This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft File: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft (raw, json) Hash identifier: Sg8iswANatU6fu3JynWz8lYN4x7Fh0O03VmCM6NDWT0= Subject key identifier: DD:C1:0E:EF:BF:F6:19:07:C5:F0:B6:D1:8F:38:80:B5:F5:6F:FE:DB Authority key identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 Certificate issuer: /CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Certificate serial: 38B603B69AB1E3CB45E1AE542348783891CC00F5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft Manifest number: 01CB Signing time: Fri 23 Jan 2026 20:00:45 +0000 Manifest this update: Fri 23 Jan 2026 19:55:45 +0000 Manifest next update: Mon 26 Jan 2026 21:54:45 +0000 Files and hashes: 1: 3130332e3137372e3231382e302f32342d3234203d3e20313331373639.roa (hash: NgiCiwYgDeYQaPatps9fGhPQzocYHvig3vWSvQTITq4=) 2: 3130332e3137372e3231392e302f32342d3234203d3e20313331373639.roa (hash: Er3SZg2wUj/P2Phj94Rs/pKQreK157hBoR/0FApk3DI=) 3: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl (hash: qUccdm+rUl03yRhtMHhtdqGH2HBbejkHJC/utOzoODU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 21:54:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:b6:03:b6:9a:b1:e3:cb:45:e1:ae:54:23:48:78:38:91:cc:00:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Validity Not Before: Jan 23 19:55:45 2026 GMT Not After : Jan 26 21:54:45 2026 GMT Subject: CN=DDC10EEFBFF61907C5F0B6D18F3880B5F56FFEDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:76:fe:82:f8:74:ff:17:ad:22:0a:ea:c7:1b: 9b:4b:01:4d:39:52:c2:06:06:ec:63:69:ce:67:07: 5e:08:73:41:4c:d5:54:3d:7b:67:a1:59:24:a8:78: 3d:49:2c:79:ca:63:4e:86:a4:be:b4:53:33:11:26: b5:b1:8a:ce:87:7d:2f:11:13:bd:1d:f5:6b:af:8e: 04:e6:b4:b7:70:42:92:be:37:85:bf:34:13:15:2f: b5:be:15:27:b6:e9:0c:9c:50:04:3b:1d:24:2b:5d: 75:72:9d:a5:08:ac:f2:3a:9d:44:7f:be:ec:97:1d: 68:19:97:a0:79:92:46:7d:ac:29:46:e0:12:be:32: 5d:ca:95:a5:7d:95:58:f0:3d:f2:22:8c:d7:5c:8d: 80:39:de:be:df:87:13:68:fc:cb:12:a5:e4:d7:1f: 07:af:be:3f:cd:c6:14:c3:0b:6d:8c:2e:61:bf:1c: 34:41:aa:4a:43:81:ae:55:39:a6:9a:0f:dd:a6:66: b9:29:c0:7b:c0:cc:d6:55:7b:bf:99:ea:3a:a1:1f: 3d:9e:f9:31:13:d4:4d:67:94:b9:40:af:61:e9:1c: db:2f:8f:8a:df:3f:f9:4d:1e:58:b9:58:08:19:d4: 7e:57:a1:fb:27:f3:26:7e:0c:13:f3:6e:87:22:31: 94:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:C1:0E:EF:BF:F6:19:07:C5:F0:B6:D1:8F:38:80:B5:F5:6F:FE:DB X509v3 Authority Key Identifier: keyid:2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:52:e4:70:20:ed:7b:84:ca:d3:f2:bb:4e:26:9a:bd:7d:ce: 77:46:8b:7f:6c:06:2d:c3:0e:83:c7:6e:39:f7:2e:00:1c:1c: 2f:56:a2:61:64:79:fc:47:92:d5:13:ba:9b:d4:62:ec:2e:08: 76:29:46:1e:b3:31:35:76:2c:79:8f:bd:38:aa:d0:4d:d2:40: 6d:5a:1a:8f:76:97:73:f4:ef:9e:56:f9:50:81:c8:e6:b7:cc: cf:24:51:d5:a4:e0:12:2b:96:43:eb:ba:79:2c:4f:c6:ac:08: 50:3d:35:4f:73:4b:fc:e3:bc:81:12:1b:f9:92:c0:02:d4:24: ba:72:c4:7e:da:71:2c:7d:bd:16:a7:3b:99:54:09:7e:6e:f9: e3:e6:e4:68:cd:e9:a3:b2:ea:99:e4:84:60:4d:bd:75:31:bf: 28:b1:94:76:21:71:57:7a:97:01:7f:56:6d:c4:50:73:7a:67: 9d:68:1c:2a:34:81:c0:d3:08:57:53:85:32:f9:5b:cc:0e:71: 6e:db:51:ce:d4:e3:df:fd:08:a3:cf:4e:c2:47:4d:62:84:c7: c2:89:21:c7:f0:28:03:ec:ba:0a:a2:d0:b4:4d:0e:a4:e0:7a: e1:28:ed:4d:82:c7:5e:fb:14:00:e2:f7:b0:2d:0f:b4:b8:82: 4f:92:3c:3b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOLYDtpqx48tF4a5UI0h4OJHMAPUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2Nzcz RjNFNkYxNjAeFw0yNjAxMjMxOTU1NDVaFw0yNjAxMjYyMTU0NDVaMDMxMTAvBgNV BAMTKEREQzEwRUVGQkZGNjE5MDdDNUYwQjZEMThGMzg4MEI1RjU2RkZFREIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8dv6C+HT/F60iCurHG5tLAU05 UsIGBuxjac5nB14Ic0FM1VQ9e2ehWSSoeD1JLHnKY06GpL60UzMRJrWxis6HfS8R E70d9WuvjgTmtLdwQpK+N4W/NBMVL7W+FSe26QycUAQ7HSQrXXVynaUIrPI6nUR/ vuyXHWgZl6B5kkZ9rClG4BK+Ml3KlaV9lVjwPfIijNdcjYA53r7fhxNo/MsSpeTX Hwevvj/NxhTDC22MLmG/HDRBqkpDga5VOaaaD92mZrkpwHvAzNZVe7+Z6jqhHz2e +TET1E1nlLlAr2HpHNsvj4rfP/lNHli5WAgZ1H5Xofsn8yZ+DBPzbociMZRDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU3cEO77/2GQfF8LbRjziAtfVv/tswHwYDVR0j BBgwFoAUKq+oFBTtyxAyI18iQP4Gdz8+bxYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWI4ZTYwZi1mOTkzLTQ1MzQtOWRhMC1mMjg1YTg2MDNmNjkvMC8yQUFGQTgxNDE0 RURDQjEwMzIyMzVGMjI0MEZFMDY3NzNGM0U2RjE2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2NzczRjNF NkYxNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FiOGU2MGYtZjk5My00NTM0LTlk YTAtZjI4NWE4NjAzZjY5LzAvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2 NzczRjNFNkYxNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAERS5HAg7XuEytPyu04mmr19zndGi39sBi3D DoPHbjn3LgAcHC9WomFkefxHktUTupvUYuwuCHYpRh6zMTV2LHmPvTiq0E3SQG1a Go92l3P0755W+VCByOa3zM8kUdWk4BIrlkPrunksT8asCFA9NU9zS/zjvIESG/mS wALUJLpyxH7acSx9vRanO5lUCX5u+ePm5GjN6aOy6pnkhGBNvXUxvyixlHYhcVd6 lwF/Vm3EUHN6Z51oHCo0gcDTCFdThTL5W8wOcW7bUc7U49/9CKPPTsJHTWKEx8KJ IcfwKAPsugqi0LRNDqTgeuEo7U2Cx177FADi97AtD7S4gk+SPDs= -----END CERTIFICATE-----Generated at Sun Jan 25 19:00:31 2026 by rpki-client