This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.mft File: BA3C6E8206951343A970BD80B8DC3351252A9719.mft (raw, json) Hash identifier: NN3iMt7Zmx7h18AcH01ScaSQ1kcy3aaXkh/rjL1z+GU= Subject key identifier: 2A:FB:72:2D:43:E9:2C:57:24:CB:34:8E:0A:A8:1E:A2:4D:0C:48:51 Authority key identifier: BA:3C:6E:82:06:95:13:43:A9:70:BD:80:B8:DC:33:51:25:2A:97:19 Certificate issuer: /CN=BA3C6E8206951343A970BD80B8DC3351252A9719 Certificate serial: 35E346ADE1DD17A8359241C5636F079CC55C2926 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BA3C6E8206951343A970BD80B8DC3351252A9719.cer Subject info access: rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.mft Manifest number: CE Signing time: Thu 18 Dec 2025 11:41:32 +0000 Manifest this update: Thu 18 Dec 2025 11:36:32 +0000 Manifest next update: Sun 21 Dec 2025 15:45:32 +0000 Files and hashes: 1: BA3C6E8206951343A970BD80B8DC3351252A9719.crl (hash: XpkyJFje35tTdiK57nlu6oKShXe4JipzRskHJ4AXm04=) 2: 3136302e32352e3135362e302f32342d3234203d3e20313533303838.roa (hash: mhfAph5jHpIIQpADW/6z0VmmK6WaOWV9si8/hgfO+jQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.crl rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BA3C6E8206951343A970BD80B8DC3351252A9719.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 15:45:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:e3:46:ad:e1:dd:17:a8:35:92:41:c5:63:6f:07:9c:c5:5c:29:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BA3C6E8206951343A970BD80B8DC3351252A9719 Validity Not Before: Dec 18 11:36:32 2025 GMT Not After : Dec 21 15:45:32 2025 GMT Subject: CN=2AFB722D43E92C5724CB348E0AA81EA24D0C4851 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:37:9f:c3:92:15:b5:19:60:11:61:3b:3c:7f: bd:ce:74:4f:f5:cc:72:06:d5:0d:69:fd:b0:20:b0: 65:23:31:ae:68:e8:11:aa:54:5c:e5:40:69:e8:88: f9:45:08:e1:bf:8e:46:1c:c7:16:a7:a0:54:30:e5: 5c:67:68:78:56:a7:2f:8c:7a:54:f7:bc:55:fa:62: 1e:cc:47:b7:91:7e:c1:a5:89:e2:48:37:8d:c4:1c: f9:12:8f:05:99:bf:b3:af:20:d2:4f:c4:89:e8:ad: 82:f4:70:ad:35:9a:15:25:67:2d:34:b6:b6:7d:2a: 46:28:e5:04:97:37:04:bf:94:fa:87:14:9d:8e:91: 72:db:98:4e:c2:90:bd:bc:00:09:dc:6a:84:25:c5: 82:50:ca:eb:a6:d0:76:d6:44:40:32:83:4d:24:b5: b8:dc:fe:73:50:09:24:50:5f:26:3b:6a:2a:08:49: 15:0d:d0:c5:dd:36:44:79:53:c8:8e:51:00:42:1e: 98:56:f3:a6:4f:48:5a:ef:fe:27:d9:9a:b0:cf:b6: 01:11:96:91:26:3c:65:7c:c2:76:c3:9b:77:d7:dd: e1:6c:1a:09:cf:c5:f6:2e:77:23:c5:df:5c:e5:a3: 3c:29:34:4d:c3:ec:31:45:58:5a:90:95:af:b4:34: 48:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:FB:72:2D:43:E9:2C:57:24:CB:34:8E:0A:A8:1E:A2:4D:0C:48:51 X509v3 Authority Key Identifier: keyid:BA:3C:6E:82:06:95:13:43:A9:70:BD:80:B8:DC:33:51:25:2A:97:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BA3C6E8206951343A970BD80B8DC3351252A9719.