This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
File:                     B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft (raw, json)
Hash identifier:          XXbk5IPsTr8GaAjQQRVB8U6LRKYtGsrg+c3wjd8CYwg=
Subject key identifier:   19:94:4C:85:7F:08:25:F9:1E:43:DC:BF:9D:43:9A:D8:E0:21:2F:4B
Authority key identifier: B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1
Certificate issuer:       /CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
Certificate serial:       3B65E364490AD7FB78C5F35DFA2E7AD30EE6D41E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
Manifest number:          02C6
Signing time:             Tue 16 Dec 2025 09:11:59 +0000
Manifest this update:     Tue 16 Dec 2025 09:06:59 +0000
Manifest next update:     Fri 19 Dec 2025 15:25:59 +0000
Files and hashes:         1: 3130332e33302e3232302e302f32322d3233203d3e203338313438.roa (hash: dip5cfpPOxv7j5avMlkj27CtA1ffgVlncphql09alQk=)
                          2: 3130332e33302e3232302e302f32342d3234203d3e203338313438.roa (hash: o3fKHuVWFD6jkUIoyhNcY5O2uYQKepNEkJqsRTcT0Zs=)
                          3: 3130332e33302e3232322e302f32342d3234203d3e203338313438.roa (hash: +SJaFJQyqBdRsoSnVqf1c6YDNbR+iItpuCQMYo/GJwM=)
                          4: 3130332e33302e3232332e302f32342d3234203d3e203338313438.roa (hash: Oz3xD+pukxgYWpnFQL+j6A86Gc4jUZiZu2sP1l7btM0=)
                          5: B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl (hash: rZv+hMhLMwNvyFiWtu4hbpigS7EQd8PH7czZe7XGmqs=)
                          6: 3130332e33302e3232312e302f32342d3234203d3e203338313438.roa (hash: 7jwgwmu5p9Vx0nJtBBICc1jR6TLu2T+YBURAKlHLhFY=)
                          7: 323430313a396230303a3a2f33322d3438203d3e203338313438.roa (hash: KdtiKUAOdh5Pdj0OkOpsBFHlVClUvcCXmF1ngZraMiI=)
                          8: 3132322e3230302e3134342e302f32312d3234203d3e203338313438.roa (hash: q36ZaNZnng4e3YSesfRm7Xhg/e4wHbxv2r58SbE/Hyw=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl
                          rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 19 Dec 2025 15:25:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:65:e3:64:49:0a:d7:fb:78:c5:f3:5d:fa:2e:7a:d3:0e:e6:d4:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
        Validity
            Not Before: Dec 16 09:06:59 2025 GMT
            Not After : Dec 19 15:25:59 2025 GMT
        Subject: CN=19944C857F0825F91E43DCBF9D439AD8E0212F4B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:61:f4:f7:2c:93:cc:b0:06:cf:6c:c4:77:e6:
                    14:39:79:ab:18:9b:39:14:13:7f:de:ce:38:b8:25:
                    95:8a:9c:a0:3b:12:48:b8:54:4a:bb:8f:27:46:09:
                    90:32:71:ef:a2:6c:02:e1:7c:4a:0b:04:cb:ec:ea:
                    08:63:6b:44:8a:e2:6c:92:e3:39:a9:6d:f2:64:0a:
                    40:df:71:78:b5:9b:f3:3c:41:45:f5:18:99:09:45:
                    a1:e3:46:71:c1:f2:31:0c:57:09:c5:63:ab:18:2b:
                    92:8d:ce:33:63:c4:73:83:68:d3:f5:97:7f:d1:c4:
                    6c:b5:84:e5:38:f4:b3:d0:a0:be:74:b4:3b:bc:45:
                    fa:52:b5:c1:cf:e5:00:1f:45:76:c8:d9:7b:8f:66:
                    2e:eb:01:2f:18:1e:9c:e4:e5:14:a5:79:d9:fe:ca:
