This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft File: 2858C74CC23A557C73F59051B7FE8638AA491C94.mft (raw, json) Hash identifier: ubTMwUdxIewLP3UT7dL1uAbPxDIPkPhr7Qr9id3qA54= Subject key identifier: 5B:23:6E:E9:91:5E:3E:13:B4:41:3E:87:5A:ED:72:ED:E8:3F:C1:DF Authority key identifier: 28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 Certificate issuer: /CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Certificate serial: 38617D9EDF86A8A7AF86FF46D02560E856377C61 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer Subject info access: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft Manifest number: 40 Signing time: Sat 06 Dec 2025 13:41:28 +0000 Manifest this update: Sat 06 Dec 2025 13:36:28 +0000 Manifest next update: Wed 10 Dec 2025 01:09:28 +0000 Files and hashes: 1: 2858C74CC23A557C73F59051B7FE8638AA491C94.crl (hash: OCwzij72sZj7L5lYoH8IhzRHDFQrSAyakMHi6XPI4A4=) 2: 323430303a366632303a353a3a2f34382d3438203d3e20313333383039.roa (hash: KGGUUPJetYRovMai9BvuYsEqHu8TgW6bYg4Sm8JWJcg=) 3: 323430303a366632303a3a2f33322d3438203d3e20313333383039.roa (hash: 8MTe8KcDcB0X2kj+3dmF5RSp4lHPV4hialaox1IdvHk=) 4: 3130332e35302e3132382e302f32322d3234203d3e20313333383039.roa (hash: IB02l7aeS1Ctr7m+n8ymFsmUvTLgjo3obFTTz15X/C8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.crl rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 15:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:61:7d:9e:df:86:a8:a7:af:86:ff:46:d0:25:60:e8:56:37:7c:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Validity Not Before: Dec 6 13:36:28 2025 GMT Not After : Dec 10 01:09:28 2025 GMT Subject: CN=5B236EE9915E3E13B4413E875AED72EDE83FC1DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:77:f4:5d:30:e2:6d:cc:d5:6f:78:7f:3c:9c: f6:4c:81:43:f3:37:d9:ae:77:b5:b0:f2:ed:65:03: 2d:b0:ca:47:45:00:b1:d3:74:76:a5:de:82:f6:50: ee:64:a5:64:80:63:b4:96:0e:15:97:54:3a:4f:7f: 59:64:ca:56:14:5b:eb:bf:b4:d1:c0:5a:5b:a2:ae: 6a:50:b2:7d:90:53:c7:0a:e2:9a:0a:24:5b:7d:57: 91:b9:82:0a:54:85:04:15:e0:79:00:f0:14:4e:cf: 6c:e6:7a:99:2a:46:f4:25:30:cf:f3:e4:8f:7b:41: 40:aa:be:ff:c8:f7:85:b6:ee:0f:89:22:f3:0e:b1: f0:21:5a:f6:66:2e:d0:f4:6b:ca:a6:ff:47:1f:a6: cc:ca:4f:c9:7f:c0:f5:be:3a:e4:a9:05:f5:b0:13: 4f:80:ae:bf:17:d7:42:8b:a1:0b:83:41:96:a7:93: 64:5d:ff:4c:d1:51:5b:45:09:13:99:38:20:fa:38: 3b:b5:77:ad:4f:30:24:23:82:1b:55:3f:b6:57:b2: a0:21:ca:ec:37:39:da:c9:e6:e4:72:51:d0:eb:c2: 2b:49:6c:96:ae:0c:38:f6:93:ba:dc:97:a8:13:4e: 40:be:85:2b:a8:a6:0b:78:91:43:d4:79:0f:80:03: c9:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:23:6E:E9:91:5E:3E:13:B4:41:3E:87:5A:ED:72:ED:E8:3F:C1:DF