This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft File: 432AE9E2B00941EF8925409E82CA40508A4688B1.mft (raw, json) Hash identifier: Qgh9qt/fEjUFQBjFfRpCQlYV+Ww0prxNKgFJ45eXLRQ= Subject key identifier: FB:EB:A8:62:63:A6:67:A3:0D:D3:5A:26:62:A3:31:17:D8:F7:82:8C Authority key identifier: 43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 Certificate issuer: /CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Certificate serial: 1AA59C2BEBCF72EED6081E799DFC9ABA92274487 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft Manifest number: 0139 Signing time: Fri 05 Dec 2025 18:02:00 +0000 Manifest this update: Fri 05 Dec 2025 17:57:00 +0000 Manifest next update: Tue 09 Dec 2025 00:38:00 +0000 Files and hashes: 1: 432AE9E2B00941EF8925409E82CA40508A4688B1.crl (hash: 2jrI0Of5lUH3TBjA8tl0AgyrfJgB0uowQ8T9SyWGq5Y=) 2: 3135372e31302e3136302e302f32332d3234203d3e20313336303532.roa (hash: xTPoIlaNmn7dCA4oz4xbGajx7u9U25QUsQJawDHmNA8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.crl rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 00:38:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:a5:9c:2b:eb:cf:72:ee:d6:08:1e:79:9d:fc:9a:ba:92:27:44:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Validity Not Before: Dec 5 17:57:00 2025 GMT Not After : Dec 9 00:38:00 2025 GMT Subject: CN=FBEBA86263A667A30DD35A2662A33117D8F7828C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:d3:7d:f6:42:50:5f:b2:7f:d2:89:7d:d0:0f: fa:d9:0c:9b:20:a9:f2:03:ac:05:2c:1f:ec:5d:7f: 85:9b:2e:f3:8e:75:0c:57:80:39:a4:31:e7:03:6f: cb:fe:bb:f8:3b:26:80:ee:6c:81:78:da:fe:f8:a6: 71:67:0b:42:94:72:45:81:d0:a7:49:3b:8f:ad:d9: 6b:42:25:cc:43:fa:6d:2d:20:15:a7:9e:fb:94:44: b6:4c:a4:2f:f8:d0:80:53:f3:d2:5b:9b:a6:28:52: 85:af:9b:fb:9a:bb:c1:b5:55:25:40:e5:e9:7a:75: 15:d3:92:7c:6d:a9:37:47:3b:95:e8:50:5a:d8:33: 24:b1:04:97:8e:ea:f1:42:f8:e7:31:5c:0b:8a:9f: 3b:80:50:15:76:68:5b:63:bc:53:df:88:6c:71:f4: f7:1d:9b:a0:04:4a:c6:ec:7b:10:f4:24:ab:4a:61: dc:6e:88:70:e1:52:62:04:32:a0:44:63:e8:08:ce: 77:e6:7e:6d:aa:6c:55:d1:ed:ee:32:49:c0:25:cc: f4:5e:e2:de:9f:18:8d:a4:9a:80:b4:96:ca:08:bd: 97:d5:b8:a1:c4:c6:6c:35:3a:62:a5:75:cf:89:19: 71:a4:a5:b1:a7:c1:6d:3b:c4:56:56:0d:5a:72:c2: 50:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:EB:A8:62:63:A6:67:A3:0D:D3:5A:26:62:A3:31:17:D8:F7:82:8C X509v3 Authority Key Identifier: keyid:43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:29:d2:62:b1:6d:c5:39:d3:ea:31:15:b8:b4:a1:e7:24:62: