This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft File: 843FDF32A52D11795BBFB0918ABF926E0A210870.mft (raw, json) Hash identifier: 5J+f3dMgTbOCfNJC3d/csiLkKycHjKjn+MFyInbsThw= Subject key identifier: 32:C6:BD:20:07:67:A2:12:F8:0C:94:E6:7D:4B:9E:F4:EF:AF:18:37 Authority key identifier: 84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70 Certificate issuer: /CN=843FDF32A52D11795BBFB0918ABF926E0A210870 Certificate serial: 564610C7A969D5F87084289DD86237140329EFA9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer Subject info access: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft Manifest number: 0126 Signing time: Fri 05 Dec 2025 06:22:19 +0000 Manifest this update: Fri 05 Dec 2025 06:17:19 +0000 Manifest next update: Mon 08 Dec 2025 16:56:19 +0000 Files and hashes: 1: 843FDF32A52D11795BBFB0918ABF926E0A210870.crl (hash: 6JFqaFUm7uJeWjW+uHGlQDN+uW3FUBXFdoyniJ/6wIM=) 2: 3231302e38372e3132342e302f32332d3234203d3e20313532303539.roa (hash: bZtCXaxnCo0kXFhv+UgtkdHVo3axHOoHwsSEN85b1Nc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 16:56:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:46:10:c7:a9:69:d5:f8:70:84:28:9d:d8:62:37:14:03:29:ef:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=843FDF32A52D11795BBFB0918ABF926E0A210870 Validity Not Before: Dec 5 06:17:19 2025 GMT Not After : Dec 8 16:56:19 2025 GMT Subject: CN=32C6BD200767A212F80C94E67D4B9EF4EFAF1837 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:20:11:44:bc:c3:04:01:22:c8:4f:1f:fa:fc: da:f0:7b:d1:28:6e:5f:ec:63:9e:13:c9:c2:71:45: 22:a6:64:42:eb:cf:2b:01:0b:a7:1d:a5:8d:e3:b6: 51:df:6a:ff:1a:1d:88:d4:25:1e:0f:a7:bf:3e:6f: a8:3e:bd:aa:67:5f:eb:1c:63:11:50:1c:1e:c1:3e: 4c:19:85:52:1a:6d:a7:a3:a3:28:48:72:22:a9:c0: b4:de:4c:29:49:20:55:76:76:66:22:7b:67:1b:19: 33:05:3e:14:46:43:bc:10:c7:45:1c:a5:18:57:59: 48:52:7c:30:f2:e6:22:60:5e:4a:aa:e0:7d:cd:6a: 38:f3:9c:29:75:17:c1:17:a8:6d:61:37:76:ef:cf: 52:3b:ca:10:0c:9b:ef:6b:b1:67:c6:b8:d5:76:f5: 84:f6:28:0c:af:0e:50:79:66:de:a2:2d:79:4c:3b: 67:b4:8f:48:98:b0:61:f3:fa:5e:54:6a:cb:31:e4: 2c:3f:bb:f0:57:52:5e:d1:92:b9:ed:af:37:69:11: 6b:a7:5e:72:de:58:7f:03:57:1e:bb:11:2b:e4:4c: 66:67:f6:d6:5a:a3:f8:a3:5d:0a:2a:a2:47:41:66: 59:73:41:55:f4:27:61:1f:64:dd:76:01:22:f8:2f: e0:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:C6:BD:20:07:67:A2:12:F8:0C:94:E6:7D:4B:9E:F4:EF:AF:18:37 X509v3 Authority Key Identifier: