This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.mft (raw, json) Hash identifier: 05jNVSNBGz8OQbf7LzA12wrrzLP7G7hFBVv6aNgCbe0= Subject key identifier: 95:31:04:24:67:4B:36:35:AE:0D:6E:24:3B:F4:6E:26:C3:12:95:65 Authority key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Certificate issuer: /CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Certificate serial: 55EE99B9A73956422FE7D04557EC08AFC6F6AD80 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft Manifest number: 04EF Signing time: Wed 17 Dec 2025 05:51:04 +0000 Manifest this update: Wed 17 Dec 2025 05:46:04 +0000 Manifest next update: Sat 20 Dec 2025 11:43:04 +0000 Files and hashes: 1: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: p7znIjGrzIeqiJgSyw1Go9JzIhUPDTiZx2kzEBcMX+M=) 2: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: IywsBHZCpESzPvpzBYMa3aM5xr+uzQrgr/hs4zyGEfk=) 3: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: FqumLAE5ExkmaatbD11ff744L2iTMEhUHWhZUQWOtLU=) 4: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: J7Eqzk0rLCECjOwGjEdw1vCeBneDceSExg8FEmGDsVA=) 5: 21AC220B77A77D0516BC73B4C29C8363DD00911B.crl (hash: KuuEUf8zWXQzVZcCXY53FH6ncBb/SugvzRIR1xBmfLQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 11:43:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:ee:99:b9:a7:39:56:42:2f:e7:d0:45:57:ec:08:af:c6:f6:ad:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Validity Not Before: Dec 17 05:46:04 2025 GMT Not After : Dec 20 11:43:04 2025 GMT Subject: CN=95310424674B3635AE0D6E243BF46E26C3129565 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:cf:4b:eb:db:cc:df:30:bb:88:8e:43:c1:4e: 99:8f:b3:6e:cb:a1:2c:84:41:17:98:7d:01:94:9d: 77:8a:06:13:52:b2:17:b8:c6:16:df:93:d6:2c:31: c8:08:e3:d3:10:da:a9:f0:6c:b7:48:b3:4a:dc:69: 51:3f:78:7e:3c:46:fe:bf:88:6e:bf:9f:f7:58:09: 8a:f5:68:84:2c:24:f6:92:16:9c:44:55:e3:20:ce: d6:bd:0e:82:3e:53:dc:b8:d6:e2:87:2e:d6:22:ba: a3:c2:96:4f:69:c5:9f:62:46:6a:e7:24:2c:61:35: 01:e3:9b:0a:e5:18:9d:4d:aa:21:10:84:a6:e3:c4: 6a:89:51:81:69:1c:45:0f:47:b3:29:22:ac:98:1a: b0:4f:c3:da:ca:34:eb:b8:3e:c7:c5:5a:a1:ec:a6: 86:ef:c4:8c:f7:08:00:4b:8b:88:a6:d9:28:0e:77: c1:03:f5:a6:b2:d3:ea:30:dc:32:28:52:40:31:b6: 15:a7:6b:73:ba:c9:2f:a5:0a:02:47:9b:d6:83:32: 8f:8c:f8:59:fb:20:27:17:1e:9d:7b:a1:5e:f1:ab: f6:bd:9e:0c:af:7a:b2:74:ca:70:a6:a2:b7:ad:85: c8:ed:80:cd:7d:94:2a:d5:14:95:87:90:b7:20:9e: 1b:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:31:04:24:67:4B:36:35:AE:0D:6E:24:3B:F4:6E:26:C3:12:95:65 