This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft File: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft (raw, json) Hash identifier: /b4Rq7adSRGpEGKt4G7J2tJm3cyb8mitH+ZKRnDHHUs= Subject key identifier: B1:7C:81:3D:C4:36:16:21:EC:EC:8E:DC:D4:56:99:3A:6B:40:E4:F4 Authority key identifier: 28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC Certificate issuer: /CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Certificate serial: 4AAD3D23CDC31D5327910EC8F1663D59483F8842 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft Manifest number: A2 Signing time: Fri 05 Dec 2025 09:42:09 +0000 Manifest this update: Fri 05 Dec 2025 09:37:09 +0000 Manifest next update: Mon 08 Dec 2025 10:51:09 +0000 Files and hashes: 1: 3130332e3135352e3139302e302f32342d3234203d3e20313431303637.roa (hash: 4k5l0oKGlgrseypJOAcgbZ3voSGQS5pK7FIolyad81E=) 2: 3130332e3135352e3139312e302f32342d3234203d3e20313431303637.roa (hash: HqTyhMmIQNWyd9Uu39hBDh2ymSKez80mYyj1XdusXb0=) 3: 323430363a373534303a3a2f33322d3332203d3e20313431303637.roa (hash: tGZJC6gHp+rBRUU+fviXr/Qmv6Fq3jy2euNYPnmiMt4=) 4: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl (hash: UvkXSEpW+q3Il2FdumaVxhN53hVq0DMFPAobGvQBbmY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 10:51:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:ad:3d:23:cd:c3:1d:53:27:91:0e:c8:f1:66:3d:59:48:3f:88:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Validity Not Before: Dec 5 09:37:09 2025 GMT Not After : Dec 8 10:51:09 2025 GMT Subject: CN=B17C813DC4361621ECEC8EDCD456993A6B40E4F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:11:13:02:20:ce:b7:61:0d:cb:a6:29:9b:f1: ad:26:74:42:03:3d:80:0e:09:45:99:ae:75:0c:63: 88:32:f5:7d:77:68:5c:7a:dd:20:a4:86:d5:0c:47: 8b:8c:9b:3f:81:57:f2:d9:c2:e7:73:26:89:0b:5d: 14:88:24:0e:72:8f:2c:ad:56:44:d5:80:d2:d1:8f: 47:5f:a9:c3:3c:38:ee:c9:3d:a1:4a:a7:95:86:ea: 5d:8c:82:33:87:8b:61:43:57:4e:69:cc:95:21:9f: f1:6b:10:cc:b8:f7:38:32:c6:35:12:43:96:1d:f9: e0:9a:c5:d0:7c:56:d2:4e:ee:55:a3:18:26:66:c5: 68:23:b4:a6:9a:ab:73:34:cf:01:79:5b:ab:26:97: 60:07:93:d6:c8:dc:6d:bd:58:95:06:07:85:5c:28: 81:e4:0f:f1:e1:76:26:5b:20:90:d3:1d:ad:ca:29: 25:c4:a0:40:42:bc:ba:4c:f1:6a:f8:df:2b:30:49: 23:ed:fd:7c:4d:53:26:27:a5:9d:be:b7:79:eb:e1: 22:fc:6c:9b:ee:bc:f1:56:6c:21:d2:a8:3a:1f:f7: d1:bf:14:84:a1:35:99:4a:85:a8:15:b9:72:47:c6: 4e:ce:dc:08:97:32:cb:d3:20:d5:ed:cf:cc:3e:54: f4:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:7C:81:3D:C4:36:16:21:EC:EC:8E:DC:D4:56:99:3A:6B:40:E4:F4 X509v3 Authority