This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
File:                     B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft (raw, json)
Hash identifier:          41bTuRCSfUPcaIv3BGToX6TRFiy+DQO82A4X7aGRRv8=
Subject key identifier:   61:64:CE:A4:23:1E:F6:8B:E3:99:29:47:90:90:5B:59:D6:3C:DB:C5
Authority key identifier: B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1
Certificate issuer:       /CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
Certificate serial:       31016BDA1911093984FE28B652BABABE1B017E1F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
Manifest number:          02C2
Signing time:             Sat 06 Dec 2025 21:11:59 +0000
Manifest this update:     Sat 06 Dec 2025 21:06:59 +0000
Manifest next update:     Wed 10 Dec 2025 06:45:59 +0000
Files and hashes:         1: B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl (hash: F8wBmooPuR50zfOkzngvT9qZrppL5vkGEbC/qpmwdiA=)
                          2: 3130332e33302e3232312e302f32342d3234203d3e203338313438.roa (hash: 7jwgwmu5p9Vx0nJtBBICc1jR6TLu2T+YBURAKlHLhFY=)
                          3: 3132322e3230302e3134342e302f32312d3234203d3e203338313438.roa (hash: q36ZaNZnng4e3YSesfRm7Xhg/e4wHbxv2r58SbE/Hyw=)
                          4: 3130332e33302e3232302e302f32322d3233203d3e203338313438.roa (hash: dip5cfpPOxv7j5avMlkj27CtA1ffgVlncphql09alQk=)
                          5: 3130332e33302e3232332e302f32342d3234203d3e203338313438.roa (hash: Oz3xD+pukxgYWpnFQL+j6A86Gc4jUZiZu2sP1l7btM0=)
                          6: 323430313a396230303a3a2f33322d3438203d3e203338313438.roa (hash: KdtiKUAOdh5Pdj0OkOpsBFHlVClUvcCXmF1ngZraMiI=)
                          7: 3130332e33302e3232322e302f32342d3234203d3e203338313438.roa (hash: +SJaFJQyqBdRsoSnVqf1c6YDNbR+iItpuCQMYo/GJwM=)
                          8: 3130332e33302e3232302e302f32342d3234203d3e203338313438.roa (hash: o3fKHuVWFD6jkUIoyhNcY5O2uYQKepNEkJqsRTcT0Zs=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl
                          rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 09 Dec 2025 15:57:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:01:6b:da:19:11:09:39:84:fe:28:b6:52:ba:ba:be:1b:01:7e:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
        Validity
            Not Before: Dec  6 21:06:59 2025 GMT
            Not After : Dec 10 06:45:59 2025 GMT
        Subject: CN=6164CEA4231EF68BE399294790905B59D63CDBC5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:cc:26:7c:b0:a0:cc:b9:94:ec:ae:d6:a9:d0:
                    b4:0b:19:cd:0a:e3:0e:58:ca:8f:c9:03:5d:c7:35:
                    98:5a:05:03:c5:69:8b:e8:55:f2:c0:08:ae:60:84:
                    91:bf:9d:90:2e:01:0f:6c:90:d8:0e:15:93:eb:85:
                    c5:b6:90:f0:d6:79:a0:ac:06:3b:ef:02:c8:1c:65:
                    f3:9f:0b:81:61:1a:09:63:78:b4:ad:5b:f2:ad:b3:
                    0b:e5:ec:d9:cb:43:df:89:ce:db:5d:6a:09:5b:af:
                    b0:74:34:69:60:1f:a0:fe:48:5b:3f:73:ad:97:7a:
                    e5:d4:21:a9:19:74:63:5f:3c:8d:77:e3:e7:48:e0:
                    09:1d:88:17:58:cc:3f:f6:5f:37:c1:10:62:5a:11:
                    3f:cc:b5:aa:73:82:3b:ed:f3:e1:1f:38:ad:ab:7c:
