This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft File: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft (raw, json) Hash identifier: caKJ5ZxtQtTUp4714dUt2ds1gTapHnSLObVQ5u+LGcI= Subject key identifier: 13:8C:EF:8A:93:5F:97:B0:38:0C:96:11:CE:9C:26:A7:D2:97:A9:F7 Authority key identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F Certificate issuer: /CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Certificate serial: 0992618E76F92FF04AFD74682F24019DE2A6882F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft Manifest number: 020D Signing time: Fri 05 Dec 2025 16:01:05 +0000 Manifest this update: Fri 05 Dec 2025 15:56:05 +0000 Manifest next update: Mon 08 Dec 2025 17:11:05 +0000 Files and hashes: 1: 3130332e36352e39362e302f32332d3234203d3e203536323539.roa (hash: GJQ3NUFsB2nVnSk1uRZagjtzrc7ng31cjwY1HHOp2FQ=) 2: 3130332e31302e3235332e302f32342d3234203d3e203536323539.roa (hash: HvzvMBj5qU+NExWSjTWqrdpmvH/WBtBrlcSKkhbhERc=) 3: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl (hash: niYKoTFeAhDUR15H44CN9D8f2Of2EsYizsslvDh6KNA=) 4: 3130332e32382e3136332e302f32342d3234203d3e203536323539.roa (hash: NAFqFIaSAImXyE9eWh33YjJ4/n4BJqvDNhOBlZ2+l28=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 17:11:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:92:61:8e:76:f9:2f:f0:4a:fd:74:68:2f:24:01:9d:e2:a6:88:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Validity Not Before: Dec 5 15:56:05 2025 GMT Not After : Dec 8 17:11:05 2025 GMT Subject: CN=138CEF8A935F97B0380C9611CE9C26A7D297A9F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:25:55:56:47:18:05:f5:fb:d6:ac:26:6c:0c: ea:44:cb:dd:c2:65:65:ce:41:61:7a:8b:e1:65:00: ef:04:9c:87:03:52:2d:97:9f:dc:58:f6:f7:ad:fb: 49:3d:c9:82:bc:14:ec:a6:45:3c:e4:ed:9d:25:cd: 01:ee:fb:eb:72:7d:9b:21:2d:78:c1:a3:ea:54:e6: 5e:34:d4:50:95:89:2f:59:17:79:9e:a0:47:32:34: 00:15:0a:89:3d:89:c8:ab:ee:a1:72:21:4b:13:25: b4:38:53:91:cb:cd:fa:7d:52:83:c9:fe:4a:5b:cb: 96:63:3a:aa:d2:9b:c3:e8:ef:46:cf:fb:55:8e:88: 57:96:94:d0:1b:62:45:d4:0c:91:f8:91:3b:c0:76: ac:81:c4:b7:28:58:86:00:2c:9d:8b:36:40:2a:e0: 60:fe:64:02:41:15:ab:c9:a4:9d:06:30:90:09:1c: 1a:23:24:9b:44:7c:5d:1e:44:83:78:59:af:26:64: 7a:c1:90:87:51:4b:89:fd:44:ea:07:f2:26:28:ad: 5c:29:4e:88:71:c4:e9:58:65:7f:9f:77:da:a9:85: 45:22:8a:56:57:e3:e4:09:78:05:26:ac:cb:f3:c6: 21:99:47:ec:95:70:ea:a6:69:0e:39:19:e5:8c:ae: 89:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:8C:EF:8A:93:5F:97:B0:38:0C:96:11:CE:9C:26:A7:D2:97:A9:F7 X509v3 Authority Key