Key Identifier: keyid:28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:28:b8:40:b2:3b:be:ad:76:dd:54:6d:cb:dc:d3:b7:c9:3b: b3:72:27:5a:01:29:ab:3a:21:70:90:d0:72:d6:cb:b0:dc:7d: de:ba:42:90:db:a2:c6:45:64:ba:67:11:03:ca:a2:ae:f5:78: e5:2e:23:61:62:79:c8:46:45:2b:39:28:34:02:8d:e2:ac:d1: 08:07:b2:b4:1f:c2:9e:d7:f7:ee:44:c2:73:49:29:b8:18:26: be:55:fb:c8:30:06:8d:4e:68:9c:8e:8d:31:e2:4c:33:6d:3e: 85:b5:38:fc:b0:b9:9a:f4:3e:a5:cd:29:8c:8f:ad:6c:07:90: 2c:49:79:4e:b6:1c:cc:eb:4b:a0:96:2e:56:76:6c:d6:af:4a: e5:63:9d:5f:38:87:fc:e2:10:12:79:7f:01:6e:a3:0c:69:0c: d9:1d:e0:63:ce:61:99:f6:67:7c:d8:98:3c:37:9b:b9:65:4e: ae:8b:97:f8:34:33:f4:13:16:49:d9:3a:e0:97:9c:43:70:e7: 4b:ac:c0:54:88:3f:50:28:a6:af:ff:d0:f5:11:de:cf:e0:42: b1:78:58:2f:8a:a7:3d:89:0b:3b:0e:94:97:05:e8:70:5b:4a: 65:97:f1:1d:ee:f6:ec:4b:9c:35:9f:df:a6:3c:e6:15:49:15: 82:42:3b:79 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSq09I83DHVMnkQ7I8WY9WUg/iEIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZD NTdFOUJFQzAeFw0yNTEyMDUwOTM3MDlaFw0yNTEyMDgxMDUxMDlaMDMxMTAvBgNV BAMTKEIxN0M4MTNEQzQzNjE2MjFFQ0VDOEVEQ0Q0NTY5OTNBNkI0MEU0RjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrERMCIM63YQ3Lpimb8a0mdEID PYAOCUWZrnUMY4gy9X13aFx63SCkhtUMR4uMmz+BV/LZwudzJokLXRSIJA5yjyyt VkTVgNLRj0dfqcM8OO7JPaFKp5WG6l2MgjOHi2FDV05pzJUhn/FrEMy49zgyxjUS Q5Yd+eCaxdB8VtJO7lWjGCZmxWgjtKaaq3M0zwF5W6sml2AHk9bI3G29WJUGB4Vc KIHkD/HhdiZbIJDTHa3KKSXEoEBCvLpM8Wr43yswSSPt/XxNUyYnpZ2+t3nr4SL8 bJvuvPFWbCHSqDof99G/FIShNZlKhagVuXJHxk7O3AiXMsvTINXtz8w+VPTlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUsXyBPcQ2FiHs7I7c1FaZOmtA5PQwHwYDVR0j BBgwFoAUKLMFxmM2xDOrYBum8LNS5sV+m+wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YjZlOWI1MS1iZDg3LTQ5MDUtOWJmNC1hODQ4YTQ0ZTViYTUvMC8yOEIzMDVDNjYz MzZDNDMzQUI2MDFCQTZGMEIzNTJFNkM1N0U5QkVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZDNTdF OUJFQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGI2ZTliNTEtYmQ4Ny00OTA1LTli ZjQtYTg0OGE0NGU1YmE1LzAvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUy RTZDNTdFOUJFQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE0ouECyO76tdt1Ubcvc07fJO7NyJ1oBKas6 IXCQ0HLWy7Dcfd66QpDbosZFZLpnEQPKoq71eOUuI2FiechGRSs5KDQCjeKs0QgH srQfwp7X9+5EwnNJKbgYJr5V+8gwBo1OaJyOjTHiTDNtPoW1OPywuZr0PqXNKYyP rWwHkCxJeU62HMzrS6CWLlZ2bNavSuVjnV84h/ziEBJ5fwFuowxpDNkd4GPOYZn2 Z3zYmDw3m7llTq6Ll/g0M/QTFknZOuCXnENw50uswFSIP1Aopq//0PUR3s/gQrF4 WC+Kpz2JCzsOlJcF6HBbSmWX8R3u9uxLnDWf36Y85hVJFYJCO3k= -----END CERTIFICATE-----Generated at Sat Dec 6 18:44:32 2025 by rpki-client