This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/20a78c06-1d6e-43b6-bf30-860cebddfb32/0/957CC5B55223EC29F2E71324C678334C4348BE02.mft File: 957CC5B55223EC29F2E71324C678334C4348BE02.mft (raw, json) Hash identifier: WKQg1XJ3HK/5U/M9ulOxXEYl1btf578SgLIGxv93wjs= Subject key identifier: C1:B8:69:50:D0:84:17:53:A2:C5:71:4E:67:3D:BA:AE:30:FE:F7:20 Authority key identifier: 95:7C:C5:B5:52:23:EC:29:F2:E7:13:24:C6:78:33:4C:43:48:BE:02 Certificate issuer: /CN=957CC5B55223EC29F2E71324C678334C4348BE02 Certificate serial: 6EDDCE65AB32F3A42F17FF5F3DF802222EC6EDD9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/957CC5B55223EC29F2E71324C678334C4348BE02.cer Subject info access: rsync://repo-rpki.idnic.net/repo/20a78c06-1d6e-43b6-bf30-860cebddfb32/0/957CC5B55223EC29F2E71324C678334C4348BE02.mft Manifest number: 01EE Signing time: Fri 05 Dec 2025 01:00:58 +0000 Manifest this update: Fri 05 Dec 2025 00:55:58 +0000 Manifest next update: Mon 08 Dec 2025 06:43:58 +0000 Files and hashes: 1: 3130332e3134372e3131362e302f32332d3234203d3e203137373639.roa (hash: sKfx76+Sncyrs9mYumqkFI6ie1K7xxqfJijMwgYJ3J8=) 2: 957CC5B55223EC29F2E71324C678334C4348BE02.crl (hash: W/ajy3AozG0k0M6ii3mW3vCvNOF4wc9o3WbWa1EDvSk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/20a78c06-1d6e-43b6-bf30-860cebddfb32/0/957CC5B55223EC29F2E71324C678334C4348BE02.crl rsync://repo-rpki.idnic.net/repo/20a78c06-1d6e-43b6-bf30-860cebddfb32/0/957CC5B55223EC29F2E71324C678334C4348BE02.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/957CC5B55223EC29F2E71324C678334C4348BE02.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 06:43:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:dd:ce:65:ab:32:f3:a4:2f:17:ff:5f:3d:f8:02:22:2e:c6:ed:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=957CC5B55223EC29F2E71324C678334C4348BE02 Validity Not Before: Dec 5 00:55:58 2025 GMT Not After : Dec 8 06:43:58 2025 GMT Subject: CN=C1B86950D0841753A2C5714E673DBAAE30FEF720 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:4e:1f:56:87:07:3b:6a:33:ca:bd:04:72:ec: 53:c3:c2:0b:76:68:d9:65:5f:00:d0:1c:1e:47:1a: 8b:81:d8:1f:0c:59:48:a4:f1:7c:3c:c9:7a:7c:9d: 09:61:ae:7e:4f:0d:cc:d5:e3:00:c8:4b:42:cb:44: 07:21:1d:a7:ec:35:c5:f6:39:c8:a0:66:a2:93:13: c4:c7:8a:44:7c:5e:c5:77:de:48:7c:2a:8c:5f:15: a4:64:e7:c7:97:50:9d:c9:50:8c:3d:6a:f1:9b:cc: f6:34:07:69:b4:9c:de:32:ec:bf:3e:74:ed:81:af: 13:9c:86:65:19:8f:33:7a:ab:6d:84:ce:f4:25:89: 64:e2:94:33:bc:7a:f5:26:9d:76:bc:40:e4:db:f2: 3b:80:a3:8e:5a:88:69:f9:69:83:62:ad:30:5f:7f: 98:43:c3:a4:08:b4:18:26:75:8f:b8:63:21:60:2b: 96:82:28:30:7a:aa:bc:08:aa:d8:fd:7c:ac:07:c7: b0:6d:69:6e:d6:08:3e:a9:e5:88:84:b3:cb:3d:e5: 22:80:18:ca:bc:10:ad:15:7d:3e:3c:be:1f:be:d7: 81:f0:5d:2e:41:2c:58:a3:cc:0e:2b:c2:1c:d6:8b: b9:ad:8f:ea:c5:86:12:25:2c:0e:c0:ec:ff:ba:72: 54:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:B8:69:50:D0:84:17:53:A2:C5:71:4E:67:3D:BA:AE:30:FE:F7:20 X509v3 Authority Key Identifier: keyid:95:7C:C5:B5:52:23:EC:29:F2:E7:13:24:C6:78:33:4C:43:48:BE:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/20a78c06-1d6e-43b6-bf30-860cebddfb32/0/957CC5B55223EC29F2E71324C678334C4348BE02.