This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft File: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft (raw, json) Hash identifier: UFBMMdAgM+WDWZD/00rRN4j0bst8I0cMvMmmBVxk0MA= Subject key identifier: F0:50:55:6E:D0:3C:7C:73:0B:EF:72:74:8A:45:70:F0:A4:92:ED:93 Authority key identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 Certificate issuer: /CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Certificate serial: 325AF5525E60B995C496A37FEBB58D6690C79C4D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft Manifest number: 01B5 Signing time: Fri 05 Dec 2025 08:30:42 +0000 Manifest this update: Fri 05 Dec 2025 08:25:42 +0000 Manifest next update: Mon 08 Dec 2025 17:55:42 +0000 Files and hashes: 1: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl (hash: 5xeMkEJsw4voQKFSf7ZEwDxYp4OmRk7A/g5qXJQTwN0=) 2: 3130332e3137372e3231392e302f32342d3234203d3e20313331373639.roa (hash: fU1tQ4gaeWNhq2F1RA67XHvI+/xcbSrzocYJJCxhg9Q=) 3: 3130332e3137372e3231382e302f32342d3234203d3e20313331373639.roa (hash: geET9/YOwUtWNeEIEWu0ZCElrUfY/yNFJvOG/4u0aBI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 17:55:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:5a:f5:52:5e:60:b9:95:c4:96:a3:7f:eb:b5:8d:66:90:c7:9c:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Validity Not Before: Dec 5 08:25:42 2025 GMT Not After : Dec 8 17:55:42 2025 GMT Subject: CN=F050556ED03C7C730BEF72748A4570F0A492ED93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:94:87:eb:df:27:c7:62:d5:5c:06:33:d4:a9: 5d:34:1f:3f:5d:f3:ad:9f:5b:16:b9:b5:a0:a1:4f: 35:17:bc:4d:d2:c2:af:65:32:78:b7:19:1f:a5:e7: 34:94:58:d4:5b:d7:cb:25:f2:c3:26:68:94:fc:52: bc:8f:c1:9c:17:41:74:75:af:b9:27:94:93:4e:07: 4a:97:ea:72:fa:c3:d9:86:23:57:41:7e:be:1b:4e: d1:99:a1:55:71:85:d9:bf:02:a7:c3:af:5b:b8:87: 70:c6:b1:c0:ce:1f:d9:db:0b:0d:ec:5b:d4:4a:47: 51:9d:ab:ce:e6:7d:08:f1:0e:27:11:33:6a:1e:3a: 4b:c0:2f:4a:58:f3:91:0c:81:46:93:89:70:c2:52: 6f:f3:b0:74:7f:7b:dc:74:47:76:07:fb:dd:9b:bf: 06:53:dd:8a:c1:8e:3a:0b:f3:81:6c:03:78:e2:d7: c4:94:53:17:0d:ea:d1:f8:17:29:89:4e:b3:74:92: da:ab:04:c8:76:8a:3b:32:bb:ff:4c:f3:e7:5f:d9: 35:57:50:1f:9b:bf:40:99:e8:b5:cb:af:16:6d:e7: de:3e:9c:b1:39:2e:a4:91:0c:ae:11:7d:e0:61:f2: 5e:23:38:16:de:e8:e8:b1:a6:a6:d2:d6:6e:74:9a: 6e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:50:55:6E:D0:3C:7C:73:0B:EF:72:74:8A:45:70:F0:A4:92:ED:93 X509v3 Authority Key Identifier: