This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft File: 3CA825E93FE8830376EF386786BF847CB239BE70.mft (raw, json) Hash identifier: hxCJm2OGKVCl12wYO71cZJ/uoX8Vl5Dc3lvuKhDe2gU= Subject key identifier: 16:A7:3B:B2:57:04:E5:D5:85:B8:E5:62:62:B7:2B:6A:5E:FA:6A:FE Authority key identifier: 3C:A8:25:E9:3F:E8:83:03:76:EF:38:67:86:BF:84:7C:B2:39:BE:70 Certificate issuer: /CN=3CA825E93FE8830376EF386786BF847CB239BE70 Certificate serial: 56E3C9B24A2371E789CFA68F0676342F786554F3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer Subject info access: rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft Manifest number: 052F Signing time: Thu 11 Dec 2025 18:11:52 +0000 Manifest this update: Thu 11 Dec 2025 18:06:52 +0000 Manifest next update: Mon 15 Dec 2025 04:18:52 +0000 Files and hashes: 1: 3131392e38322e3232342e302f32302d3234203d3e203234323133.roa (hash: rMCMSl1s+WWM7uToBUHib02Gf8GW78oaPsE3tZQeKpc=) 2: 3CA825E93FE8830376EF386786BF847CB239BE70.crl (hash: tr/tzXPOHCN98YUwfYk2doQBS9v4DMV2cxZCyx77NXQ=) 3: 3130332e38332e39322e302f32322d3234203d3e20313331313131.roa (hash: 7BaUBkYi576UVLsHbTQQnc27jnKH4uxS8EK0pK4qmYo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.crl rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Dec 2025 04:18:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:e3:c9:b2:4a:23:71:e7:89:cf:a6:8f:06:76:34:2f:78:65:54:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3CA825E93FE8830376EF386786BF847CB239BE70 Validity Not Before: Dec 11 18:06:52 2025 GMT Not After : Dec 15 04:18:52 2025 GMT Subject: CN=16A73BB25704E5D585B8E56262B72B6A5EFA6AFE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a2:32:27:96:b8:db:6e:aa:90:7f:34:6e:a1: 8d:90:a5:1b:c7:03:b8:74:4f:75:c1:cb:b0:20:9f: 68:f4:6e:a3:7c:00:96:c4:13:d6:32:35:28:e2:0c: 81:a6:7a:aa:f5:8f:a2:58:98:bc:d4:e4:d1:3f:ce: c3:05:c4:94:ac:30:20:4f:fc:46:97:5b:6e:aa:4e: fb:a3:9a:48:b1:47:14:94:53:b8:4d:a6:aa:22:62: 2d:b5:5e:47:90:da:36:ea:39:2c:fc:0f:1a:0f:14: fa:54:04:62:c9:f8:ee:16:20:b9:06:a1:9f:7c:8a: 08:4e:8e:5e:4b:ea:35:a4:7d:49:14:73:a8:e7:c8: c3:97:55:51:60:04:93:de:89:d9:16:a2:f7:e0:8b: 32:8c:f5:8e:ae:a7:46:05:44:3b:2e:d1:6c:4c:4b: cf:24:d8:98:d5:c6:30:7c:80:6c:eb:1c:a0:fe:9b: 59:69:57:f0:83:8d:dd:d3:8f:05:a4:b7:ff:d2:aa: bb:47:98:bc:0c:30:79:7f:cf:9b:de:9b:3e:44:d6: 52:18:08:c6:d2:93:ad:66:ce:cd:07:70:bb:87:42: da:8b:2f:9f:21:31:38:ae:e2:d6:b6:78:1f:bd:9d: 70:eb:04:bf:77:23:a3:c5:48:39:ba:2d:d6:c5:ef: 53:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:A7:3B:B2:57:04:E5:D5:85:B8:E5:62:62:B7:2B:6A:5E:FA:6A:FE X509v3 Authority Key