This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft File: D237DEA20D73B3F216B98336BA8307D913DDB257.mft (raw, json) Hash identifier: FVRUs8ISlgHHK4YXN3Beh2j7gqrYaWIj0sDcpbgQEso= Subject key identifier: 7A:D1:C1:15:02:B9:45:A0:50:3B:74:DC:D7:5C:4D:82:6F:D0:1C:33 Authority key identifier: D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 Certificate issuer: /CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Certificate serial: 3A40E277D31D75A677C1D5AA3B5A95A1E587AA49 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject info access: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft Manifest number: FE Signing time: Tue 20 Jan 2026 22:11:08 +0000 Manifest this update: Tue 20 Jan 2026 22:06:08 +0000 Manifest next update: Sat 24 Jan 2026 09:42:08 +0000 Files and hashes: 1: 3136302e32302e3130352e302f32342d3234203d3e20313532373930.roa (hash: eyJcLgwqfLDN5yf54+8qcXB3Eo84ClH1ySCmSpCcr34=) 2: 3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa (hash: /XQcveyg4jv0OLVMXGF7RkM1OgqinZHYHqjopRTiyzg=) 3: D237DEA20D73B3F216B98336BA8307D913DDB257.crl (hash: A25/E6ptLxv8DJLTTIgHkaEqINxQJ4tDhpm7GjDs7nU=) 4: 3136302e32302e3130342e302f32332d3233203d3e20313532373930.roa (hash: 6GiaOKLyqPYX/f1R6Pzjd3Rq6FZr1+gkkd5RuGl5VaI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 09:42:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:40:e2:77:d3:1d:75:a6:77:c1:d5:aa:3b:5a:95:a1:e5:87:aa:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Validity Not Before: Jan 20 22:06:08 2026 GMT Not After : Jan 24 09:42:08 2026 GMT Subject: CN=7AD1C11502B945A0503B74DCD75C4D826FD01C33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:13:39:40:e4:02:c4:48:98:ef:f8:3f:8d:17: 61:ed:ad:44:28:97:e3:22:f6:a1:a7:9c:9c:25:bd: 67:6e:e4:66:64:65:b3:45:f6:c9:3a:6f:ff:b1:e3: e1:62:bc:36:51:de:3d:45:54:38:46:16:ed:2e:ab: c6:24:20:9a:7b:77:24:a9:37:38:49:0f:aa:9c:11: 31:9c:50:30:c3:13:c4:de:1e:ec:95:98:ba:21:8d: e8:12:ee:af:44:5f:2e:80:82:b2:be:72:4c:b1:4e: 6f:2a:e0:80:58:a4:b6:eb:82:73:d3:29:81:78:8c: 07:bb:86:d6:9c:64:c0:b5:63:4d:d7:ed:b0:6b:f8: 76:6e:ba:1d:e0:13:c1:69:fb:e1:04:8e:f5:b1:3a: d5:60:56:ca:30:b0:2f:d6:f1:c0:23:2f:b3:0d:a4: ff:c5:85:69:37:11:99:60:11:d3:c4:4e:22:59:fa: 4e:5f:0d:4a:f5:91:b2:69:bd:93:0f:0b:01:b1:c1: 86:1b:d5:2e:53:6b:59:1f:64:10:ba:96:ca:02:26: 3d:60:44:82:d6:53:97:03:94:c8:87:ae:e7:50:66: 16:ac:8b:ea:87:1e:b3:c9:9f:ac:30:eb:6f:f4:0c: fe:ef:86:9c:26:7c:ef:e3:f9:a1:3d:2a:8f:72:d3: 99:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:D1:C1:15:02:B9:45:A0:50:3B:74:DC:D7:5C:4D:82:6F:D0:1C:33 