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:d9:d0:2f:90:c1:4e:72:9c:79:b3:b9:4e:55:5b:7b:bb:de: 14:16:5c:c3:86:6f:35:f1:5d:94:57:4a:e1:c8:10:31:53:be: cd:29:3b:54:24:4a:60:1c:28:bd:fa:6a:ad:16:21:0f:11:aa: e3:c6:63:ec:7a:29:c0:61:ee:9e:e3:ef:f4:88:26:42:fd:1e: ae:04:9e:9a:c5:79:32:b2:20:a3:98:f7:46:98:3c:90:25:2e: 40:e6:37:5d:22:b3:39:27:e8:85:b9:c1:26:28:fa:45:f3:9c: d6:7d:4c:3b:e5:6e:34:28:53:0b:70:88:87:4d:e9:2f:20:cd: 8d:9b:7f:78:70:ca:19:04:ed:55:27:53:92:68:9e:59:87:a3: e7:e6:53:8b:5e:1e:c3:3f:b4:ce:f8:59:91:b7:01:b8:a2:f6: 82:d7:19:fc:16:48:e7:89:ea:81:28:78:9e:06:06:60:89:d7: f2:19:dc:40:4f:d2:6c:c1:23:90:3a:60:96:75:84:68:64:21: 24:a4:83:f5:f3:ae:f4:7e:51:40:10:50:6d:fd:05:41:43:20: 59:74:7b:93:64:e1:4c:90:8d:3c:8d:a3:cf:43:2a:38:8e:f8: 5e:f6:f6:10:2a:d4:d2:aa:12:a6:69:55:46:8e:6d:9f:00:46: a8:c2:28:5c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNeNGreHdF6g1kkHFY28HnMVcKSYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkEzQzZFODIwNjk1MTM0M0E5NzBCRDgwQjhEQzMzNTEy NTJBOTcxOTAeFw0yNTEyMTgxMTM2MzJaFw0yNTEyMjExNTQ1MzJaMDMxMTAvBgNV BAMTKDJBRkI3MjJENDNFOTJDNTcyNENCMzQ4RTBBQTgxRUEyNEQwQzQ4NTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbN5/DkhW1GWARYTs8f73OdE/1 zHIG1Q1p/bAgsGUjMa5o6BGqVFzlQGnoiPlFCOG/jkYcxxanoFQw5VxnaHhWpy+M elT3vFX6Yh7MR7eRfsGlieJIN43EHPkSjwWZv7OvINJPxInorYL0cK01mhUlZy00 trZ9KkYo5QSXNwS/lPqHFJ2OkXLbmE7CkL28AAncaoQlxYJQyuum0HbWREAyg00k tbjc/nNQCSRQXyY7aioISRUN0MXdNkR5U8iOUQBCHphW86ZPSFrv/ifZmrDPtgER lpEmPGV8wnbDm3fX3eFsGgnPxfYudyPF31zlozwpNE3D7DFFWFqQla+0NEhjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKvtyLUPpLFckyzSOCqgeok0MSFEwHwYDVR0j BBgwFoAUujxuggaVE0OpcL2AuNwzUSUqlxkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h YWZkZDZmOS1iNzk5LTRhOTYtOWUyYS0xZmVmNjliZmE1OTcvMC9CQTNDNkU4MjA2 OTUxMzQzQTk3MEJEODBCOERDMzM1MTI1MkE5NzE5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkEzQzZFODIwNjk1MTM0M0E5NzBCRDgwQjhEQzMzNTEyNTJB OTcxOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYWFmZGQ2ZjktYjc5OS00YTk2LTll MmEtMWZlZjY5YmZhNTk3LzAvQkEzQzZFODIwNjk1MTM0M0E5NzBCRDgwQjhEQzMz NTEyNTJBOTcxOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABbZ0C+QwU5ynHmzuU5VW3u73hQWXMOGbzXx XZRXSuHIEDFTvs0pO1QkSmAcKL36aq0WIQ8RquPGY+x6KcBh7p7j7/SIJkL9Hq4E nprFeTKyIKOY90aYPJAlLkDmN10iszkn6IW5wSYo+kXznNZ9TDvlbjQoUwtwiIdN 6S8gzY2bf3hwyhkE7VUnU5JonlmHo+fmU4teHsM/tM74WZG3Abii9oLXGfwWSOeJ 6oEoeJ4GBmCJ1/IZ3EBP0mzBI5A6YJZ1hGhkISSkg/XzrvR+UUAQUG39BUFDIFl0 e5Nk4UyQjTyNo89DKjiO+F729hAq1NKqEqZpVUaObZ8ARqjCKFw= -----END CERTIFICATE-----Generated at Fri Dec 19 10:27:57 2025 by rpki-client