This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft File: 43A0899A11D5A51202F1304338672AF19B201A74.mft (raw, json) Hash identifier: SR2zsjp6CLdC2biOvfBkscr1dSZh118dNP/JlCrKmpc= Subject key identifier: 95:EF:1A:60:F6:B7:8D:41:97:29:E1:44:4A:CF:79:9E:AF:79:92:8D Authority key identifier: 43:A0:89:9A:11:D5:A5:12:02:F1:30:43:38:67:2A:F1:9B:20:1A:74 Certificate issuer: /CN=43A0899A11D5A51202F1304338672AF19B201A74 Certificate serial: 2B94511515F87118610F5D604F76B34655AE0FD9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft Manifest number: 0404 Signing time: Fri 05 Dec 2025 11:52:07 +0000 Manifest this update: Fri 05 Dec 2025 11:47:07 +0000 Manifest next update: Mon 08 Dec 2025 22:14:07 +0000 Files and hashes: 1: 43A0899A11D5A51202F1304338672AF19B201A74.crl (hash: j0lSAnWrK3ydnpJEJaRWXpG19VWC0IeHJC+YLCuKnKc=) 2: 3130332e32392e3231322e302f32322d3234203d3e203538333737.roa (hash: bEv5NJFvGjCqOM99MFNub18kUBXqluJLuz63DD7/xZ4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.crl rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 22:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:94:51:15:15:f8:71:18:61:0f:5d:60:4f:76:b3:46:55:ae:0f:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43A0899A11D5A51202F1304338672AF19B201A74 Validity Not Before: Dec 5 11:47:07 2025 GMT Not After : Dec 8 22:14:07 2025 GMT Subject: CN=95EF1A60F6B78D419729E1444ACF799EAF79928D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e4:c1:bf:ce:72:99:e5:21:62:02:cb:04:51: 94:60:c5:23:a4:05:0a:01:60:bb:85:b9:ad:9e:e3: 80:a0:6a:41:ce:58:54:14:95:4b:bd:97:90:b3:b0: 78:1a:b6:f7:35:78:52:f4:cf:23:96:3a:42:9b:c6: d3:a9:60:92:b6:17:9c:0f:64:bd:53:97:33:a7:a7: 79:aa:ad:db:84:ac:e1:4d:c6:5c:43:c4:80:46:cc: 75:da:33:5f:29:9e:7f:4e:f5:a0:b0:0f:ce:d4:e5: f7:d8:ac:81:83:92:d9:0e:24:e8:b6:10:7d:42:ce: 6e:71:75:ea:26:ae:af:83:67:b2:f8:e5:09:3d:bc: c8:a4:f8:7b:ed:f9:db:ae:60:8d:99:ab:4c:a0:58: b2:2e:61:61:d0:da:49:c5:53:b9:bd:de:44:3a:22: 44:22:9f:94:22:2b:95:e2:11:de:ce:cb:e9:32:58: 3f:ca:76:83:ad:24:67:70:84:d4:40:52:83:8c:6a: d0:fd:0e:86:6a:74:05:7a:a3:ec:47:49:fb:d0:e4: 89:80:87:60:98:bd:37:aa:bf:2b:93:64:4d:a9:a2: 92:64:88:c6:93:ff:dc:f6:62:19:bc:81:b1:ad:93: 42:b9:22:81:96:3d:b3:2d:c1:9b:bc:34:69:8c:b7: c0:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:EF:1A:60:F6:B7:8D:41:97:29:E1:44:4A:CF:79:9E:AF:79:92:8D X509v3 Authority Key Identifier: keyid:43:A0:89:9A:11:D5:A5:12:02:F1:30:43:38:67:2A:F1:9B:20:1A:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:c5:4f:92:97:64:b3:4e:b0:7f:b7:66:72:1c:f3:35:44:a6: 