c3:01:59:e4:62:82:c1:20:ae:03:4a:9a:1b:20:64:2e:39:47: 38:35:44:8e:3b:c4:b3:a9:77:6f:4e:f0:00:cf:2a:17:5b:8f: 32:54:96:0c:2a:02:c6:37:50:db:4f:d1:10:f5:b3:e4:14:98: a8:81:94:d3:1f:5d:44:54:7d:3f:9e:68:8e:cd:86:32:b2:2c: a6:0f:72:80:26:44:b1:1e:00:8e:b1:78:0a:3e:5a:42:9c:09: 27:2c:28:4f:47:74:85:5f:27:13:5d:bd:f5:2c:f1:d4:dc:8e: 29:ee:34:04:e9:71:8a:47:de:70:85:dc:38:77:94:d4:78:e1: ce:fb:30:fa:81:a3:23:1a:d0:e5:6d:76:50:8b:ec:da:fa:ba: c2:69:77:14:ad:b7:7c:56:55:14:f2:b1:16:14:2a:3e:b0:8e: ba:7f:62:10:b8:70:da:aa:2f:1f:b1:07:56:67:1a:07:22:13: 2c:12:89:6b:2e:74:9c:84:4a:76:50:16:79:f6:4b:03:af:22: 3f:fd:6b:82:b4:24:32:de:e1:ec:71:5c:57:a7:71:93:33:b9: b4:16:2f:aa:58:e4:df:f2:60:53:19:e4:27:31:19:c7:4f:94: f4:2a:31:bd -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGqWcK+vPcu7WCB55nfyaupInRIcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQwNTA4 QTQ2ODhCMTAeFw0yNTEyMDUxNzU3MDBaFw0yNTEyMDkwMDM4MDBaMDMxMTAvBgNV BAMTKEZCRUJBODYyNjNBNjY3QTMwREQzNUEyNjYyQTMzMTE3RDhGNzgyOEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS0332QlBfsn/SiX3QD/rZDJsg qfIDrAUsH+xdf4WbLvOOdQxXgDmkMecDb8v+u/g7JoDubIF42v74pnFnC0KUckWB 0KdJO4+t2WtCJcxD+m0tIBWnnvuURLZMpC/40IBT89Jbm6YoUoWvm/uau8G1VSVA 5el6dRXTknxtqTdHO5XoUFrYMySxBJeO6vFC+OcxXAuKnzuAUBV2aFtjvFPfiGxx 9Pcdm6AESsbsexD0JKtKYdxuiHDhUmIEMqBEY+gIznfmfm2qbFXR7e4yScAlzPRe 4t6fGI2kmoC0lsoIvZfVuKHExmw1OmKldc+JGXGkpbGnwW07xFZWDVpywlBRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU++uoYmOmZ6MN01omYqMxF9j3gowwHwYDVR0j BBgwFoAUQyrp4rAJQe+JJUCegspAUIpGiLEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YzJmYzFkNC0zN2E2LTQ5NDMtYjRjNi02ZDhlOWI0ZTU1OTEvMC80MzJBRTlFMkIw MDk0MUVGODkyNTQwOUU4MkNBNDA1MDhBNDY4OEIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQwNTA4QTQ2 ODhCMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWMyZmMxZDQtMzdhNi00OTQzLWI0 YzYtNmQ4ZTliNGU1NTkxLzAvNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQw NTA4QTQ2ODhCMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG0p0mKxbcU50+oxFbi0oeckYsMBWeRigsEg rgNKmhsgZC45Rzg1RI47xLOpd29O8ADPKhdbjzJUlgwqAsY3UNtP0RD1s+QUmKiB lNMfXURUfT+eaI7NhjKyLKYPcoAmRLEeAI6xeAo+WkKcCScsKE9HdIVfJxNdvfUs 8dTcjinuNATpcYpH3nCF3Dh3lNR44c77MPqBoyMa0OVtdlCL7Nr6usJpdxStt3xW VRTysRYUKj6wjrp/YhC4cNqqLx+xB1ZnGgciEywSiWsudJyESnZQFnn2SwOvIj/9 a4K0JDLe4exxXFencZMzubQWL6pY5N/yYFMZ5CcxGcdPlPQqMb0= -----END CERTIFICATE-----Generated at Sat Dec 6 21:42:12 2025 by rpki-client