This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: 2Xwbx86B82oDn6VaEjoKLYJGCrDmT7hXqs+zo5gvAg8= Subject key identifier: C4:B9:F2:A0:B0:46:A6:32:0B:45:BE:B2:35:A2:F2:33:10:11:B7:94 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 7A75A1CFFAE6FF42423FE64128912EAC873F215E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 021A Signing time: Mon 22 Dec 2025 16:53:05 +0000 Manifest this update: Mon 22 Dec 2025 16:48:05 +0000 Manifest next update: Thu 25 Dec 2025 22:33:05 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: FoaYKkJd/VGfJ/84pssbDiGVkCrzxxsfuzxG17eCYL4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 22:33:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:75:a1:cf:fa:e6:ff:42:42:3f:e6:41:28:91:2e:ac:87:3f:21:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Dec 22 16:48:05 2025 GMT Not After : Dec 25 22:33:05 2025 GMT Subject: CN=C4B9F2A0B046A6320B45BEB235A2F2331011B794 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:f2:c9:5a:de:34:90:52:9b:a9:0c:52:67:bc: ae:ce:8d:9b:bc:69:d2:68:e2:ed:d3:91:aa:01:7e: ac:af:cc:b1:56:9a:97:44:cf:57:1b:c6:8f:a6:92: c4:32:82:ec:b5:02:bd:c4:70:b0:2e:80:15:b6:32: 8a:c6:e7:9b:33:7f:3e:21:0e:66:87:f7:57:21:19: 42:9d:b4:88:07:9b:ea:74:2c:d1:d8:39:35:ff:61: fa:db:72:5d:e6:0e:f8:c5:b2:a5:4c:e3:47:d6:51: 73:b8:91:d0:c2:9c:4d:68:d8:26:af:20:53:7b:b7: b4:7f:1d:0f:6f:de:06:66:2d:5d:f1:8a:cf:3a:7f: 3a:f0:40:6f:5c:e6:c1:74:bb:06:e1:ef:59:c3:a5: f6:d0:9f:bc:2b:ed:41:4e:87:7c:5d:94:3a:10:23: 5b:8a:e1:23:63:51:f7:47:b0:ca:ef:bf:7d:f4:31: ce:68:25:5c:e4:cc:aa:09:8a:85:83:be:2b:ca:f5: ab:23:d4:af:af:94:bf:ac:32:fa:a7:e5:54:bf:73: e7:d3:9c:f7:ad:5a:ed:c5:d5:77:00:93:c9:30:fc: 0e:36:33:a2:d9:ea:c1:4d:be:1f:47:e3:fa:58:0b: 38:dc:fa:d8:c1:f9:8b:99:dd:a6:e9:cb:23:18:0f: ce:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:B9:F2:A0:B0:46:A6:32:0B:45:BE:B2:35:A2:F2:33:10:11:B7:94 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c7:69:f5:87:fa:06:30:9c:9a:56:f9:91:c7:68:1d:3e:8b:7d: b6:a2:da:4a:fe:5b:65:15:1d:43:a5:73:63:80:fd:c2:fa:17: ac:15:c1:f6:c9:e6:f1:37:e5:f6:45:62:04:91:1c:36:e4:00: 67:be:07:0f:e9:06:ba:4a:9e:74:ff:ca:23:25:14:16:a4:5d: 47:17:9e:33:98:62:58:27:09:fa:08:65:0a:67:5e:7e:0c:0a: 2f:60:c9:be:16:3a:6a:e8:c2:26:24:20:f4:3f:23:14:56:18: fc:6b:53:fb:3c:41:fe:2e:eb:a5:c4:87:c6:2b:e4:03:5a:9c: b2:0b:de:7f:d0:70:28:f9:c3:b2:20:5e:37:b4:96:86:69:db: 38:de:e0:69:83:ec:c5:27:0c:78:ed:6c:e8:e5:0d:db:ac:32: 8a:ac:7b:a9:c5:78:ff:0e:b6:76:63:d4:3a:2b:be:92:64:87: bc:06:c6:33:ad:b4:61:f0:58:19:47:24:1f:47:f1:93:36:02: 15:d0:f0:77:5d:d5:81:5c:d5:2d:d1:d8:1b:18:26:7f:b2:9a: e4:60:74:3e:28:68:bd:d0:d2:fc:bd:ad:fb:fd:a8:46:72:55: eb:bd:8e:62:2a:f2:30:9f:53:3e:43:2c:b0:fb:bb:ca:ab:94: 75:48:1a:fb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUenWhz/rm/0JCP+ZBKJEurIc/IV4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTEyMjIxNjQ4MDVaFw0yNTEyMjUyMjMzMDVaMDMxMTAvBgNV BAMTKEM0QjlGMkEwQjA0NkE2MzIwQjQ1QkVCMjM1QTJGMjMzMTAxMUI3OTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm8sla3jSQUpupDFJnvK7OjZu8 adJo4u3TkaoBfqyvzLFWmpdEz1cbxo+mksQyguy1Ar3EcLAugBW2MorG55szfz4h DmaH91chGUKdtIgHm+p0LNHYOTX/Yfrbcl3mDvjFsqVM40fWUXO4kdDCnE1o2Cav IFN7t7R/HQ9v3gZmLV3xis86fzrwQG9c5sF0uwbh71nDpfbQn7wr7UFOh3xdlDoQ I1uK4SNjUfdHsMrvv330Mc5oJVzkzKoJioWDvivK9asj1K+vlL+sMvqn5VS/c+fT nPetWu3F1XcAk8kw/A42M6LZ6sFNvh9H4/pYCzjc+tjB+YuZ3abpyyMYD86bAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUxLnyoLBGpjILRb6yNaLyMxARt5QwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMdp9Yf6BjCcmlb5kcdoHT6Lfbai2kr+W2UV HUOlc2OA/cL6F6wVwfbJ5vE35fZFYgSRHDbkAGe+Bw/pBrpKnnT/yiMlFBakXUcX njOYYlgnCfoIZQpnXn4MCi9gyb4WOmrowiYkIPQ/IxRWGPxrU/s8Qf4u66XEh8Yr 5ANanLIL3n/QcCj5w7IgXje0loZp2zje4GmD7MUnDHjtbOjlDdusMoqse6nFeP8O tnZj1DorvpJkh7wGxjOttGHwWBlHJB9H8ZM2AhXQ8Hdd1YFc1S3R2BsYJn+ymuRg dD4oaL3Q0vy9rfv9qEZyVeu9jmIq8jCfUz5DLLD7u8qrlHVIGvs= -----END CERTIFICATE-----Generated at Wed Dec 24 20:25:17 2025 by rpki-client