This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft File: D237DEA20D73B3F216B98336BA8307D913DDB257.mft (raw, json) Hash identifier: CAbOsB/S/h6im37d0JerR020Mo2bpqBVVGqfcJCiuc4= Subject key identifier: D4:2E:00:D1:40:79:C6:22:0D:FF:E2:06:BD:5E:A0:4A:E1:03:1F:41 Authority key identifier: D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 Certificate issuer: /CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Certificate serial: 7DF1CD2CDFE229D0B3CF70E7E9F751094BB31656 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject info access: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft Manifest number: E8 Signing time: Wed 03 Dec 2025 00:01:09 +0000 Manifest this update: Tue 02 Dec 2025 23:56:09 +0000 Manifest next update: Sat 06 Dec 2025 01:23:09 +0000 Files and hashes: 1: 3136302e32302e3130342e302f32332d3233203d3e20313532373930.roa (hash: 6GiaOKLyqPYX/f1R6Pzjd3Rq6FZr1+gkkd5RuGl5VaI=) 2: 3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa (hash: /XQcveyg4jv0OLVMXGF7RkM1OgqinZHYHqjopRTiyzg=) 3: D237DEA20D73B3F216B98336BA8307D913DDB257.crl (hash: sKPOn1BWubfRWccMBIDkdz0cqbFG0FHfb4ylEkyytcw=) 4: 3136302e32302e3130352e302f32342d3234203d3e20313532373930.roa (hash: eyJcLgwqfLDN5yf54+8qcXB3Eo84ClH1ySCmSpCcr34=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 01:23:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:f1:cd:2c:df:e2:29:d0:b3:cf:70:e7:e9:f7:51:09:4b:b3:16:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Validity Not Before: Dec 2 23:56:09 2025 GMT Not After : Dec 6 01:23:09 2025 GMT Subject: CN=D42E00D14079C6220DFFE206BD5EA04AE1031F41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:6b:ef:3c:35:60:d7:b6:d8:a0:db:72:37:39: 53:2c:a6:1e:17:43:2e:b3:78:4d:32:1b:f1:be:c1: 71:de:28:3d:c9:80:2b:6c:b1:2c:a8:de:d6:b6:d1: 5e:62:ec:2c:73:90:b1:e1:e5:9f:8f:67:77:be:62: 2b:13:a8:67:3f:f4:ea:46:f6:c4:9e:e2:f7:ef:6b: cd:77:8a:a0:80:f4:6b:8f:1b:83:b4:a6:35:0c:b2: f1:83:aa:83:03:77:f2:8d:1d:c7:45:a4:ac:1c:2d: 6d:6b:ca:eb:03:f6:ec:4f:29:4c:08:3d:37:6d:4e: e4:5a:78:4b:f0:41:bc:c8:f6:65:fc:90:3b:99:5a: 9a:8a:d6:69:2e:c6:f1:e0:2f:f6:7e:4d:ae:7d:74: 33:b4:36:09:17:17:f5:d8:70:c4:c0:06:a6:3e:54: ba:d7:a7:bd:fe:df:f7:de:71:10:dc:e7:ee:b5:b1: 88:84:50:aa:55:60:65:76:6d:0f:f5:bb:26:48:64: 86:ae:2b:b3:ab:25:28:dc:ea:f3:00:50:3f:51:d2: 4e:a4:a1:3a:90:5e:5e:09:fa:fa:4f:fa:52:52:ac: 25:19:83:b0:2b:22:ce:b2:db:b3:65:9e:5d:28:74: db:94:73:5a:eb:ec:e8:86:07:ac:58:5d:f2:4a:6b: e6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:2E:00:D1:40:79:C6:22:0D:FF:E2:06:BD:5E:A0:4A:E1:03:1F:41 