This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft File: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft (raw, json) Hash identifier: K6pc77aVI6GbkQrshkY21Jfy/QHFXaVNc7/9vxBMgHY= Subject key identifier: F0:10:FE:5C:EE:0A:C4:CD:A1:45:83:7B:BB:C3:26:95:5F:55:B9:F7 Authority key identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 Certificate issuer: /CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Certificate serial: 2C496D676F2E250E85BF941ABDDA34A0CFF7E734 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft Manifest number: AE Signing time: Thu 04 Dec 2025 15:10:02 +0000 Manifest this update: Thu 04 Dec 2025 15:05:02 +0000 Manifest next update: Sun 07 Dec 2025 21:03:02 +0000 Files and hashes: 1: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl (hash: KHsvolM3ZvjuXQ8Z6IUOBrh74sX+KM0Bc5pWqog0bz8=) 2: 3136302e32322e3138372e302f32342d3234203d3e20313532383233.roa (hash: hp0FWXodRjkZ1xCt3tnFlPQ3FclJlDZduoZ/rI+jC6E=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 21:03:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:49:6d:67:6f:2e:25:0e:85:bf:94:1a:bd:da:34:a0:cf:f7:e7:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Validity Not Before: Dec 4 15:05:02 2025 GMT Not After : Dec 7 21:03:02 2025 GMT Subject: CN=F010FE5CEE0AC4CDA145837BBBC326955F55B9F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:40:d0:e1:86:b5:81:90:19:02:e7:a3:20:84: 6c:39:fc:3f:ea:89:78:24:85:7d:53:3a:d8:66:e0: 59:f8:eb:5e:18:14:6f:3d:de:64:8b:84:4b:17:02: 12:c7:14:5b:e8:4d:bd:c2:69:c0:b8:e5:cc:2e:69: 71:dc:c3:55:40:33:a0:e7:27:38:c4:e6:be:57:30: 71:25:0f:b8:30:e9:57:89:73:29:e1:31:0e:8d:ed: 48:9e:f4:a6:9b:26:8a:1e:09:3a:87:4a:3f:6c:a0: be:21:93:be:68:ed:e3:0f:f2:a8:8c:0a:df:d2:c4: 99:04:ab:c8:50:36:d2:77:89:d2:40:15:45:e8:34: e7:f5:a9:06:a0:dc:9a:7c:d8:d4:3c:2b:b6:07:f3: 4c:f8:a0:a4:30:b3:21:82:68:52:f2:4c:f0:76:4b: e4:b4:35:f6:9b:e6:0f:79:14:33:e4:3b:86:6d:4f: 79:d1:d6:25:58:dc:0b:bc:e8:30:87:7a:78:52:a3: e6:31:2c:27:30:0b:b0:00:85:6d:00:7e:c4:97:a0: 24:6b:af:6e:14:6c:1a:8e:6e:1f:11:be:78:af:be: a7:17:20:fe:df:46:db:b5:b3:f6:b9:91:0f:7f:5f: bb:17:6f:c0:ce:66:a7:00:51:30:b8:75:cd:30:84: 97:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:10:FE:5C:EE:0A:C4:CD:A1:45:83:7B:BB:C3:26:95:5F:55:B9:F7 X509v3 Authority Key Identifier: keyid:D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:b2:40:d0:c9:c7:06:90:77:48:b6:29:17:40:ef:9a:8c:62: 3c:22:f3:07:ff:fe:7c:08:a8:d6:29:4d:2a:45:8a:e5:d1:79: de:e0:22:3b:c0:a4:b0:11:ea:39:21:bb:44:b7:68:a5:76:21: df:9f:08:8c:5c:73:5b:04:a9:f4:3d:f7:39:97:5b:5e:63:0d: 63:31:ed:fb:d8:09:02:3b:b8:1e:92:21:d9:dd:67:47:3b:95: a4:e8:8b:01:1a:b8:ed:cd:70:a7:f7:84:ba:69:e7:c8:40:79: e1:0e:96:67:a9:29:88:5c:ec:ef:b6:ae:eb:51:8b:65:36:79: fc:eb:b6:2c:2d:20:bb:e2:4b:d7:a0:ad:34:21:af:24:ec:bb: 73:ec:72:b5:30:08:5f:11:7c:4d:6f:34:03:88:07:b3:30:56: d9:77:d6:67:08:2d:59:fe:5d:78:74:70:b6:7f:64:ff:fe:34: 76:80:70:8d:70:d2:d7:cb:77:9e:67:aa:79:88:ed:8f:44:e9: 19:db:73:2b:7e:4b:31:c7:9f:6d:f6:46:81:13:8c:d9:45:29: 1e:fc:3c:57:a9:d5:57:22:a3:b6:2a:bb:19:1b:ad:c2:9a:f9: 6b:2f:9b:89:2f:8a:6c:23:df:82:16:e4:94:2a:6d:e8:a8:e6: fa:2b:18:7c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULEltZ28uJQ6Fv5Qavdo0oM/35zQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJC NEZBMjhGMDAeFw0yNTEyMDQxNTA1MDJaFw0yNTEyMDcyMTAzMDJaMDMxMTAvBgNV BAMTKEYwMTBGRTVDRUUwQUM0Q0RBMTQ1ODM3QkJCQzMyNjk1NUY1NUI5RjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqQNDhhrWBkBkC56MghGw5/D/q iXgkhX1TOthm4Fn4614YFG893mSLhEsXAhLHFFvoTb3CacC45cwuaXHcw1VAM6Dn JzjE5r5XMHElD7gw6VeJcynhMQ6N7Uie9KabJooeCTqHSj9soL4hk75o7eMP8qiM Ct/SxJkEq8hQNtJ3idJAFUXoNOf1qQag3Jp82NQ8K7YH80z4oKQwsyGCaFLyTPB2 S+S0Nfab5g95FDPkO4ZtT3nR1iVY3Au86DCHenhSo+YxLCcwC7AAhW0AfsSXoCRr r24UbBqObh8RvnivvqcXIP7fRtu1s/a5kQ9/X7sXb8DOZqcAUTC4dc0whJd7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8BD+XO4KxM2hRYN7u8MmlV9VufcwHwYDVR0j BBgwFoAU07Ddu44H/NmKOZyQxbP8MrT6KPAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 ZDlmOThmMy03MmYwLTQwMDYtYmU5OS1iOWE5ZThkOWQyYmYvMC9EM0IwRERCQjhF MDdGQ0Q5OEEzOTlDOTBDNUIzRkMzMkI0RkEyOEYwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJCNEZB MjhGMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vN2Q5Zjk4ZjMtNzJmMC00MDA2LWJl OTktYjlhOWU4ZDlkMmJmLzAvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZD MzJCNEZBMjhGMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIqyQNDJxwaQd0i2KRdA75qMYjwi8wf//nwI qNYpTSpFiuXRed7gIjvApLAR6jkhu0S3aKV2Id+fCIxcc1sEqfQ99zmXW15jDWMx 7fvYCQI7uB6SIdndZ0c7laToiwEauO3NcKf3hLpp58hAeeEOlmepKYhc7O+2rutR i2U2efzrtiwtILviS9egrTQhryTsu3PscrUwCF8RfE1vNAOIB7MwVtl31mcILVn+ XXh0cLZ/ZP/+NHaAcI1w0tfLd55nqnmI7Y9E6Rnbcyt+SzHHn232RoETjNlFKR78 PFep1Vcio7YquxkbrcKa+Wsvm4kvimwj34IW5JQqbeio5vorGHw= -----END CERTIFICATE-----Generated at Sat Dec 6 21:21:51 2025 by rpki-client