This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft File: CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft (raw, json) Hash identifier: K+/zMa1UJSdc+0yW9/Kfvn8S1QyLwkCMB9TMWEWODZo= Subject key identifier: 8F:42:58:10:A1:7D:B3:55:76:78:5E:74:2E:E2:9B:A1:2D:F1:13:BA Authority key identifier: CA:41:DD:E3:59:1D:CF:89:BB:D1:5B:C9:6E:05:BD:C7:32:14:09:9B Certificate issuer: /CN=CA41DDE3591DCF89BBD15BC96E05BDC73214099B Certificate serial: 7BF420C3E2160667FB1E4CFB46050446E09C3930 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft Manifest number: 0531 Signing time: Tue 02 Dec 2025 16:41:56 +0000 Manifest this update: Tue 02 Dec 2025 16:36:56 +0000 Manifest next update: Fri 05 Dec 2025 20:20:56 +0000 Files and hashes: 1: CA41DDE3591DCF89BBD15BC96E05BDC73214099B.crl (hash: P2bOfWzL8pKXEJahbCbBO+Kd1Ntd4X4xHNNGG+2ZxX8=) 2: 3130332e36362e38362e302f32342d3234203d3e20313431313037.roa (hash: HELC9mdQ84lzVVvguuZaZieGiyQ03u73Eihy4Pkp6bs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.crl rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 20:20:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:f4:20:c3:e2:16:06:67:fb:1e:4c:fb:46:05:04:46:e0:9c:39:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA41DDE3591DCF89BBD15BC96E05BDC73214099B Validity Not Before: Dec 2 16:36:56 2025 GMT Not After : Dec 5 20:20:56 2025 GMT Subject: CN=8F425810A17DB35576785E742EE29BA12DF113BA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:9c:dc:a8:a9:8e:4a:5e:43:40:ea:a9:05:e0: a5:11:02:e6:6e:77:ee:86:ec:5a:91:b9:61:5c:04: f0:16:52:27:76:e0:33:2e:1e:86:0f:b5:c7:46:49: 43:9b:98:b1:5c:df:c1:96:76:64:29:80:7c:bd:94: d9:d3:1f:d1:89:31:7b:6d:88:8f:87:47:b7:dc:a4: 93:82:4f:ec:a3:af:cd:d4:1c:48:52:ad:32:e9:71: 8e:44:d1:99:ec:73:b3:f8:5a:05:ee:3b:a9:b8:84: f8:74:24:ed:63:f6:07:51:73:2d:53:8c:5d:ad:ca: 3b:e5:db:fb:92:ad:02:c1:ab:a9:9b:d0:4d:37:53: 03:ea:27:3c:49:92:42:6a:42:6f:86:cd:1a:d2:bf: 4a:e3:5c:5f:5b:71:3a:f9:5b:75:9d:2c:e9:b6:31: 4e:d8:5d:0b:47:65:e2:42:30:ca:95:9b:57:8a:5d: 48:c7:ce:75:14:99:78:e5:d3:c3:82:74:cb:63:ff: f4:15:b1:aa:e0:6e:fb:97:4d:de:b3:09:41:f7:cd: 3c:2c:a4:6d:0a:f7:00:71:91:b1:45:13:82:7d:89: 95:66:41:5f:3c:8f:f5:73:a2:0d:c5:84:65:0e:b3: 50:65:24:91:81:09:9f:df:32:e2:63:52:b7:5a:85: 94:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:42:58:10:A1:7D:B3:55:76:78:5E:74:2E:E2:9B:A1:2D:F1:13:BA X509v3 Authority Key Identifier: keyid:CA:41:DD:E3:59:1D:CF:89:BB:D1:5B:C9:6E:05:BD:C7:32:14:09:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4fcc2d44-9418-4013-9723-a978f8bd8b6b/0/CA41DDE3591DCF89BBD15BC96E05BDC73214099B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:df:0c:50:89:d5:6a:ab:4d:3c:9d:93:e6:e2:c0:3d:42:58: fc:a7:08:f7:08:ba:5c:22:0a:14:af:ba:93:0b:91:8d:e8:32: 86:d6:13:78:2f:19:f9:75:73:e6:89:94:ea:db:e3:a5:1c:65: fd:f6:c7:bc:ef:57:ec:90:09:35:17:fc:93:4c:b1:06:ff:68: 9a:49:f4:7f:e7:be:15:2e:f4:21:b1:91:16:c4:f3:f1:c2:4b: aa:26:a4:88:91:ec:0f:ae:ca:b1:1b:22:3c:82:10:8b:ec:ef: f5:23:6b:43:27:df:4f:7e:b0:22:a4:7b:36:d9:9a:64:1a:d4: 18:03:3d:33:21:66:38:70:a9:5f:8a:64:94:3f:7a:50:1e:94: d2:cf:95:a9:b4:36:f2:fd:37:c2:1e:03:72:ab:18:69:0e:0e: bb:eb:d4:29:26:18:9a:0b:4f:1c:57:a9:51:54:8a:e4:e6:5d: cb:a1:1e:31:f8:53:a2:84:b7:e9:62:c1:17:be:ee:f2:3a:c1: 23:ca:36:9b:2a:58:ee:65:6e:d0:cf:b3:6f:86:77:95:0a:ea: 79:b5:d8:bc:a5:df:ca:0d:ab:12:3d:ef:be:ec:43:66:f3:54: 67:b3:b9:44:db:55:b5:35:df:63:c0:a7:d7:8e:5b:9e:86:45: 9d:69:59:57 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUe/Qgw+IWBmf7Hkz7RgUERuCcOTAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E0MURERTM1OTFEQ0Y4OUJCRDE1QkM5NkUwNUJEQzcz MjE0MDk5QjAeFw0yNTEyMDIxNjM2NTZaFw0yNTEyMDUyMDIwNTZaMDMxMTAvBgNV BAMTKDhGNDI1ODEwQTE3REIzNTU3Njc4NUU3NDJFRTI5QkExMkRGMTEzQkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChnNyoqY5KXkNA6qkF4KURAuZu d+6G7FqRuWFcBPAWUid24DMuHoYPtcdGSUObmLFc38GWdmQpgHy9lNnTH9GJMXtt iI+HR7fcpJOCT+yjr83UHEhSrTLpcY5E0Znsc7P4WgXuO6m4hPh0JO1j9gdRcy1T jF2tyjvl2/uSrQLBq6mb0E03UwPqJzxJkkJqQm+GzRrSv0rjXF9bcTr5W3WdLOm2 MU7YXQtHZeJCMMqVm1eKXUjHznUUmXjl08OCdMtj//QVsargbvuXTd6zCUH3zTws pG0K9wBxkbFFE4J9iZVmQV88j/Vzog3FhGUOs1BlJJGBCZ/fMuJjUrdahZS9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUj0JYEKF9s1V2eF50LuKboS3xE7owHwYDVR0j BBgwFoAUykHd41kdz4m70VvJbgW9xzIUCZswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZmNjMmQ0NC05NDE4LTQwMTMtOTcyMy1hOTc4ZjhiZDhiNmIvMC9DQTQxRERFMzU5 MURDRjg5QkJEMTVCQzk2RTA1QkRDNzMyMTQwOTlCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E0MURERTM1OTFEQ0Y4OUJCRDE1QkM5NkUwNUJEQzczMjE0 MDk5Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGZjYzJkNDQtOTQxOC00MDEzLTk3 MjMtYTk3OGY4YmQ4YjZiLzAvQ0E0MURERTM1OTFEQ0Y4OUJCRDE1QkM5NkUwNUJE QzczMjE0MDk5Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFffDFCJ1WqrTTydk+biwD1CWPynCPcIulwi ChSvupMLkY3oMobWE3gvGfl1c+aJlOrb46UcZf32x7zvV+yQCTUX/JNMsQb/aJpJ 9H/nvhUu9CGxkRbE8/HCS6ompIiR7A+uyrEbIjyCEIvs7/Uja0Mn309+sCKkezbZ mmQa1BgDPTMhZjhwqV+KZJQ/elAelNLPlam0NvL9N8IeA3KrGGkODrvr1CkmGJoL TxxXqVFUiuTmXcuhHjH4U6KEt+liwRe+7vI6wSPKNpsqWO5lbtDPs2+Gd5UK6nm1 2Lyl38oNqxI9777sQ2bzVGezuUTbVbU132PAp9eOW56GRZ1pWVc= -----END CERTIFICATE-----Generated at Wed Dec 3 14:14:25 2025 by rpki-client