Identifier: keyid:3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:72:1e:40:94:95:4a:80:66:76:b1:2e:10:08:cd:7d:80:9a: 2b:e0:47:37:1d:62:f3:7f:13:3b:a0:2c:9d:73:a3:f5:84:4f: 02:89:52:b2:35:9b:03:0f:ea:e7:05:2b:d2:4a:ac:b6:73:73: 77:33:0d:2d:e7:5c:66:d9:12:2c:15:f5:77:2a:e1:ab:a4:71: d1:e4:a1:25:8d:8f:5b:34:7f:a2:6a:ed:30:3f:8a:f4:77:87: 2a:67:d4:1c:1d:a5:a3:47:94:2b:66:ad:99:29:77:f8:46:d1: 20:c1:d3:54:65:52:c2:81:34:de:1e:7c:64:60:c2:a3:30:55: 95:13:44:8f:85:2b:7f:a2:cf:1e:7c:a3:50:f1:90:56:8e:3c: 96:ff:d2:00:32:30:8d:b7:6c:47:c3:78:42:26:f0:e0:88:bb: 1b:01:44:8f:53:97:d4:3e:93:70:2b:7e:ef:0f:c7:bd:99:f3: a1:0b:d3:5c:eb:4f:02:3d:29:43:d1:3e:7a:5a:c7:5e:70:3b: af:17:f3:53:7c:78:7f:a6:94:cd:f6:d6:b3:f3:83:d1:74:ac: 27:91:52:08:61:17:c7:18:4a:09:5f:ad:7f:58:fc:35:8f:9b: 06:c9:e3:9f:1d:93:69:f7:44:98:94:06:01:ba:df:2f:a7:0d: 8d:67:8b:4c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCZJhjnb5L/BK/XRoLyQBneKmiC8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4 NUMzNUU0RjAeFw0yNTEyMDUxNTU2MDVaFw0yNTEyMDgxNzExMDVaMDMxMTAvBgNV BAMTKDEzOENFRjhBOTM1Rjk3QjAzODBDOTYxMUNFOUMyNkE3RDI5N0E5RjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJVVWRxgF9fvWrCZsDOpEy93C ZWXOQWF6i+FlAO8EnIcDUi2Xn9xY9vet+0k9yYK8FOymRTzk7Z0lzQHu++tyfZsh LXjBo+pU5l401FCViS9ZF3meoEcyNAAVCok9icir7qFyIUsTJbQ4U5HLzfp9UoPJ /kpby5ZjOqrSm8Po70bP+1WOiFeWlNAbYkXUDJH4kTvAdqyBxLcoWIYALJ2LNkAq 4GD+ZAJBFavJpJ0GMJAJHBojJJtEfF0eRIN4Wa8mZHrBkIdRS4n9ROoH8iYorVwp TohxxOlYZX+fd9qphUUiilZX4+QJeAUmrMvzxiGZR+yVcOqmaQ45GeWMronLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUE4zvipNfl7A4DJYRzpwmp9KXqfcwHwYDVR0j BBgwFoAUPXifr19+vmk4xMcj3NLu14XDXk8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZDk3MDAzMi0wOGVhLTQ4OTAtYmRiYS02MzA5YTQ5NzkxN2QvMC8zRDc4OUZBRjVG N0VCRTY5MzhDNEM3MjNEQ0QyRUVENzg1QzM1RTRGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4NUMz NUU0Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGQ5NzAwMzItMDhlYS00ODkwLWJk YmEtNjMwOWE0OTc5MTdkLzAvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVF RDc4NUMzNUU0Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADdyHkCUlUqAZnaxLhAIzX2AmivgRzcdYvN/ EzugLJ1zo/WETwKJUrI1mwMP6ucFK9JKrLZzc3czDS3nXGbZEiwV9Xcq4aukcdHk oSWNj1s0f6Jq7TA/ivR3hypn1BwdpaNHlCtmrZkpd/hG0SDB01RlUsKBNN4efGRg wqMwVZUTRI+FK3+izx58o1DxkFaOPJb/0gAyMI23bEfDeEIm8OCIuxsBRI9Tl9Q+ k3Arfu8Px72Z86EL01zrTwI9KUPRPnpax15wO68X81N8eH+mlM321rPzg9F0rCeR UghhF8cYSglfrX9Y/DWPmwbJ458dk2n3RJiUBgG63y+nDY1ni0w= -----END CERTIFICATE-----Generated at Sat Dec 6 22:53:16 2025 by rpki-client