This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft File: A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft (raw, json) Hash identifier: tcPniJSlJYDpTbXRxGf6DxDnXbLeGRaYD/ln63eLbC4= Subject key identifier: 20:F3:B8:75:26:10:55:C7:14:E5:45:DA:B6:35:94:53:79:7E:C0:87 Authority key identifier: A2:1B:A7:0D:F8:EE:47:0F:E7:A6:03:85:B6:65:38:42:57:0E:D3:A4 Certificate issuer: /CN=A21BA70DF8EE470FE7A60385B6653842570ED3A4 Certificate serial: 258004BBFFF95508D54BC199F5C305ACF5341880 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft Manifest number: 7F Signing time: Sat 06 Dec 2025 14:11:23 +0000 Manifest this update: Sat 06 Dec 2025 14:06:23 +0000 Manifest next update: Tue 09 Dec 2025 19:36:23 +0000 Files and hashes: 1: 3136302e32352e3234392e302f32342d3234203d3e20313336303939.roa (hash: fAL9MfqpRcilmiK6cDbN2CreeawZppTYa6tvP1zgN7Y=) 2: A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl (hash: rm22McqS4dptaq4YvGYS2HO3GokNHXYmSuY9cRwsIGU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 19:36:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:80:04:bb:ff:f9:55:08:d5:4b:c1:99:f5:c3:05:ac:f5:34:18:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A21BA70DF8EE470FE7A60385B6653842570ED3A4 Validity Not Before: Dec 6 14:06:23 2025 GMT Not After : Dec 9 19:36:23 2025 GMT Subject: CN=20F3B875261055C714E545DAB6359453797EC087 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f4:1c:e3:b4:11:46:fb:0e:eb:75:b9:a5:77: bb:eb:0f:41:fc:0d:f8:8e:c7:96:5c:fa:d0:cc:2f: e9:21:a5:f2:c3:ed:24:66:0b:12:7a:bc:3e:72:76: 2b:8f:48:fb:ec:9f:89:cc:50:51:2b:77:96:f7:aa: 3a:72:6f:c7:dc:64:62:b2:05:34:5c:5a:ba:ca:df: af:e2:da:1a:63:05:0a:81:90:eb:c4:f9:74:94:2e: 86:ee:11:00:79:54:dc:d4:e0:c6:ce:e6:a4:81:76: 72:6f:ef:fd:5f:5d:9b:f2:c0:93:4d:76:ee:1a:ad: 65:e9:03:4d:6b:4a:cd:a3:64:b4:26:9b:6c:e1:cd: 1f:00:7f:67:83:d9:e5:d3:72:bc:d8:a8:3f:49:16: 28:09:89:e4:8a:70:c0:0f:47:d1:1f:3a:43:6b:12: 53:ff:a6:70:fc:5c:36:b6:7e:63:ef:21:b6:93:0e: 6a:29:49:38:c0:16:95:01:dc:fd:c2:a5:e5:9f:bd: d4:ec:d7:8c:ed:e5:96:ae:62:5c:e5:51:fc:ec:8c: 1c:f4:e2:1f:1e:e2:6c:bc:2e:b9:a0:b8:6e:e9:76: 5d:b4:e9:07:3e:be:73:de:7a:01:8b:62:bc:5b:fc: 77:ca:4b:8c:ba:ff:1e:b0:cb:5c:ca:89:e8:92:0d: b0:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:F3:B8:75:26:10:55:C7:14:E5:45:DA:B6:35:94:53:79:7E:C0:87 X509v3 Authority Key Identifier: keyid:A2:1B:A7:0D:F8:EE:47:0F:E7:A6:03:85:B6:65:38:42:57:0E:D3:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:c8:67:f0:64:a2:68:eb:00:71:3b:59:e5:47:33:5e:58:9d: c4:f4:98:f1:9e:2c:d5:47:2d:42:0e:be:f2:42:42:68:80:40: 76:ce:2a:76:6f:54:4f:44:67:8a:42:60:71:e1:aa:1f:8a:95: c2:32:4e:80:07:19:98:38:83:21:e2:10:93:06:c4:49:6e:07: 3d:46:20:23:2d:3c:ff:d4:6a:ca:4e:68:18:18:fc:36:b9:ac: 8e:cd:cd:21:e7:89:d8:1e:97:ff:ee:64:ed:b4:65:18:d0:f0: fb:d9:85:d1:ca:10:74:58:ba:f1:4c:8b:dc:93:3b:3d:17:48: b4:25:02:a1:7c:1f:8d:27:13:c4:fe:74:31:63:08:03:11:1c: ab:db:6a:31:63:5d:d4:11:e8:c6:eb:aa:ba:f2:e4:2d:e0:bd: 0c:fc:ef:78:9c:fd:e2:a0:7c:1e:07:57:81:8e:86:c9:41:e3: 62:f7:94:bf:c8:c1:bc:ae:7e:19:ca:0f:c6:30:a5:90:71:40: 1a:c9:e7:c9:93:14:79:a6:0b:79:9a:1c:3c:04:b3:13:cd:98: be:94:32:51:f9:2f:9f:c0:94:53:39:22:3d:0a:61:e2:17:06: 0f:31:eb:d6:89:14:6d:85:66:7a:64:73:b0:77:23:32:99:d7: 2a:52:f8:ab -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJYAEu//5VQjVS8GZ9cMFrPU0GIAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4NDI1 NzBFRDNBNDAeFw0yNTEyMDYxNDA2MjNaFw0yNTEyMDkxOTM2MjNaMDMxMTAvBgNV BAMTKDIwRjNCODc1MjYxMDU1QzcxNEU1NDVEQUI2MzU5NDUzNzk3RUMwODcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy9BzjtBFG+w7rdbmld7vrD0H8 DfiOx5Zc+tDML+khpfLD7SRmCxJ6vD5ydiuPSPvsn4nMUFErd5b3qjpyb8fcZGKy BTRcWrrK36/i2hpjBQqBkOvE+XSULobuEQB5VNzU4MbO5qSBdnJv7/1fXZvywJNN du4arWXpA01rSs2jZLQmm2zhzR8Af2eD2eXTcrzYqD9JFigJieSKcMAPR9EfOkNr ElP/pnD8XDa2fmPvIbaTDmopSTjAFpUB3P3CpeWfvdTs14zt5ZauYlzlUfzsjBz0 4h8e4my8LrmguG7pdl206Qc+vnPeegGLYrxb/HfKS4y6/x6wy1zKieiSDbDvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIPO4dSYQVccU5UXatjWUU3l+wIcwHwYDVR0j BBgwFoAUohunDfjuRw/npgOFtmU4QlcO06QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MTQwNTU0NS1jMzVkLTRkZTEtOTYxOC00NGI1ZjQxN2EzMDMvMS9BMjFCQTcwREY4 RUU0NzBGRTdBNjAzODVCNjY1Mzg0MjU3MEVEM0E0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4NDI1NzBF RDNBNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDE0MDU1NDUtYzM1ZC00ZGUxLTk2 MTgtNDRiNWY0MTdhMzAzLzEvQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4 NDI1NzBFRDNBNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAB3IZ/BkomjrAHE7WeVHM15YncT0mPGeLNVH LUIOvvJCQmiAQHbOKnZvVE9EZ4pCYHHhqh+KlcIyToAHGZg4gyHiEJMGxEluBz1G ICMtPP/UaspOaBgY/Da5rI7NzSHnidgel//uZO20ZRjQ8PvZhdHKEHRYuvFMi9yT Oz0XSLQlAqF8H40nE8T+dDFjCAMRHKvbajFjXdQR6Mbrqrry5C3gvQz873ic/eKg fB4HV4GOhslB42L3lL/IwbyufhnKD8YwpZBxQBrJ58mTFHmmC3maHDwEsxPNmL6U MlH5L5/AlFM5Ij0KYeIXBg8x69aJFG2FZnpkc7B3IzKZ1ypS+Ks= -----END CERTIFICATE-----Generated at Mon Dec 8 05:16:57 2025 by rpki-client