This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft File: 2858C74CC23A557C73F59051B7FE8638AA491C94.mft (raw, json) Hash identifier: On01B8wn3C1wffMdBDDp0MtLmsUu3dcKfgNabLmlAwg= Subject key identifier: 5D:71:C3:45:6F:8F:8B:68:40:5F:D8:46:F1:64:7B:87:00:EB:09:6E Authority key identifier: 28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 Certificate issuer: /CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Certificate serial: 09BE30C4CC675079293B841D4795795CC8FBA9E0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer Subject info access: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft Manifest number: 56 Signing time: Sun 25 Jan 2026 07:11:26 +0000 Manifest this update: Sun 25 Jan 2026 07:06:26 +0000 Manifest next update: Wed 28 Jan 2026 08:46:26 +0000 Files and hashes: 1: 323430303a366632303a353a3a2f34382d3438203d3e20313333383039.roa (hash: KGGUUPJetYRovMai9BvuYsEqHu8TgW6bYg4Sm8JWJcg=) 2: 3130332e35302e3132382e302f32322d3234203d3e20313333383039.roa (hash: IB02l7aeS1Ctr7m+n8ymFsmUvTLgjo3obFTTz15X/C8=) 3: 2858C74CC23A557C73F59051B7FE8638AA491C94.crl (hash: MEmotyNTuddBnobwUa7SYU9/l5eX/lRaV/47F5y38sM=) 4: 323430303a366632303a3a2f33322d3438203d3e20313333383039.roa (hash: 8MTe8KcDcB0X2kj+3dmF5RSp4lHPV4hialaox1IdvHk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.crl rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 08:46:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:be:30:c4:cc:67:50:79:29:3b:84:1d:47:95:79:5c:c8:fb:a9:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Validity Not Before: Jan 25 07:06:26 2026 GMT Not After : Jan 28 08:46:26 2026 GMT Subject: CN=5D71C3456F8F8B68405FD846F1647B8700EB096E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:71:32:9a:7b:1c:78:fb:1e:81:d6:0d:8e:c5: 54:20:0e:1b:c5:9d:2e:22:83:d5:78:99:99:59:b3: a1:98:91:28:b4:57:03:f1:d1:52:de:df:c0:71:50: be:80:21:09:bf:97:fa:26:0c:2e:6a:ca:81:37:69: cf:3f:08:01:03:85:6b:60:a2:2f:e3:42:7c:e4:ae: d2:51:11:3b:8c:fe:1e:ce:34:ca:a2:96:ab:98:86: 82:9d:6c:50:60:39:b9:a6:12:97:88:f7:6e:c7:44: bf:9a:63:c2:7a:79:5c:fb:e5:d2:6e:d9:5f:db:f4: fa:70:0f:f1:1e:ac:cc:f5:4e:b1:92:27:ca:9f:3f: 78:50:dc:ee:37:31:72:d6:d6:da:89:45:93:d5:aa: 40:36:a9:7b:c4:05:bb:eb:58:c1:49:cc:08:77:8a: 55:a6:8c:d2:54:0d:42:2e:76:8f:b6:46:06:b5:b9: 15:af:0e:86:76:04:d7:51:3b:f3:81:f9:70:d1:0c: 14:a8:ce:48:d1:74:7a:96:8a:d7:25:56:ac:6e:06: c6:a5:3f:b2:c9:75:e8:77:55:2a:2d:b3:68:ae:2a: bc:c8:7a:c5:32:f6:ee:f5:69:b7:6e:58:a5:3f:e3: 1b:2f:c9:b5:d9:b9:d7:0d:e4:d6:07:ce:cb:f1:62: cc:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:71:C3:45:6F:8F:8B:68:40:5F:D8:46:F1:64:7B:87:00:EB:09:6E