This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0/8989D0431453556F22D882A21B2BBB9F4E4A2C24.mft File: 8989D0431453556F22D882A21B2BBB9F4E4A2C24.mft (raw, json) Hash identifier: KhfmIo1i4C6hx+2+hp+K1nht3Zk8HxFo1gY4wDB2ECw= Subject key identifier: CE:63:57:96:B8:0F:6B:1F:26:56:A6:31:54:86:16:45:1F:D8:20:96 Authority key identifier: 89:89:D0:43:14:53:55:6F:22:D8:82:A2:1B:2B:BB:9F:4E:4A:2C:24 Certificate issuer: /CN=8989D0431453556F22D882A21B2BBB9F4E4A2C24 Certificate serial: 677E5A6D720EEB2094A475DA34F2A8812E697108 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8989D0431453556F22D882A21B2BBB9F4E4A2C24.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0/8989D0431453556F22D882A21B2BBB9F4E4A2C24.mft Manifest number: 01CA Signing time: Sun 25 Jan 2026 08:51:33 +0000 Manifest this update: Sun 25 Jan 2026 08:46:33 +0000 Manifest next update: Wed 28 Jan 2026 16:01:33 +0000 Files and hashes: 1: 3130332e3133302e38332e302f32342d3234203d3e20313530393636.roa (hash: MueUJKcGkwue3xJukPLYM+05PMMpQl2v+Pz0FDXtNcM=) 2: 3130332e3133302e38322e302f32332d3233203d3e20313530393636.roa (hash: sNTsns3ST7lmT3Lzq1+VabwjCefZeBfZWQ1CC+0VBzY=) 3: 8989D0431453556F22D882A21B2BBB9F4E4A2C24.crl (hash: 1S5iQQKcMAL264HP/wIBq9HeLN7b5dynbVjQ1WkAyzU=) 4: 3130332e3133302e38322e302f32342d3234203d3e20313530393636.roa (hash: WdwAhrLb01WctAevsLo2E5F0+guZcHnuWIL6/QTKVQY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0/8989D0431453556F22D882A21B2BBB9F4E4A2C24.crl rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0/8989D0431453556F22D882A21B2BBB9F4E4A2C24.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8989D0431453556F22D882A21B2BBB9F4E4A2C24.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 14:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:7e:5a:6d:72:0e:eb:20:94:a4:75:da:34:f2:a8:81:2e:69:71:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8989D0431453556F22D882A21B2BBB9F4E4A2C24 Validity Not Before: Jan 25 08:46:33 2026 GMT Not After : Jan 28 16:01:33 2026 GMT Subject: CN=CE635796B80F6B1F2656A631548616451FD82096 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:25:7a:0b:ac:0f:6d:70:a1:6a:e6:00:8b:d9: c1:76:0b:4a:d1:ab:e4:86:05:61:7d:1b:47:17:b3: af:12:16:6f:97:ce:fd:7d:42:e1:95:44:d6:bb:2e: 3d:f3:2d:f9:45:cd:40:3f:cf:1a:e6:29:d8:73:7c: 81:0c:28:1d:fa:ce:4b:d6:32:74:14:14:bc:ae:1f: 6e:78:62:6d:e2:be:0c:6b:4c:cf:9d:ab:1a:01:f8: 29:ce:90:47:22:2b:22:45:c0:61:ec:8b:f1:1f:25: 12:9a:32:5d:a4:75:42:22:b2:5d:a0:94:7a:4e:97: 46:60:27:f0:87:12:c3:10:af:97:e4:1a:82:6b:f2: ac:2c:23:a3:e5:1c:8b:58:18:0e:f6:6b:0a:0a:89: bd:6c:23:4d:8a:da:bf:c7:e5:12:6c:3f:d8:b7:1b: 22:5d:42:0d:e8:44:d3:bb:fb:9d:69:29:7b:c2:a1: 24:ea:d7:08:a4:6c:63:58:65:3e:a2:da:da:ee:0a: 70:65:86:2f:86:55:a2:a6:9c:d3:ae:f0:bf:28:52: e5:60:b0:80:3a:e8:91:38:4d:c3:e1:af:69:fa:b5: 11:c7:8d:98:1b:ea:70:e6:04:7e:b1:8b:b1:05:6a: e9:a2:87:1a:a7:20:09:03:86:a0:64:52:db:92:bf: 42:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:63:57:96:B8:0F:6B:1F:26:56:A6:31:54:86:16:45:1F:D8:20:96 X509v3 Authority Key Identifier: keyid:89:89:D0:43:14:53:55:6F:22:D8:82:A2:1B:2B:BB:9F:4E:4A:2C:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0/8989D0431453556F22D882A21B2BBB9F4E4A2C24.