This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.mft (raw, json) Hash identifier: 4q7VUYShZAiuIOx3W1javA7uPk3kWMPeHmAHANYwt80= Subject key identifier: 88:7D:76:D9:95:6A:3C:64:00:77:D0:94:A0:E5:54:F6:D1:96:BB:66 Authority key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Certificate issuer: /CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Certificate serial: 312FCF6DC5FA7E31BC3AF6053F93C8E0981F530C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft Manifest number: 04EA Signing time: Sat 06 Dec 2025 00:31:04 +0000 Manifest this update: Sat 06 Dec 2025 00:26:04 +0000 Manifest next update: Tue 09 Dec 2025 01:50:04 +0000 Files and hashes: 1: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: p7znIjGrzIeqiJgSyw1Go9JzIhUPDTiZx2kzEBcMX+M=) 2: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: J7Eqzk0rLCECjOwGjEdw1vCeBneDceSExg8FEmGDsVA=) 3: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: FqumLAE5ExkmaatbD11ff744L2iTMEhUHWhZUQWOtLU=) 4: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: IywsBHZCpESzPvpzBYMa3aM5xr+uzQrgr/hs4zyGEfk=) 5: 21AC220B77A77D0516BC73B4C29C8363DD00911B.crl (hash: WzYzH8QOAKJnvCf1NxAzoiVPqY2CFSNRXv4gp7xOwQU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 01:50:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:2f:cf:6d:c5:fa:7e:31:bc:3a:f6:05:3f:93:c8:e0:98:1f:53:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Validity Not Before: Dec 6 00:26:04 2025 GMT Not After : Dec 9 01:50:04 2025 GMT Subject: CN=887D76D9956A3C640077D094A0E554F6D196BB66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:23:66:c6:cc:5c:b5:d1:60:1e:cb:b0:f3:a7: 8e:e2:69:2b:0c:ec:e3:53:9d:c9:25:33:f4:bd:96: 02:21:43:fe:40:32:7f:af:47:1b:91:d8:be:d3:c1: 0e:f5:be:d3:d7:87:06:53:8b:c3:8c:32:a2:7b:52: 02:8a:0c:6f:3e:9d:73:d0:88:fc:eb:c1:f1:87:38: 5f:a1:92:d2:55:9a:aa:8b:51:29:7e:2f:3c:0b:df: c7:e1:46:14:83:a2:e8:6f:66:3b:e8:6f:24:e7:06: ab:3a:d8:2a:81:e3:3f:d3:c9:86:68:a9:b7:a7:31: 1e:22:50:39:db:cf:13:41:66:0b:d0:3f:13:4e:ba: dd:f5:bc:79:f6:9a:68:42:cf:3f:84:e0:32:0c:5a: 3a:1e:ed:30:2b:4f:ef:3a:37:c7:9e:15:75:10:33: c2:d7:61:a6:71:e2:b3:7f:d9:aa:79:58:70:8c:82: 13:83:74:4d:42:e5:8e:9c:78:57:e4:ac:a3:7c:37: b7:30:16:20:6e:d8:fb:45:ca:90:55:92:aa:aa:1d: 0c:26:cd:f9:78:58:d6:a6:5c:9d:97:14:ce:7c:17: 7c:9f:9f:67:78:3f:3f:2e:f7:d0:7a:79:ed:48:35: 7e:5e:83:2c:69:4e:02:bd:4a:17:77:46:3f:fc:0c: ec:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:7D:76:D9:95:6A:3C:64:00:77:D0:94:A0:E5:54:F6:D1:96:BB:66 