This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/9229ca50-e95c-45bb-9c30-63e12af7a5e1/0/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.mft File: 3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.mft (raw, json) Hash identifier: TGPL1zEUyR9AEAIny8i8gaYcoVytpUgejnruwTIhC14= Subject key identifier: B2:43:82:E5:FF:D8:0E:9E:C7:C3:92:89:4D:E5:51:C8:70:D2:D4:AB Authority key identifier: 34:48:C8:4D:DF:F9:B9:91:2D:9D:17:49:3F:EB:DB:9F:BA:0B:39:BB Certificate issuer: /CN=3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB Certificate serial: 64D165D89392053F62A32E51F22F54BF76BF3747 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9229ca50-e95c-45bb-9c30-63e12af7a5e1/0/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.mft Manifest number: 0228 Signing time: Fri 05 Dec 2025 10:21:02 +0000 Manifest this update: Fri 05 Dec 2025 10:16:02 +0000 Manifest next update: Mon 08 Dec 2025 11:21:02 +0000 Files and hashes: 1: 3130332e3139312e35362e302f32332d3233203d3e20313331373433.roa (hash: 6pWVSpFXVKH6EqJrCt3rmPa2Bj+n9pO/wL1SNQ2qvtg=) 2: 3130332e3139312e35372e302f32342d3234203d3e20313331373433.roa (hash: 5ODCvpJsl+XnXZcZjU6a9g5frNriLFm4lEWGxVY15JQ=) 3: 3130332e3139312e35362e302f32342d3234203d3e20313331373433.roa (hash: YfWdCVoIH1DQu9Nb8zknsBq3gjAx6STdl7+GflAiVVY=) 4: 3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.crl (hash: PsFqnWDpXNZFORO8w+wDyTGg1t0YEjuOs2gaWpt+xXk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9229ca50-e95c-45bb-9c30-63e12af7a5e1/0/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.crl rsync://repo-rpki.idnic.net/repo/9229ca50-e95c-45bb-9c30-63e12af7a5e1/0/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 11:21:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:d1:65:d8:93:92:05:3f:62:a3:2e:51:f2:2f:54:bf:76:bf:37:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB Validity Not Before: Dec 5 10:16:02 2025 GMT Not After : Dec 8 11:21:02 2025 GMT Subject: CN=B24382E5FFD80E9EC7C392894DE551C870D2D4AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:9b:69:17:51:31:9d:2d:dc:a7:d0:39:1c:54: 0f:92:3a:6f:2d:b1:34:56:be:a5:63:ea:46:71:fe: 62:43:5d:47:0c:b6:ca:6f:01:0a:cd:80:b3:e0:a3: 7b:32:57:62:dd:16:96:0a:45:91:66:5b:d6:a1:8d: 77:41:9a:13:b6:33:88:41:74:89:c3:53:b5:8d:49: a7:ca:70:54:d8:b8:26:54:44:8c:99:d6:fe:9c:ba: 6f:29:62:b0:88:2b:ab:a2:54:03:f1:2a:a3:f8:cb: 10:a2:86:4c:3c:bf:03:ec:51:42:60:4c:d3:0e:64: 43:94:d9:22:f4:51:0d:1d:10:03:ca:a5:d4:46:1c: 11:df:4b:92:69:5e:68:06:74:7f:33:75:a3:64:4d: 32:ed:f9:c9:11:bc:ec:5f:79:2c:66:d2:1d:88:31: 85:7e:4e:a7:10:56:54:98:1d:d6:5e:6a:ce:90:3b: fb:02:13:72:9e:1d:b7:d1:df:f8:97:f1:9b:95:b8: dd:3f:8f:7d:25:bb:38:4d:6c:6d:de:77:3c:2c:51: 0b:44:bc:a5:eb:83:68:04:f6:5a:72:c0:ad:15:75: 50:34:5e:3e:3d:f0:74:1a:97:b6:43:90:f0:35:9c: 57:33:3b:e7:6b:8a:39:50:8f:e0:a6:ec:b4:5f:f6: d2:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:43:82:E5:FF:D8:0E:9E:C7:C3:92:89:4D:E5:51:C8:70:D2:D4:AB