This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: 6w14oH4Ya/wCa1Fuqc4BXBNEmlvgY3YKlN4R4IyLeNg= Subject key identifier: 67:A4:ED:6F:C7:A0:36:3E:BC:09:A8:DF:25:7B:D9:25:F7:AE:DA:58 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 1A938568A88F3FD5FB8516E01E708E6BD9CB01C6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 0211 Signing time: Tue 02 Dec 2025 07:42:03 +0000 Manifest this update: Tue 02 Dec 2025 07:37:03 +0000 Manifest next update: Fri 05 Dec 2025 18:54:03 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: zy874kp7Aij13SoqsUc018IXvpWImLfE9zkWr8MvZd4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 18:54:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:93:85:68:a8:8f:3f:d5:fb:85:16:e0:1e:70:8e:6b:d9:cb:01:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Dec 2 07:37:03 2025 GMT Not After : Dec 5 18:54:03 2025 GMT Subject: CN=67A4ED6FC7A0363EBC09A8DF257BD925F7AEDA58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a7:2d:69:0d:a7:f5:81:b4:5d:0d:11:1b:74: b7:01:99:ba:c4:d0:86:43:66:1f:2e:05:63:fd:4b: ff:6e:66:35:80:20:a6:2c:2f:eb:d1:22:a0:52:6d: 9f:5a:df:91:41:2e:08:5c:ed:28:36:b0:15:52:92: 0c:79:45:f2:33:39:6e:ab:39:8d:6d:e3:81:05:29: 39:2c:77:58:ba:0a:eb:07:7e:a5:64:6a:c2:13:1e: 95:7b:ab:fe:85:b8:5c:6d:a0:0c:a4:2c:db:31:94: fe:e5:47:28:1d:85:f4:24:05:a4:4d:eb:74:9f:ee: 96:59:fd:18:92:d1:60:20:63:cb:20:58:c5:25:1a: d1:65:7e:90:b6:17:2d:42:7a:5f:72:5e:78:67:da: 31:82:f6:45:dd:aa:71:bd:94:be:40:aa:a7:c6:94: 8b:1e:be:f0:bc:24:a4:e2:3c:8e:ea:0b:f4:9c:4a: 5b:f0:d7:0d:ef:92:eb:35:1a:74:ca:70:c4:67:2c: 86:2c:a0:d7:97:9a:8b:7f:12:e8:48:b7:ac:bc:a2: b0:45:2a:d5:0c:23:f7:d3:c4:24:bc:2b:53:7d:3a: 94:ef:25:55:ec:1c:8a:31:ef:09:9f:6d:a2:57:64: 74:9f:2a:03:46:ca:78:4f:d4:60:a5:4d:4a:53:46: f8:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:A4:ED:6F:C7:A0:36:3E:BC:09:A8:DF:25:7B:D9:25:F7:AE:DA:58 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:62:44:61:c7:cc:20:a9:43:eb:a1:b8:11:93:7b:05:31:60: cc:7d:8b:b1:da:0c:e7:31:04:05:75:3f:81:07:4f:bf:b8:f7: 13:26:86:59:4d:da:ca:26:20:c8:7f:ff:7b:a2:7f:01:a2:21: 4f:34:1b:a6:32:ff:38:bd:4d:4b:d4:f7:d4:49:b2:2e:e0:92: 84:2a:d9:0d:34:b1:6e:8e:4a:a1:dd:ad:63:03:f4:3e:01:0d: 29:a1:5e:22:6b:e7:ea:d3:21:88:eb:fb:d3:2d:73:37:51:13: b6:b7:54:51:3e:62:b0:6b:55:17:46:4a:2a:8c:a3:e3:90:17: 89:19:b4:c4:a4:5f:43:0d:86:a0:36:2f:a3:36:b1:34:18:1a: 94:d0:89:77:3d:62:fd:b5:84:e3:85:38:66:9a:df:5b:42:fc: 59:a4:55:02:c9:de:b3:e7:66:32:68:04:ca:1b:1d:c9:f7:7c: 3a:1e:2d:ca:88:d2:d2:8e:27:db:af:f9:50:27:70:2f:d3:67: 74:f2:73:01:e5:70:d0:27:b1:24:50:c9:a5:2a:9b:bb:de:b2: f2:a8:de:6a:e1:15:15:58:63:45:c9:eb:8e:b6:54:74:af:ab: 05:ca:d1:24:1e:55:28:f1:79:cb:2c:e9:e8:4a:3d:d3:7c:69: 14:d6:a2:e4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGpOFaKiPP9X7hRbgHnCOa9nLAcYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTEyMDIwNzM3MDNaFw0yNTEyMDUxODU0MDNaMDMxMTAvBgNV BAMTKDY3QTRFRDZGQzdBMDM2M0VCQzA5QThERjI1N0JEOTI1RjdBRURBNTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2py1pDaf1gbRdDREbdLcBmbrE 0IZDZh8uBWP9S/9uZjWAIKYsL+vRIqBSbZ9a35FBLghc7Sg2sBVSkgx5RfIzOW6r OY1t44EFKTksd1i6CusHfqVkasITHpV7q/6FuFxtoAykLNsxlP7lRygdhfQkBaRN 63Sf7pZZ/RiS0WAgY8sgWMUlGtFlfpC2Fy1Cel9yXnhn2jGC9kXdqnG9lL5AqqfG lIsevvC8JKTiPI7qC/ScSlvw1w3vkus1GnTKcMRnLIYsoNeXmot/EuhIt6y8orBF KtUMI/fTxCS8K1N9OpTvJVXsHIox7wmfbaJXZHSfKgNGynhP1GClTUpTRvjnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZ6Ttb8egNj68CajfJXvZJfeu2lgwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFFiRGHHzCCpQ+uhuBGTewUxYMx9i7HaDOcx BAV1P4EHT7+49xMmhllN2somIMh//3uifwGiIU80G6Yy/zi9TUvU99RJsi7gkoQq 2Q00sW6OSqHdrWMD9D4BDSmhXiJr5+rTIYjr+9MtczdRE7a3VFE+YrBrVRdGSiqM o+OQF4kZtMSkX0MNhqA2L6M2sTQYGpTQiXc9Yv21hOOFOGaa31tC/FmkVQLJ3rPn ZjJoBMobHcn3fDoeLcqI0tKOJ9uv+VAncC/TZ3TycwHlcNAnsSRQyaUqm7vesvKo 3mrhFRVYY0XJ6462VHSvqwXK0SQeVSjxecss6ehKPdN8aRTWouQ= -----END CERTIFICATE-----Generated at Wed Dec 3 14:45:59 2025 by rpki-client