This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft File: 3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft (raw, json) Hash identifier: Rq8Hpj0GYCXaMpC+eeylbIquJcEjKis4h2bLoOHzzVM= Subject key identifier: 4B:DB:9B:E7:94:F2:52:D5:F1:EC:E6:6F:D8:55:28:6B:EF:D0:CB:91 Authority key identifier: 3E:CE:7D:2E:9C:2F:F3:D5:D3:0D:29:4D:74:92:C3:FE:F6:51:BA:AA Certificate issuer: /CN=3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA Certificate serial: 21672C6A75DA73224AEC8A22C4B8AE9AE4FEC176 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft Manifest number: 0381 Signing time: Tue 23 Dec 2025 09:53:09 +0000 Manifest this update: Tue 23 Dec 2025 09:48:09 +0000 Manifest next update: Fri 26 Dec 2025 15:23:09 +0000 Files and hashes: 1: 3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl (hash: YQ+bdulYaRzd03vy3qWPCLkL4Prig1kJ5chCxde1umw=) 2: 3130332e3137312e3138322e302f32332d3233203d3e20313432333735.roa (hash: ZekPVbkZv4xzJt/yLeKvpGj167I44IK/Nn+MbKBEWIw=) 3: 3130332e3137312e3138322e302f32342d3234203d3e20313432333735.roa (hash: YYGVRYPBp9IPNMR5VwzW826x/acetE+4Oj6LGMt7tPU=) 4: 3130332e3137312e3138332e302f32342d3234203d3e20313432333735.roa (hash: DCgYEPaVukPuYmvO5a2cczC4OgprkfQ5HG76ulQS39Q=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 15:23:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:67:2c:6a:75:da:73:22:4a:ec:8a:22:c4:b8:ae:9a:e4:fe:c1:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA Validity Not Before: Dec 23 09:48:09 2025 GMT Not After : Dec 26 15:23:09 2025 GMT Subject: CN=4BDB9BE794F252D5F1ECE66FD855286BEFD0CB91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:61:9e:7d:94:03:53:0a:cb:cf:f9:1d:7a:42: 5e:f8:61:94:f8:6e:73:3f:a8:83:77:1e:09:8d:1d: 56:99:ba:13:7c:9d:79:f7:a4:d1:c9:63:27:d3:72: ff:5f:44:89:e6:b3:1b:d7:e1:f1:80:4d:08:17:c8: a0:fa:11:17:a6:d4:76:99:5f:a6:83:56:e2:81:9e: 37:94:b0:71:26:ad:c5:6a:85:60:b5:dc:bf:a3:cc: 8b:b1:99:04:e4:d4:a1:1a:8f:99:25:99:d2:99:b0: 09:8f:ac:80:1f:d0:6f:de:2c:7b:e9:a5:f6:8b:e7: 7e:08:2a:be:69:43:5c:96:20:ab:81:f9:a2:41:c7: 06:dc:db:3a:ac:05:fa:a1:09:25:f1:da:ca:4b:a7: 95:45:1c:f8:dd:41:41:16:23:8e:97:79:28:e1:ea: cd:7b:e4:fe:df:21:59:fc:c7:bc:52:b0:5a:1b:80: 11:85:5a:af:c4:89:46:10:ba:a4:50:6b:fd:b5:0b: 98:81:3f:6a:cd:16:b2:14:83:05:cf:25:05:b6:24: ed:f9:00:d1:1e:79:13:eb:2c:ce:6c:cf:20:e7:61: 62:ca:f4:8b:23:23:91:d7:d9:73:88:ce:ce:ec:1d: 6e:6a:08:3a:0b:9a:96:ea:37:8f:cb:83:92:4a:a0: f2:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:DB:9B:E7:94:F2:52:D5:F1:EC:E6:6F:D8:55:28:6B:EF:D0:CB:91 X509v3 Authority Key Identifier: keyid:3E:CE:7D:2E:9C:2F:F3:D5:D3:0D:29:4D:74:92:C3:FE:F6:51:BA:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:28:21:00:b5:67:2f:c5:66:93:81:9c:ba:e7:7f:59:df:29: c9:82:43:43:a1:8a:12:27:e5:55:36:4b:ea:45:4a:57:d4:e5: 10:73:94:3b:d2:69:a5:0d:1c:e5:e6:d4:65:1f:b2:6f:3c:04: 08:2f:59:50:c3:99:82:99:c2:0d:7e:97:ee:85:6d:a5:9f:fc: 0d:b9:8c:ac:a2:5e:b6:de:05:48:66:69:71:d6:d7:3e:1f:46: cf:d7:f4:d7:2b:23:2a:d8:7e:a3:31:cd:8f:0f:33:2f:e8:54: 22:c0:1e:ee:f9:80:e1:66:5b:1e:48:43:13:7c:5a:4b:11:12: 5e:d9:46:f7:57:1e:44:9a:0b:2d:0b:82:b9:e5:6b:61:d2:82: 23:95:79:9e:e1:4f:e7:f2:a2:52:e0:28:6d:06:4c:68:24:63: a3:29:0b:2c:ac:db:5b:55:45:1f:dd:6f:58:80:21:30:15:4b: e2:08:f2:14:e1:04:3f:1d:0e:49:dd:41:c8:6e:c0:27:50:6e: 7c:01:b6:9d:10:a7:74:86:97:86:ec:62:b6:eb:6f:80:07:b4: 6d:02:dc:09:de:81:28:0f:c5:32:5b:c9:cc:dc:1e:30:e7:65: 1c:a4:7d:65:f5:17:36:75:03:51:47:3f:2f:92:56:57:ae:9b: 7f:e5:0f:ef -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIWcsanXacyJK7IoixLiumuT+wXYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMzRkVG NjUxQkFBQTAeFw0yNTEyMjMwOTQ4MDlaFw0yNTEyMjYxNTIzMDlaMDMxMTAvBgNV BAMTKDRCREI5QkU3OTRGMjUyRDVGMUVDRTY2RkQ4NTUyODZCRUZEMENCOTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQYZ59lANTCsvP+R16Ql74YZT4 bnM/qIN3HgmNHVaZuhN8nXn3pNHJYyfTcv9fRInmsxvX4fGATQgXyKD6ERem1HaZ X6aDVuKBnjeUsHEmrcVqhWC13L+jzIuxmQTk1KEaj5klmdKZsAmPrIAf0G/eLHvp pfaL534IKr5pQ1yWIKuB+aJBxwbc2zqsBfqhCSXx2spLp5VFHPjdQUEWI46XeSjh 6s175P7fIVn8x7xSsFobgBGFWq/EiUYQuqRQa/21C5iBP2rNFrIUgwXPJQW2JO35 ANEeeRPrLM5szyDnYWLK9IsjI5HX2XOIzs7sHW5qCDoLmpbqN4/Lg5JKoPLzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUS9ub55TyUtXx7OZv2FUoa+/Qy5EwHwYDVR0j BBgwFoAUPs59Lpwv89XTDSlNdJLD/vZRuqowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l MzUwNWNiMy1iNTVlLTQwZTQtYWM3OS02MzY1NjA2ZjRlZjkvMC8zRUNFN0QyRTlD MkZGM0Q1RDMwRDI5NEQ3NDkyQzNGRUY2NTFCQUFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMzRkVGNjUx QkFBQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTM1MDVjYjMtYjU1ZS00MGU0LWFj NzktNjM2NTYwNmY0ZWY5LzAvM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMz RkVGNjUxQkFBQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALUoIQC1Zy/FZpOBnLrnf1nfKcmCQ0OhihIn 5VU2S+pFSlfU5RBzlDvSaaUNHOXm1GUfsm88BAgvWVDDmYKZwg1+l+6FbaWf/A25 jKyiXrbeBUhmaXHW1z4fRs/X9NcrIyrYfqMxzY8PMy/oVCLAHu75gOFmWx5IQxN8 WksREl7ZRvdXHkSaCy0Lgrnla2HSgiOVeZ7hT+fyolLgKG0GTGgkY6MpCyys21tV RR/db1iAITAVS+II8hThBD8dDkndQchuwCdQbnwBtp0Qp3SGl4bsYrbrb4AHtG0C 3AnegSgPxTJbyczcHjDnZRykfWX1FzZ1A1FHPy+SVleum3/lD+8= -----END CERTIFICATE-----Generated at Wed Dec 24 22:10:52 2025 by rpki-client