4B:F1:A1:FB:1D:2F:19:0E:90:18:44:43:9B:FF X509v3 Authority Key Identifier: keyid:4D:EF:BD:D9:85:4B:E8:D1:E2:8F:73:30:A0:B8:02:C3:EE:6A:D1:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/90de231f-fb8a-427a-aa36-0a3fc972328d/0/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/90de231f-fb8a-427a-aa36-0a3fc972328d/0/4DEFBDD9854BE8D1E28F7330A0B802C3EE6AD1F9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:35:ea:f4:03:a9:cb:12:7c:56:18:7c:ff:f7:4f:9a:0a:b6: 53:ee:9d:63:e4:72:09:36:9a:e9:5f:55:ef:a4:79:87:7a:cb: e4:31:f8:0c:2a:be:b9:98:c2:15:49:54:b1:cb:f2:09:18:e9: 67:9a:9c:9d:25:57:3f:c0:02:c7:c5:02:26:06:84:7e:5b:da: 7d:16:93:6c:54:27:73:0f:fc:e8:f3:c1:23:e1:63:e9:f6:2c: 01:75:ec:fb:f5:a8:ec:48:97:ee:b2:ab:6a:29:b3:e3:aa:36: 4e:56:8b:27:ab:e2:36:16:65:89:d0:0f:e0:06:b3:70:26:5b: 0f:d0:4b:cb:47:17:11:e9:ba:fe:90:82:a2:75:e6:54:ee:14: 84:c1:15:3e:d1:b3:29:45:20:55:99:50:a3:e3:c9:cc:f9:2f: 5d:65:2f:62:76:b2:32:a1:ca:c4:00:8f:97:ec:62:cc:e5:e3: d7:96:e4:42:d7:e8:aa:0e:86:53:f1:18:77:93:18:a6:d2:9c: 01:e5:88:e1:53:f6:2f:ce:77:21:3e:be:a5:56:ec:b2:84:4a: 1d:05:81:7e:d0:40:7b:37:27:4d:e7:0b:aa:a4:70:bb:4f:b2: 54:0e:14:0e:5c:8f:bf:6b:fa:34:a2:12:19:ed:55:d3:70:b7: 19:2a:96:01 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUT6DcGXv6nl+LRSAohkt40vOVQz8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNERFRkJERDk4NTRCRThEMUUyOEY3MzMwQTBCODAyQzNF RTZBRDFGOTAeFw0yNTEyMjAxMjA1MDJaFw0yNTEyMjMyMjQ5MDJaMDMxMTAvBgNV BAMTKDg2NjgwMkM5RDI1MjRCRjFBMUZCMUQyRjE5MEU5MDE4NDQ0MzlCRkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoth34PoElNaRRVMI/dLhg/Ioi Zq8CWLl4mddYQfx/Pcq9mDlHHpQlLmW5zZbdlxxpSFC2J9qX2Yg62oMizSrpc/Rs XZ/2LFNCaP/zBNKKNQ1V/8gs3FPBU58ayE8b85ZLA0uGTc7m/KrTb7cZVvMfH2gK HLEaylrCQ7zyJCvSAE/55LQ3iHdu4Dh7pvT03dGuKkG2s8NnN0dKoCPq/1AAm3qL 1/ctwMMXRaEw3i5OeFdkLLZjkltZQsJF6Agyg8AYIVpZRcswpdGkcUj1xsUWKB85 gxhE15Qw0ivQ+9lyxTaUfaV8wolAzfYqfpDPzjguwZr3Z9znbQmBeL91EHyjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhmgCydJSS/Gh+x0vGQ6QGERDm/8wHwYDVR0j BBgwFoAUTe+92YVL6NHij3MwoLgCw+5q0fkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 MGRlMjMxZi1mYjhhLTQyN2EtYWEzNi0wYTNmYzk3MjMyOGQvMC80REVGQkREOTg1 NEJFOEQxRTI4RjczMzBBMEI4MDJDM0VFNkFEMUY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNERFRkJERDk4NTRCRThEMUUyOEY3MzMwQTBCODAyQzNFRTZB RDFGOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTBkZTIzMWYtZmI4YS00MjdhLWFh MzYtMGEzZmM5NzIzMjhkLzAvNERFRkJERDk4NTRCRThEMUUyOEY3MzMwQTBCODAy QzNFRTZBRDFGOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADE16vQDqcsSfFYYfP/3T5oKtlPunWPkcgk2 mulfVe+keYd6y+Qx+AwqvrmYwhVJVLHL8gkY6WeanJ0lVz/AAsfFAiYGhH5b2n0W k2xUJ3MP/OjzwSPhY+n2LAF17Pv1qOxIl+6yq2ops+OqNk5Wiyer4jYWZYnQD+AG s3AmWw/QS8tHFxHpuv6QgqJ15lTuFITBFT7RsylFIFWZUKPjycz5L11lL2J2sjKh ysQAj5fsYszl49eW5ELX6KoOhlPxGHeTGKbSnAHliOFT9i/OdyE+vqVW7LKESh0F gX7QQHs3J03nC6qkcLtPslQOFA5cj79r+jSiEhntVdNwtxkqlgE= -----END CERTIFICATE-----Generated at Mon Dec 22 14:07:01 2025 by rpki-client