This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft File: 3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft (raw, json) Hash identifier: qIMy17Mbh0rH5t6yrs3Knzl/MlnGsTWeF3LJqZ+9fiM= Subject key identifier: 40:E7:BA:7B:46:4F:51:54:1E:6D:68:0B:00:CE:05:90:78:C4:01:FD Authority key identifier: 3B:A5:C1:01:90:AD:C9:6E:E3:4E:B4:A6:D0:54:45:70:22:CB:DE:E9 Certificate issuer: /CN=3BA5C10190ADC96EE34EB4A6D054457022CBDEE9 Certificate serial: 146F35FAC080C2BAED5A2C9A5CEC9A89CAD3B77D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft Manifest number: 0233 Signing time: Sat 06 Dec 2025 12:42:02 +0000 Manifest this update: Sat 06 Dec 2025 12:37:02 +0000 Manifest next update: Tue 09 Dec 2025 21:02:02 +0000 Files and hashes: 1: 3130332e3139302e36312e302f32342d3234203d3e20313439393031.roa (hash: Ykg6X7TmWGcN3xNxQzs8nCjH8QlPm6F3Uq9zQ4bEBTI=) 2: 3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.crl (hash: wqUNARuHOv4r2AFds/qRJwlPoD7mLsRFZ4pIuc37zY4=) 3: 3130332e3139302e36302e302f32332d3233203d3e20313439393031.roa (hash: 51ekgtNLYDLFINvFYDj/N8stn5dpVipAbdc9vPbRQ7I=) 4: 3130332e3139302e36302e302f32342d3234203d3e20313439393031.roa (hash: TsTDpWhEe0S4QbX7Nvx05CapjsmJk1el8Dy5qKfw9Z4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.crl rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 15:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:6f:35:fa:c0:80:c2:ba:ed:5a:2c:9a:5c:ec:9a:89:ca:d3:b7:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BA5C10190ADC96EE34EB4A6D054457022CBDEE9 Validity Not Before: Dec 6 12:37:02 2025 GMT Not After : Dec 9 21:02:02 2025 GMT Subject: CN=40E7BA7B464F51541E6D680B00CE059078C401FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:ba:d8:af:5b:0b:71:20:c0:93:59:da:16:9e: 41:4d:ae:9f:a3:91:3e:e6:10:0b:e4:1a:e8:e4:da: 77:90:0e:21:f9:30:c7:85:88:93:75:da:3a:18:76: 0a:9c:e2:dc:f0:05:c5:4e:8b:7d:3e:67:cf:b8:a4: 45:40:30:5d:3e:6d:61:2d:c9:96:39:ed:ec:54:b6: 65:44:22:3c:e7:b1:e4:2f:bc:e2:61:6a:57:37:87: 65:fc:91:06:01:0a:e5:8f:c6:52:55:4c:f4:cc:1a: 0b:ac:c8:f6:08:b8:cc:74:48:37:28:9f:5d:ae:44: d9:e6:38:ed:85:d8:d1:28:4c:f1:b9:e7:f3:3e:36: db:4f:97:b3:63:5b:85:a2:cf:ec:b5:3a:7c:a8:9f: fb:72:b2:3c:32:63:8e:59:9d:33:9c:90:7a:73:d5: 4e:e3:b8:0f:85:66:17:86:da:55:1b:30:fb:87:87: 8f:f1:27:41:8d:6a:69:94:b9:7a:f8:34:1b:c0:e3: c7:90:89:b0:ae:b8:1e:c6:4a:f8:de:2c:3d:16:b2: d9:70:7f:7d:cf:3c:8c:09:60:4e:d6:96:2d:52:5b: 43:6b:23:6f:7f:cf:63:e2:ec:f6:49:2f:0f:5d:b4: 48:9d:61:9b:ab:ae:18:74:c6:4f:db:6b:56:7c:b4: d8:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:E7:BA:7B:46:4F:51:54:1E:6D:68:0B:00:CE:05:90:78:C4:01:FD X509v3 Authority Key Identifier: