This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft File: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft (raw, json) Hash identifier: 2CZOjGghheVEBJq3riP8K4cFss0b2dfEDvJ1m26IgXE= Subject key identifier: 21:A5:B9:39:33:7C:39:D7:02:7E:92:A7:B5:F4:06:48:62:B9:07:1F Authority key identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 Certificate issuer: /CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Certificate serial: 744B0649C268FD98732ABDCD3AF87236E5F31B0A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft Manifest number: 04B1 Signing time: Thu 04 Dec 2025 09:10:51 +0000 Manifest this update: Thu 04 Dec 2025 09:05:51 +0000 Manifest next update: Sun 07 Dec 2025 16:52:51 +0000 Files and hashes: 1: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl (hash: G5JnQPgOEGMvNtwGAiqizTsWS19YhCInNEUeWht0aG0=) 2: 3130332e3136322e312e302f32342d3234203d3e2036393339.roa (hash: fzXYj+/Wlk2+pHJ1gJZrQ6X0Tnu8HMMmPoocnHTOJ8E=) 3: 3130332e3136322e312e302f32342d3234203d3e20313431363334.roa (hash: qNe08ONmrtJrbqnJHhzOzL4yLMKznA4CGtzFIsSxWok=) 4: 3130332e3136322e302e302f32342d3234203d3e20313431363334.roa (hash: mrVcWkYKkNNL+5Z0dua06HvGJVSXAbMBn3dbcArjm/g=) 5: 3130332e3136322e302e302f32332d3233203d3e20313431363334.roa (hash: BUWXw4dtky6u3IS1OVmdebvECXrPIBW5iPpOPegzgSU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 16:52:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:4b:06:49:c2:68:fd:98:73:2a:bd:cd:3a:f8:72:36:e5:f3:1b:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Validity Not Before: Dec 4 09:05:51 2025 GMT Not After : Dec 7 16:52:51 2025 GMT Subject: CN=21A5B939337C39D7027E92A7B5F4064862B9071F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a5:e7:29:9b:04:ff:65:2d:30:11:fb:d6:66: 0b:78:68:55:eb:cb:81:53:88:33:32:d5:c0:16:eb: 19:91:9e:04:6a:ea:a7:06:bf:5f:11:0a:b0:6f:f2: 32:52:c0:15:c4:07:41:9e:4c:91:e0:e1:69:8c:35: c0:9f:e8:88:6b:84:52:0d:6b:20:b6:8b:d2:af:93: a8:b7:6f:58:32:c4:de:5e:6f:4b:e6:5d:0c:6a:8c: 91:ea:9f:3d:e0:89:4e:3d:da:fa:5e:44:8c:7f:9a: 5c:a3:80:94:d6:33:8f:fc:ac:f9:e0:7e:13:92:e2: 3c:1f:d1:15:26:69:26:5f:8a:96:be:86:15:f7:8c: 4b:7e:1d:87:b9:cb:6a:ec:0c:85:36:27:c1:fb:43: bb:36:f3:0d:f3:18:25:52:69:3c:d8:15:d3:70:f6: 12:1e:7a:a2:2b:24:a9:cb:f3:d7:d8:6a:80:5b:4a: bc:46:c0:e2:f3:27:a1:da:74:30:14:30:8b:46:a0: e9:4a:47:ee:87:1d:2a:1c:eb:cd:e9:ce:c4:d9:d0: 3e:4c:b8:80:89:c6:a0:aa:3d:65:ce:06:b2:7a:e2: 66:a8:6d:78:0a:a9:78:58:d1:97:1b:4b:2a:b0:6a: d0:e8:8f:05:e1:00:09:d6:6a:3b:cd:ac:72:3c:f1: a5:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:A5:B9:39:33:7C:39:D7:02:7E:92:A7:B5:F4:06:48:62:B9:07:1F