This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft File: 95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft (raw, json) Hash identifier: ci6/rnOtyZW0N/QcU7lq+je5BEs7vGLBUPkFI7WJwt4= Subject key identifier: 3A:E7:90:2F:13:D3:E8:A6:EF:99:81:73:42:B3:9B:36:44:F9:39:29 Authority key identifier: 95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 Certificate issuer: /CN=95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689 Certificate serial: 207E30D3B2081ACC86B5B5C968AFCB4674A39FB9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer Subject info access: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft Manifest number: F5 Signing time: Sat 06 Dec 2025 08:11:34 +0000 Manifest this update: Sat 06 Dec 2025 08:06:34 +0000 Manifest next update: Tue 09 Dec 2025 11:21:34 +0000 Files and hashes: 1: 3136302e31392e38382e302f32342d3234203d3e20313437303838.roa (hash: +Xk0mxGkc/lCxZDeUptrpwZhCqCSnBV/uCVgeNZ+WpY=) 2: 95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl (hash: HfQdmNYCYTNPv4lyXAWKuVnyJCzn9DW0S91tH4JCsJE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:7e:30:d3:b2:08:1a:cc:86:b5:b5:c9:68:af:cb:46:74:a3:9f:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689 Validity Not Before: Dec 6 08:06:34 2025 GMT Not After : Dec 9 11:21:34 2025 GMT Subject: CN=3AE7902F13D3E8A6EF99817342B39B3644F93929 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:1c:2c:f6:d5:b7:af:08:ef:58:fe:17:b6:69: 03:e4:ce:dc:6b:ec:d5:0c:6c:1e:32:37:f6:8b:e3: 2c:37:f3:4e:dc:89:12:4f:ae:d2:84:20:36:ec:4e: 08:45:fc:4e:28:82:a9:a8:66:8c:73:da:6c:46:87: fd:ed:61:ec:4c:8c:7d:fa:75:38:d3:4e:62:3d:de: 06:21:b8:dd:63:6b:66:1e:f7:ef:f1:57:9d:4b:a9: d0:c9:8f:07:a2:39:2b:fb:1e:c6:e8:7e:50:26:04: eb:97:f5:38:60:de:77:11:0b:0c:11:56:05:2a:17: b2:f4:f8:e7:b5:30:36:22:84:ae:45:cc:15:53:06: 13:55:5a:6f:3c:99:82:5e:8d:07:d1:ab:d7:ab:7d: a6:c5:78:f3:68:a0:3d:60:81:84:56:50:b7:be:81: 99:73:11:18:c2:ed:1a:e9:49:e5:b7:d3:bf:25:90: 53:1a:01:d2:d1:0a:17:50:57:45:8a:ac:19:1f:6e: da:5a:6c:ef:96:04:b7:ae:24:4e:8b:d4:3e:6c:ca: 05:72:83:38:63:58:b9:51:22:f7:96:6b:e6:89:ee: 51:00:c1:8a:72:65:ec:5d:ed:d0:0b:6e:e5:ac:3f: 96:44:bc:15:ac:f1:1c:84:bd:6a:ac:5d:e8:b9:95: 76:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:E7:90:2F:13:D3:E8:A6:EF:99:81:73:42:B3:9B:36:44:F9:39:29 X509v3 Authority Key Identifier: keyid:95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:f2:00:44:df:b6:ab:57:d2:db:6f:5c:c7:63:c0:bc:8e:19: 