This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: kiQqpJLgW0UBiC18agui4GN+SHVQulqL0sJgs6pUjOk= Subject key identifier: E3:D6:61:90:AD:25:02:2C:5D:A7:E3:B8:9E:76:D9:42:7B:92:15:C8 Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 2CAC3F1BF2583653F0971BFDE9E13E20E84F8A8A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: D8 Signing time: Sun 07 Dec 2025 04:31:50 +0000 Manifest this update: Sun 07 Dec 2025 04:26:50 +0000 Manifest next update: Wed 10 Dec 2025 15:06:50 +0000 Files and hashes: 1: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: okMulqCwmQrHdU+kO0nYzAvF/vvi8wTCEKi+VdDT9lQ=) 2: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: 4kH33r3VCpFiNzWz/dDaoVEB2ld/qTDQm+X8tCm4fW8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:ac:3f:1b:f2:58:36:53:f0:97:1b:fd:e9:e1:3e:20:e8:4f:8a:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Dec 7 04:26:50 2025 GMT Not After : Dec 10 15:06:50 2025 GMT Subject: CN=E3D66190AD25022C5DA7E3B89E76D9427B9215C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:64:5c:68:10:1d:3a:4a:28:ba:e7:72:03:de: 52:e2:cf:69:45:4c:26:89:0e:ca:37:af:ea:0e:58: 57:cd:f7:9f:fa:bf:69:5c:b4:86:8c:62:2a:8f:e8: 43:87:dc:4d:3a:9a:1e:19:13:c6:61:ee:3b:62:c9: 71:9e:26:a8:a3:1e:66:3f:0f:7a:82:87:b4:b8:08: 0e:3b:b2:dc:03:a7:0c:56:c3:3c:84:96:b3:08:3e: 34:d7:c3:ab:40:4a:7f:35:01:f2:fb:bb:0e:1c:0b: df:35:ab:1f:8c:6b:fe:62:dc:a4:f6:2b:1f:bb:5f: 4d:59:31:81:4e:54:be:b7:a6:2c:4a:ef:3f:05:e7: d3:95:bc:3c:e4:8a:de:6e:c7:96:03:ac:70:20:93: 50:a7:fd:51:c9:28:b5:7c:f6:18:71:aa:cb:d0:e7: 63:85:02:33:d3:2b:f2:71:4c:d0:1a:4f:6a:11:8c: 16:52:68:cd:20:90:6d:5e:7d:80:3e:7a:bb:c9:c8: ca:bc:70:f6:3d:30:33:4b:ee:6f:fb:b7:11:da:dd: 5c:d2:bf:84:f6:54:38:10:18:77:e7:2d:aa:f2:f4: 7d:6a:6b:f0:2b:4f:09:60:4d:27:69:9b:cd:b1:3b: 88:58:97:05:18:69:d8:46:13:87:93:f5:d5:7d:4a: a8:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D6:61:90:AD:25:02:2C:5D:A7:E3:B8:9E:76:D9:42:7B:92:15:C8 X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:50:2f:dd:b7:05:ae:96:54:99:1f:49:63:29:7b:84:77:ad: 9a:ef:aa:3d:17:b9:44:0c:b8:92:e0:34:74:43:83:23:8d:d1: 15:f7:69:b2:bd:86:9c:a3:7a:74:b6:e1:95:7e:6e:49:fb:13: 7c:b6:da:60:47:cf:46:61:35:50:d8:71:ef:c8:ae:cd:b0:bd: 10:10:70:e7:1b:84:9c:61:c2:ce:8b:61:d6:6a:b0:79:d9:da: 35:14:24:97:33:a1:5a:e7:e7:03:eb:d1:42:88:1d:04:e6:87: 5e:02:85:d6:5a:7c:23:eb:07:31:c6:76:7f:5e:46:65:ec:b2: 80:42:42:5e:63:91:2d:63:93:7b:36:fc:1f:5b:97:57:33:4c: 27:2d:3e:67:24:f2:45:9e:07:50:ae:70:a5:90:53:c1:92:9a: a0:13:ec:c5:3f:21:98:58:8e:e0:90:b2:82:3b:73:d7:92:90: 34:1c:6e:1b:d1:31:60:b8:7d:2c:ce:e1:90:93:6f:58:c4:a1: 02:6a:35:2d:5e:90:80:9e:95:57:14:a3:c1:3c:6c:90:61:60: e9:1a:61:24:57:7b:86:c5:22:81:a0:58:b9:fb:72:71:98:cc: ca:09:53:4a:64:82:c4:04:1d:ad:16:1e:c4:a0:03:7c:e0:e9: 83:25:50:66 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULKw/G/JYNlPwlxv96eE+IOhPioowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNTEyMDcwNDI2NTBaFw0yNTEyMTAxNTA2NTBaMDMxMTAvBgNV BAMTKEUzRDY2MTkwQUQyNTAyMkM1REE3RTNCODlFNzZEOTQyN0I5MjE1QzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ZFxoEB06Sii653ID3lLiz2lF TCaJDso3r+oOWFfN95/6v2lctIaMYiqP6EOH3E06mh4ZE8Zh7jtiyXGeJqijHmY/ D3qCh7S4CA47stwDpwxWwzyElrMIPjTXw6tASn81AfL7uw4cC981qx+Ma/5i3KT2 Kx+7X01ZMYFOVL63pixK7z8F59OVvDzkit5ux5YDrHAgk1Cn/VHJKLV89hhxqsvQ 52OFAjPTK/JxTNAaT2oRjBZSaM0gkG1efYA+ervJyMq8cPY9MDNL7m/7txHa3VzS v4T2VDgQGHfnLary9H1qa/ArTwlgTSdpm82xO4hYlwUYadhGE4eT9dV9SqiTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU49ZhkK0lAixdp+O4nnbZQnuSFcgwHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGRQL923Ba6WVJkfSWMpe4R3rZrvqj0XuUQM uJLgNHRDgyON0RX3abK9hpyjenS24ZV+bkn7E3y22mBHz0ZhNVDYce/Irs2wvRAQ cOcbhJxhws6LYdZqsHnZ2jUUJJczoVrn5wPr0UKIHQTmh14ChdZafCPrBzHGdn9e RmXssoBCQl5jkS1jk3s2/B9bl1czTCctPmck8kWeB1CucKWQU8GSmqAT7MU/IZhY juCQsoI7c9eSkDQcbhvRMWC4fSzO4ZCTb1jEoQJqNS1ekICelVcUo8E8bJBhYOka YSRXe4bFIoGgWLn7cnGYzMoJU0pkgsQEHa0WHsSgA3zg6YMlUGY= -----END CERTIFICATE-----Generated at Sun Dec 7 18:52:34 2025 by rpki-client