keyid:2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:bb:a6:de:d3:ee:23:01:75:4d:99:db:02:7a:f5:e2:26:af: 7f:4d:a7:b8:20:c1:d5:d7:1d:91:fd:fd:d4:7e:7b:33:18:4d: fa:6f:bc:5e:96:82:4b:6f:66:df:36:98:77:ed:ae:8c:0f:4f: d3:0c:59:22:a9:d4:ca:ae:1f:c3:c4:05:fd:e0:ca:17:8b:a8: b2:54:d0:19:b9:8a:67:ba:fb:80:26:da:b3:a1:43:86:89:3a: f6:5b:e1:13:b8:93:57:4c:5d:55:c1:d8:e9:f9:f4:f7:e1:69: 2b:68:a1:73:0d:6e:db:e5:38:25:9d:c5:de:fb:90:30:6d:f7: 91:86:d6:e9:32:33:42:26:ad:11:54:9b:4c:79:64:7d:86:25: 18:68:a4:8f:b7:e8:d2:9c:2a:fd:ce:9e:a3:56:d5:05:a9:5a: 28:45:c3:25:c3:2e:04:8b:6d:47:00:eb:f4:10:70:21:ae:e5: 92:c4:c8:95:77:91:fc:f3:be:0c:65:30:0f:9b:1b:61:53:a2: a2:94:e2:6e:42:ac:02:9e:6b:69:ad:e7:c3:e1:18:1f:97:b0: bc:d6:ec:8c:55:cb:ad:e4:39:55:59:13:5e:dc:30:e4:85:4e: b8:8f:a6:0f:5f:38:9a:a5:02:3f:15:c9:1d:3f:8a:28:a8:d8: 0b:56:fc:cb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMlr1Ul5guZXElqN/67WNZpDHnE0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2Nzcz RjNFNkYxNjAeFw0yNTEyMDUwODI1NDJaFw0yNTEyMDgxNzU1NDJaMDMxMTAvBgNV BAMTKEYwNTA1NTZFRDAzQzdDNzMwQkVGNzI3NDhBNDU3MEYwQTQ5MkVEOTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4lIfr3yfHYtVcBjPUqV00Hz9d 862fWxa5taChTzUXvE3Swq9lMni3GR+l5zSUWNRb18sl8sMmaJT8UryPwZwXQXR1 r7knlJNOB0qX6nL6w9mGI1dBfr4bTtGZoVVxhdm/AqfDr1u4h3DGscDOH9nbCw3s W9RKR1Gdq87mfQjxDicRM2oeOkvAL0pY85EMgUaTiXDCUm/zsHR/e9x0R3YH+92b vwZT3YrBjjoL84FsA3ji18SUUxcN6tH4FymJTrN0ktqrBMh2ijsyu/9M8+df2TVX UB+bv0CZ6LXLrxZt594+nLE5LqSRDK4RfeBh8l4jOBbe6OixpqbS1m50mm6fAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8FBVbtA8fHML73J0ikVw8KSS7ZMwHwYDVR0j BBgwFoAUKq+oFBTtyxAyI18iQP4Gdz8+bxYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWI4ZTYwZi1mOTkzLTQ1MzQtOWRhMC1mMjg1YTg2MDNmNjkvMC8yQUFGQTgxNDE0 RURDQjEwMzIyMzVGMjI0MEZFMDY3NzNGM0U2RjE2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2NzczRjNF NkYxNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FiOGU2MGYtZjk5My00NTM0LTlk YTAtZjI4NWE4NjAzZjY5LzAvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2 NzczRjNFNkYxNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADa7pt7T7iMBdU2Z2wJ69eImr39Np7ggwdXX HZH9/dR+ezMYTfpvvF6WgktvZt82mHftrowPT9MMWSKp1MquH8PEBf3gyheLqLJU 0Bm5ime6+4Am2rOhQ4aJOvZb4RO4k1dMXVXB2On59PfhaStooXMNbtvlOCWdxd77 kDBt95GG1ukyM0ImrRFUm0x5ZH2GJRhopI+36NKcKv3OnqNW1QWpWihFwyXDLgSL bUcA6/QQcCGu5ZLEyJV3kfzzvgxlMA+bG2FToqKU4m5CrAKea2mt58PhGB+XsLzW 7IxVy63kOVVZE17cMOSFTriPpg9fOJqlAj8VyR0/iiio2AtW/Ms= -----END CERTIFICATE-----Generated at Sun Dec 7 00:49:42 2025 by rpki-client