This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.mft (raw, json) Hash identifier: D+8T2qVyrEH8XkptOGngNaE7ewlIDBo+UQNFNvngSGQ= Subject key identifier: F2:89:C3:4B:D6:BC:4D:B8:74:12:68:2A:0E:8E:6E:28:98:39:55:E6 Authority key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Certificate issuer: /CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Certificate serial: 339D639D8B5811ABFE37BE99B43A7E7D75348350 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft Manifest number: 0500 Signing time: Fri 23 Jan 2026 16:41:07 +0000 Manifest this update: Fri 23 Jan 2026 16:36:07 +0000 Manifest next update: Mon 26 Jan 2026 20:00:07 +0000 Files and hashes: 1: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: FqumLAE5ExkmaatbD11ff744L2iTMEhUHWhZUQWOtLU=) 2: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: p7znIjGrzIeqiJgSyw1Go9JzIhUPDTiZx2kzEBcMX+M=) 3: 21AC220B77A77D0516BC73B4C29C8363DD00911B.crl (hash: 0q16bkzMH4Gi/ndqeHWDp4oRqaUZP1PaAqw/s5iHIt0=) 4: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: IywsBHZCpESzPvpzBYMa3aM5xr+uzQrgr/hs4zyGEfk=) 5: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: J7Eqzk0rLCECjOwGjEdw1vCeBneDceSExg8FEmGDsVA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 20:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:9d:63:9d:8b:58:11:ab:fe:37:be:99:b4:3a:7e:7d:75:34:83:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Validity Not Before: Jan 23 16:36:07 2026 GMT Not After : Jan 26 20:00:07 2026 GMT Subject: CN=F289C34BD6BC4DB87412682A0E8E6E28983955E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:47:62:48:0b:c3:ce:44:b5:c9:cd:be:14:35: ac:6c:5c:84:76:7b:fa:0d:8b:52:3c:56:dd:f4:4f: be:4c:d6:0e:7c:f8:86:48:da:61:4d:47:54:b7:a0: d6:fa:27:06:6d:ef:b9:f2:74:23:ac:5a:d8:52:1c: c6:b5:7c:b3:02:90:fc:57:c4:b1:35:5c:f0:3e:35: 7c:89:5a:51:5c:fa:17:17:05:5f:af:dc:3c:d1:db: 2b:3f:99:0f:f6:12:cd:61:6b:b6:ce:cf:39:9f:cb: 8b:4a:66:d8:4c:79:e7:f7:7b:0c:c1:5a:6e:2e:9e: 9a:67:39:28:e0:f5:75:0f:76:61:6f:4f:ea:98:af: d9:01:78:28:fa:a4:04:b6:f9:b5:9e:64:f6:2d:86: 26:fb:da:14:a5:ae:ed:88:c0:8f:8d:a5:39:72:0b: fe:95:0a:a7:e5:ac:28:ff:03:4b:83:42:b8:28:be: fb:c0:b8:fd:e0:d1:4b:b1:ed:e2:a3:a3:92:5b:6e: 3a:49:bc:88:53:51:68:8f:53:77:93:52:dc:9f:4e: 88:73:22:86:07:b4:bb:e1:14:af:71:9b:c2:17:9a: 99:4f:8c:e3:7b:4d:ae:32:6a:27:ae:cf:6b:cb:24: ca:28:33:0b:5e:19:96:5a:aa:18:2b:9a:a4:a0:74: 00:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:89:C3:4B:D6:BC:4D:B8:74:12:68:2A:0E:8E:6E:28:98:39:55:E6 