                    f5:a0:43:5e:5b:2c:f7:a6:89:f5:33:c4:63:5b:2d:
                    ce:d8:ac:15:99:e9:90:ab:a0:91:1b:77:52:8d:81:
                    44:00:20:b0:be:ed:e9:20:ee:1a:66:ee:d3:75:41:
                    af:51:de:0a:d5:c9:c8:33:b6:7c:dd:1d:90:4d:59:
                    94:68:b9:c9:65:f5:b3:3a:c3:cf:cb:96:27:b9:cc:
                    65:03:43:c9:2b:81:78:62:ee:58:5a:c0:47:ca:34:
                    cd:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:94:4C:85:7F:08:25:F9:1E:43:DC:BF:9D:43:9A:D8:E0:21:2F:4B
            X509v3 Authority Key Identifier:
                keyid:B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:b4:12:44:f3:65:a1:38:36:0b:82:bd:1b:d4:93:97:67:11:
         c3:b2:26:86:13:55:80:d1:0b:08:5f:ba:9b:4a:63:e7:9a:2b:
         97:6e:af:3d:a7:35:80:dd:80:2d:e9:38:53:c4:41:ea:d4:c2:
         59:43:d6:f6:4c:64:19:24:ba:dd:92:da:60:de:b1:6b:5f:e5:
         c3:b1:fc:2e:ef:bc:3b:71:db:69:04:3a:81:76:9c:ac:9e:16:
         d5:d3:6e:da:60:0a:bd:0b:5a:2f:a5:21:fe:39:a3:0b:db:b2:
         04:ba:79:2a:47:a7:b9:e3:90:e9:c4:29:de:a8:ee:56:3d:b4:
         29:c7:18:8a:35:ca:d0:f6:9b:ea:e9:7c:8a:f5:56:c7:04:a6:
         b9:a0:34:9c:c2:36:c8:92:7f:72:d9:e1:7a:d4:94:9c:1f:e4:
         ca:51:60:13:9a:6f:f8:00:df:7c:fd:2e:f2:84:53:93:4a:6c:
         60:d7:7b:50:f3:92:6d:fe:52:da:16:f6:be:0b:aa:0a:14:0d:
         8c:4a:10:80:67:72:4f:62:bf:db:a7:07:d4:f3:02:83:b0:8b:
         2a:3e:a1:85:3a:0b:cb:41:2f:ff:47:94:81:1f:98:15:49:ca:
         1c:43:75:a6:21:7f:8b:30:52:e8:0f:72:ef:66:27:12:09:1f:
         88:83:bf:1d
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUO2XjZEkK1/t4xfNd+i560w7m1B4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEw
RUIzODRFMTAeFw0yNTEyMTYwOTA2NTlaFw0yNTEyMTkxNTI1NTlaMDMxMTAvBgNV
BAMTKDE5OTQ0Qzg1N0YwODI1RjkxRTQzRENCRjlENDM5QUQ4RTAyMTJGNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnYfT3LJPMsAbPbMR35hQ5easY
mzkUE3/ezji4JZWKnKA7Eki4VEq7jydGCZAyce+ibALhfEoLBMvs6ghja0SK4myS
4zmpbfJkCkDfcXi1m/M8QUX1GJkJRaHjRnHB8jEMVwnFY6sYK5KNzjNjxHODaNP1
l3/RxGy1hOU49LPQoL50tDu8RfpStcHP5QAfRXbI2XuPZi7rAS8YHpzk5RSledn+
yvWgQ15bLPemifUzxGNbLc7YrBWZ6ZCroJEbd1KNgUQAILC+7ekg7hpm7tN1Qa9R
3grVycgztnzdHZBNWZRoucll9bM6w8/Llie5zGUDQ8krgXhi7lhawEfKNM3NAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUGZRMhX8IJfkeQ9y/nUOa2OAhL0swHwYDVR0j
BBgwFoAUuSHaq7hJSd3CUA1PCm2T+g6zhOEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NTkyYzI3NC0xMWRiLTQxMjctYmFiYi1hZWFlOTkyODRiMDAvMC9COTIxREFBQkI4
NDk0OUREQzI1MDBENEYwQTZEOTNGQTBFQjM4NEUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEwRUIz
ODRFMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTU5MmMyNzQtMTFkYi00MTI3LWJh
YmItYWVhZTk5Mjg0YjAwLzAvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkz
RkEwRUIzODRFMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBADu0EkTzZaE4NguCvRvUk5dnEcOyJoYTVYDR
CwhfuptKY+eaK5durz2nNYDdgC3pOFPEQerUwllD1vZMZBkkut2S2mDesWtf5cOx
/C7vvDtx22kEOoF2nKyeFtXTbtpgCr0LWi+lIf45owvbsgS6eSpHp7njkOnEKd6o
7lY9tCnHGIo1ytD2m+rpfIr1VscEprmgNJzCNsiSf3LZ4XrUlJwf5MpRYBOab/gA
33z9LvKEU5NKbGDXe1Dzkm3+UtoW9r4LqgoUDYxKEIBnck9iv9unB9TzAoOwiyo+
oYU6C8tBL/9HlIEfmBVJyhxDdaYhf4swUugPcu9mJxIJH4iDvx0=
-----END CERTIFICATE-----