This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/20566897603B029812606C25ABC972BAC5BF4AFB.mft File: 20566897603B029812606C25ABC972BAC5BF4AFB.mft (raw, json) Hash identifier: rgnVi22Mbja5OkhyLgdW58yUxjo0WCrjfCI5b91JSf4= Subject key identifier: A6:50:B3:A2:96:E4:4E:35:6B:90:68:DF:8A:34:F0:E0:67:D8:ED:EF Authority key identifier: 20:56:68:97:60:3B:02:98:12:60:6C:25:AB:C9:72:BA:C5:BF:4A:FB Certificate issuer: /CN=20566897603B029812606C25ABC972BAC5BF4AFB Certificate serial: 3DBD34658BA60163CEC331FF8D55A8E0C57CFFF6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20566897603B029812606C25ABC972BAC5BF4AFB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/20566897603B029812606C25ABC972BAC5BF4AFB.mft Manifest number: 028C Signing time: Fri 23 Jan 2026 18:52:22 +0000 Manifest this update: Fri 23 Jan 2026 18:47:22 +0000 Manifest next update: Tue 27 Jan 2026 04:39:22 +0000 Files and hashes: 1: 3230332e3139302e34302e302f32312d3234203d3e203435333137.roa (hash: HofDLGmwqIsnj587taUbViIIFJnwZV6L29IBKkzVuIE=) 2: 20566897603B029812606C25ABC972BAC5BF4AFB.crl (hash: Wv8e+0FQtu26nusvOiQhv2bLVQcH8raHstzhOYMpCCU=) 3: 323430363a316230303a3a2f33322d3438203d3e203435333137.roa (hash: TjP7GmHfPb+wwoosrfBI6nsarX9S8cjrwBDpRp71p84=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/20566897603B029812606C25ABC972BAC5BF4AFB.crl rsync://repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/20566897603B029812606C25ABC972BAC5BF4AFB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20566897603B029812606C25ABC972BAC5BF4AFB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 04:39:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:bd:34:65:8b:a6:01:63:ce:c3:31:ff:8d:55:a8:e0:c5:7c:ff:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20566897603B029812606C25ABC972BAC5BF4AFB Validity Not Before: Jan 23 18:47:22 2026 GMT Not After : Jan 27 04:39:22 2026 GMT Subject: CN=A650B3A296E44E356B9068DF8A34F0E067D8EDEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d3:39:4e:8c:bb:ed:4a:2e:a1:0b:1a:dd:f0: 66:2e:d5:26:6b:7d:81:52:e5:7b:73:d9:75:ef:95: 98:bb:19:fc:50:81:c5:1e:03:30:e0:8b:5d:6e:68: b2:e7:e5:5e:99:ef:3b:b7:52:f6:d7:87:57:70:83: 6d:1b:e6:9e:56:eb:c9:ee:40:97:59:02:40:5a:91: 76:23:64:71:f3:26:ad:28:19:57:75:de:4d:8b:b2: c4:ce:c1:c2:d8:07:17:25:ac:b8:96:4e:60:92:29: 42:ce:ae:21:30:f9:eb:eb:e1:c1:36:06:f4:84:03: 1c:9c:cf:bb:69:13:1c:bc:75:73:87:e4:ca:13:7c: 46:9d:0c:37:b3:2d:e0:5c:76:3e:4c:c6:60:6a:00: d2:b9:e7:f0:0f:9d:b8:2b:70:1c:77:95:d7:5f:10: 95:9f:0f:3a:30:ba:0b:3c:ed:44:15:4d:cd:f7:75: 4b:59:98:47:30:dc:6a:45:94:8f:2c:fd:e2:4f:a7: 1f:82:f4:16:6f:a5:d1:cd:6a:98:de:65:dd:9a:34: d5:30:22:07:d8:35:47:73:b2:71:2b:2a:03:a8:70: e5:b5:30:4b:ca:aa:a6:aa:a0:9c:21:67:c2:9f:10: cc:27:4f:33:44:f6:c8:7f:f2:bf:83:86:c0:eb:c5: ee:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:50:B3:A2:96:E4:4E:35:6B:90:68:DF:8A:34:F0:E0:67:D8:ED:EF X509v3 Authority Key Identifier: