This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: 4uq1ip7lC3+XZHnoIPyE5bspWxHvi7MyJUo9RAoCN90= Subject key identifier: 7C:89:9A:96:F9:4B:4D:78:33:34:C1:83:CE:44:D8:CD:0D:0B:4A:F6 Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 5815D8B92199BC4040D68CCC3C651FF6F2A75A03 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: DA Signing time: Sat 24 Jan 2026 12:42:28 +0000 Manifest this update: Sat 24 Jan 2026 12:37:28 +0000 Manifest next update: Tue 27 Jan 2026 20:56:28 +0000 Files and hashes: 1: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: cKyrJfdJsP23Q3ODubLa4ospLmzfHOek7kj8hWNp0EU=) 2: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: I98r/YvoKJnqIbKebXKfBKywu1BzE/FQD60HTUreMMU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 20:56:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:15:d8:b9:21:99:bc:40:40:d6:8c:cc:3c:65:1f:f6:f2:a7:5a:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Jan 24 12:37:28 2026 GMT Not After : Jan 27 20:56:28 2026 GMT Subject: CN=7C899A96F94B4D783334C183CE44D8CD0D0B4AF6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:43:a6:13:80:27:e2:9b:96:6b:d0:c1:cb:aa: 44:eb:a2:91:92:6e:09:38:38:0f:fd:32:dc:ff:dd: 55:6c:45:d2:1e:76:20:e1:60:15:d9:51:57:39:45: 90:80:c9:5a:4c:20:b5:2d:8c:75:29:21:6c:bc:af: 4d:04:cb:7a:7f:70:7f:d0:37:23:76:77:64:f7:f0: 44:38:4b:e9:61:29:c8:34:35:d3:25:dd:c3:b5:ef: 9b:0e:55:73:39:22:db:b2:e5:e8:1f:e5:f7:79:da: 18:93:0b:d4:60:db:2b:34:da:75:42:f0:a5:80:5f: 36:4b:31:23:17:44:36:b1:0d:c7:6e:6c:f7:cb:42: 85:0e:8a:c2:f3:36:e8:64:58:72:8b:b8:a2:25:05: e5:43:db:7e:85:6a:fe:26:e6:47:c4:02:d1:53:fc: 78:80:29:ce:c2:88:59:ee:45:b3:3f:c5:78:56:5b: 04:d6:48:a0:96:86:2a:38:3b:eb:82:e6:75:06:51: 39:d7:cf:be:f8:5b:aa:a9:81:0d:8b:c8:0a:94:97: d9:d7:0d:c4:62:d4:f8:81:41:4b:5d:68:1e:10:53: 0a:a2:67:62:ad:7e:31:47:ca:d0:7d:b6:b5:f7:9e: 2e:4d:4f:e5:a2:68:da:0d:c2:44:b2:9c:eb:b6:82: d8:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:89:9A:96:F9:4B:4D:78:33:34:C1:83:CE:44:D8:CD:0D:0B:4A:F6 X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:7d:3b:d3:6d:00:bd:db:5f:69:ab:a7:a3:53:9f:f4:25:88: 83:06:77:30:7d:08:df:1d:72:a8:c8:a4:4f:3c:07:c6:7a:29: 65:fd:87:a7:0d:d3:52:4d:b4:8b:80:65:b0:0c:5e:41:bb:5e: e8:f6:d6:ee:27:3c:e2:a8:8a:72:c8:0d:57:b5:6b:e6:05:49: 86:ae:3b:6d:3a:b3:99:04:dd:3c:f2:cf:57:bc:31:fe:53:f7: 2f:d8:2f:78:6a:81:d1:e8:52:ea:eb:65:80:bc:59:6c:34:09: 3f:4b:03:c8:e1:b1:04:51:ce:95:bf:5c:0e:3d:5c:cb:8f:75: 16:fe:cf:82:0b:c5:84:d4:24:3f:1e:80:99:34:fe:96:41:2a: bc:13:b5:8a:31:02:6d:da:76:16:6d:4c:88:78:e9:4f:67:73: 52:bb:d3:4c:8a:bd:9e:03:f0:b8:49:c3:f7:6a:44:f0:68:eb: 58:65:83:39:07:03:cf:14:c6:7e:6b:46:a7:9c:6b:ef:48:92: 6f:43:59:c5:fd:ed:24:47:15:d9:22:8f:e0:4a:03:b6:35:51: 84:e5:7d:28:e1:c3:ff:e8:1d:5b:a5:11:4d:69:ed:d0:cd:aa: db:44:71:20:4b:ed:68:00:33:d8:1f:d7:f7:76:af:38:c0:7e: 2f:4f:08:0e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWBXYuSGZvEBA1ozMPGUf9vKnWgMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNjAxMjQxMjM3MjhaFw0yNjAxMjcyMDU2MjhaMDMxMTAvBgNV BAMTKDdDODk5QTk2Rjk0QjRENzgzMzM0QzE4M0NFNDREOENEMEQwQjRBRjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Q6YTgCfim5Zr0MHLqkTropGS bgk4OA/9Mtz/3VVsRdIediDhYBXZUVc5RZCAyVpMILUtjHUpIWy8r00Ey3p/cH/Q NyN2d2T38EQ4S+lhKcg0NdMl3cO175sOVXM5Ituy5egf5fd52hiTC9Rg2ys02nVC 8KWAXzZLMSMXRDaxDcdubPfLQoUOisLzNuhkWHKLuKIlBeVD236Fav4m5kfEAtFT /HiAKc7CiFnuRbM/xXhWWwTWSKCWhio4O+uC5nUGUTnXz774W6qpgQ2LyAqUl9nX DcRi1PiBQUtdaB4QUwqiZ2KtfjFHytB9trX3ni5NT+WiaNoNwkSynOu2gtgrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUfImalvlLTXgzNMGDzkTYzQ0LSvYwHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGF9O9NtAL3bX2mrp6NTn/QliIMGdzB9CN8d cqjIpE88B8Z6KWX9h6cN01JNtIuAZbAMXkG7Xuj21u4nPOKoinLIDVe1a+YFSYau O206s5kE3Tzyz1e8Mf5T9y/YL3hqgdHoUurrZYC8WWw0CT9LA8jhsQRRzpW/XA49 XMuPdRb+z4ILxYTUJD8egJk0/pZBKrwTtYoxAm3adhZtTIh46U9nc1K700yKvZ4D 8LhJw/dqRPBo61hlgzkHA88Uxn5rRqeca+9Ikm9DWcX97SRHFdkij+BKA7Y1UYTl fSjhw//oHVulEU1p7dDNqttEcSBL7WgAM9gf1/d2rzjAfi9PCA4= -----END CERTIFICATE-----Generated at Mon Jan 26 02:15:12 2026 by rpki-client