X509v3 Authority Key Identifier: keyid:21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:7c:3b:8c:c9:79:6f:47:17:f8:a6:35:fb:1c:25:0a:8a:95: f4:7d:e3:49:1a:07:05:34:f9:ab:fc:2c:a1:a3:ec:f7:a5:30: ca:52:ad:d3:d2:f4:55:dd:40:fb:af:7c:24:1e:8a:71:3b:32: 34:87:8c:23:e8:85:c9:7d:82:51:a0:63:54:fe:7a:12:4b:bc: 51:b9:5e:f6:8b:3b:d0:df:a8:09:8f:43:61:26:0e:82:dd:8c: 54:67:9c:53:96:86:3d:b7:c9:74:e8:11:ec:91:ba:06:73:65: 14:10:99:6d:8a:3e:50:17:e4:b3:44:0f:1f:58:3a:40:9e:78: 7e:c9:86:eb:79:25:42:9e:85:97:a3:40:96:c3:7a:36:68:dd: 01:eb:0e:a0:9e:d2:55:d4:2d:09:ad:f7:2d:1e:e8:58:1f:c3: 13:60:f1:21:45:45:8f:d6:fd:14:88:2b:91:bb:6b:0a:2a:a1: a6:7d:bd:65:32:0b:84:50:b7:c3:66:1f:1c:dc:ba:45:27:ea: fc:18:0f:85:15:93:48:42:59:54:0c:de:fc:d8:4c:98:a5:ea: 19:60:0c:a3:bd:a1:0f:15:6e:e0:90:e5:9a:92:3f:24:c2:51: 12:53:8f:24:72:4b:55:93:09:37:56:3a:d9:2d:98:6f:e8:12: 9a:8d:cb:bd -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUM51jnYtYEav+N76ZtDp+fXU0g1AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNE RDAwOTExQjAeFw0yNjAxMjMxNjM2MDdaFw0yNjAxMjYyMDAwMDdaMDMxMTAvBgNV BAMTKEYyODlDMzRCRDZCQzREQjg3NDEyNjgyQTBFOEU2RTI4OTgzOTU1RTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHR2JIC8PORLXJzb4UNaxsXIR2 e/oNi1I8Vt30T75M1g58+IZI2mFNR1S3oNb6JwZt77nydCOsWthSHMa1fLMCkPxX xLE1XPA+NXyJWlFc+hcXBV+v3DzR2ys/mQ/2Es1ha7bOzzmfy4tKZthMeef3ewzB Wm4unppnOSjg9XUPdmFvT+qYr9kBeCj6pAS2+bWeZPYthib72hSlru2IwI+NpTly C/6VCqflrCj/A0uDQrgovvvAuP3g0Uux7eKjo5JbbjpJvIhTUWiPU3eTUtyfTohz IoYHtLvhFK9xm8IXmplPjON7Ta4yaieuz2vLJMooMwteGZZaqhgrmqSgdACNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8onDS9a8Tbh0EmgqDo5uKJg5VeYwHwYDVR0j BBgwFoAUIawiC3enfQUWvHO0wpyDY90AkRswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMC8yMUFDMjIwQjc3 QTc3RDA1MTZCQzczQjRDMjlDODM2M0REMDA5MTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNERDAw OTExQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5Qzgz NjNERDAwOTExQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEh8O4zJeW9HF/imNfscJQqKlfR940kaBwU0 +av8LKGj7PelMMpSrdPS9FXdQPuvfCQeinE7MjSHjCPohcl9glGgY1T+ehJLvFG5 XvaLO9DfqAmPQ2EmDoLdjFRnnFOWhj23yXToEeyRugZzZRQQmW2KPlAX5LNEDx9Y OkCeeH7Jhut5JUKehZejQJbDejZo3QHrDqCe0lXULQmt9y0e6FgfwxNg8SFFRY/W /RSIK5G7awoqoaZ9vWUyC4RQt8NmHxzcukUn6vwYD4UVk0hCWVQM3vzYTJil6hlg DKO9oQ8VbuCQ5ZqSPyTCURJTjyRyS1WTCTdWOtktmG/oEpqNy70= -----END CERTIFICATE-----Generated at Sun Jan 25 21:52:39 2026 by rpki-client