This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft File: D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft (raw, json) Hash identifier: AjtucAHsG1nDS1J7pcahAxviz7KfDl0EP3cEn+dRZ5s= Subject key identifier: 7B:F0:58:EA:59:6A:A0:BA:6C:02:A6:BA:07:7A:9D:E7:AD:59:C6:05 Authority key identifier: D5:8B:CD:47:A6:26:3C:C3:A1:2A:BD:E6:E3:A2:AD:28:AF:8B:DE:D7 Certificate issuer: /CN=D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7 Certificate serial: 48EB66EA52F9A50B607D0FBEF1C23A9F6F0E5136 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft Manifest number: 0311 Signing time: Sat 06 Dec 2025 04:02:17 +0000 Manifest this update: Sat 06 Dec 2025 03:57:17 +0000 Manifest next update: Tue 09 Dec 2025 06:36:17 +0000 Files and hashes: 1: 3130332e3136392e34302e302f32332d3233203d3e20313432333332.roa (hash: lwypc1eue2zj3ktOWvglzu1Jo7qmvdfN4AlugN+i5Zw=) 2: 3130332e3136392e34312e302f32342d3234203d3e20313432333332.roa (hash: zPRVVEuzND/TSHdVq3ZkAQYAgPmvosaZoKU+TXGH1vc=) 3: D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl (hash: k7nATUkZkISE7MV9ycOYuXg/Gvq1wtUCAnPwo23HWl0=) 4: 3130332e3136392e34302e302f32342d3234203d3e20313432333332.roa (hash: yIxyAi+LsGKpwTABrM9lNwtjILhJjgs1G21qada+Ir4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:36:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:eb:66:ea:52:f9:a5:0b:60:7d:0f:be:f1:c2:3a:9f:6f:0e:51:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7 Validity Not Before: Dec 6 03:57:17 2025 GMT Not After : Dec 9 06:36:17 2025 GMT Subject: CN=7BF058EA596AA0BA6C02A6BA077A9DE7AD59C605 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ee:fe:20:fc:86:0a:9c:26:dc:e6:28:9c:08: 87:be:70:08:c4:51:64:7f:93:21:02:a0:5c:bc:4f: 34:dc:07:77:7f:9b:68:3d:fe:c0:45:24:87:64:b5: 25:7e:fc:70:c7:cc:56:93:b0:89:46:1d:47:f9:ea: a4:81:88:21:e4:4f:6d:f3:fd:ef:30:c2:42:9b:69: 53:77:fe:bb:33:8e:45:56:34:6c:da:d7:ec:38:9d: 13:48:87:c9:f7:62:08:f5:49:b9:3e:77:ed:ba:b2: b3:d3:11:bc:36:ce:c7:d1:34:88:cf:a7:2e:b7:89: a4:0c:91:89:29:b7:4b:09:7d:c1:5d:aa:29:21:8e: a1:e6:fd:ff:56:d6:f9:7f:be:2f:f4:18:e1:62:38: db:12:1f:1b:c0:5d:0a:31:42:2c:af:7f:03:2f:09: ae:9b:2d:b5:31:27:56:f9:b7:79:20:63:68:9e:0f: b1:eb:f7:06:10:a7:1a:83:cb:11:8c:9a:dd:8d:bf: 40:16:f7:a6:89:96:c4:bc:bd:6d:7a:85:98:94:a9: 14:0a:f2:ba:b6:66:30:96:de:1a:3d:ff:7a:65:c2: 7d:5e:9f:5d:99:3d:fb:18:0c:ac:49:41:73:8a:ef: 31:32:44:d0:74:a6:e3:fd:1b:50:59:9b:7d:e8:7c: 4a:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:F0:58:EA:59:6A:A0:BA:6C:02:A6:BA:07:7A:9D:E7:AD:59:C6:05 X509v3 Authority Key Identifier: keyid:D5:8B:CD:47:A6:26:3C:C3:A1:2A:BD:E6:E3:A2:AD:28:AF:8B:DE:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:ea:62:f2:04:92:83:38:27:3a:20:19:72:d2:ac:7d:2f:b8: 73:e6:76:a8:5f:c8:83:b3:c8:81:f7:58:3c:2b:e7:56:1c:c2: a8:a9:00:9a:2c:58:35:26:57:cc:c6:2e:b1:c6:b6:d0:a6:0d: 7f:81:bb:d2:6e:b4:e0:8a:54:63:29:34:f7:96:91:fa:23:58: 1c:14:65:b5:69:d8:d0:0f:a0:1a:8e:d7:ed:92:ac:93:42:ac: 74:4f:25:11:98:3e:40:96:e5:24:59:71:e6:c7:35:eb:a1:8c: 49:27:8f:67:f2:96:b1:79:ee:38:9c:55:61:2e:ed:5a:22:f0: 67:74:ec:c0:63:44:e8:1e:69:ac:73:48:1e:4b:50:35:c2:a6: bf:06:15:88:4b:9d:eb:a9:e1:ec:de:2e:51:f3:86:3e:83:84: 9c:d7:d1:c3:e9:85:e6:e5:47:c0:ca:39:5f:a8:c6:e1:4c:3b: b3:32:d1:b5:07:b1:05:f5:3c:13:49:cf:2e:48:37:cf:c5:a1: 5a:74:92:a2:7f:16:be:dd:5c:55:71:2e:c4:4c:09:65:67:fd: 90:d1:ae:2f:a9:47:61:ed:87:83:a6:0a:b7:df:26:32:ec:3a: b9:31:e9:0d:1f:52:38:9e:76:af:ac:1a:8c:ec:54:18:bc:12: 75:63:c0:2a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSOtm6lL5pQtgfQ++8cI6n28OUTYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFEMjhB RjhCREVENzAeFw0yNTEyMDYwMzU3MTdaFw0yNTEyMDkwNjM2MTdaMDMxMTAvBgNV BAMTKDdCRjA1OEVBNTk2QUEwQkE2QzAyQTZCQTA3N0E5REU3QUQ1OUM2MDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe7v4g/IYKnCbc5iicCIe+cAjE UWR/kyECoFy8TzTcB3d/m2g9/sBFJIdktSV+/HDHzFaTsIlGHUf56qSBiCHkT23z /e8wwkKbaVN3/rszjkVWNGza1+w4nRNIh8n3Ygj1Sbk+d+26srPTEbw2zsfRNIjP py63iaQMkYkpt0sJfcFdqikhjqHm/f9W1vl/vi/0GOFiONsSHxvAXQoxQiyvfwMv Ca6bLbUxJ1b5t3kgY2ieD7Hr9wYQpxqDyxGMmt2Nv0AW96aJlsS8vW16hZiUqRQK 8rq2ZjCW3ho9/3plwn1en12ZPfsYDKxJQXOK7zEyRNB0puP9G1BZm33ofEqfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUe/BY6llqoLpsAqa6B3qd561ZxgUwHwYDVR0j BBgwFoAU1YvNR6YmPMOhKr3m46KtKK+L3tcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y Y2I1MjYxOS0zNzlkLTQzMGEtYjE5Yi0xZjBlYzUzYWU5MDkvMC9ENThCQ0Q0N0E2 MjYzQ0MzQTEyQUJERTZFM0EyQUQyOEFGOEJERUQ3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFEMjhBRjhC REVENy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmNiNTI2MTktMzc5ZC00MzBhLWIx OWItMWYwZWM1M2FlOTA5LzAvRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFE MjhBRjhCREVENy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACvqYvIEkoM4JzogGXLSrH0vuHPmdqhfyIOz yIH3WDwr51YcwqipAJosWDUmV8zGLrHGttCmDX+Bu9JutOCKVGMpNPeWkfojWBwU ZbVp2NAPoBqO1+2SrJNCrHRPJRGYPkCW5SRZcebHNeuhjEknj2fylrF57jicVWEu 7Voi8Gd07MBjROgeaaxzSB5LUDXCpr8GFYhLneup4ezeLlHzhj6DhJzX0cPphebl R8DKOV+oxuFMO7My0bUHsQX1PBNJzy5IN8/FoVp0kqJ/Fr7dXFVxLsRMCWVn/ZDR ri+pR2Hth4OmCrffJjLsOrkx6Q0fUjiedq+sGozsVBi8EnVjwCo= -----END CERTIFICATE-----Generated at Sat Dec 6 20:54:49 2025 by rpki-client