This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: U4LaAByWsvl3QaX4GNqiw5275meEm0YihxAuK2h668U= Subject key identifier: 7E:C4:8C:8B:5B:0D:89:5C:2A:BB:B2:EF:2B:F9:D1:25:D0:A1:17:6E Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 09BEDF49F1A406E0A2423DA2BA1B429DFB9E759A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 0212 Signing time: Thu 04 Dec 2025 19:01:57 +0000 Manifest this update: Thu 04 Dec 2025 18:56:57 +0000 Manifest next update: Mon 08 Dec 2025 02:26:57 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: qL4PcSgzQJbBEfBGgaZ/9RG2mEd05J50mLWv7qQjo6o=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 02:26:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:be:df:49:f1:a4:06:e0:a2:42:3d:a2:ba:1b:42:9d:fb:9e:75:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Dec 4 18:56:57 2025 GMT Not After : Dec 8 02:26:57 2025 GMT Subject: CN=7EC48C8B5B0D895C2ABBB2EF2BF9D125D0A1176E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:7b:35:b0:2d:63:c3:f2:ca:a6:01:a8:99:a8: 0f:cd:e4:00:06:34:a5:bd:d8:f6:c4:f3:d4:a2:1e: 63:98:1a:28:0a:cf:7d:b0:26:c2:13:bf:4d:02:74: dd:83:c9:bc:51:fc:08:e0:0f:f3:9a:b2:4f:df:51: 0e:ac:98:6d:67:fe:39:c2:57:cb:07:07:ce:80:20: e7:60:13:c8:2b:d3:70:44:cf:4c:e1:41:c7:17:69: e3:1e:43:6f:fe:3f:1c:fd:59:ee:dc:77:ee:ed:f6: b3:ad:47:73:80:45:1b:d9:74:e1:aa:4d:8a:04:9b: 07:d6:06:2b:e2:26:ea:bc:0a:fe:ea:ce:9d:12:5d: 9c:11:be:f3:79:b5:4e:ca:9d:c2:8a:d9:04:d6:1c: c1:5b:f8:8c:61:84:6d:0a:b5:13:16:a3:6d:fb:12: c7:51:63:f1:c2:e2:5d:9a:96:0e:e9:dc:ba:db:09: a0:d0:f4:b8:6f:84:39:47:2a:b7:a9:e0:d1:68:98: 68:96:8c:63:2a:a3:17:6a:c1:2e:3a:19:42:63:f1: 9f:4f:d9:5c:59:6d:68:bf:64:5c:6f:b6:f8:d8:56: 2f:e6:c5:f6:b3:96:f5:57:41:35:d6:c5:2e:a3:a6: be:f9:3b:97:9d:b8:f7:e5:f3:24:e3:97:f4:97:fd: 5e:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:C4:8C:8B:5B:0D:89:5C:2A:BB:B2:EF:2B:F9:D1:25:D0:A1:17:6E X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:e4:65:1d:46:12:8e:fc:47:c5:f6:1a:33:ca:00:2d:6f:d3: cf:bf:86:41:11:9b:fd:0d:df:c9:cd:82:b4:94:8f:4c:42:31: 8a:cd:37:68:61:ec:40:d4:b7:14:e0:45:21:c4:d1:43:72:a0: ee:9d:b7:26:97:f8:7a:68:bc:f1:60:cb:56:dd:d2:39:53:20: b4:2c:44:3c:28:a4:06:c7:81:5e:ea:21:06:39:c4:8b:0c:6a: 1e:8f:91:05:64:5e:ea:2e:29:32:5e:bf:83:f2:e7:60:15:86: 13:ad:b0:4e:a3:c0:dc:14:9b:7d:1e:77:0f:9f:aa:d1:d9:4e: c1:fe:02:b7:bf:43:ef:e5:4a:c3:0a:1d:9c:c5:2f:31:27:a0: 4e:b5:aa:bd:49:4c:74:e6:f6:66:7c:1b:1b:df:c1:46:07:c3: 7a:2e:7a:e8:1e:44:47:2c:a5:d1:36:d1:28:54:26:cf:1e:86: 57:1d:46:dd:85:ca:d0:02:01:45:98:ba:22:c5:31:3a:4a:ee: 67:2d:ea:0e:f9:fb:a2:3e:74:e6:4b:c8:21:18:6d:f8:2f:2a: 1d:88:7a:ee:02:38:08:31:29:b4:a5:9b:fe:46:64:04:a0:2a: ca:36:2d:11:25:66:d5:d4:06:20:4c:02:b4:a8:b1:dc:a6:0c: f8:d9:cc:79 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCb7fSfGkBuCiQj2iuhtCnfuedZowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTEyMDQxODU2NTdaFw0yNTEyMDgwMjI2NTdaMDMxMTAvBgNV BAMTKDdFQzQ4QzhCNUIwRDg5NUMyQUJCQjJFRjJCRjlEMTI1RDBBMTE3NkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWezWwLWPD8sqmAaiZqA/N5AAG NKW92PbE89SiHmOYGigKz32wJsITv00CdN2DybxR/AjgD/Oask/fUQ6smG1n/jnC V8sHB86AIOdgE8gr03BEz0zhQccXaeMeQ2/+Pxz9We7cd+7t9rOtR3OARRvZdOGq TYoEmwfWBiviJuq8Cv7qzp0SXZwRvvN5tU7KncKK2QTWHMFb+IxhhG0KtRMWo237 EsdRY/HC4l2alg7p3LrbCaDQ9LhvhDlHKrep4NFomGiWjGMqoxdqwS46GUJj8Z9P 2VxZbWi/ZFxvtvjYVi/mxfazlvVXQTXWxS6jpr75O5eduPfl8yTjl/SX/V4jAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUfsSMi1sNiVwqu7LvK/nRJdChF24wHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIPkZR1GEo78R8X2GjPKAC1v08+/hkERm/0N 38nNgrSUj0xCMYrNN2hh7EDUtxTgRSHE0UNyoO6dtyaX+HpovPFgy1bd0jlTILQs RDwopAbHgV7qIQY5xIsMah6PkQVkXuouKTJev4Py52AVhhOtsE6jwNwUm30edw+f qtHZTsH+Are/Q+/lSsMKHZzFLzEnoE61qr1JTHTm9mZ8GxvfwUYHw3oueugeREcs pdE20ShUJs8ehlcdRt2FytACAUWYuiLFMTpK7mct6g75+6I+dOZLyCEYbfgvKh2I eu4COAgxKbSlm/5GZASgKso2LRElZtXUBiBMArSosdymDPjZzHk= -----END CERTIFICATE-----Generated at Sun Dec 7 02:09:01 2025 by rpki-client