keyid:20:56:68:97:60:3B:02:98:12:60:6C:25:AB:C9:72:BA:C5:BF:4A:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/20566897603B029812606C25ABC972BAC5BF4AFB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20566897603B029812606C25ABC972BAC5BF4AFB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/20566897603B029812606C25ABC972BAC5BF4AFB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:ec:b1:0d:14:c3:49:9d:25:d4:e5:ce:d8:28:79:c3:77:9b: ca:e3:e3:b2:67:b7:70:18:5a:5a:7f:6c:7e:ab:22:6f:0d:1c: 0d:b6:f2:a8:03:81:be:72:d1:bb:91:71:1c:3a:9f:a8:03:63: 98:09:81:9b:1b:04:82:72:87:8d:36:43:f6:c4:2d:98:16:4a: e7:92:9a:ff:ba:9e:d1:bc:f6:ce:a2:12:9b:0f:3c:ac:0d:c7: 23:67:d3:b2:37:e8:8d:4f:f1:62:74:25:cb:b9:6b:3f:15:6d: a3:8b:14:58:3a:a9:90:de:2e:4a:8c:7d:4c:80:f3:46:2e:cb: d1:f2:64:ee:69:be:24:49:22:5b:63:9f:5e:62:33:32:0a:df: ce:58:6d:0e:e1:88:03:64:a5:2c:fd:30:f3:e5:9a:5f:f5:f3: 1a:bd:ba:b9:70:00:f7:b3:02:52:fb:18:2b:d2:51:dc:74:ef: 54:86:4e:8e:be:b4:21:00:84:b3:96:87:2d:f0:0b:80:66:9a: 16:f5:f4:2e:b9:60:7d:66:00:86:57:68:ab:12:21:84:bf:e6: 47:8d:9e:4d:40:b5:3f:96:73:dc:6f:de:af:ca:8a:d3:9c:68: ba:fb:87:a0:a1:71:67:68:d2:9e:ee:eb:13:3c:8f:2c:d6:db: 42:da:a8:8e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPb00ZYumAWPOwzH/jVWo4MV8//YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjA1NjY4OTc2MDNCMDI5ODEyNjA2QzI1QUJDOTcyQkFD NUJGNEFGQjAeFw0yNjAxMjMxODQ3MjJaFw0yNjAxMjcwNDM5MjJaMDMxMTAvBgNV BAMTKEE2NTBCM0EyOTZFNDRFMzU2QjkwNjhERjhBMzRGMEUwNjdEOEVERUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL0zlOjLvtSi6hCxrd8GYu1SZr fYFS5Xtz2XXvlZi7GfxQgcUeAzDgi11uaLLn5V6Z7zu3UvbXh1dwg20b5p5W68nu QJdZAkBakXYjZHHzJq0oGVd13k2LssTOwcLYBxclrLiWTmCSKULOriEw+evr4cE2 BvSEAxycz7tpExy8dXOH5MoTfEadDDezLeBcdj5MxmBqANK55/APnbgrcBx3lddf EJWfDzowugs87UQVTc33dUtZmEcw3GpFlI8s/eJPpx+C9BZvpdHNapjeZd2aNNUw IgfYNUdzsnErKgOocOW1MEvKqqaqoJwhZ8KfEMwnTzNE9sh/8r+DhsDrxe5bAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUplCzopbkTjVrkGjfijTw4GfY7e8wHwYDVR0j BBgwFoAUIFZol2A7ApgSYGwlq8lyusW/SvswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 ZGFjYzM2NS1lMTk0LTRhYzAtOTUzYS00ZGYzYTU5MDBiMTQvMC8yMDU2Njg5NzYw M0IwMjk4MTI2MDZDMjVBQkM5NzJCQUM1QkY0QUZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjA1NjY4OTc2MDNCMDI5ODEyNjA2QzI1QUJDOTcyQkFDNUJG NEFGQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOWRhY2MzNjUtZTE5NC00YWMwLTk1 M2EtNGRmM2E1OTAwYjE0LzAvMjA1NjY4OTc2MDNCMDI5ODEyNjA2QzI1QUJDOTcy QkFDNUJGNEFGQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABDssQ0Uw0mdJdTlztgoecN3m8rj47Jnt3AY Wlp/bH6rIm8NHA228qgDgb5y0buRcRw6n6gDY5gJgZsbBIJyh402Q/bELZgWSueS mv+6ntG89s6iEpsPPKwNxyNn07I36I1P8WJ0Jcu5az8VbaOLFFg6qZDeLkqMfUyA 80Yuy9HyZO5pviRJIltjn15iMzIK385YbQ7hiANkpSz9MPPlml/18xq9urlwAPez AlL7GCvSUdx071SGTo6+tCEAhLOWhy3wC4Bmmhb19C65YH1mAIZXaKsSIYS/5keN nk1AtT+Wc9xv3q/KitOcaLr7h6ChcWdo0p7u6xM8jyzW20LaqI4= -----END CERTIFICATE-----Generated at Mon Jan 26 02:34:37 2026 by rpki-client