keyid:84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:61:a9:8e:11:16:3c:01:db:2b:1e:d6:53:5f:17:86:47:af: 66:ef:99:d1:ef:82:7d:d3:3f:a7:e8:56:d3:eb:67:1c:b8:32: 97:30:93:8b:0d:93:0c:21:af:48:25:c9:fc:42:d6:45:70:6a: 5e:8f:2b:a3:3e:6f:ac:d3:7e:d3:58:06:37:94:4d:9e:b2:87: 9a:21:fc:a0:7f:73:0d:4b:43:86:ce:02:80:c6:43:16:0d:2a: ea:1d:0c:0e:3f:4f:23:2b:41:24:0b:1c:6f:19:af:c7:a8:9f: 0a:da:d4:eb:6e:13:5a:a1:54:78:69:16:0b:a3:a9:2d:bd:39: a0:0f:55:2b:ac:95:c7:9f:51:6a:2d:3b:5c:eb:68:a1:d9:4f: a1:e5:08:51:db:63:04:58:1d:80:38:0d:12:ee:f6:bb:3b:06: 89:ca:33:1c:74:63:ef:eb:df:60:4d:5e:98:2c:b0:d5:2a:55: be:f3:27:07:b0:c6:75:47:95:d5:80:5a:03:18:c9:cb:00:b7: 25:65:b0:ba:df:3b:99:75:4d:40:ea:c1:ce:de:a1:51:8f:26: 8d:79:a7:f6:77:15:ed:31:48:7d:d2:ce:e4:a4:03:6d:e2:8b: c8:2c:52:81:6a:e5:6f:59:4f:57:63:3f:2d:42:87:30:80:c6: b8:fe:7d:78 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVkYQx6lp1fhwhCid2GI3FAMp76kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUw QTIxMDg3MDAeFw0yNTEyMDUwNjE3MTlaFw0yNTEyMDgxNjU2MTlaMDMxMTAvBgNV BAMTKDMyQzZCRDIwMDc2N0EyMTJGODBDOTRFNjdENEI5RUY0RUZBRjE4MzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDIBFEvMMEASLITx/6/Nrwe9Eo bl/sY54TycJxRSKmZELrzysBC6cdpY3jtlHfav8aHYjUJR4Pp78+b6g+vapnX+sc YxFQHB7BPkwZhVIabaejoyhIciKpwLTeTClJIFV2dmYie2cbGTMFPhRGQ7wQx0Uc pRhXWUhSfDDy5iJgXkqq4H3NajjznCl1F8EXqG1hN3bvz1I7yhAMm+9rsWfGuNV2 9YT2KAyvDlB5Zt6iLXlMO2e0j0iYsGHz+l5Uassx5Cw/u/BXUl7RkrntrzdpEWun XnLeWH8DVx67ESvkTGZn9tZao/ijXQoqokdBZllzQVX0J2EfZN12ASL4L+DpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMsa9IAdnohL4DJTmfUue9O+vGDcwHwYDVR0j BBgwFoAUhD/fMqUtEXlbv7CRir+SbgohCHAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 N2JlOGI3Yy0yMzJmLTQ3ZTgtOWNkZC04ODE3ZDM5YjcwZWEvMC84NDNGREYzMkE1 MkQxMTc5NUJCRkIwOTE4QUJGOTI2RTBBMjEwODcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUwQTIx MDg3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTdiZThiN2MtMjMyZi00N2U4LTlj ZGQtODgxN2QzOWI3MGVhLzAvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjky NkUwQTIxMDg3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJVhqY4RFjwB2yse1lNfF4ZHr2bvmdHvgn3T P6foVtPrZxy4Mpcwk4sNkwwhr0glyfxC1kVwal6PK6M+b6zTftNYBjeUTZ6yh5oh /KB/cw1LQ4bOAoDGQxYNKuodDA4/TyMrQSQLHG8Zr8eonwra1OtuE1qhVHhpFguj qS29OaAPVSuslcefUWotO1zraKHZT6HlCFHbYwRYHYA4DRLu9rs7BonKMxx0Y+/r 32BNXpgssNUqVb7zJwewxnVHldWAWgMYycsAtyVlsLrfO5l1TUDqwc7eoVGPJo15 p/Z3Fe0xSH3SzuSkA23ii8gsUoFq5W9ZT1djPy1ChzCAxrj+fXg= -----END CERTIFICATE-----Generated at Sun Dec 7 02:09:53 2025 by rpki-client