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8989D0431453556F22D882A21B2BBB9F4E4A2C24.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0/8989D0431453556F22D882A21B2BBB9F4E4A2C24.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:5b:a9:2f:2e:eb:d6:37:80:96:f1:3e:8a:bf:2f:6b:68:66: 49:42:2d:99:93:e3:20:59:66:1c:e3:2c:a7:81:af:9e:b2:58: 31:ce:69:39:3d:3f:22:38:b2:16:ae:38:90:89:ae:fb:e0:2e: 8b:33:64:59:81:8d:8a:fd:b2:b3:42:e8:1d:7f:2a:21:f7:ac: 01:e4:02:58:a3:ba:5a:16:e7:5e:20:ce:6c:bd:1a:f7:a3:ef: fe:41:b9:9c:09:ac:57:35:09:8e:14:94:42:c2:8b:da:14:e8: 6c:40:1a:35:c8:75:40:a8:22:a0:52:0a:f5:26:e7:e2:ff:3f: 49:3a:35:ad:d4:91:36:e8:4d:c7:b0:47:72:96:00:df:dd:47: 88:d2:f4:c7:fd:0e:1a:ca:da:3d:4a:bb:27:db:18:6b:28:d2: e3:80:82:db:82:62:ff:5c:42:06:e7:a9:b1:ff:b0:9b:31:d3: 9f:e4:a1:3f:be:f6:c6:07:74:c6:fe:d8:42:cc:38:a0:d5:80: be:58:4d:82:d5:e5:6f:2e:41:c2:ec:a3:5c:88:77:81:cf:76: 88:eb:0c:51:62:24:f6:22:b4:34:df:53:f2:db:67:63:68:f1: e4:d9:ec:18:22:0d:04:d6:b2:66:93:13:c9:96:ee:aa:f0:32: 20:7e:43:2a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZ35abXIO6yCUpHXaNPKogS5pcQgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODk4OUQwNDMxNDUzNTU2RjIyRDg4MkEyMUIyQkJCOUY0 RTRBMkMyNDAeFw0yNjAxMjUwODQ2MzNaFw0yNjAxMjgxNjAxMzNaMDMxMTAvBgNV BAMTKENFNjM1Nzk2QjgwRjZCMUYyNjU2QTYzMTU0ODYxNjQ1MUZEODIwOTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiJXoLrA9tcKFq5gCL2cF2C0rR q+SGBWF9G0cXs68SFm+Xzv19QuGVRNa7Lj3zLflFzUA/zxrmKdhzfIEMKB36zkvW MnQUFLyuH254Ym3ivgxrTM+dqxoB+CnOkEciKyJFwGHsi/EfJRKaMl2kdUIisl2g lHpOl0ZgJ/CHEsMQr5fkGoJr8qwsI6PlHItYGA72awoKib1sI02K2r/H5RJsP9i3 GyJdQg3oRNO7+51pKXvCoSTq1wikbGNYZT6i2truCnBlhi+GVaKmnNOu8L8oUuVg sIA66JE4TcPhr2n6tRHHjZgb6nDmBH6xi7EFaumihxqnIAkDhqBkUtuSv0I9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzmNXlrgPax8mVqYxVIYWRR/YIJYwHwYDVR0j BBgwFoAUiYnQQxRTVW8i2IKiGyu7n05KLCQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YTg3MDY0Yi01ZjI3LTQyNzAtOTBlNC05OWY0M2FlODRkYjcvMC84OTg5RDA0MzE0 NTM1NTZGMjJEODgyQTIxQjJCQkI5RjRFNEEyQzI0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODk4OUQwNDMxNDUzNTU2RjIyRDg4MkEyMUIyQkJCOUY0RTRB MkMyNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGE4NzA2NGItNWYyNy00MjcwLTkw ZTQtOTlmNDNhZTg0ZGI3LzAvODk4OUQwNDMxNDUzNTU2RjIyRDg4MkEyMUIyQkJC OUY0RTRBMkMyNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABNbqS8u69Y3gJbxPoq/L2toZklCLZmT4yBZ ZhzjLKeBr56yWDHOaTk9PyI4shauOJCJrvvgLoszZFmBjYr9srNC6B1/KiH3rAHk AlijuloW514gzmy9Gvej7/5BuZwJrFc1CY4UlELCi9oU6GxAGjXIdUCoIqBSCvUm 5+L/P0k6Na3UkTboTcewR3KWAN/dR4jS9Mf9DhrK2j1KuyfbGGso0uOAgtuCYv9c QgbnqbH/sJsx05/koT++9sYHdMb+2ELMOKDVgL5YTYLV5W8uQcLso1yId4HPdojr DFFiJPYitDTfU/LbZ2No8eTZ7BgiDQTWsmaTE8mW7qrwMiB+Qyo= -----END CERTIFICATE-----Generated at Mon Jan 26 01:22:39 2026 by rpki-client