This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: BZGaocjPfFGlRTJE/1wB3C3GaQ1WKvCfebPqgahJqWw= Subject key identifier: F8:BD:83:99:FA:11:8B:EA:63:C9:59:E0:9E:F8:BA:A4:8B:5E:5B:90 Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 7498C85600E0C0950CE88CFCECC913B6C0BE52B4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 025A Signing time: Sat 24 Jan 2026 12:11:56 +0000 Manifest this update: Sat 24 Jan 2026 12:06:56 +0000 Manifest next update: Tue 27 Jan 2026 14:28:56 +0000 Files and hashes: 1: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: HNI0ArO+KsvaMgGqtyRRpqs1evvFTKgd+Siy8K2ur7A=) 2: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: b6gphD8YRO+zbbnBpunBXg8z3YnlhYBHWRZVnsXs38Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 14:28:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:98:c8:56:00:e0:c0:95:0c:e8:8c:fc:ec:c9:13:b6:c0:be:52:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Jan 24 12:06:56 2026 GMT Not After : Jan 27 14:28:56 2026 GMT Subject: CN=F8BD8399FA118BEA63C959E09EF8BAA48B5E5B90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b8:ef:bc:71:46:11:fd:05:06:f7:72:4e:a3: cd:73:03:9d:33:44:a4:ad:63:c1:44:7c:58:de:0b: e5:85:79:69:93:13:29:51:6d:e3:5a:c7:53:dc:ec: 55:85:48:9b:0d:c4:04:47:0b:00:30:45:f8:b2:0f: 09:0e:2a:d9:f6:a4:66:c2:f2:11:b7:3b:09:4c:ef: 81:a7:6d:84:ea:7b:cb:0f:e5:59:73:9a:51:bc:af: 99:7f:9e:1c:2b:6a:56:c5:cc:f3:0e:f0:ce:3c:a3: d6:99:7b:18:3c:84:08:b9:85:10:67:f5:dd:06:f3: e2:8a:d1:23:f1:f8:06:a4:e1:f6:a4:a1:84:09:1c: 82:5d:df:8f:42:19:a3:38:5f:03:2e:57:12:7b:9c: 74:91:57:ff:a8:9a:69:71:66:0e:32:28:72:88:da: 52:19:c1:16:90:cc:39:4a:a8:c3:20:8d:8d:77:38: 13:45:16:f6:3a:28:38:d0:65:e2:4a:40:d4:3c:f5: 42:b2:4d:17:64:45:56:a1:3e:a1:43:ec:d6:9f:9e: d0:a6:e7:eb:72:26:77:5f:15:56:26:b6:aa:08:b6: e2:a6:42:4c:b9:02:f2:c6:c4:34:1e:a2:38:d5:88: 96:ef:57:ab:84:15:f0:ab:f9:a9:8b:aa:82:ac:2d: a4:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:BD:83:99:FA:11:8B:EA:63:C9:59:E0:9E:F8:BA:A4:8B:5E:5B:90 X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:fd:7d:61:03:d7:cd:8d:b5:dc:2b:18:88:e4:51:a6:d0:2a: 63:19:6c:78:77:2d:d7:e0:ee:a2:f0:4c:d1:ed:06:ed:7e:b2: 1b:e3:f2:6b:ff:82:60:ae:5e:71:42:0c:c2:62:94:92:5b:5b: 97:4d:d3:2e:71:a1:8f:8b:d9:21:b6:d4:ee:c3:06:98:49:ad: eb:23:4a:1a:33:63:1d:0e:cb:aa:04:78:f5:ca:b7:1d:22:a0: eb:07:dd:09:4e:bf:a7:81:f4:34:9a:e7:2b:4e:82:e5:9f:3b: c4:1a:97:74:65:9f:97:ee:9d:84:d8:67:df:76:f8:4d:85:00: 27:6e:45:6c:5c:b6:38:59:e7:08:53:d7:84:15:66:43:92:3c: 54:10:c8:aa:d3:c9:3b:e0:08:5d:a5:2f:50:02:0f:18:27:97: 83:a9:28:e1:01:a9:f0:59:32:c2:08:13:a1:12:d7:7e:ef:e3: df:de:2a:a0:9f:07:d9:04:8a:2d:93:e1:fa:c7:3e:32:3c:26: 4b:80:c4:7a:05:3a:0f:27:15:5e:26:4a:91:ce:0e:79:69:43: 2e:f6:4d:78:f2:f6:c0:eb:2d:15:da:95:13:c9:16:0e:7c:41: cc:8b:8b:59:86:c9:ca:d3:cd:23:b6:29:95:ec:da:c2:a6:ac: 5f:b2:8b:f4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdJjIVgDgwJUM6Iz87MkTtsC+UrQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNjAxMjQxMjA2NTZaFw0yNjAxMjcxNDI4NTZaMDMxMTAvBgNV BAMTKEY4QkQ4Mzk5RkExMThCRUE2M0M5NTlFMDlFRjhCQUE0OEI1RTVCOTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7uO+8cUYR/QUG93JOo81zA50z RKStY8FEfFjeC+WFeWmTEylRbeNax1Pc7FWFSJsNxARHCwAwRfiyDwkOKtn2pGbC 8hG3OwlM74GnbYTqe8sP5VlzmlG8r5l/nhwralbFzPMO8M48o9aZexg8hAi5hRBn 9d0G8+KK0SPx+Aak4fakoYQJHIJd349CGaM4XwMuVxJ7nHSRV/+ommlxZg4yKHKI 2lIZwRaQzDlKqMMgjY13OBNFFvY6KDjQZeJKQNQ89UKyTRdkRVahPqFD7NafntCm 5+tyJndfFVYmtqoItuKmQky5AvLGxDQeojjViJbvV6uEFfCr+amLqoKsLaTRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU+L2DmfoRi+pjyVngnvi6pIteW5AwHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIT9fWED182NtdwrGIjkUabQKmMZbHh3Ldfg 7qLwTNHtBu1+shvj8mv/gmCuXnFCDMJilJJbW5dN0y5xoY+L2SG21O7DBphJresj ShozYx0Oy6oEePXKtx0ioOsH3QlOv6eB9DSa5ytOguWfO8Qal3Rln5funYTYZ992 +E2FACduRWxctjhZ5whT14QVZkOSPFQQyKrTyTvgCF2lL1ACDxgnl4OpKOEBqfBZ MsIIE6ES137v49/eKqCfB9kEii2T4frHPjI8JkuAxHoFOg8nFV4mSpHODnlpQy72 TXjy9sDrLRXalRPJFg58QcyLi1mGycrTzSO2KZXs2sKmrF+yi/Q= -----END CERTIFICATE-----Generated at Sun Jan 25 20:23:24 2026 by rpki-client