                    f7:86:cc:87:43:94:11:4d:ea:2f:8c:fe:71:5f:e1:
                    e4:cd:57:d3:38:72:36:6f:02:3a:97:e2:66:06:99:
                    6b:bf:ea:64:10:81:c2:12:5f:67:ef:bd:3c:3d:81:
                    1f:bf:76:98:22:8b:5f:01:fc:8e:8b:16:94:86:cc:
                    9f:cf:32:0d:e4:c0:a8:dc:5e:9e:7c:5c:69:0e:ff:
                    88:c2:d7:0a:64:18:f8:62:1b:b5:07:63:52:57:16:
                    6c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:64:CE:A4:23:1E:F6:8B:E3:99:29:47:90:90:5B:59:D6:3C:DB:C5
            X509v3 Authority Key Identifier:
                keyid:B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:53:b7:0b:08:4b:e5:4d:8d:cc:ef:ba:c8:3c:f2:fa:d9:49:
         df:8e:5b:47:8a:40:c7:ac:c4:f5:3d:cc:8e:4d:ef:0a:a0:c1:
         99:8b:f0:a8:3f:18:74:cd:bc:92:2d:2a:60:7a:72:49:46:8f:
         09:cb:61:9e:7e:ed:f6:33:ae:88:28:fd:90:ea:ea:fb:cc:27:
         3a:b4:a3:0a:af:65:3c:8f:a7:7a:21:96:cc:d9:23:35:f3:67:
         51:2d:2d:32:14:d3:29:4f:b4:b5:1c:e8:2e:37:33:00:ab:19:
         30:43:2b:83:96:7f:66:db:94:ac:d9:82:19:b2:42:7f:6d:0a:
         d4:85:62:fb:a4:5c:77:eb:86:fa:c3:b0:6e:77:37:65:a9:3e:
         32:dd:ab:05:4c:b5:1f:ec:89:97:e9:80:a2:08:f8:94:7f:9e:
         c3:23:3e:c1:bd:a8:ac:f7:ff:c7:37:1c:34:b0:3a:32:3d:1e:
         e0:3d:60:03:b8:9e:10:c3:4a:fd:e8:ca:39:14:c5:8d:65:0b:
         3b:ec:f3:e8:93:30:95:a1:ad:2e:59:9c:39:a4:e9:a2:65:e1:
         b5:5e:2e:40:64:16:99:ae:1b:6a:64:bf:27:7b:ac:af:ef:b8:
         a5:bc:c7:43:c6:6c:42:1d:ad:56:7c:56:e9:1b:07:e0:81:16:
         a7:10:df:2b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUMQFr2hkRCTmE/ii2Urq6vhsBfh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEw
RUIzODRFMTAeFw0yNTEyMDYyMTA2NTlaFw0yNTEyMTAwNjQ1NTlaMDMxMTAvBgNV
BAMTKDYxNjRDRUE0MjMxRUY2OEJFMzk5Mjk0NzkwOTA1QjU5RDYzQ0RCQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCizCZ8sKDMuZTsrtap0LQLGc0K
4w5Yyo/JA13HNZhaBQPFaYvoVfLACK5ghJG/nZAuAQ9skNgOFZPrhcW2kPDWeaCs
BjvvAsgcZfOfC4FhGgljeLStW/Ktswvl7NnLQ9+Jzttdaglbr7B0NGlgH6D+SFs/
c62XeuXUIakZdGNfPI134+dI4AkdiBdYzD/2XzfBEGJaET/Mtapzgjvt8+EfOK2r
fPeGzIdDlBFN6i+M/nFf4eTNV9M4cjZvAjqX4mYGmWu/6mQQgcISX2fvvTw9gR+/
dpgii18B/I6LFpSGzJ/PMg3kwKjcXp58XGkO/4jC1wpkGPhiG7UHY1JXFmwjAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUYWTOpCMe9ovjmSlHkJBbWdY828UwHwYDVR0j
BBgwFoAUuSHaq7hJSd3CUA1PCm2T+g6zhOEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NTkyYzI3NC0xMWRiLTQxMjctYmFiYi1hZWFlOTkyODRiMDAvMC9COTIxREFBQkI4
NDk0OUREQzI1MDBENEYwQTZEOTNGQTBFQjM4NEUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEwRUIz
ODRFMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTU5MmMyNzQtMTFkYi00MTI3LWJh
YmItYWVhZTk5Mjg0YjAwLzAvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkz
RkEwRUIzODRFMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAA5TtwsIS+VNjczvusg88vrZSd+OW0eKQMes
xPU9zI5N7wqgwZmL8Kg/GHTNvJItKmB6cklGjwnLYZ5+7fYzrogo/ZDq6vvMJzq0
owqvZTyPp3ohlszZIzXzZ1EtLTIU0ylPtLUc6C43MwCrGTBDK4OWf2bblKzZghmy
Qn9tCtSFYvukXHfrhvrDsG53N2WpPjLdqwVMtR/siZfpgKII+JR/nsMjPsG9qKz3
/8c3HDSwOjI9HuA9YAO4nhDDSv3oyjkUxY1lCzvs8+iTMJWhrS5ZnDmk6aJl4bVe
LkBkFpmuG2pkvyd7rK/vuKW8x0PGbEIdrVZ8VukbB+CBFqcQ3ys=
-----END CERTIFICATE-----