This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft File: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft (raw, json) Hash identifier: wCwYbfc453LXS6XXuVmsxuZAPTkaYE+1t3jBAjbLvpo= Subject key identifier: AF:BB:80:70:CA:8A:2F:F4:09:D1:5F:C6:70:50:04:99:49:4D:A1:E3 Authority key identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F Certificate issuer: /CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Certificate serial: 49B957EF6A8C69B7C79C56EF92C68F4AC01FD3BC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft Manifest number: 0223 Signing time: Sat 24 Jan 2026 16:30:59 +0000 Manifest this update: Sat 24 Jan 2026 16:25:59 +0000 Manifest next update: Tue 27 Jan 2026 20:54:59 +0000 Files and hashes: 1: 3130332e36352e39362e302f32332d3234203d3e203536323539.roa (hash: GJQ3NUFsB2nVnSk1uRZagjtzrc7ng31cjwY1HHOp2FQ=) 2: 3130332e31302e3235332e302f32342d3234203d3e203536323539.roa (hash: HvzvMBj5qU+NExWSjTWqrdpmvH/WBtBrlcSKkhbhERc=) 3: 3130332e32382e3136332e302f32342d3234203d3e203536323539.roa (hash: NAFqFIaSAImXyE9eWh33YjJ4/n4BJqvDNhOBlZ2+l28=) 4: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl (hash: b++9QqZMj1SMg0duIwe5LlcPHZFON5K5r7xebMEbmnA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 20:54:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:b9:57:ef:6a:8c:69:b7:c7:9c:56:ef:92:c6:8f:4a:c0:1f:d3:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Validity Not Before: Jan 24 16:25:59 2026 GMT Not After : Jan 27 20:54:59 2026 GMT Subject: CN=AFBB8070CA8A2FF409D15FC670500499494DA1E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:27:a2:f4:7c:76:15:45:3d:94:fe:3d:06:6e: 21:ea:7b:fe:a3:37:7c:94:2b:51:86:72:d2:6d:93: 87:c4:57:63:8b:0d:c4:52:90:b8:cf:41:70:8a:62: 3f:ea:bc:cb:95:c7:fd:ce:bc:67:e8:f6:5f:56:85: a4:1e:af:09:10:25:31:a4:dd:68:b2:44:b7:ed:d2: b0:44:88:0b:2d:dd:2e:58:3a:74:a2:50:e5:9d:bd: 1a:c8:d7:13:33:ce:a6:a7:35:b7:a1:6e:7e:0c:80: 88:ba:91:af:3d:dd:e4:32:d7:ba:5d:94:bd:cc:b6: 88:44:03:67:72:70:ba:fd:a0:61:4d:58:81:f7:7f: 68:18:8d:b0:00:89:66:bf:65:99:62:f3:31:61:d7: 66:cd:45:5a:a7:6d:00:db:0d:c5:14:02:50:2d:18: 0d:8d:f3:42:cd:6f:0b:87:72:99:34:e1:84:60:16: b2:d3:81:3d:e8:7c:09:96:6d:96:00:0f:0f:46:54: ff:d2:cd:3c:8c:ca:40:b8:23:09:ba:fe:f0:fb:26: 99:cd:bb:cc:be:78:0a:51:dc:04:ed:1a:7a:61:20: 8b:e1:1c:26:50:32:f0:7c:93:78:b1:b0:a5:41:52: 13:38:8c:33:02:b4:32:2b:3c:f2:74:76:4d:fa:a4: 74:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:BB:80:70:CA:8A:2F:F4:09:D1:5F:C6:70:50:04:99:49:4D:A1:E3 X509v3 Authority Key