1f:71:20:44:19:1d:1e:18:3d:37:83:e7:1f:8d:af:9b:55:48: 7f:6a:b4:6f:18:8d:84:78:35:56:33:2f:47:08:ad:46:0d:76: b5:8c:45:b2:d7:50:9e:45:a2:b0:2d:32:5e:69:be:ad:f9:bd: 2a:c8:ce:a3:e9:30:ed:0e:9f:91:41:af:e4:78:31:1a:c3:27: 3f:86:e2:ba:07:bb:90:d6:ac:c4:6e:1c:85:df:19:10:e9:38: 0d:53:5c:45:a7:90:af:8e:75:04:a9:85:8f:14:1d:b7:22:85: 67:72:8e:36:29:17:41:df:5c:0b:0b:66:ed:53:66:f5:e7:aa: ca:91:fd:43:3d:d5:04:23:71:ba:cb:f3:a7:8d:cb:3d:a5:91: 67:55:ce:24:cc:eb:93:4e:0d:a6:32:f1:55:f2:d5:ce:50:2a: b0:1c:bb:a0:24:9b:cf:a8:5a:a4:c7:0b:41:c8:f1:22:1d:49: fc:ca:25:df:9f:a7:bf:09:18:9f:e7:56:9f:b0:8e:5e:58:fc: 2c:1c:5f:ec:29:25:16:bf:f2:69:23:b2:fd:51:d4:92:5c:32: 1a:07:84:6d:bb:81:08:d3:6d:3a:3c:38:72:ae:00:09:95:15: 70:67:ab:3d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUK5RRFRX4cRhhD11gT3azRlWuD9kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJBRjE5 QjIwMUE3NDAeFw0yNTEyMDUxMTQ3MDdaFw0yNTEyMDgyMjE0MDdaMDMxMTAvBgNV BAMTKDk1RUYxQTYwRjZCNzhENDE5NzI5RTE0NDRBQ0Y3OTlFQUY3OTkyOEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC5MG/znKZ5SFiAssEUZRgxSOk BQoBYLuFua2e44CgakHOWFQUlUu9l5CzsHgatvc1eFL0zyOWOkKbxtOpYJK2F5wP ZL1TlzOnp3mqrduErOFNxlxDxIBGzHXaM18pnn9O9aCwD87U5ffYrIGDktkOJOi2 EH1Czm5xdeomrq+DZ7L45Qk9vMik+Hvt+duuYI2Zq0ygWLIuYWHQ2knFU7m93kQ6 IkQin5QiK5XiEd7Oy+kyWD/KdoOtJGdwhNRAUoOMatD9DoZqdAV6o+xHSfvQ5ImA h2CYvTeqvyuTZE2popJkiMaT/9z2Yhm8gbGtk0K5IoGWPbMtwZu8NGmMt8BdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUle8aYPa3jUGXKeFESs95nq95ko0wHwYDVR0j BBgwFoAUQ6CJmhHVpRIC8TBDOGcq8ZsgGnQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NDAxYjJkMS0wMWNhLTQwZTgtYmY3Ny05ODYxNTk4NjdhMDQvMC80M0EwODk5QTEx RDVBNTEyMDJGMTMwNDMzODY3MkFGMTlCMjAxQTc0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJBRjE5QjIw MUE3NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDQwMWIyZDEtMDFjYS00MGU4LWJm NzctOTg2MTU5ODY3YTA0LzAvNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJB RjE5QjIwMUE3NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGjFT5KXZLNOsH+3ZnIc8zVEph9xIEQZHR4Y PTeD5x+Nr5tVSH9qtG8YjYR4NVYzL0cIrUYNdrWMRbLXUJ5ForAtMl5pvq35vSrI zqPpMO0On5FBr+R4MRrDJz+G4roHu5DWrMRuHIXfGRDpOA1TXEWnkK+OdQSphY8U HbcihWdyjjYpF0HfXAsLZu1TZvXnqsqR/UM91QQjcbrL86eNyz2lkWdVziTM65NO DaYy8VXy1c5QKrAcu6Akm8+oWqTHC0HI8SIdSfzKJd+fp78JGJ/nVp+wjl5Y/Cwc X+wpJRa/8mkjsv1R1JJcMhoHhG27gQjTbTo8OHKuAAmVFXBnqz0= -----END CERTIFICATE-----Generated at Sun Dec 7 01:44:44 2025 by rpki-client