This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: 06xcSex5Sc//F+vX9iKISqyKJuU/RonxEAgCdYp7VEI= Subject key identifier: 68:E0:9A:41:D8:DE:F9:49:BF:CD:75:29:44:83:44:0C:A6:EA:F0:4B Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 34D70B2340308B6B1EA13AE30795F4514AA60904 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 0244 Signing time: Sat 06 Dec 2025 17:11:54 +0000 Manifest this update: Sat 06 Dec 2025 17:06:54 +0000 Manifest next update: Tue 09 Dec 2025 23:21:54 +0000 Files and hashes: 1: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: T53brMGVLpGIyWdBBwN4zWjPV5JIOuc1YHromWki9QY=) 2: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: bu4LtbxxfvYhSmPVYXsHJnQ8u6QDASxNerDLPSby9+A=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 15:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:d7:0b:23:40:30:8b:6b:1e:a1:3a:e3:07:95:f4:51:4a:a6:09:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Dec 6 17:06:54 2025 GMT Not After : Dec 9 23:21:54 2025 GMT Subject: CN=68E09A41D8DEF949BFCD75294483440CA6EAF04B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:88:2d:74:c8:4c:80:f0:02:31:e4:07:85:c2: 89:91:2b:6c:ab:0f:2c:58:7c:86:0c:fc:39:e9:4a: fb:ae:6b:cd:95:d2:82:45:54:89:89:81:6e:91:bc: c5:f0:6c:62:a2:01:cd:bd:cc:36:fc:5b:9e:6d:c5: 69:df:63:e8:5d:85:2c:93:db:9e:e3:f0:1d:40:00: 05:b6:7a:6d:e9:1a:b5:39:71:fa:86:02:19:61:d2: 3c:17:cb:40:84:21:b0:45:3a:11:86:d5:14:11:6a: e8:19:a1:30:2e:81:de:b6:c7:91:a7:18:a9:c4:6c: 4e:74:20:dd:79:05:ec:e2:a2:f7:57:85:04:d3:5d: 21:d3:14:6f:1d:7d:17:ae:ac:be:56:87:3d:00:08: 25:37:ad:40:ad:0f:31:cc:a1:70:a9:bb:64:df:41: 32:e3:cb:44:5b:d7:a7:c8:47:f3:be:c6:7f:57:49: f4:ed:15:24:92:44:28:74:cf:5a:69:a3:5a:4e:2a: f4:a8:c9:ef:f9:9b:7c:74:60:0a:ee:12:47:ba:c6: 40:ec:a7:f3:82:10:48:09:41:01:1b:ef:79:89:62: f1:16:6a:4f:f4:23:b2:7b:e0:78:43:bd:09:4e:80: ac:76:21:01:56:69:3a:fb:2d:a6:1b:c9:22:d8:00: 0e:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:E0:9A:41:D8:DE:F9:49:BF:CD:75:29:44:83:44:0C:A6:EA:F0:4B X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:77:be:3c:a4:0d:8e:29:23:ae:71:94:08:7b:fc:d0:42:99: bb:82:c4:40:4d:8e:e9:29:c2:1b:4c:b9:b4:41:4e:7c:4b:d0: 12:91:af:7a:5b:3f:f4:51:bd:0e:3e:34:87:de:34:3b:8c:6a: 09:02:c0:55:fd:50:71:ea:e3:18:ff:76:0a:dd:24:ac:8b:96: cf:c2:f2:24:0d:29:1d:f1:51:c5:c7:31:9c:e4:f2:de:f9:27: 56:fd:5a:fa:03:f0:47:ad:f4:39:1b:1c:8c:70:98:0e:ff:47: 5a:7e:24:aa:de:c1:c5:de:26:4e:85:12:bc:6c:fa:1f:7c:d6: 53:b9:c2:46:60:79:8f:3e:3a:7e:f2:65:e9:b3:d9:09:5a:19: 5f:fd:44:a4:fc:7b:06:57:b9:23:d8:56:22:b1:ca:43:62:de: f6:26:fd:9e:c2:4a:68:8d:62:f5:2a:2a:57:ec:f5:c0:58:24: 63:b8:ca:48:13:73:16:26:4c:cc:50:3e:9b:01:14:40:58:05: 87:9f:68:13:7a:3b:7f:b0:77:3f:b2:64:5a:60:a4:31:6d:96: f8:ad:1a:8a:ee:92:b0:ba:0a:8a:14:d0:23:17:27:d6:d1:34: 14:60:5c:bc:68:e2:46:55:c4:eb:be:53:cb:78:bd:89:5b:e6: 3f:5a:f2:42 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNNcLI0Awi2seoTrjB5X0UUqmCQQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNTEyMDYxNzA2NTRaFw0yNTEyMDkyMzIxNTRaMDMxMTAvBgNV BAMTKDY4RTA5QTQxRDhERUY5NDlCRkNENzUyOTQ0ODM0NDBDQTZFQUYwNEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjiC10yEyA8AIx5AeFwomRK2yr DyxYfIYM/DnpSvuua82V0oJFVImJgW6RvMXwbGKiAc29zDb8W55txWnfY+hdhSyT 257j8B1AAAW2em3pGrU5cfqGAhlh0jwXy0CEIbBFOhGG1RQRaugZoTAugd62x5Gn GKnEbE50IN15BeziovdXhQTTXSHTFG8dfReurL5Whz0ACCU3rUCtDzHMoXCpu2Tf QTLjy0Rb16fIR/O+xn9XSfTtFSSSRCh0z1ppo1pOKvSoye/5m3x0YAruEke6xkDs p/OCEEgJQQEb73mJYvEWak/0I7J74HhDvQlOgKx2IQFWaTr7LaYbySLYAA5ZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUaOCaQdje+Um/zXUpRINEDKbq8EswHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACl3vjykDY4pI65xlAh7/NBCmbuCxEBNjukp whtMubRBTnxL0BKRr3pbP/RRvQ4+NIfeNDuMagkCwFX9UHHq4xj/dgrdJKyLls/C 8iQNKR3xUcXHMZzk8t75J1b9WvoD8Eet9DkbHIxwmA7/R1p+JKrewcXeJk6FErxs +h981lO5wkZgeY8+On7yZemz2QlaGV/9RKT8ewZXuSPYViKxykNi3vYm/Z7CSmiN YvUqKlfs9cBYJGO4ykgTcxYmTMxQPpsBFEBYBYefaBN6O3+wdz+yZFpgpDFtlvit GorukrC6CooU0CMXJ9bRNBRgXLxo4kZVxOu+U8t4vYlb5j9a8kI= -----END CERTIFICATE-----Generated at Sun Dec 7 01:00:30 2025 by rpki-client