X509v3 Authority Key Identifier: keyid:20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:6e:2a:22:d6:d0:3a:cd:b3:5d:3b:2e:43:21:05:81:71:c8: 20:83:b2:82:10:64:b3:38:92:0c:c0:76:49:d8:31:ce:1e:84: 0a:74:6a:40:6b:12:a2:e3:ef:7e:73:d0:53:27:14:69:fb:b1: c7:a0:b5:99:18:b1:fc:c8:56:7c:e3:92:d5:1c:d4:86:c2:42: 21:17:20:c8:2c:a0:d0:a6:2a:dc:2c:f2:d2:76:16:10:c9:c9: 69:36:5a:ee:e3:0c:cd:d5:d2:df:5e:8f:35:75:57:e9:21:f7: bc:fa:ef:5f:f3:59:64:e8:ee:aa:75:9a:9c:37:f9:e6:a7:92: 51:fe:ad:ff:66:0b:a9:8a:c0:37:65:42:84:24:5f:a2:34:2e: e2:f8:01:82:35:4b:96:f2:de:c4:8b:d1:9c:b9:ff:de:90:04: 8a:4b:9a:f0:44:89:9a:75:e0:df:f3:25:77:59:b5:c0:1d:cd: 8b:fc:1a:ac:88:75:86:77:f2:db:a0:93:3a:ac:a0:a7:3b:db: ae:a3:a9:62:af:79:4d:04:8e:31:ca:41:16:ab:b1:ad:bd:d9: 5c:e0:69:43:a8:ee:c0:c3:c9:10:9e:06:cc:11:de:19:c5:25: 2c:0d:7d:ca:29:bd:9d:f0:52:b7:0c:4d:10:90:7d:27:51:82: 94:66:6a:1e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdEsGScJo/ZhzKr3NOvhyNuXzGwowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlFQ0Qy ODlBQkZGOTAeFw0yNTEyMDQwOTA1NTFaFw0yNTEyMDcxNjUyNTFaMDMxMTAvBgNV BAMTKDIxQTVCOTM5MzM3QzM5RDcwMjdFOTJBN0I1RjQwNjQ4NjJCOTA3MUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCypecpmwT/ZS0wEfvWZgt4aFXr y4FTiDMy1cAW6xmRngRq6qcGv18RCrBv8jJSwBXEB0GeTJHg4WmMNcCf6IhrhFIN ayC2i9Kvk6i3b1gyxN5eb0vmXQxqjJHqnz3giU492vpeRIx/mlyjgJTWM4/8rPng fhOS4jwf0RUmaSZfipa+hhX3jEt+HYe5y2rsDIU2J8H7Q7s28w3zGCVSaTzYFdNw 9hIeeqIrJKnL89fYaoBbSrxGwOLzJ6HadDAUMItGoOlKR+6HHSoc683pzsTZ0D5M uICJxqCqPWXOBrJ64maobXgKqXhY0ZcbSyqwatDojwXhAAnWajvNrHI88aVLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIaW5OTN8OdcCfpKntfQGSGK5Bx8wHwYDVR0j BBgwFoAUILFclfozUUAtYOlorR2ezSiav/kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MTQxOTNjNC00YWJkLTRlMmMtYTFkMC0xYjVjZTMyZTQyMGIvMC8yMEIxNUM5NUZB MzM1MTQwMkQ2MEU5NjhBRDFEOUVDRDI4OUFCRkY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlFQ0QyODlB QkZGOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDE0MTkzYzQtNGFiZC00ZTJjLWEx ZDAtMWI1Y2UzMmU0MjBiLzAvMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlF Q0QyODlBQkZGOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALNuKiLW0DrNs107LkMhBYFxyCCDsoIQZLM4 kgzAdknYMc4ehAp0akBrEqLj735z0FMnFGn7scegtZkYsfzIVnzjktUc1IbCQiEX IMgsoNCmKtws8tJ2FhDJyWk2Wu7jDM3V0t9ejzV1V+kh97z671/zWWTo7qp1mpw3 +eanklH+rf9mC6mKwDdlQoQkX6I0LuL4AYI1S5by3sSL0Zy5/96QBIpLmvBEiZp1 4N/zJXdZtcAdzYv8GqyIdYZ38tugkzqsoKc7266jqWKveU0EjjHKQRarsa292Vzg aUOo7sDDyRCeBswR3hnFJSwNfcopvZ3wUrcMTRCQfSdRgpRmah4= -----END CERTIFICATE-----Generated at Sat Dec 6 13:38:34 2025 by rpki-client