X509v3 Authority Key Identifier: keyid:28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:08:45:5c:1c:0f:1c:52:71:d7:e2:ee:60:44:98:51:21:e5: 2d:b5:44:a4:63:f7:d1:58:03:6f:d0:d6:9b:52:52:96:d7:9b: e6:85:06:18:24:ee:37:ce:d0:62:42:ad:9e:bd:17:15:06:17: c5:13:37:b6:46:1a:bc:a8:2c:93:34:7e:40:55:47:1d:41:31: d4:1f:d6:06:e0:4e:0e:fd:38:99:e7:7c:2c:68:fc:0b:16:24: ed:7b:ee:6d:0b:5c:1c:10:cb:08:bc:68:02:40:0e:32:50:57: 8c:1e:12:cd:12:cc:82:57:a0:2b:b4:fa:2b:53:a4:de:23:eb: aa:fb:84:97:59:8d:8a:e4:9d:ef:5b:e1:cb:d6:82:6b:47:f7: 6f:22:88:46:e1:af:43:0b:26:7b:af:21:d9:e3:1e:2e:4c:b3: 7d:11:01:be:3f:96:49:a0:8d:35:11:ac:36:69:c1:b4:6d:2f: ce:48:28:47:f0:e0:3c:4e:90:65:e2:c0:0d:e2:63:f5:14:84: 6a:1f:bd:88:35:34:8f:cc:e7:c7:bf:98:b4:d8:ce:46:9d:ca: 82:93:8f:09:34:84:1f:ba:d8:38:77:65:41:07:73:ee:f5:43: af:15:71:e3:92:3c:90:4d:55:f3:e2:ea:c9:66:b1:4f:05:7e: 6f:f1:17:64 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOGF9nt+GqKevhv9G0CVg6FY3fGEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2MzhB QTQ5MUM5NDAeFw0yNTEyMDYxMzM2MjhaFw0yNTEyMTAwMTA5MjhaMDMxMTAvBgNV BAMTKDVCMjM2RUU5OTE1RTNFMTNCNDQxM0U4NzVBRUQ3MkVERTgzRkMxREYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnd/RdMOJtzNVveH88nPZMgUPz N9mud7Ww8u1lAy2wykdFALHTdHal3oL2UO5kpWSAY7SWDhWXVDpPf1lkylYUW+u/ tNHAWluirmpQsn2QU8cK4poKJFt9V5G5ggpUhQQV4HkA8BROz2zmepkqRvQlMM/z 5I97QUCqvv/I94W27g+JIvMOsfAhWvZmLtD0a8qm/0cfpszKT8l/wPW+OuSpBfWw E0+Arr8X10KLoQuDQZank2Rd/0zRUVtFCROZOCD6ODu1d61PMCQjghtVP7ZXsqAh yuw3OdrJ5uRyUdDrwitJbJauDDj2k7rcl6gTTkC+hSuopgt4kUPUeQ+AA8n5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUWyNu6ZFePhO0QT6HWu1y7eg/wd8wHwYDVR0j BBgwFoAUKFjHTMI6VXxz9ZBRt/6GOKpJHJQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 OWNlZjhiMC1iYTY0LTRjMGMtOGRlOC0xZjUwYTg1ZDVmZGUvMC8yODU4Qzc0Q0My M0E1NTdDNzNGNTkwNTFCN0ZFODYzOEFBNDkxQzk0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2MzhBQTQ5 MUM5NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTljZWY4YjAtYmE2NC00YzBjLThk ZTgtMWY1MGE4NWQ1ZmRlLzAvMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2 MzhBQTQ5MUM5NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKcIRVwcDxxScdfi7mBEmFEh5S21RKRj99FY A2/Q1ptSUpbXm+aFBhgk7jfO0GJCrZ69FxUGF8UTN7ZGGryoLJM0fkBVRx1BMdQf 1gbgTg79OJnnfCxo/AsWJO177m0LXBwQywi8aAJADjJQV4weEs0SzIJXoCu0+itT pN4j66r7hJdZjYrkne9b4cvWgmtH928iiEbhr0MLJnuvIdnjHi5Ms30RAb4/lkmg jTURrDZpwbRtL85IKEfw4DxOkGXiwA3iY/UUhGofvYg1NI/M58e/mLTYzkadyoKT jwk0hB+62Dh3ZUEHc+71Q68VceOSPJBNVfPi6slmsU8Ffm/xF2Q= -----END CERTIFICATE-----Generated at Sun Dec 7 03:59:52 2025 by rpki-client