X509v3 Authority Key Identifier: keyid:D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:72:d7:94:db:d5:b4:04:93:11:79:b7:77:c1:4a:c0:c8:85: d0:1f:b1:04:50:6d:72:5c:3f:e9:0d:84:92:3f:54:1d:f8:8d: 53:c1:0d:0b:d6:08:d1:f0:12:54:21:11:34:96:69:0b:5b:97: 64:39:e8:4a:73:78:1e:1a:80:08:36:1b:5b:b9:6d:cc:cc:e6: aa:b4:05:37:f5:7f:42:ff:dc:67:6c:55:fa:a1:64:19:67:4c: b0:25:b7:09:88:3d:61:cf:b6:a0:7d:9a:cb:a0:7e:86:61:f7: 97:4b:32:fa:04:e4:8c:39:9b:81:ba:68:05:cf:53:3d:ef:d9: 7f:a4:c2:62:bb:57:96:38:f7:34:2f:f9:65:f6:88:c1:b0:29: ae:85:39:e9:88:35:1d:35:56:56:20:e7:4a:c5:15:42:86:8c: 40:33:30:6f:72:c6:e6:e0:3b:b0:f8:04:98:35:99:44:03:45: f1:fd:0e:ab:01:23:db:cb:90:ef:8f:c6:e0:bf:d5:1a:e9:72: 18:39:0c:c5:03:97:94:9d:be:4f:9e:66:87:4b:19:c3:da:a9: ae:ec:94:e1:e5:e9:cd:59:30:7e:ae:57:39:60:05:fb:bd:16: 17:63:be:94:87:ea:25:d7:36:dd:3e:aa:0f:76:bd:a0:b1:66: 0a:c4:17:45 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOkDid9MddaZ3wdWqO1qVoeWHqkkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkx M0REQjI1NzAeFw0yNjAxMjAyMjA2MDhaFw0yNjAxMjQwOTQyMDhaMDMxMTAvBgNV BAMTKDdBRDFDMTE1MDJCOTQ1QTA1MDNCNzREQ0Q3NUM0RDgyNkZEMDFDMzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvEzlA5ALESJjv+D+NF2HtrUQo l+Mi9qGnnJwlvWdu5GZkZbNF9sk6b/+x4+FivDZR3j1FVDhGFu0uq8YkIJp7dySp NzhJD6qcETGcUDDDE8TeHuyVmLohjegS7q9EXy6AgrK+ckyxTm8q4IBYpLbrgnPT KYF4jAe7htacZMC1Y03X7bBr+HZuuh3gE8Fp++EEjvWxOtVgVsowsC/W8cAjL7MN pP/FhWk3EZlgEdPETiJZ+k5fDUr1kbJpvZMPCwGxwYYb1S5Ta1kfZBC6lsoCJj1g RILWU5cDlMiHrudQZhasi+qHHrPJn6ww62/0DP7vhpwmfO/j+aE9Ko9y05mPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUetHBFQK5RaBQO3Tc11xNgm/QHDMwHwYDVR0j BBgwFoAU0jfeog1zs/IWuYM2uoMH2RPdslcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m YmI1ZmE0YS1iZWE2LTQ2NGYtYjQwOS0xMWQ5YTM3NjFhNmMvMC9EMjM3REVBMjBE NzNCM0YyMTZCOTgzMzZCQTgzMDdEOTEzRERCMjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkxM0RE QjI1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZmJiNWZhNGEtYmVhNi00NjRmLWI0 MDktMTFkOWEzNzYxYTZjLzAvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3 RDkxM0REQjI1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABZy15Tb1bQEkxF5t3fBSsDIhdAfsQRQbXJc P+kNhJI/VB34jVPBDQvWCNHwElQhETSWaQtbl2Q56EpzeB4agAg2G1u5bczM5qq0 BTf1f0L/3GdsVfqhZBlnTLAltwmIPWHPtqB9msugfoZh95dLMvoE5Iw5m4G6aAXP Uz3v2X+kwmK7V5Y49zQv+WX2iMGwKa6FOemINR01VlYg50rFFUKGjEAzMG9yxubg O7D4BJg1mUQDRfH9DqsBI9vLkO+PxuC/1Rrpchg5DMUDl5Sdvk+eZodLGcPaqa7s lOHl6c1ZMH6uVzlgBfu9FhdjvpSH6iXXNt0+qg92vaCxZgrEF0U= -----END CERTIFICATE-----Generated at Wed Jan 21 12:15:17 2026 by rpki-client