Identifier: keyid:3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:1c:18:b4:55:e5:38:b8:a3:61:d4:68:08:91:a4:b4:d3:2a: b5:5c:2d:4e:f0:b4:8b:45:15:4a:97:43:37:a2:5b:b3:04:b0: f4:69:37:ca:21:8c:d9:b0:e1:25:8e:ba:8d:0e:ef:94:06:30: 3d:92:7d:45:2a:78:e9:18:b9:4d:77:a3:63:51:e0:cf:51:e9: 4c:c8:bd:00:3a:d0:43:92:f5:68:a5:c7:07:c9:f6:93:42:c5: 12:4e:ff:18:af:d3:ad:f2:b8:56:15:cb:32:a0:cd:cf:4b:e7: 8a:77:b5:a1:8d:c4:aa:4d:4c:08:1a:ff:8f:ca:72:48:f3:c5: 99:7d:46:68:f2:c2:aa:53:fa:e0:69:29:7a:5b:04:0a:04:86: 27:18:24:c1:14:f4:d2:4d:1d:b9:d4:f8:25:69:bc:ae:83:c0: 09:da:7c:c3:12:38:e8:3b:7a:7c:ac:71:50:e0:90:b6:ff:f2: 77:6e:b6:29:a2:c9:18:30:45:45:0f:6f:0b:7d:c4:51:94:50: bc:e5:ae:50:c0:1d:18:75:e7:75:82:20:87:f7:ae:4c:fe:4f: 5e:df:24:15:56:01:c9:70:17:0f:7f:14:91:5e:53:a5:f0:81: 7a:e3:40:b2:98:27:fb:e7:37:b9:16:08:25:4e:c7:ed:b4:81: c5:ae:21:77 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSblX72qMabfHnFbvksaPSsAf07wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4 NUMzNUU0RjAeFw0yNjAxMjQxNjI1NTlaFw0yNjAxMjcyMDU0NTlaMDMxMTAvBgNV BAMTKEFGQkI4MDcwQ0E4QTJGRjQwOUQxNUZDNjcwNTAwNDk5NDk0REExRTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/J6L0fHYVRT2U/j0GbiHqe/6j N3yUK1GGctJtk4fEV2OLDcRSkLjPQXCKYj/qvMuVx/3OvGfo9l9WhaQerwkQJTGk 3WiyRLft0rBEiAst3S5YOnSiUOWdvRrI1xMzzqanNbehbn4MgIi6ka893eQy17pd lL3MtohEA2dycLr9oGFNWIH3f2gYjbAAiWa/ZZli8zFh12bNRVqnbQDbDcUUAlAt GA2N80LNbwuHcpk04YRgFrLTgT3ofAmWbZYADw9GVP/SzTyMykC4Iwm6/vD7JpnN u8y+eApR3ATtGnphIIvhHCZQMvB8k3ixsKVBUhM4jDMCtDIrPPJ0dk36pHTjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUr7uAcMqKL/QJ0V/GcFAEmUlNoeMwHwYDVR0j BBgwFoAUPXifr19+vmk4xMcj3NLu14XDXk8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZDk3MDAzMi0wOGVhLTQ4OTAtYmRiYS02MzA5YTQ5NzkxN2QvMC8zRDc4OUZBRjVG N0VCRTY5MzhDNEM3MjNEQ0QyRUVENzg1QzM1RTRGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4NUMz NUU0Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGQ5NzAwMzItMDhlYS00ODkwLWJk YmEtNjMwOWE0OTc5MTdkLzAvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVF RDc4NUMzNUU0Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG8cGLRV5Ti4o2HUaAiRpLTTKrVcLU7wtItF FUqXQzeiW7MEsPRpN8ohjNmw4SWOuo0O75QGMD2SfUUqeOkYuU13o2NR4M9R6UzI vQA60EOS9WilxwfJ9pNCxRJO/xiv063yuFYVyzKgzc9L54p3taGNxKpNTAga/4/K ckjzxZl9RmjywqpT+uBpKXpbBAoEhicYJMEU9NJNHbnU+CVpvK6DwAnafMMSOOg7 enyscVDgkLb/8ndutimiyRgwRUUPbwt9xFGUULzlrlDAHRh153WCIIf3rkz+T17f JBVWAclwFw9/FJFeU6XwgXrjQLKYJ/vnN7kWCCVOx+20gcWuIXc= -----END CERTIFICATE-----Generated at Sun Jan 25 20:32:30 2026 by rpki-client