X509v3 Authority Key Identifier: keyid:28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:ab:bf:3f:f5:ac:17:93:d0:82:df:6d:e1:01:ca:40:d7:fc: 6b:9d:34:24:aa:07:00:1b:1c:54:2c:c6:19:e7:98:97:29:54: 14:9f:22:69:a9:df:b0:7e:e5:54:6b:aa:22:c2:bb:2b:5c:79: 0c:e3:df:6e:ac:9d:49:c4:f6:0f:66:d1:71:0e:f7:6f:b1:8c: 52:b4:59:29:78:2d:a7:56:55:1d:44:ed:01:db:22:9e:2f:56: c6:8a:eb:f2:42:b2:67:e5:33:9e:19:9a:18:e6:9d:4d:a1:db: c4:37:42:e1:da:cb:6e:dd:ac:35:35:d4:d7:02:fb:70:e6:e0: cf:2e:28:cc:10:5c:a4:c0:ed:9c:40:ed:35:2f:cd:98:cd:11: 07:dd:f5:b7:83:1a:b3:de:1a:1a:20:39:93:b5:6e:0e:e5:7c: 81:6c:56:66:23:e3:a2:a0:70:d7:cd:96:3c:ca:22:a9:a4:ca: 87:81:dd:62:4d:ea:b2:a2:29:40:01:22:56:af:54:de:4c:20: b9:6f:5b:38:b0:ee:4a:8f:51:61:0a:24:2a:a5:01:a5:0d:eb: 9d:c7:98:8a:cb:12:5a:42:2f:93:74:a7:eb:f2:b0:23:86:e7: a6:bc:ff:76:24:f4:8f:78:19:d9:3b:f3:50:28:3d:14:45:99: 70:2c:c4:ac -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCb4wxMxnUHkpO4QdR5V5XMj7qeAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2MzhB QTQ5MUM5NDAeFw0yNjAxMjUwNzA2MjZaFw0yNjAxMjgwODQ2MjZaMDMxMTAvBgNV BAMTKDVENzFDMzQ1NkY4RjhCNjg0MDVGRDg0NkYxNjQ3Qjg3MDBFQjA5NkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrcTKaexx4+x6B1g2OxVQgDhvF nS4ig9V4mZlZs6GYkSi0VwPx0VLe38BxUL6AIQm/l/omDC5qyoE3ac8/CAEDhWtg oi/jQnzkrtJRETuM/h7ONMqilquYhoKdbFBgObmmEpeI927HRL+aY8J6eVz75dJu 2V/b9PpwD/EerMz1TrGSJ8qfP3hQ3O43MXLW1tqJRZPVqkA2qXvEBbvrWMFJzAh3 ilWmjNJUDUIudo+2Rga1uRWvDoZ2BNdRO/OB+XDRDBSozkjRdHqWitclVqxuBsal P7LJdeh3VSots2iuKrzIesUy9u71abduWKU/4xsvybXZudcN5NYHzsvxYsx5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUXXHDRW+Pi2hAX9hG8WR7hwDrCW4wHwYDVR0j BBgwFoAUKFjHTMI6VXxz9ZBRt/6GOKpJHJQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 OWNlZjhiMC1iYTY0LTRjMGMtOGRlOC0xZjUwYTg1ZDVmZGUvMC8yODU4Qzc0Q0My M0E1NTdDNzNGNTkwNTFCN0ZFODYzOEFBNDkxQzk0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2MzhBQTQ5 MUM5NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTljZWY4YjAtYmE2NC00YzBjLThk ZTgtMWY1MGE4NWQ1ZmRlLzAvMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2 MzhBQTQ5MUM5NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFervz/1rBeT0ILfbeEBykDX/GudNCSqBwAb HFQsxhnnmJcpVBSfImmp37B+5VRrqiLCuytceQzj326snUnE9g9m0XEO92+xjFK0 WSl4LadWVR1E7QHbIp4vVsaK6/JCsmflM54ZmhjmnU2h28Q3QuHay27drDU11NcC +3Dm4M8uKMwQXKTA7ZxA7TUvzZjNEQfd9beDGrPeGhogOZO1bg7lfIFsVmYj46Kg cNfNljzKIqmkyoeB3WJN6rKiKUABIlavVN5MILlvWziw7kqPUWEKJCqlAaUN653H mIrLElpCL5N0p+vysCOG56a8/3Yk9I94Gdk781AoPRRFmXAsxKw= -----END CERTIFICATE-----Generated at Sun Jan 25 18:47:48 2026 by rpki-client