This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: IFVQP0zYees4HVTORulKVhQR4Hj5DMUZcuLHzHe7nz4= Subject key identifier: 23:BB:72:DB:06:94:8A:67:7B:05:AC:8E:AA:5C:12:97:90:0C:E9:49 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 3931379D9DB436C6D17758F8FCE6B109F0D0C22F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 0229 Signing time: Sun 25 Jan 2026 12:11:57 +0000 Manifest this update: Sun 25 Jan 2026 12:06:57 +0000 Manifest next update: Wed 28 Jan 2026 15:43:57 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: 5T1WOPw5xkXF+PmSYQiAo80sp8MbWdKUOCpFBHyTTS8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 14:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:31:37:9d:9d:b4:36:c6:d1:77:58:f8:fc:e6:b1:09:f0:d0:c2:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Jan 25 12:06:57 2026 GMT Not After : Jan 28 15:43:57 2026 GMT Subject: CN=23BB72DB06948A677B05AC8EAA5C1297900CE949 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e3:e8:4f:f2:d0:46:d8:f7:32:a9:b7:29:b4: 9a:0d:f8:94:f3:87:c1:dc:1a:08:8d:3d:23:58:27: 64:4f:d3:a1:20:32:be:6a:b0:15:ed:4c:fb:ba:96: 9a:56:57:be:86:ce:76:af:04:6f:87:6c:12:87:a2: 9b:85:4c:93:94:2f:29:65:32:34:7b:76:88:bf:ba: 69:05:49:88:2b:d8:fc:c5:24:6a:54:f8:70:68:3c: de:48:67:4e:6c:72:7f:a0:fd:24:6c:03:29:d0:76: df:6d:63:37:80:b8:4b:e2:bd:a1:5b:1f:78:39:92: 43:66:37:af:cf:3d:3f:ec:fc:2d:9e:6b:bc:55:41: 77:00:5e:2c:cc:3a:50:35:42:ad:34:60:f7:24:54: 26:17:a9:c3:17:62:f1:91:bf:df:44:3c:b5:74:b7: 82:cd:8f:e8:e4:72:6a:8e:65:34:b3:b2:49:54:c8: bb:cb:ff:42:76:6b:46:bf:22:58:cf:ae:f0:e4:e3: c8:f0:2c:2f:c2:6a:5c:03:26:10:b3:f2:6b:4d:e0: cd:a4:01:a0:35:18:83:96:ed:cc:7d:05:a7:2c:30: 45:d1:94:a2:26:b0:8d:f1:8d:f3:28:ed:7b:ed:7a: e2:ee:65:f7:74:5f:a0:1d:8b:5a:4c:ba:17:d5:3e: cc:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:BB:72:DB:06:94:8A:67:7B:05:AC:8E:AA:5C:12:97:90:0C:E9:49 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:e9:2c:83:ea:28:89:52:ad:91:04:b2:a4:59:46:7d:0d:d3: 4b:45:13:37:77:8b:c7:c8:b8:01:6d:51:ef:e5:49:cc:e4:43: c3:e6:4a:c9:5b:72:04:f6:f7:f9:6d:82:d2:c4:82:24:1d:94: 33:89:8e:da:3c:d9:7a:be:66:33:d5:63:42:26:d9:09:20:f9: f9:0d:23:f9:bf:9f:ac:6a:ff:51:fc:e8:02:13:d0:87:d2:f9: 15:5a:d4:14:9d:91:08:e1:60:e1:f5:e3:e9:02:68:9a:3d:2d: 68:c6:59:c1:30:a8:47:9c:02:7a:81:30:1b:73:54:37:6c:3c: 7f:4b:a3:4a:b9:62:97:33:5c:7a:26:1d:bc:b7:5f:3e:1e:46: c5:b5:bc:3d:65:b0:71:ff:97:c5:dd:13:19:63:7d:fa:87:14: 7e:cc:52:de:94:f9:aa:b4:2b:68:6f:31:6f:f0:d0:b2:c9:b5: c0:5a:cc:45:65:22:c9:6f:b7:a0:05:a8:db:8d:6a:90:d3:57: e8:c5:88:bd:f8:79:87:3e:12:f0:17:3a:4b:bc:bc:12:1f:cd: 54:1f:c8:f6:0a:60:4b:3b:dc:d9:6a:b5:c0:9b:de:65:4e:19: b5:a5:14:85:6e:b6:64:0f:c2:79:8d:29:61:6e:7d:ad:ef:23: 6c:30:3a:b4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOTE3nZ20NsbRd1j4/OaxCfDQwi8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNjAxMjUxMjA2NTdaFw0yNjAxMjgxNTQzNTdaMDMxMTAvBgNV BAMTKDIzQkI3MkRCMDY5NDhBNjc3QjA1QUM4RUFBNUMxMjk3OTAwQ0U5NDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw4+hP8tBG2PcyqbcptJoN+JTz h8HcGgiNPSNYJ2RP06EgMr5qsBXtTPu6lppWV76GznavBG+HbBKHopuFTJOULyll MjR7doi/umkFSYgr2PzFJGpU+HBoPN5IZ05scn+g/SRsAynQdt9tYzeAuEvivaFb H3g5kkNmN6/PPT/s/C2ea7xVQXcAXizMOlA1Qq00YPckVCYXqcMXYvGRv99EPLV0 t4LNj+jkcmqOZTSzsklUyLvL/0J2a0a/IljPrvDk48jwLC/CalwDJhCz8mtN4M2k AaA1GIOW7cx9BacsMEXRlKImsI3xjfMo7XvteuLuZfd0X6Adi1pMuhfVPsxTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUI7ty2waUimd7BayOqlwSl5AM6UkwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHTpLIPqKIlSrZEEsqRZRn0N00tFEzd3i8fI uAFtUe/lSczkQ8PmSslbcgT29/ltgtLEgiQdlDOJjto82Xq+ZjPVY0Im2Qkg+fkN I/m/n6xq/1H86AIT0IfS+RVa1BSdkQjhYOH14+kCaJo9LWjGWcEwqEecAnqBMBtz VDdsPH9Lo0q5YpczXHomHby3Xz4eRsW1vD1lsHH/l8XdExljffqHFH7MUt6U+aq0 K2hvMW/w0LLJtcBazEVlIslvt6AFqNuNapDTV+jFiL34eYc+EvAXOku8vBIfzVQf yPYKYEs73NlqtcCb3mVOGbWlFIVutmQPwnmNKWFufa3vI2wwOrQ= -----END CERTIFICATE-----Generated at Sun Jan 25 19:00:34 2026 by rpki-client