This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft File: 253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft (raw, json) Hash identifier: xX57zeLPZaXgh0oRZIXgSkAKpDeetsQFRINhvHQMnEM= Subject key identifier: 2A:5B:11:C0:E8:8F:5A:3E:B8:BA:B2:B1:A6:FE:9C:FF:5B:C1:4D:03 Authority key identifier: 25:3E:2B:B4:DE:46:7A:F0:8F:19:1A:F7:63:2E:E3:BD:05:8D:A1:01 Certificate issuer: /CN=253E2BB4DE467AF08F191AF7632EE3BD058DA101 Certificate serial: 62548EDE6D03098BADD4222CCD11813A4C06609A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/253E2BB4DE467AF08F191AF7632EE3BD058DA101.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft Manifest number: 052F Signing time: Sat 06 Dec 2025 07:11:35 +0000 Manifest this update: Sat 06 Dec 2025 07:06:35 +0000 Manifest next update: Tue 09 Dec 2025 14:20:35 +0000 Files and hashes: 1: 36302e3235332e39362e302f31392d3234203d3e203338313434.roa (hash: gI7OgYv6GfwsEVRaXvd5tRlYtRW/gCZ+OwdOGTRV5w8=) 2: 3230322e35312e3232342e302f32302d3234203d3e203338313434.roa (hash: N2YGkCBG++ItZbATxx+8Wnv+w5mJADtnDrbFxCasjwk=) 3: 253E2BB4DE467AF08F191AF7632EE3BD058DA101.crl (hash: 0gy/vGFl70pNjg5XNhaWB1LgX93HkLw5HKwK2h+OEFY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.crl rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/253E2BB4DE467AF08F191AF7632EE3BD058DA101.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 14:20:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:54:8e:de:6d:03:09:8b:ad:d4:22:2c:cd:11:81:3a:4c:06:60:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=253E2BB4DE467AF08F191AF7632EE3BD058DA101 Validity Not Before: Dec 6 07:06:35 2025 GMT Not After : Dec 9 14:20:35 2025 GMT Subject: CN=2A5B11C0E88F5A3EB8BAB2B1A6FE9CFF5BC14D03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:63:c5:b2:f9:f1:e7:3f:b6:1b:9f:49:17:b8: d3:4b:59:b1:a5:9f:21:1b:20:03:4b:a3:c3:06:b5: 52:50:5d:b4:2c:62:a8:9c:b6:4f:c5:02:d2:44:d5: 7f:e6:86:b9:5d:d7:09:d6:98:df:6e:fb:fc:9e:e3: 40:73:d7:d1:59:0b:0d:9c:34:09:e6:6e:92:38:34: 3a:a9:20:ba:93:18:df:b1:4a:63:8a:52:28:d8:8f: c1:63:ed:03:a7:df:a3:8c:ac:60:27:11:1b:a8:a0: f7:c0:a6:db:02:04:29:20:56:21:f4:bd:27:4f:ec: 54:c6:4f:28:d1:6a:c7:db:b2:cf:91:45:e9:fd:5b: 1f:e4:49:d8:f1:8b:29:32:43:64:57:21:cd:53:90: fe:fc:9b:04:b4:1f:99:fe:c8:5c:67:a4:32:35:82: 12:8a:cd:71:d2:95:be:6b:88:68:c1:17:2e:1b:3e: b9:15:73:37:79:29:ac:76:d8:77:48:6e:67:b5:90: 85:21:50:20:a4:f3:c5:65:2b:c1:e4:3e:d3:3b:c9: 85:d3:c0:0f:5c:fb:cd:db:10:1c:9e:3e:55:e7:40: 2a:57:d0:29:b1:35:8a:ee:46:a9:d7:c0:c6:29:87: 7e:ed:76:b7:59:8a:7e:68:8b:ea:82:48:7b:40:46: 08:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:5B:11:C0:E8:8F:5A:3E:B8:BA:B2:B1:A6:FE:9C:FF:5B:C1:4D:03 X509v3 Authority Key Identifier: keyid:25:3E:2B:B4:DE:46:7A:F0:8F:19:1A:F7:63:2E:E3:BD:05:8D:A1:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/253E2BB4DE467AF08F191AF7632EE3BD058DA101.