X509v3 Authority Key Identifier: keyid:21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:76:90:d0:5c:2a:9b:6e:b3:c1:26:32:33:18:fe:bd:72:61: d7:f4:6b:38:6e:b3:20:4c:17:0d:08:fb:53:5b:82:09:b3:eb: f4:be:0f:7d:28:47:a8:be:8b:61:ca:cf:19:1f:38:be:0c:1b: f4:14:13:e5:48:a3:12:e8:5e:af:b7:97:95:06:06:a3:2b:e9: 8a:56:37:a7:2e:aa:b9:f7:a0:fd:ba:f0:8a:73:d5:62:20:28: 09:c8:ba:9e:6b:24:a7:76:e4:b8:ba:8e:1a:e5:92:db:a5:dc: b3:ee:b4:23:44:83:b2:94:44:e9:12:f8:3e:3b:d6:b0:6e:8e: e2:8d:b0:16:cf:4c:76:00:4b:68:f1:db:b8:78:c1:c9:71:77: 0a:ed:86:4a:84:1c:68:fc:fb:08:7f:fc:10:00:fb:a8:35:f2: d0:15:69:81:02:cf:ec:04:b7:6f:c9:39:74:74:cb:0e:2f:e8: e1:fc:d2:c2:bf:c7:a5:f3:19:44:cd:37:24:4a:33:61:38:31: d8:51:c9:88:fb:8e:f4:5c:83:eb:d2:97:38:97:9c:1d:78:b4: 4d:e1:8d:f5:d1:b6:1b:d6:d9:9a:74:3f:28:1a:87:a6:16:5d: 76:af:e3:c6:2d:05:07:ce:fc:06:ef:77:6e:8e:db:77:76:03: 6f:e4:07:32 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVe6Zuac5VkIv59BFV+wIr8b2rYAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNE RDAwOTExQjAeFw0yNTEyMTcwNTQ2MDRaFw0yNTEyMjAxMTQzMDRaMDMxMTAvBgNV BAMTKDk1MzEwNDI0Njc0QjM2MzVBRTBENkUyNDNCRjQ2RTI2QzMxMjk1NjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqz0vr28zfMLuIjkPBTpmPs27L oSyEQReYfQGUnXeKBhNSshe4xhbfk9YsMcgI49MQ2qnwbLdIs0rcaVE/eH48Rv6/ iG6/n/dYCYr1aIQsJPaSFpxEVeMgzta9DoI+U9y41uKHLtYiuqPClk9pxZ9iRmrn JCxhNQHjmwrlGJ1NqiEQhKbjxGqJUYFpHEUPR7MpIqyYGrBPw9rKNOu4PsfFWqHs pobvxIz3CABLi4im2SgOd8ED9aay0+ow3DIoUkAxthWna3O6yS+lCgJHm9aDMo+M +Fn7ICcXHp17oV7xq/a9ngyverJ0ynCmorethcjtgM19lCrVFJWHkLcgnhttAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlTEEJGdLNjWuDW4kO/RuJsMSlWUwHwYDVR0j BBgwFoAUIawiC3enfQUWvHO0wpyDY90AkRswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMC8yMUFDMjIwQjc3 QTc3RDA1MTZCQzczQjRDMjlDODM2M0REMDA5MTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNERDAw OTExQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5Qzgz NjNERDAwOTExQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAD52kNBcKptus8EmMjMY/r1yYdf0azhusyBM Fw0I+1Nbggmz6/S+D30oR6i+i2HKzxkfOL4MG/QUE+VIoxLoXq+3l5UGBqMr6YpW N6cuqrn3oP268Ipz1WIgKAnIup5rJKd25Li6jhrlktul3LPutCNEg7KUROkS+D47 1rBujuKNsBbPTHYAS2jx27h4wclxdwrthkqEHGj8+wh//BAA+6g18tAVaYECz+wE t2/JOXR0yw4v6OH80sK/x6XzGUTNNyRKM2E4MdhRyYj7jvRcg+vSlziXnB14tE3h jfXRthvW2Zp0Pygah6YWXXav48YtBQfO/Abvd26O23d2A2/kBzI= -----END CERTIFICATE-----Generated at Fri Dec 19 14:35:12 2025 by rpki-client