X509v3 Authority Key Identifier: keyid:21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:b9:0f:61:35:13:22:0c:e5:28:a2:b9:eb:66:71:dd:20:45: ac:e4:71:d8:94:03:28:b4:e6:65:7b:62:a5:c0:5a:af:fa:15: 88:fb:dd:8c:a4:c6:7c:9a:2d:b0:42:2a:5d:74:aa:ea:a3:c1: c6:7c:c3:d9:5d:11:fc:7b:46:c7:b9:a2:a9:34:b6:69:9f:22: 69:54:2f:b0:8b:43:28:a2:f5:d4:55:42:6b:98:b2:b3:ff:1a: de:6d:0c:d8:60:27:08:8c:c9:aa:0b:07:43:6e:cb:a1:cd:4e: d6:3d:6f:2d:1d:3f:e4:28:86:2d:85:e5:65:b6:23:ee:da:62: 2d:e1:37:24:bb:e2:e2:15:5e:24:f0:5c:3a:ab:1f:95:52:90: c4:8e:be:c0:be:ba:a2:7e:aa:cf:b3:29:2f:06:a6:99:21:82: 3e:49:57:af:a5:5b:7b:a1:b7:0a:dd:ff:3f:53:c8:94:bc:87: 1e:fa:8c:c3:3f:5c:87:36:b2:a4:a8:10:56:15:8f:c3:b5:c7: 84:d3:56:81:16:6d:7d:38:6f:d6:cc:a7:7c:45:10:ce:f2:2a: 96:d4:4f:6c:c5:54:0f:10:78:c7:89:5c:11:89:6f:65:1c:2e: ad:a5:88:38:52:8f:3c:0e:59:e3:54:b3:ee:b0:9a:62:76:5d: 95:d6:35:be -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMS/PbcX6fjG8OvYFP5PI4JgfUwwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNE RDAwOTExQjAeFw0yNTEyMDYwMDI2MDRaFw0yNTEyMDkwMTUwMDRaMDMxMTAvBgNV BAMTKDg4N0Q3NkQ5OTU2QTNDNjQwMDc3RDA5NEEwRTU1NEY2RDE5NkJCNjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNI2bGzFy10WAey7Dzp47iaSsM 7ONTncklM/S9lgIhQ/5AMn+vRxuR2L7TwQ71vtPXhwZTi8OMMqJ7UgKKDG8+nXPQ iPzrwfGHOF+hktJVmqqLUSl+LzwL38fhRhSDouhvZjvobyTnBqs62CqB4z/TyYZo qbenMR4iUDnbzxNBZgvQPxNOut31vHn2mmhCzz+E4DIMWjoe7TArT+86N8eeFXUQ M8LXYaZx4rN/2ap5WHCMghODdE1C5Y6ceFfkrKN8N7cwFiBu2PtFypBVkqqqHQwm zfl4WNamXJ2XFM58F3yfn2d4Pz8u99B6ee1INX5egyxpTgK9Shd3Rj/8DOy7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUiH122ZVqPGQAd9CUoOVU9tGWu2YwHwYDVR0j BBgwFoAUIawiC3enfQUWvHO0wpyDY90AkRswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMC8yMUFDMjIwQjc3 QTc3RDA1MTZCQzczQjRDMjlDODM2M0REMDA5MTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNERDAw OTExQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5Qzgz NjNERDAwOTExQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAy5D2E1EyIM5Siiuetmcd0gRazkcdiUAyi0 5mV7YqXAWq/6FYj73YykxnyaLbBCKl10quqjwcZ8w9ldEfx7Rse5oqk0tmmfImlU L7CLQyii9dRVQmuYsrP/Gt5tDNhgJwiMyaoLB0Nuy6HNTtY9by0dP+Qohi2F5WW2 I+7aYi3hNyS74uIVXiTwXDqrH5VSkMSOvsC+uqJ+qs+zKS8Gppkhgj5JV6+lW3uh twrd/z9TyJS8hx76jMM/XIc2sqSoEFYVj8O1x4TTVoEWbX04b9bMp3xFEM7yKpbU T2zFVA8QeMeJXBGJb2UcLq2liDhSjzwOWeNUs+6wmmJ2XZXWNb4= -----END CERTIFICATE-----Generated at Sun Dec 7 03:07:53 2025 by rpki-client