This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft File: BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft (raw, json) Hash identifier: dJwbYru7yHzblqmDcik4q55n1OMIY5P9UO653uuS5Sc= Subject key identifier: 29:A3:71:F7:BE:85:55:7D:A4:74:60:12:A8:05:63:81:98:8B:3E:49 Authority key identifier: BD:67:31:D0:5C:D6:18:15:BC:0A:71:1C:65:9F:17:31:3E:F0:F5:EB Certificate issuer: /CN=BD6731D05CD61815BC0A711C659F17313EF0F5EB Certificate serial: 5F3F231695547193AAC5101660F7E407E7B51C87 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD6731D05CD61815BC0A711C659F17313EF0F5EB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft Manifest number: AA Signing time: Sat 06 Dec 2025 20:51:05 +0000 Manifest this update: Sat 06 Dec 2025 20:46:05 +0000 Manifest next update: Tue 09 Dec 2025 23:21:05 +0000 Files and hashes: 1: 3136302e32322e39322e302f32342d3234203d3e20313532383335.roa (hash: +o6+ngIFA4hU6bMKlAFkTNxS1BaRiBEB0UhCbvig7rE=) 2: 3136302e32322e39332e302f32342d3234203d3e20313532383335.roa (hash: SeJIZiTXDjba/24vDFwUassgzTgVWzwJ94ejAOzdpPE=) 3: BD6731D05CD61815BC0A711C659F17313EF0F5EB.crl (hash: RKQEIjBOhnRMLam5suqr2U2m1N/yxTecOMwSM4IYNpM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.crl rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD6731D05CD61815BC0A711C659F17313EF0F5EB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:3f:23:16:95:54:71:93:aa:c5:10:16:60:f7:e4:07:e7:b5:1c:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD6731D05CD61815BC0A711C659F17313EF0F5EB Validity Not Before: Dec 6 20:46:05 2025 GMT Not After : Dec 9 23:21:05 2025 GMT Subject: CN=29A371F7BE85557DA4746012A8056381988B3E49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:93:c4:d3:1a:cb:07:94:0a:ad:84:6c:e2:c2: 53:5e:fc:bf:d9:dc:78:c0:86:0d:f2:1e:86:5a:bb: 43:5c:b8:7b:61:53:9a:05:ee:fb:5d:9c:b5:a9:84: ab:f5:26:3b:bc:9d:07:b4:cd:d0:05:14:f0:a5:7a: 71:ba:4a:1d:a5:66:92:52:04:b0:fc:c3:04:4a:11: 24:c1:4e:fa:52:45:ee:b7:bb:71:7f:5e:6a:45:a6: 2f:46:f7:bd:2d:43:fc:87:d1:97:e3:06:82:ae:75: 99:b2:be:ce:f4:94:d1:0f:3c:97:bd:a7:e8:a1:11: 6c:e7:6c:4a:66:96:e1:c5:04:35:96:96:01:66:da: 9b:b5:86:bd:bf:9d:51:12:ed:58:23:b2:49:8e:16: 81:52:24:e9:99:18:da:f8:55:94:cf:ba:56:dd:4e: 13:99:c8:59:78:7e:81:b3:25:7c:32:18:39:4b:0d: 2e:7a:f8:26:8f:8a:32:7b:46:d7:91:07:97:01:3c: 13:4c:fe:24:4e:c4:71:29:a6:f1:37:c8:44:02:2f: 5a:97:3f:a9:ed:ce:61:be:db:e3:42:7f:bc:e3:19: 4b:7b:54:4e:de:63:2d:4e:f8:49:26:96:59:1d:e2: 69:75:e9:91:bf:07:c4:62:5d:67:58:75:0d:b9:9f: e5:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A3:71:F7:BE:85:55:7D:A4:74:60:12:A8:05:63:81:98:8B:3E:49 X509v3 Authority Key Identifier: