This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: fpZTH353M3zR59yMbpqa6RnFJgmcLnAmEneayA+MofY= Subject key identifier: 87:B2:10:BC:AE:74:75:7F:84:D3:86:90:5B:18:F7:A7:B0:21:74:FA Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 17EEBCB1368865436D90BD297A1949480498E016 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 052D Signing time: Sat 06 Dec 2025 11:40:58 +0000 Manifest this update: Sat 06 Dec 2025 11:35:58 +0000 Manifest next update: Tue 09 Dec 2025 15:44:58 +0000 Files and hashes: 1: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: n4qU9z3zPQ9gk/qa+VdY5Be7KRaQiLCtRvL2TOx5vtM=) 2: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) 3: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 4: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) 5: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 15:44:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:ee:bc:b1:36:88:65:43:6d:90:bd:29:7a:19:49:48:04:98:e0:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Dec 6 11:35:58 2025 GMT Not After : Dec 9 15:44:58 2025 GMT Subject: CN=87B210BCAE74757F84D386905B18F7A7B02174FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:cc:eb:1b:ba:06:dc:21:3e:54:2a:0f:24:c1: b6:92:78:22:cf:06:64:c4:38:ee:98:58:05:2d:b8: 73:04:9e:59:4c:41:58:e4:b5:e5:8b:cc:20:72:01: e6:46:fd:28:90:52:89:06:3f:f3:6a:c7:b7:41:42: f3:d3:3b:dc:50:88:5e:fe:b9:63:92:3b:ed:67:e7: 77:9b:59:4c:82:e0:c6:0f:53:10:3e:b9:f0:0c:a6: cd:de:d3:e1:0f:46:97:26:57:21:5f:aa:3d:0b:51: 64:8c:88:78:2a:b1:94:06:d0:35:3d:8e:04:73:93: e5:2f:c1:05:71:5b:bb:17:aa:33:96:91:70:64:73: 63:cc:7d:14:50:62:d7:1d:1c:92:2e:a7:63:f8:4a: c0:e8:a7:7a:2a:c9:2e:bd:0f:7f:99:5b:e5:8a:34: 7d:7b:b1:70:bb:14:fd:33:4f:02:6a:a2:b9:7d:16: 52:ba:97:cf:d3:11:84:11:0b:b1:cd:c9:29:41:35: 1a:8c:8a:9e:ac:98:e5:ce:d1:27:30:18:c5:dc:6c: a0:21:f5:60:27:b6:81:7a:d2:10:3c:a7:43:65:68: ca:e5:05:83:1b:47:1d:68:98:fe:0f:d5:fe:66:98: dc:82:9f:52:7a:0b:13:13:a8:26:bf:3a:d0:45:f6: 38:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:B2:10:BC:AE:74:75:7F:84:D3:86:90:5B:18:F7:A7:B0:21:74:FA X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:f0:37:00:99:fa:1e:f3:5f:69:d8:d6:4d:20:c0:41:ea:98: 47:7b:98:f5:3e:12:9a:8f:f0:87:06:20:03:8e:4c:d2:57:f9: 7d:4a:ee:8c:61:2e:fc:83:69:a7:43:14:50:38:b5:6f:40:30: 30:5f:3c:fb:9a:0c:40:a3:2c:1c:10:3a:81:5d:44:7a:c9:4e: ee:ca:4a:c9:31:89:2a:db:4a:26:af:26:10:ea:b0:b4:c9:18: 0a:92:0a:ba:93:84:0f:d7:b9:49:7a:e0:53:c2:0c:82:7a:f6: b7:1e:e8:f9:51:6f:cd:02:8a:ae:d8:c4:3f:e7:db:36:a0:07: da:3c:6a:42:6c:77:3d:c1:b1:08:18:7d:67:df:7c:86:ae:31: be:bf:56:3c:13:2e:68:87:a2:d8:15:51:79:9d:c5:55:47:16: 04:97:17:7d:06:c0:b5:6c:06:33:23:64:8c:3a:fe:ad:ea:70: 95:74:0e:02:1d:87:8e:63:17:b0:bd:7f:b3:f7:a4:9f:92:94: 29:f6:e2:5a:df:3a:5a:70:3f:08:bd:e9:ba:d1:2f:55:3e:2a: 9f:0a:0f:61:d0:cd:34:3e:da:eb:d8:b2:aa:b1:27:90:bc:4e: 12:88:bd:2c:44:78:6c:37:ab:2d:cd:99:8f:38:90:20:d1:f4: a3:57:45:20 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUF+68sTaIZUNtkL0pehlJSASY4BYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTEyMDYxMTM1NThaFw0yNTEyMDkxNTQ0NThaMDMxMTAvBgNV BAMTKDg3QjIxMEJDQUU3NDc1N0Y4NEQzODY5MDVCMThGN0E3QjAyMTc0RkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7zOsbugbcIT5UKg8kwbaSeCLP BmTEOO6YWAUtuHMEnllMQVjkteWLzCByAeZG/SiQUokGP/Nqx7dBQvPTO9xQiF7+ uWOSO+1n53ebWUyC4MYPUxA+ufAMps3e0+EPRpcmVyFfqj0LUWSMiHgqsZQG0DU9 jgRzk+UvwQVxW7sXqjOWkXBkc2PMfRRQYtcdHJIup2P4SsDop3oqyS69D3+ZW+WK NH17sXC7FP0zTwJqorl9FlK6l8/TEYQRC7HNySlBNRqMip6smOXO0ScwGMXcbKAh 9WAntoF60hA8p0NlaMrlBYMbRx1omP4P1f5mmNyCn1J6CxMTqCa/OtBF9jgTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUh7IQvK50dX+E04aQWxj3p7AhdPowHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACjwNwCZ+h7zX2nY1k0gwEHqmEd7mPU+EpqP 8IcGIAOOTNJX+X1K7oxhLvyDaadDFFA4tW9AMDBfPPuaDECjLBwQOoFdRHrJTu7K SskxiSrbSiavJhDqsLTJGAqSCrqThA/XuUl64FPCDIJ69rce6PlRb80Ciq7YxD/n 2zagB9o8akJsdz3BsQgYfWfffIauMb6/VjwTLmiHotgVUXmdxVVHFgSXF30GwLVs BjMjZIw6/q3qcJV0DgIdh45jF7C9f7P3pJ+SlCn24lrfOlpwPwi96brRL1U+Kp8K D2HQzTQ+2uvYsqqxJ5C8ThKIvSxEeGw3qy3NmY84kCDR9KNXRSA= -----END CERTIFICATE-----Generated at Sun Dec 7 01:42:48 2025 by rpki-client