keyid:3B:A5:C1:01:90:AD:C9:6E:E3:4E:B4:A6:D0:54:45:70:22:CB:DE:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:f8:6c:28:e8:43:4e:5f:ed:c0:77:7c:6e:e4:f2:a8:04:3c: ac:1e:55:7d:d0:8e:f4:2e:b3:e3:f8:77:e8:23:d3:26:fd:96: 3a:41:18:c6:60:9a:71:6a:32:23:8b:d1:74:c3:ed:f7:81:41: c0:6b:52:6b:c2:2a:eb:6d:4d:f0:79:77:eb:14:95:08:6f:4a: 37:40:5f:9f:77:51:7a:be:2f:f7:46:ce:30:47:7b:ff:bd:cb: 22:0a:10:6d:ed:a3:a8:b7:aa:cc:ac:19:d0:aa:7c:aa:28:e1: 76:a0:cd:9d:6b:fd:74:69:b7:9c:fe:89:47:18:40:99:ef:f2: 85:1f:0c:f4:ea:27:81:20:d0:27:41:3f:c1:e6:ec:c4:70:6b: 3b:9b:95:28:a9:cd:14:a3:66:81:8f:4f:6a:99:62:45:28:79: c9:80:a3:ac:c0:4f:6b:8e:74:11:58:2b:2a:c2:81:6b:15:b2: 46:46:b7:71:24:34:0d:7a:b4:64:d1:0a:69:cb:e5:a6:29:f7: 22:52:43:48:f6:4e:9e:72:09:fe:1b:2d:10:3a:90:e2:b1:6d: 62:31:cd:9b:15:8a:b7:3c:e4:4f:7a:9c:20:c2:04:d7:0d:dd: 67:cb:60:49:03:40:bd:63:67:70:63:af:a5:31:69:7c:5c:f5: 7c:07:e4:2f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFG81+sCAwrrtWiyaXOyaicrTt30wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0JBNUMxMDE5MEFEQzk2RUUzNEVCNEE2RDA1NDQ1NzAy MkNCREVFOTAeFw0yNTEyMDYxMjM3MDJaFw0yNTEyMDkyMTAyMDJaMDMxMTAvBgNV BAMTKDQwRTdCQTdCNDY0RjUxNTQxRTZENjgwQjAwQ0UwNTkwNzhDNDAxRkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCautivWwtxIMCTWdoWnkFNrp+j kT7mEAvkGujk2neQDiH5MMeFiJN12joYdgqc4tzwBcVOi30+Z8+4pEVAMF0+bWEt yZY57exUtmVEIjznseQvvOJhalc3h2X8kQYBCuWPxlJVTPTMGgusyPYIuMx0SDco n12uRNnmOO2F2NEoTPG55/M+NttPl7NjW4Wiz+y1Onyon/tysjwyY45ZnTOckHpz 1U7juA+FZheG2lUbMPuHh4/xJ0GNammUuXr4NBvA48eQibCuuB7GSvjeLD0Wstlw f33PPIwJYE7Wli1SW0NrI29/z2Pi7PZJLw9dtEidYZurrhh0xk/ba1Z8tNiVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQOe6e0ZPUVQebWgLAM4FkHjEAf0wHwYDVR0j BBgwFoAUO6XBAZCtyW7jTrSm0FRFcCLL3ukwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZTMxNDg1OC1iMzNhLTRiNjUtOWE1NS1kY2U0MWUyMjM4NzMvMC8zQkE1QzEwMTkw QURDOTZFRTM0RUI0QTZEMDU0NDU3MDIyQ0JERUU5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0JBNUMxMDE5MEFEQzk2RUUzNEVCNEE2RDA1NDQ1NzAyMkNC REVFOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWUzMTQ4NTgtYjMzYS00YjY1LTlh NTUtZGNlNDFlMjIzODczLzAvM0JBNUMxMDE5MEFEQzk2RUUzNEVCNEE2RDA1NDQ1 NzAyMkNCREVFOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABz4bCjoQ05f7cB3fG7k8qgEPKweVX3QjvQu s+P4d+gj0yb9ljpBGMZgmnFqMiOL0XTD7feBQcBrUmvCKuttTfB5d+sUlQhvSjdA X593UXq+L/dGzjBHe/+9yyIKEG3to6i3qsysGdCqfKoo4XagzZ1r/XRpt5z+iUcY QJnv8oUfDPTqJ4Eg0CdBP8Hm7MRwazublSipzRSjZoGPT2qZYkUoecmAo6zAT2uO dBFYKyrCgWsVskZGt3EkNA16tGTRCmnL5aYp9yJSQ0j2Tp5yCf4bLRA6kOKxbWIx zZsVirc85E96nCDCBNcN3WfLYEkDQL1jZ3Bjr6UxaXxc9XwH5C8= -----END CERTIFICATE-----Generated at Sat Dec 6 23:53:01 2025 by rpki-client