keyid:BD:67:31:D0:5C:D6:18:15:BC:0A:71:1C:65:9F:17:31:3E:F0:F5:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD6731D05CD61815BC0A711C659F17313EF0F5EB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:b7:a6:3c:1c:1b:12:cf:4f:b7:b8:6a:35:24:d7:6d:3f:02: ef:c0:8d:c8:8c:4a:44:f1:41:b8:1b:5e:6a:ea:01:a2:c8:f8: f3:d5:dc:f9:f9:9f:b5:64:29:2f:9a:11:75:2b:96:2e:d1:d2: e2:67:47:78:5b:92:49:e2:3f:b2:da:a4:57:78:78:b0:44:29: f4:d3:cd:6d:21:f4:d6:29:e0:ec:e3:b9:e6:57:de:3a:bf:f0: d7:d4:57:3a:d1:8e:5f:df:40:f1:4c:09:8b:a0:58:d8:0a:f9: 43:59:40:65:aa:b6:e9:0f:ec:c2:ca:b8:99:fd:77:0b:d1:9b: 0c:69:ae:3d:00:74:57:0b:13:ff:7b:e7:5a:8d:bd:bd:8a:03: 04:94:97:d6:60:c4:a0:13:d3:a1:fe:b5:58:bf:a1:f1:12:00: 66:3d:e7:79:69:73:2e:c5:24:08:1c:68:cc:29:20:22:c7:4b: d9:b8:24:71:11:cf:09:46:93:15:cf:b7:20:e7:e4:4e:1e:26: 3b:48:70:cf:a4:0d:fd:19:94:c2:19:70:d9:a9:f2:52:fc:cd: 4f:70:d5:24:e6:02:78:01:65:05:af:4d:bb:28:50:4c:19:33: 51:98:4d:56:d9:36:96:b5:95:6e:bc:4f:f1:cf:94:cf:f6:88: af:06:b6:21 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXz8jFpVUcZOqxRAWYPfkB+e1HIcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ2NzMxRDA1Q0Q2MTgxNUJDMEE3MTFDNjU5RjE3MzEz RUYwRjVFQjAeFw0yNTEyMDYyMDQ2MDVaFw0yNTEyMDkyMzIxMDVaMDMxMTAvBgNV BAMTKDI5QTM3MUY3QkU4NTU1N0RBNDc0NjAxMkE4MDU2MzgxOTg4QjNFNDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9k8TTGssHlAqthGziwlNe/L/Z 3HjAhg3yHoZau0NcuHthU5oF7vtdnLWphKv1Jju8nQe0zdAFFPClenG6Sh2lZpJS BLD8wwRKESTBTvpSRe63u3F/XmpFpi9G970tQ/yH0ZfjBoKudZmyvs70lNEPPJe9 p+ihEWznbEpmluHFBDWWlgFm2pu1hr2/nVES7VgjskmOFoFSJOmZGNr4VZTPulbd ThOZyFl4foGzJXwyGDlLDS56+CaPijJ7RteRB5cBPBNM/iROxHEppvE3yEQCL1qX P6ntzmG+2+NCf7zjGUt7VE7eYy1O+Ekmllkd4ml16ZG/B8RiXWdYdQ25n+VvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKaNx976FVX2kdGASqAVjgZiLPkkwHwYDVR0j BBgwFoAUvWcx0FzWGBW8CnEcZZ8XMT7w9eswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 MmQyOWIzMi0zYTI5LTRhMTQtYmM5Yi1jNzZhMDA3Y2EwMzIvMC9CRDY3MzFEMDVD RDYxODE1QkMwQTcxMUM2NTlGMTczMTNFRjBGNUVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkQ2NzMxRDA1Q0Q2MTgxNUJDMEE3MTFDNjU5RjE3MzEzRUYw RjVFQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjJkMjliMzItM2EyOS00YTE0LWJj OWItYzc2YTAwN2NhMDMyLzAvQkQ2NzMxRDA1Q0Q2MTgxNUJDMEE3MTFDNjU5RjE3 MzEzRUYwRjVFQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAD63pjwcGxLPT7e4ajUk120/Au/AjciMSkTx QbgbXmrqAaLI+PPV3Pn5n7VkKS+aEXUrli7R0uJnR3hbkkniP7LapFd4eLBEKfTT zW0h9NYp4OzjueZX3jq/8NfUVzrRjl/fQPFMCYugWNgK+UNZQGWqtukP7MLKuJn9 dwvRmwxprj0AdFcLE/9751qNvb2KAwSUl9ZgxKAT06H+tVi/ofESAGY953lpcy7F JAgcaMwpICLHS9m4JHERzwlGkxXPtyDn5E4eJjtIcM+kDf0ZlMIZcNmp8lL8zU9w 1STmAngBZQWvTbsoUEwZM1GYTVbZNpa1lW68T/HPlM/2iK8GtiE= -----END CERTIFICATE-----Generated at Sun Dec 7 18:52:31 2025 by rpki-client