This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft File: CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft (raw, json) Hash identifier: cReMgP/qETSCCQJKjYoh8QtKfsgmQFCLEjKCggJqjC8= Subject key identifier: B2:9C:9A:21:DC:6F:5B:B9:A3:DB:BE:E4:73:80:D2:22:A0:14:B7:3D Authority key identifier: CB:96:62:73:31:53:C0:2E:4C:41:1B:7D:2F:2B:9E:22:D2:F0:EB:85 Certificate issuer: /CN=CB9662733153C02E4C411B7D2F2B9E22D2F0EB85 Certificate serial: 6A0C8E31D071B065C9C41D5E2020DA2BD3B75D6C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft Manifest number: 01C6 Signing time: Sat 24 Jan 2026 17:11:14 +0000 Manifest this update: Sat 24 Jan 2026 17:06:14 +0000 Manifest next update: Tue 27 Jan 2026 23:50:14 +0000 Files and hashes: 1: CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl (hash: RRwF5Clwu9MAo8pvGmwFfK/v9yv1Cd/hygPfgAoDiyI=) 2: 3130332e3133322e34302e302f32342d3234203d3e20313432333836.roa (hash: 7CbGL2bVFpRfzWEmJ1nxU8TaU3ck1Im05psWj/JHkPU=) 3: 3130332e3133322e34312e302f32342d3234203d3e20313530393730.roa (hash: tzY1XNU5cVp0pp1q9NAQ2OMSeEZ2zfRfv6jNIeP9/Ac=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 23:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:0c:8e:31:d0:71:b0:65:c9:c4:1d:5e:20:20:da:2b:d3:b7:5d:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB9662733153C02E4C411B7D2F2B9E22D2F0EB85 Validity Not Before: Jan 24 17:06:14 2026 GMT Not After : Jan 27 23:50:14 2026 GMT Subject: CN=B29C9A21DC6F5BB9A3DBBEE47380D222A014B73D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a2:63:e4:3e:27:43:58:d0:b1:d2:50:71:b5: 73:a5:d7:d3:67:a8:85:27:7f:72:b9:2d:58:fe:8a: 72:1b:e2:da:95:41:11:e2:06:e9:29:9e:f4:c6:63: af:75:6d:7e:3b:f8:de:3f:8f:ca:a5:0a:9b:86:ff: 93:7f:40:4c:08:10:0c:77:a2:8a:97:31:24:86:21: 2b:e4:85:a8:29:30:85:cf:1e:7c:6a:56:8f:79:82: f6:9c:2d:f6:c1:51:28:1f:3d:8c:fb:54:c0:d6:0c: e3:2d:e1:81:8d:74:cf:d8:21:b0:e0:b5:5d:31:b4: 5b:28:ce:1e:ab:c9:14:3c:0b:d9:b0:5c:04:2b:9b: 36:52:0c:39:a9:70:4c:62:5e:37:c2:64:98:f9:bc: f7:21:df:3e:56:99:3f:cd:10:5d:c1:ee:6a:c9:4f: fa:b3:42:e1:67:c6:1e:f5:cc:ac:fd:41:ee:81:22: 63:53:2b:1b:36:8b:a9:0e:68:f7:cb:7a:0b:0b:db: 2f:17:3d:27:14:3a:b9:f2:78:9f:4f:6a:01:f7:e3: 89:f6:0e:67:2f:03:69:07:82:6c:28:5d:29:f7:fc: 84:79:01:ef:e5:9a:fe:6f:f2:0c:fc:c9:e6:47:7a: 0a:5b:3c:36:c8:b9:a0:f2:93:89:9f:cb:dd:a5:d0: 81:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:9C:9A:21:DC:6F:5B:B9:A3:DB:BE:E4:73:80:D2:22:A0:14:B7:3D X509v3 Authority Key Identifier: keyid:CB:96:62:73:31:53:C0:2E:4C:41:1B:7D:2F:2B:9E:22:D2:F0:EB:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:08:e1:fd:db:14:51:62:b8:c4:f1:6c:00:91:30:62:a1:9e: 5e:b4:01:7a:33:99:2b:a8:74:13:40:6e:8d:20:9b:44:2c:76: 07:21:57:d9:5e:d1:36:45:03:95:b8:cf:0c:88:b9:fa:f2:8c: e1:19:ef:05:59:f7:e1:36:0b:77:6a:96:74:d6:a0:67:f4:d7: f7:ca:fc:c2:7f:45:96:89:c1:03:7d:af:b5:4f:11:5b:cb:45: ee:f9:4b:b8:61:95:b8:1a:ac:7d:7f:24:ae:a3:f8:8b:b0:ab: d4:5b:c9:b1:74:08:95:4c:33:21:52:00:09:8a:6f:0c:2b:e3: 67:fe:85:5e:12:d3:87:94:c2:46:a7:9c:9c:0c:50:d6:50:58: b7:6c:a6:b9:27:3e:29:d9:47:cf:79:9e:c0:a8:25:ab:e3:51: 51:e7:f5:e6:bd:0a:40:ec:2e:2d:93:30:24:e7:e2:46:bd:8f: 75:7d:9b:09:24:4a:5d:e5:34:4a:a2:50:79:a6:95:85:d9:ce: 1e:25:1f:4f:b3:fd:be:d8:df:7a:db:60:6b:e7:52:1a:3d:fe: 39:00:18:8c:26:90:b9:10:ca:19:00:bd:ab:08:e3:b5:ee:09: aa:33:c6:3a:52:79:ce:7a:28:9b:ef:e9:a9:40:bb:11:32:32: fa:54:86:15 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUagyOMdBxsGXJxB1eICDaK9O3XWwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlFMjJE MkYwRUI4NTAeFw0yNjAxMjQxNzA2MTRaFw0yNjAxMjcyMzUwMTRaMDMxMTAvBgNV BAMTKEIyOUM5QTIxREM2RjVCQjlBM0RCQkVFNDczODBEMjIyQTAxNEI3M0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0omPkPidDWNCx0lBxtXOl19Nn qIUnf3K5LVj+inIb4tqVQRHiBukpnvTGY691bX47+N4/j8qlCpuG/5N/QEwIEAx3 ooqXMSSGISvkhagpMIXPHnxqVo95gvacLfbBUSgfPYz7VMDWDOMt4YGNdM/YIbDg tV0xtFsozh6ryRQ8C9mwXAQrmzZSDDmpcExiXjfCZJj5vPch3z5WmT/NEF3B7mrJ T/qzQuFnxh71zKz9Qe6BImNTKxs2i6kOaPfLegsL2y8XPScUOrnyeJ9PagH344n2 DmcvA2kHgmwoXSn3/IR5Ae/lmv5v8gz8yeZHegpbPDbIuaDyk4mfy92l0IHrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUspyaIdxvW7mj277kc4DSIqAUtz0wHwYDVR0j BBgwFoAUy5ZiczFTwC5MQRt9LyueItLw64UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZGYyZmZkYS0wNWQxLTQwODUtYTEzNS0wMzk4N2EwN2YzOWUvMC9DQjk2NjI3MzMx NTNDMDJFNEM0MTFCN0QyRjJCOUUyMkQyRjBFQjg1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlFMjJEMkYw RUI4NS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGRmMmZmZGEtMDVkMS00MDg1LWEx MzUtMDM5ODdhMDdmMzllLzAvQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlF MjJEMkYwRUI4NS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJ8I4f3bFFFiuMTxbACRMGKhnl60AXozmSuo dBNAbo0gm0QsdgchV9le0TZFA5W4zwyIufryjOEZ7wVZ9+E2C3dqlnTWoGf01/fK /MJ/RZaJwQN9r7VPEVvLRe75S7hhlbgarH1/JK6j+Iuwq9RbybF0CJVMMyFSAAmK bwwr42f+hV4S04eUwkannJwMUNZQWLdsprknPinZR895nsCoJavjUVHn9ea9CkDs Li2TMCTn4ka9j3V9mwkkSl3lNEqiUHmmlYXZzh4lH0+z/b7Y33rbYGvnUho9/jkA GIwmkLkQyhkAvasI47XuCaozxjpSec56KJvv6alAuxEyMvpUhhU= -----END CERTIFICATE-----Generated at Sun Jan 25 20:10:14 2026 by rpki-client