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/957CC5B55223EC29F2E71324C678334C4348BE02.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/20a78c06-1d6e-43b6-bf30-860cebddfb32/0/957CC5B55223EC29F2E71324C678334C4348BE02.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:60:02:03:42:26:14:09:a4:43:21:2b:ed:9f:95:90:bd:78: 78:df:c2:7d:15:15:71:88:c6:a3:6d:cb:5e:51:55:75:22:9d: 62:5a:85:76:5a:66:7f:8f:f2:79:f3:bf:d6:35:fb:36:7f:03: 67:3c:af:35:ae:b3:af:7d:29:65:0e:67:5f:65:d6:52:3a:98: 86:ad:e0:56:29:a7:e7:29:14:d0:2b:f3:76:19:80:7a:e5:2a: 58:5b:8a:10:51:64:28:d7:44:5d:12:eb:93:6e:a8:32:81:df: 1a:86:fd:8c:4d:45:58:1d:d7:09:f6:9a:64:16:6b:d4:8e:65: 20:d2:21:a6:73:0c:84:27:5d:f2:f4:2b:f6:00:59:cc:2a:63: 18:79:d7:d3:1a:b3:68:18:34:a2:08:8a:cc:5d:d3:32:43:05: c8:d6:9e:21:f9:ef:74:4b:0f:ec:0f:21:f4:56:29:e7:d0:3e: 8c:c0:b1:0a:1f:64:b1:f1:bc:d3:f9:cb:1f:1c:7e:6a:9e:c9: 40:29:a1:24:67:be:e7:cf:9a:a2:fa:68:aa:b1:73:de:1f:2b: 8d:81:53:fa:74:1c:e9:b1:77:a3:ff:38:12:f7:81:c9:e9:4a: 8a:66:16:64:12:d4:31:c2:8c:c1:32:c2:e5:46:12:15:29:a1: 4b:d2:28:98 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbt3OZasy86QvF/9fPfgCIi7G7dkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTU3Q0M1QjU1MjIzRUMyOUYyRTcxMzI0QzY3ODMzNEM0 MzQ4QkUwMjAeFw0yNTEyMDUwMDU1NThaFw0yNTEyMDgwNjQzNThaMDMxMTAvBgNV BAMTKEMxQjg2OTUwRDA4NDE3NTNBMkM1NzE0RTY3M0RCQUFFMzBGRUY3MjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Th9Whwc7ajPKvQRy7FPDwgt2 aNllXwDQHB5HGouB2B8MWUik8Xw8yXp8nQlhrn5PDczV4wDIS0LLRAchHafsNcX2 OcigZqKTE8THikR8XsV33kh8KoxfFaRk58eXUJ3JUIw9avGbzPY0B2m0nN4y7L8+ dO2BrxOchmUZjzN6q22EzvQliWTilDO8evUmnXa8QOTb8juAo45aiGn5aYNirTBf f5hDw6QItBgmdY+4YyFgK5aCKDB6qrwIqtj9fKwHx7BtaW7WCD6p5YiEs8s95SKA GMq8EK0VfT48vh++14HwXS5BLFijzA4rwhzWi7mtj+rFhhIlLA7A7P+6clRZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUwbhpUNCEF1OixXFOZz26rjD+9yAwHwYDVR0j BBgwFoAUlXzFtVIj7Cny5xMkxngzTENIvgIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MGE3OGMwNi0xZDZlLTQzYjYtYmYzMC04NjBjZWJkZGZiMzIvMC85NTdDQzVCNTUy MjNFQzI5RjJFNzEzMjRDNjc4MzM0QzQzNDhCRTAyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOTU3Q0M1QjU1MjIzRUMyOUYyRTcxMzI0QzY3ODMzNEM0MzQ4 QkUwMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjBhNzhjMDYtMWQ2ZS00M2I2LWJm MzAtODYwY2ViZGRmYjMyLzAvOTU3Q0M1QjU1MjIzRUMyOUYyRTcxMzI0QzY3ODMz NEM0MzQ4QkUwMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJlgAgNCJhQJpEMhK+2flZC9eHjfwn0VFXGI xqNty15RVXUinWJahXZaZn+P8nnzv9Y1+zZ/A2c8rzWus699KWUOZ19l1lI6mIat 4FYpp+cpFNAr83YZgHrlKlhbihBRZCjXRF0S65NuqDKB3xqG/YxNRVgd1wn2mmQW a9SOZSDSIaZzDIQnXfL0K/YAWcwqYxh519Mas2gYNKIIisxd0zJDBcjWniH573RL D+wPIfRWKefQPozAsQofZLHxvNP5yx8cfmqeyUApoSRnvufPmqL6aKqxc94fK42B U/p0HOmxd6P/OBL3gcnpSopmFmQS1DHCjMEywuVGEhUpoUvSKJg= -----END CERTIFICATE-----Generated at Sun Dec 7 00:14:39 2025 by rpki-client