This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft File: 2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft (raw, json) Hash identifier: UY2crsPohZLpifK2/IkiaRb+IzI7EIoyLYRNPw4rgZc= Subject key identifier: D4:70:D2:24:55:42:F8:91:D7:46:A1:15:3B:63:BE:D7:E7:7C:8A:56 Authority key identifier: 2D:EC:7D:B2:A5:C9:62:CF:A5:3D:57:8D:EA:7D:C8:43:83:A6:33:D4 Certificate issuer: /CN=2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4 Certificate serial: 43EBC0CDD9245C7A8A4806CA19240EF2243EDE0C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft Manifest number: 0502 Signing time: Fri 05 Dec 2025 05:31:27 +0000 Manifest this update: Fri 05 Dec 2025 05:26:27 +0000 Manifest next update: Mon 08 Dec 2025 07:59:27 +0000 Files and hashes: 1: 2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl (hash: OysJp+OH3CBaIECJjPp9TPawsJC8r7j3kDX1JETy7D0=) 2: 323430343a613463303a3a2f33322d3438203d3e20313338383232.roa (hash: jd8RzIV4pb6xOSx8M2iJByCvMa7m6mddhFLRaUaFvoI=) 3: 323430343a613463303a666163653a3a2f34382d3438203d3e20313338383232.roa (hash: Ymw3mKUJLuc3UElUh0Nq2GfPGIEzD27CcOXD4JJbHT8=) 4: 3130332e3133372e33382e302f32332d3234203d3e20313338383232.roa (hash: mA/rP0hr8/EieVP2HKsGbfcjdkP2Kd8or4Jc67/Y7I0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 07:59:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:eb:c0:cd:d9:24:5c:7a:8a:48:06:ca:19:24:0e:f2:24:3e:de:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4 Validity Not Before: Dec 5 05:26:27 2025 GMT Not After : Dec 8 07:59:27 2025 GMT Subject: CN=D470D2245542F891D746A1153B63BED7E77C8A56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3f:16:f6:68:24:cb:35:b1:6f:16:0d:86:04: 90:ed:ec:f7:52:12:fc:8d:c1:29:a6:55:6a:e9:5c: 67:6f:ed:4c:6e:6b:83:e7:a6:a4:ca:04:b5:c3:c9: b3:3e:aa:38:2d:fd:6f:b2:13:a8:a1:a1:de:9a:74: 03:c3:63:cd:a2:c8:db:b8:01:ab:54:06:56:a4:20: bb:c0:4c:b0:bc:05:97:36:31:85:5e:05:65:ae:1b: 70:3b:5b:0c:ea:79:e4:0b:9b:33:31:8e:be:81:98: 7a:2d:b8:9c:d6:ad:73:19:f2:86:8d:e4:6a:7d:ec: 27:97:75:df:f7:2a:b5:88:80:38:d9:2e:c8:56:98: 19:66:c2:05:ce:3b:06:46:c3:8d:7f:a8:f4:83:75: c1:49:65:40:ee:87:71:53:8e:8e:be:03:d0:f1:18: 99:af:00:96:13:e1:5f:a4:43:b7:bc:b1:f0:da:98: 08:c3:d3:f2:be:36:15:6d:b8:e5:8b:ac:76:1d:03: cf:29:a1:ac:bc:5a:ca:bd:d4:a1:ec:41:de:10:b3: 66:72:8a:ac:4a:8c:92:1f:c1:66:d1:95:6f:49:fd: 20:b8:b8:70:04:c7:6b:c4:7f:11:8f:ae:43:49:1c: 0e:5e:43:d2:b2:63:ed:c6:37:a7:44:34:17:cd:0c: 14:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:70:D2:24:55:42:F8:91:D7:46:A1:15:3B:63:BE:D7:E7:7C:8A:56 X509v3 Authority Key Identifier: keyid:2D:EC:7D:B2:A5:C9:62:CF:A5:3D:57:8D:EA:7D:C8:43:83:A6:33:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:33:91:1c:0c:da:84:fc:ca:2b:fa:93:f6:74:21:bd:b9:bc: bd:7a:29:dd:40:f4:f4:53:a3:61:e5:b2:3f:75:bc:af:ac:5f: 5b:d9:9c:92:2d:57:e7:ed:d7:ee:ad:63:5d:29:2b:7b:3a:33: 2c:e5:7d:6d:d0:1b:3b:c5:2e:49:2d:d5:9f:c6:ef:03:d2:48: a1:81:ee:bd:5d:36:d8:f7:1d:9b:89:9c:09:7d:42:ee:5c:37: 46:de:68:d7:15:3e:01:7b:47:f8:58:bf:b6:85:00:e4:67:80: 3a:cb:06:2e:e1:af:22:d0:d0:6c:32:9e:d0:5b:dc:ed:77:19: b5:94:60:eb:38:8b:79:94:36:db:e2:36:60:b5:9f:11:b7:f9: 63:dc:37:58:2a:db:6c:c9:95:3a:07:10:57:87:d7:42:fd:8e: 18:6f:ac:cc:26:b1:3f:ab:34:12:91:33:a1:56:d1:68:c1:29: 9c:39:e1:68:34:38:f6:72:18:40:db:1b:62:a3:c1:46:b4:af: da:6e:c4:66:06:7f:7f:ae:d6:f1:66:c9:fe:15:b5:a5:b6:88: f2:5a:07:32:7b:04:67:ea:3c:69:72:6d:27:81:f3:a2:cc:a8: 61:91:e5:48:79:9e:55:3e:2a:5d:a7:c2:fd:c9:69:70:f0:fa: de:a6:f9:bc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQ+vAzdkkXHqKSAbKGSQO8iQ+3gwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4NDM4 M0E2MzNENDAeFw0yNTEyMDUwNTI2MjdaFw0yNTEyMDgwNzU5MjdaMDMxMTAvBgNV BAMTKEQ0NzBEMjI0NTU0MkY4OTFENzQ2QTExNTNCNjNCRUQ3RTc3QzhBNTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPPxb2aCTLNbFvFg2GBJDt7PdS EvyNwSmmVWrpXGdv7Uxua4PnpqTKBLXDybM+qjgt/W+yE6ihod6adAPDY82iyNu4 AatUBlakILvATLC8BZc2MYVeBWWuG3A7WwzqeeQLmzMxjr6BmHotuJzWrXMZ8oaN 5Gp97CeXdd/3KrWIgDjZLshWmBlmwgXOOwZGw41/qPSDdcFJZUDuh3FTjo6+A9Dx GJmvAJYT4V+kQ7e8sfDamAjD0/K+NhVtuOWLrHYdA88poay8Wsq91KHsQd4Qs2Zy iqxKjJIfwWbRlW9J/SC4uHAEx2vEfxGPrkNJHA5eQ9KyY+3GN6dENBfNDBRBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1HDSJFVC+JHXRqEVO2O+1+d8ilYwHwYDVR0j BBgwFoAULex9sqXJYs+lPVeN6n3IQ4OmM9QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l M2JiZjFkYS1lMzE3LTQ4ZWYtYWQ2ZC1mZThhOGJmMDg0MDAvMC8yREVDN0RCMkE1 Qzk2MkNGQTUzRDU3OERFQTdEQzg0MzgzQTYzM0Q0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4NDM4M0E2 MzNENC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTNiYmYxZGEtZTMxNy00OGVmLWFk NmQtZmU4YThiZjA4NDAwLzAvMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4 NDM4M0E2MzNENC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGYzkRwM2oT8yiv6k/Z0Ib25vL16Kd1A9PRT o2Hlsj91vK+sX1vZnJItV+ft1+6tY10pK3s6MyzlfW3QGzvFLkkt1Z/G7wPSSKGB 7r1dNtj3HZuJnAl9Qu5cN0beaNcVPgF7R/hYv7aFAORngDrLBi7hryLQ0GwyntBb 3O13GbWUYOs4i3mUNtviNmC1nxG3+WPcN1gq22zJlToHEFeH10L9jhhvrMwmsT+r NBKRM6FW0WjBKZw54Wg0OPZyGEDbG2KjwUa0r9puxGYGf3+u1vFmyf4VtaW2iPJa BzJ7BGfqPGlybSeB86LMqGGR5Uh5nlU+Kl2nwv3JaXDw+t6m+bw= -----END CERTIFICATE-----Generated at Sun Dec 7 07:25:09 2025 by rpki-client