This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: QKEJnrQEO0BqyvOkiBdwVXKjpnuakmC/JJzRMmWP8CM= Subject key identifier: 0E:29:52:B7:83:14:89:74:FF:33:DE:65:D6:8E:B7:2F:EC:11:23:CB Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 691C13FE8E70A51A801710C04742E23E9B0A535A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: C4 Signing time: Sat 06 Dec 2025 10:22:28 +0000 Manifest this update: Sat 06 Dec 2025 10:17:28 +0000 Manifest next update: Tue 09 Dec 2025 19:05:28 +0000 Files and hashes: 1: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: qvavmuom9YDUVoEUJ0XsXSgW2lgbRR1meOMNyGwPOwc=) 2: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: I98r/YvoKJnqIbKebXKfBKywu1BzE/FQD60HTUreMMU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:1c:13:fe:8e:70:a5:1a:80:17:10:c0:47:42:e2:3e:9b:0a:53:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Dec 6 10:17:28 2025 GMT Not After : Dec 9 19:05:28 2025 GMT Subject: CN=0E2952B783148974FF33DE65D68EB72FEC1123CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:08:90:60:a8:4c:c2:46:fb:e7:94:9d:64:f0: 96:3f:70:83:2d:c6:31:24:88:5b:73:05:7e:4e:30: 11:2e:f7:3b:8a:09:08:a7:69:85:50:85:24:7e:60: 26:4c:d8:83:20:40:d5:ee:e4:43:58:5f:91:35:e6: 16:98:e2:92:3c:37:ca:99:4b:3a:15:bf:72:30:6a: ca:f6:de:a1:68:36:c7:8c:f7:ec:91:bc:ee:b5:9b: bd:71:da:6d:7a:f1:7e:7f:c3:0d:65:12:26:37:9a: ad:5f:f2:81:af:dd:81:e2:b9:03:e1:e8:98:ff:81: f0:13:64:48:25:ca:e6:24:33:e0:6c:7f:30:85:9d: 32:1d:21:04:0d:79:ea:04:e1:d0:d3:62:75:a2:69: 8d:b4:43:ba:fb:32:ca:ad:fc:2f:f0:42:e6:77:bd: dc:fc:4d:fc:bf:a9:53:e1:e3:c3:84:76:c2:8c:f3: 1c:69:20:24:3f:3e:f7:a0:b6:10:cb:bc:50:4a:1a: a1:fa:75:b4:07:e8:f6:95:6f:bb:17:68:35:8f:ca: bf:b4:6d:0e:4c:d6:6f:95:28:d8:f3:64:66:d5:dc: d2:a2:eb:a8:ff:63:52:61:d5:e2:f7:af:40:0e:6f: bd:b2:0d:81:4b:99:ee:6f:30:5a:e4:d3:58:3b:78: 36:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:29:52:B7:83:14:89:74:FF:33:DE:65:D6:8E:B7:2F:EC:11:23:CB X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:0e:95:00:4c:62:a9:66:3f:31:d1:6d:8a:8c:0c:dd:cd:62: 59:c1:e8:4d:1c:4f:f8:cd:1b:54:b7:f3:6c:c8:10:35:65:d7: 74:f0:21:08:16:9c:2d:cb:f4:1a:cc:7b:80:24:fa:71:31:13: d9:22:4d:23:4e:fb:ea:b6:45:20:1a:44:d0:53:80:90:50:0e: ff:ea:2f:c4:77:4c:bf:b0:d7:83:58:84:01:1a:79:f7:e7:dd: bb:5b:68:59:0d:1f:23:8d:8a:17:63:24:05:08:1f:98:4a:5d: 98:af:d7:e3:21:c4:f2:1c:b7:25:95:1c:e7:d9:a2:9d:20:bc: c0:b9:7f:94:de:79:b1:63:60:2b:29:4a:54:91:d1:19:72:5f: b6:49:7d:1e:93:fc:6d:60:e6:99:70:d7:af:46:f0:91:6f:26: 03:eb:a6:d8:aa:ca:ed:ab:43:01:64:0c:c8:85:3f:ad:7f:22: b6:7c:2c:71:37:f0:4e:09:d9:7c:70:1c:50:08:38:38:b3:55: 53:08:fd:e4:cd:e5:e7:5b:5c:32:00:2d:31:7a:1f:16:31:b1: 01:e5:cd:8e:f5:9b:32:af:95:0e:b9:d3:5f:ef:94:d3:3b:00: 6b:e3:db:3e:40:ad:5c:99:59:85:0b:c5:c5:8c:51:78:d9:4a: 44:52:a0:57 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaRwT/o5wpRqAFxDAR0LiPpsKU1owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNTEyMDYxMDE3MjhaFw0yNTEyMDkxOTA1MjhaMDMxMTAvBgNV BAMTKDBFMjk1MkI3ODMxNDg5NzRGRjMzREU2NUQ2OEVCNzJGRUMxMTIzQ0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYCJBgqEzCRvvnlJ1k8JY/cIMt xjEkiFtzBX5OMBEu9zuKCQinaYVQhSR+YCZM2IMgQNXu5ENYX5E15haY4pI8N8qZ SzoVv3Iwasr23qFoNseM9+yRvO61m71x2m168X5/ww1lEiY3mq1f8oGv3YHiuQPh 6Jj/gfATZEglyuYkM+BsfzCFnTIdIQQNeeoE4dDTYnWiaY20Q7r7Msqt/C/wQuZ3 vdz8Tfy/qVPh48OEdsKM8xxpICQ/PvegthDLvFBKGqH6dbQH6PaVb7sXaDWPyr+0 bQ5M1m+VKNjzZGbV3NKi66j/Y1Jh1eL3r0AOb72yDYFLme5vMFrk01g7eDbFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUDilSt4MUiXT/M95l1o63L+wRI8swHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACsOlQBMYqlmPzHRbYqMDN3NYlnB6E0cT/jN G1S382zIEDVl13TwIQgWnC3L9BrMe4Ak+nExE9kiTSNO++q2RSAaRNBTgJBQDv/q L8R3TL+w14NYhAEaeffn3btbaFkNHyONihdjJAUIH5hKXZiv1+MhxPIctyWVHOfZ op0gvMC5f5TeebFjYCspSlSR0RlyX7ZJfR6T/G1g5plw169G8JFvJgPrptiqyu2r QwFkDMiFP61/IrZ8LHE38E4J2XxwHFAIODizVVMI/eTN5edbXDIALTF6HxYxsQHl zY71mzKvlQ6501/vlNM7AGvj2z5ArVyZWYULxcWMUXjZSkRSoFc= -----END CERTIFICATE-----Generated at Sun Dec 7 07:03:06 2025 by rpki-client