Identifier: keyid:3C:A8:25:E9:3F:E8:83:03:76:EF:38:67:86:BF:84:7C:B2:39:BE:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:f4:38:fd:af:16:fd:da:44:35:5c:16:53:ab:84:5a:35:41: 66:1c:14:b1:ab:0e:96:e4:00:73:48:84:de:45:f9:4e:ce:c7: 4c:35:37:87:de:63:79:13:98:e8:67:73:d7:65:f5:9e:c3:50: 2e:2c:d3:4e:01:aa:98:54:24:8b:c2:c5:5e:39:91:74:34:c1: eb:29:75:1f:f9:31:dd:44:a0:a4:eb:29:d1:9a:be:2b:34:af: 18:c6:d9:b6:af:b5:62:d5:83:02:25:ce:cf:08:2f:0d:25:1f: 43:e4:50:09:98:ff:d4:8d:62:cd:dc:0f:da:4a:12:91:e0:0a: 36:73:f7:c9:0d:96:e9:bc:c2:f2:35:81:3e:a7:e1:78:ca:77: 0e:fc:a1:e0:e9:a1:a6:34:b3:11:76:3b:1a:1f:08:2b:21:ed: 6d:22:62:9d:e1:66:6a:98:23:01:3e:55:04:fd:aa:5f:da:97: a6:80:d1:68:60:53:de:3d:69:00:e3:74:00:97:13:72:d8:f5: 86:2a:4d:03:83:0b:26:06:9c:6f:3a:9b:3b:c4:dc:d4:63:24: d2:17:7c:eb:8e:90:e1:74:c0:ed:31:35:c6:19:9d:20:b5:f2: 61:27:34:d0:9e:05:44:df:ce:cf:81:58:8a:54:bf:3d:47:96: 20:38:b6:6a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVuPJskojceeJz6aPBnY0L3hlVPMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0N0NC MjM5QkU3MDAeFw0yNTEyMTExODA2NTJaFw0yNTEyMTUwNDE4NTJaMDMxMTAvBgNV BAMTKDE2QTczQkIyNTcwNEU1RDU4NUI4RTU2MjYyQjcyQjZBNUVGQTZBRkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8ojInlrjbbqqQfzRuoY2QpRvH A7h0T3XBy7Agn2j0bqN8AJbEE9YyNSjiDIGmeqr1j6JYmLzU5NE/zsMFxJSsMCBP /EaXW26qTvujmkixRxSUU7hNpqoiYi21XkeQ2jbqOSz8DxoPFPpUBGLJ+O4WILkG oZ98ighOjl5L6jWkfUkUc6jnyMOXVVFgBJPeidkWovfgizKM9Y6up0YFRDsu0WxM S88k2JjVxjB8gGzrHKD+m1lpV/CDjd3TjwWkt//SqrtHmLwMMHl/z5vemz5E1lIY CMbSk61mzs0HcLuHQtqLL58hMTiu4ta2eB+9nXDrBL93I6PFSDm6LdbF71O1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUFqc7slcE5dWFuOViYrcral76av4wHwYDVR0j BBgwFoAUPKgl6T/ogwN27zhnhr+EfLI5vnAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w OGI4YzFiNS0zYmU4LTRhYTctYTRjNi0yMWJjYzhmM2ZhNDAvMC8zQ0E4MjVFOTNG RTg4MzAzNzZFRjM4Njc4NkJGODQ3Q0IyMzlCRTcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0N0NCMjM5 QkU3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDhiOGMxYjUtM2JlOC00YWE3LWE0 YzYtMjFiY2M4ZjNmYTQwLzAvM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0 N0NCMjM5QkU3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACP0OP2vFv3aRDVcFlOrhFo1QWYcFLGrDpbk AHNIhN5F+U7Ox0w1N4feY3kTmOhnc9dl9Z7DUC4s004BqphUJIvCxV45kXQ0wesp dR/5Md1EoKTrKdGavis0rxjG2bavtWLVgwIlzs8ILw0lH0PkUAmY/9SNYs3cD9pK EpHgCjZz98kNlum8wvI1gT6n4XjKdw78oeDpoaY0sxF2OxofCCsh7W0iYp3hZmqY IwE+VQT9ql/al6aA0WhgU949aQDjdACXE3LY9YYqTQODCyYGnG86mzvE3NRjJNIX fOuOkOF0wO0xNcYZnSC18mEnNNCeBUTfzs+BWIpUvz1HliA4tmo= -----END CERTIFICATE-----Generated at Sun Dec 14 03:30:23 2025 by rpki-client