64:6a:cd:62:ec:3b:26:5d:51:4b:6a:b5:2c:6e:cb:f3:f4:c3: 3c:b8:74:b6:6b:c5:30:48:92:41:53:22:1b:c0:a1:2f:b5:a9: 6e:43:6f:28:f5:52:6d:75:af:f0:f5:a1:4b:7f:50:72:6a:a2: fd:34:f6:e3:2c:60:aa:4c:b2:d8:38:4c:4c:25:a5:bd:99:4b: c9:57:d6:d6:af:3f:fc:89:c6:2a:89:0f:51:56:07:70:2a:d9: 36:ac:0e:33:8d:c6:27:d0:9c:9e:f2:00:56:3a:49:8c:76:32: 30:32:34:48:97:30:ca:c1:5f:71:98:58:61:4e:2d:3f:16:74: 8e:5a:d1:a4:0e:cb:8c:fc:a4:87:13:a1:dd:e2:6b:2b:35:35: 1f:4d:2e:e0:a8:14:37:ad:ba:8f:5e:df:9c:50:bf:e7:7b:b2: 4e:e1:ad:f0:36:58:a6:af:1d:53:80:b7:af:1d:f2:25:39:e1: 8a:75:32:4a:d0:6c:17:34:71:90:e0:ea:c2:7b:89:cb:ff:80: 6b:80:67:62:ba:8d:9c:02:4a:6f:9a:0a:df:a7:70:df:95:b8: 43:2f:c4:5d:d5:f4:ec:a8:74:bf:3e:22:99:06:0f:88:9b:74: 99:c8:1e:77 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIH4w07IIGsyGtbXJaK/LRnSjn7kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3QkVB MzI4RDY4OTAeFw0yNTEyMDYwODA2MzRaFw0yNTEyMDkxMTIxMzRaMDMxMTAvBgNV BAMTKDNBRTc5MDJGMTNEM0U4QTZFRjk5ODE3MzQyQjM5QjM2NDRGOTM5MjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlHCz21bevCO9Y/he2aQPkztxr 7NUMbB4yN/aL4yw3807ciRJPrtKEIDbsTghF/E4ogqmoZoxz2mxGh/3tYexMjH36 dTjTTmI93gYhuN1ja2Ye9+/xV51LqdDJjweiOSv7HsboflAmBOuX9Thg3ncRCwwR VgUqF7L0+Oe1MDYihK5FzBVTBhNVWm88mYJejQfRq9erfabFePNooD1ggYRWULe+ gZlzERjC7RrpSeW3078lkFMaAdLRChdQV0WKrBkfbtpabO+WBLeuJE6L1D5sygVy gzhjWLlRIveWa+aJ7lEAwYpyZexd7dALbuWsP5ZEvBWs8RyEvWqsXei5lXZZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOueQLxPT6KbvmYFzQrObNkT5OSkwHwYDVR0j BBgwFoAUlfrDilyyzqPl/+JJVianvqMo1okwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NGRhNDE1Yi01ZjE3LTQ2MDItOWJkOS1mZDg0YWMyY2FlODYvMC85NUZBQzM4QTVD QjJDRUEzRTVGRkUyNDk1NjI2QTdCRUEzMjhENjg5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3QkVBMzI4 RDY4OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODRkYTQxNWItNWYxNy00NjAyLTli ZDktZmQ4NGFjMmNhZTg2LzAvOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3 QkVBMzI4RDY4OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACLyAETftqtX0ttvXMdjwLyOGWRqzWLsOyZd UUtqtSxuy/P0wzy4dLZrxTBIkkFTIhvAoS+1qW5Dbyj1Um11r/D1oUt/UHJqov00 9uMsYKpMstg4TEwlpb2ZS8lX1tavP/yJxiqJD1FWB3Aq2TasDjONxifQnJ7yAFY6 SYx2MjAyNEiXMMrBX3GYWGFOLT8WdI5a0aQOy4z8pIcTod3iays1NR9NLuCoFDet uo9e35xQv+d7sk7hrfA2WKavHVOAt68d8iU54Yp1MkrQbBc0cZDg6sJ7icv/gGuA Z2K6jZwCSm+aCt+ncN+VuEMvxF3V9OyodL8+IpkGD4ibdJnIHnc= -----END CERTIFICATE-----Generated at Sat Dec 6 20:02:17 2025 by rpki-client