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:70:09:56:24:21:a5:03:5f:6a:18:ed:9b:b3:a8:90:31:b2: 2a:19:1f:bf:ab:81:8f:e9:53:86:dd:37:4a:87:ce:a5:b2:2a: 5e:a4:cb:2d:04:69:21:d3:93:70:ab:7d:4e:76:75:1f:27:40: b1:a2:2d:cf:e1:e6:74:75:71:43:11:4a:55:1a:a0:a9:31:80: 2d:a8:24:9a:6b:d0:7f:78:00:44:79:a7:f4:a2:bb:96:36:3c: bf:7f:78:da:b7:88:67:0f:64:8d:22:38:86:1c:66:5a:de:9c: a6:8d:9e:c9:0d:f5:6f:97:77:d8:42:87:8a:32:0e:10:2c:bd: 83:51:74:ec:2e:d4:be:50:4a:68:c6:4a:fc:10:49:c9:52:a1: 74:75:fa:84:b6:43:f4:0f:14:1d:b5:4f:dc:29:ae:59:22:af: e7:a1:4a:93:ac:3a:b2:3a:9a:04:fd:0f:70:25:63:72:53:94: 8b:f4:99:7d:a7:98:8f:a2:8d:6d:b9:34:43:e5:8e:7a:4e:00: 41:3c:65:1e:52:af:c0:22:ad:02:11:3e:9c:a7:cc:43:61:b2: db:92:1e:61:3d:32:b0:6a:35:88:c2:da:00:46:8b:c7:5b:be: 49:27:d3:1c:1f:d1:f7:0e:7a:a7:98:02:aa:37:ed:92:b5:b4: e6:b3:79:bc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYlSO3m0DCYut1CIszRGBOkwGYJowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjUzRTJCQjRERTQ2N0FGMDhGMTkxQUY3NjMyRUUzQkQw NThEQTEwMTAeFw0yNTEyMDYwNzA2MzVaFw0yNTEyMDkxNDIwMzVaMDMxMTAvBgNV BAMTKDJBNUIxMUMwRTg4RjVBM0VCOEJBQjJCMUE2RkU5Q0ZGNUJDMTREMDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Y8Wy+fHnP7Ybn0kXuNNLWbGl nyEbIANLo8MGtVJQXbQsYqictk/FAtJE1X/mhrld1wnWmN9u+/ye40Bz19FZCw2c NAnmbpI4NDqpILqTGN+xSmOKUijYj8Fj7QOn36OMrGAnERuooPfAptsCBCkgViH0 vSdP7FTGTyjRasfbss+RRen9Wx/kSdjxiykyQ2RXIc1TkP78mwS0H5n+yFxnpDI1 ghKKzXHSlb5riGjBFy4bPrkVczd5Kax22HdIbme1kIUhUCCk88VlK8HkPtM7yYXT wA9c+83bEByePlXnQCpX0CmxNYruRqnXwMYph37tdrdZin5oi+qCSHtARghXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKlsRwOiPWj64urKxpv6c/1vBTQMwHwYDVR0j BBgwFoAUJT4rtN5GevCPGRr3Yy7jvQWNoQEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y Y2Q3NTM2ZC05ZTEwLTRkNDktYjZjYS0wNDFjYzlhNTkxNGUvMC8yNTNFMkJCNERF NDY3QUYwOEYxOTFBRjc2MzJFRTNCRDA1OERBMTAxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjUzRTJCQjRERTQ2N0FGMDhGMTkxQUY3NjMyRUUzQkQwNThE QTEwMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmNkNzUzNmQtOWUxMC00ZDQ5LWI2 Y2EtMDQxY2M5YTU5MTRlLzAvMjUzRTJCQjRERTQ2N0FGMDhGMTkxQUY3NjMyRUUz QkQwNThEQTEwMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHRwCVYkIaUDX2oY7ZuzqJAxsioZH7+rgY/p U4bdN0qHzqWyKl6kyy0EaSHTk3CrfU52dR8nQLGiLc/h5nR1cUMRSlUaoKkxgC2o JJpr0H94AER5p/Siu5Y2PL9/eNq3iGcPZI0iOIYcZlrenKaNnskN9W+Xd9hCh4oy DhAsvYNRdOwu1L5QSmjGSvwQSclSoXR1+oS2Q/QPFB21T9wprlkir+ehSpOsOrI6 mgT9D3AlY3JTlIv0mX2nmI+ijW25NEPljnpOAEE8ZR5Sr8AirQIRPpynzENhstuS HmE9MrBqNYjC2gBGi8dbvkkn0xwf0fcOeqeYAqo37ZK1tOazebw= -----END CERTIFICATE-----Generated at Sat Dec 6 23:53:17 2025 by rpki-client