X509v3 Authority Key Identifier: keyid:34:48:C8:4D:DF:F9:B9:91:2D:9D:17:49:3F:EB:DB:9F:BA:0B:39:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9229ca50-e95c-45bb-9c30-63e12af7a5e1/0/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9229ca50-e95c-45bb-9c30-63e12af7a5e1/0/3448C84DDFF9B9912D9D17493FEBDB9FBA0B39BB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:c7:93:ff:11:72:92:a6:c8:48:0c:96:b6:e0:1b:2e:bb:78: 02:57:3e:94:b3:4a:81:88:f1:ad:48:7b:b8:cb:7f:08:f8:02: 4a:41:77:fb:95:7d:b1:75:35:12:c1:b6:05:a0:42:5b:89:a8: 25:fc:11:2f:1a:38:8f:f0:6d:83:7a:af:03:31:87:a3:5d:bf: d3:f9:8a:64:09:11:4d:fc:99:b3:db:bc:1f:e2:f5:06:6c:43: fc:80:f8:d8:88:61:2f:b9:4b:f5:b6:c7:cb:cb:1d:9f:bb:5b: 86:4d:86:4f:81:91:2c:e9:56:14:c6:b6:54:c0:35:bc:b2:6b: 32:21:c9:1d:55:b2:d2:da:a5:bc:a9:27:7c:70:e7:6f:d5:4c: d9:a5:66:73:1a:b0:03:03:83:c9:c3:9d:fa:84:82:7b:54:dd: 1c:da:d4:9f:59:0b:df:a0:38:42:75:82:54:3d:3b:8a:0e:6a: a6:25:5e:3c:60:2f:ea:14:c2:8f:c0:31:c8:87:de:78:8b:29: 8c:06:a1:3e:eb:10:d8:db:ee:55:23:ca:8a:be:e2:d6:ee:ee: cd:ce:41:63:4d:9c:0d:c1:58:95:ad:f0:c9:15:c2:b6:99:de: da:28:ca:2c:a1:83:36:bf:a4:60:cd:69:44:14:ce:75:14:29: 08:90:28:19 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZNFl2JOSBT9ioy5R8i9Uv3a/N0cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzQ0OEM4NERERkY5Qjk5MTJEOUQxNzQ5M0ZFQkRCOUZC QTBCMzlCQjAeFw0yNTEyMDUxMDE2MDJaFw0yNTEyMDgxMTIxMDJaMDMxMTAvBgNV BAMTKEIyNDM4MkU1RkZEODBFOUVDN0MzOTI4OTRERTU1MUM4NzBEMkQ0QUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnm2kXUTGdLdyn0DkcVA+SOm8t sTRWvqVj6kZx/mJDXUcMtspvAQrNgLPgo3syV2LdFpYKRZFmW9ahjXdBmhO2M4hB dInDU7WNSafKcFTYuCZURIyZ1v6cum8pYrCIK6uiVAPxKqP4yxCihkw8vwPsUUJg TNMOZEOU2SL0UQ0dEAPKpdRGHBHfS5JpXmgGdH8zdaNkTTLt+ckRvOxfeSxm0h2I MYV+TqcQVlSYHdZeas6QO/sCE3KeHbfR3/iX8ZuVuN0/j30luzhNbG3edzwsUQtE vKXrg2gE9lpywK0VdVA0Xj498HQal7ZDkPA1nFczO+drijlQj+Cm7LRf9tKnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUskOC5f/YDp7Hw5KJTeVRyHDS1KswHwYDVR0j BBgwFoAUNEjITd/5uZEtnRdJP+vbn7oLObswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 MjI5Y2E1MC1lOTVjLTQ1YmItOWMzMC02M2UxMmFmN2E1ZTEvMC8zNDQ4Qzg0RERG RjlCOTkxMkQ5RDE3NDkzRkVCREI5RkJBMEIzOUJCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzQ0OEM4NERERkY5Qjk5MTJEOUQxNzQ5M0ZFQkRCOUZCQTBC MzlCQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTIyOWNhNTAtZTk1Yy00NWJiLTlj MzAtNjNlMTJhZjdhNWUxLzAvMzQ0OEM4NERERkY5Qjk5MTJEOUQxNzQ5M0ZFQkRC OUZCQTBCMzlCQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJnHk/8RcpKmyEgMlrbgGy67eAJXPpSzSoGI 8a1Ie7jLfwj4AkpBd/uVfbF1NRLBtgWgQluJqCX8ES8aOI/wbYN6rwMxh6Ndv9P5 imQJEU38mbPbvB/i9QZsQ/yA+NiIYS+5S/W2x8vLHZ+7W4ZNhk+BkSzpVhTGtlTA NbyyazIhyR1VstLapbypJ3xw52/VTNmlZnMasAMDg8nDnfqEgntU3Rza1J9ZC9+g OEJ1glQ9O4oOaqYlXjxgL+oUwo/AMciH3niLKYwGoT7rENjb7lUjyoq+4tbu7s3O QWNNnA3BWJWt8MkVwraZ3tooyiyhgza/pGDNaUQUznUUKQiQKBk= -----END CERTIFICATE-----Generated at Sun Dec 7 01:40:15 2025 by rpki-client