X509v3 Authority Key Identifier: keyid:D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:60:5a:a1:35:64:6a:5c:cc:c8:1b:2a:03:b2:68:ee:da:30: 7d:f5:88:58:54:e4:97:80:c9:99:d9:c2:ad:b1:13:64:ff:44: 2b:bb:09:4b:c9:7a:01:32:b4:86:59:40:a9:b2:0c:6d:40:a1: 4f:f7:4f:95:66:18:23:ce:72:f7:e5:6a:b3:5e:8d:85:49:aa: 96:c7:04:2e:3f:08:90:f6:7e:da:54:8b:f7:8f:1b:80:98:38: c2:62:26:e0:39:ee:c7:93:21:b1:f6:3c:6b:6d:f7:44:8c:40: 0e:55:9f:fd:40:65:20:9b:06:01:68:a3:97:21:32:14:49:79: 6d:56:0c:35:33:ba:db:ec:54:fd:12:4e:52:76:3d:a6:82:0a: b7:75:54:7e:95:ea:8e:8f:34:92:15:79:4c:bd:9b:55:bc:86: ae:e9:86:b4:ca:f4:30:ac:96:96:31:d0:54:6d:05:18:56:8c: 9b:ab:90:5c:25:5e:e2:98:7a:b8:3f:b2:74:b9:32:dc:30:22: 28:00:f6:f5:ad:19:26:d1:5b:7f:70:a2:a6:a6:89:00:c6:39: d1:72:04:c4:b3:a4:42:27:1c:98:da:c0:2e:a2:2e:cd:a2:f3: da:f4:b9:fd:06:5f:60:51:97:16:23:70:8e:6b:d8:07:70:e6: d9:ed:59:d1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUffHNLN/iKdCzz3Dn6fdRCUuzFlYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkx M0REQjI1NzAeFw0yNTEyMDIyMzU2MDlaFw0yNTEyMDYwMTIzMDlaMDMxMTAvBgNV BAMTKEQ0MkUwMEQxNDA3OUM2MjIwREZGRTIwNkJENUVBMDRBRTEwMzFGNDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0a+88NWDXttig23I3OVMsph4X Qy6zeE0yG/G+wXHeKD3JgCtssSyo3ta20V5i7CxzkLHh5Z+PZ3e+YisTqGc/9OpG 9sSe4vfva813iqCA9GuPG4O0pjUMsvGDqoMDd/KNHcdFpKwcLW1ryusD9uxPKUwI PTdtTuRaeEvwQbzI9mX8kDuZWpqK1mkuxvHgL/Z+Ta59dDO0NgkXF/XYcMTABqY+ VLrXp73+3/fecRDc5+61sYiEUKpVYGV2bQ/1uyZIZIauK7OrJSjc6vMAUD9R0k6k oTqQXl4J+vpP+lJSrCUZg7ArIs6y27Nlnl0odNuUc1rr7OiGB6xYXfJKa+ZlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1C4A0UB5xiIN/+IGvV6gSuEDH0EwHwYDVR0j BBgwFoAU0jfeog1zs/IWuYM2uoMH2RPdslcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m YmI1ZmE0YS1iZWE2LTQ2NGYtYjQwOS0xMWQ5YTM3NjFhNmMvMC9EMjM3REVBMjBE NzNCM0YyMTZCOTgzMzZCQTgzMDdEOTEzRERCMjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkxM0RE QjI1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZmJiNWZhNGEtYmVhNi00NjRmLWI0 MDktMTFkOWEzNzYxYTZjLzAvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3 RDkxM0REQjI1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHhgWqE1ZGpczMgbKgOyaO7aMH31iFhU5JeA yZnZwq2xE2T/RCu7CUvJegEytIZZQKmyDG1AoU/3T5VmGCPOcvflarNejYVJqpbH BC4/CJD2ftpUi/ePG4CYOMJiJuA57seTIbH2PGtt90SMQA5Vn/1AZSCbBgFoo5ch MhRJeW1WDDUzutvsVP0STlJ2PaaCCrd1VH6V6o6PNJIVeUy9m1W8hq7phrTK9DCs lpYx0FRtBRhWjJurkFwlXuKYerg/snS5MtwwIigA9vWtGSbRW39woqamiQDGOdFy BMSzpEInHJjawC6iLs2i89r0uf0GX2BRlxYjcI5r2Adw5tntWdE= -----END CERTIFICATE-----Generated at Wed Dec 3 18:15:19 2025 by rpki-client