This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft File: 21F5E152BA3E25561EA4D2E2986546412F44F15B.mft (raw, json) Hash identifier: UISvC7CAN2B3hSLpJ2+Twah4D97LLJBand7u4/DL5aM= Subject key identifier: 8E:F7:CA:37:73:57:C5:A5:9C:43:A2:06:B6:29:D7:C7:2B:64:92:1D Authority key identifier: 21:F5:E1:52:BA:3E:25:56:1E:A4:D2:E2:98:65:46:41:2F:44:F1:5B Certificate issuer: /CN=21F5E152BA3E25561EA4D2E2986546412F44F15B Certificate serial: 68591A15C5A2A0A9625D5CF6321F066D645D5D3D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft Manifest number: BB Signing time: Fri 05 Dec 2025 11:11:59 +0000 Manifest this update: Fri 05 Dec 2025 11:06:59 +0000 Manifest next update: Mon 08 Dec 2025 17:04:59 +0000 Files and hashes: 1: 3130332e3130362e37372e302f32342d3234203d3e203436303233.roa (hash: CbiBxaX9ddBH1o7nomW/iHw3KqeexSYJrX7KRnYKypE=) 2: 3130332e3130362e37382e302f32342d3234203d3e203436303233.roa (hash: iSq6NwogxUEJNuToH4CRAdLPA94Ifhymd/i0qK2RpFY=) 3: 3130332e3130362e37362e302f32332d3233203d3e203436303233.roa (hash: NaHe5YrxTvb1T+B86yAscpluwifFSNcBhISUAGBKlIw=) 4: 3130332e3130362e37362e302f32322d3232203d3e203436303233.roa (hash: juQ/cwjH1toIUGh+4Z6y41hGaf2rFqJaltHbfzkfdBc=) 5: 21F5E152BA3E25561EA4D2E2986546412F44F15B.crl (hash: oB/NHVqVX6wi2Ryjwy8vaQKFDdRybovPYO0hOX7ka/c=) 6: 3130332e3130362e37392e302f32342d3234203d3e203436303233.roa (hash: aO0x+zXgbPOIjgzHxX0fAcf+6eJJ6z747uBT9dWocuM=) 7: 3130332e3130362e37382e302f32332d3233203d3e203436303233.roa (hash: WYN4mrwjKunsGp4uZVpUx9nBxwBDSeavyWVXTw8bEXE=) 8: 3130332e3130362e37362e302f32342d3234203d3e203436303233.roa (hash: +PmFbdoieOm1HYaiDNoJSgRpm6MfVAVtuXNpglouU7g=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.crl rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 17:04:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:59:1a:15:c5:a2:a0:a9:62:5d:5c:f6:32:1f:06:6d:64:5d:5d:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21F5E152BA3E25561EA4D2E2986546412F44F15B Validity Not Before: Dec 5 11:06:59 2025 GMT Not After : Dec 8 17:04:59 2025 GMT Subject: CN=8EF7CA377357C5A59C43A206B629D7C72B64921D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:63:56:3c:7b:60:e6:9b:3d:6c:82:b7:9b:34: da:79:94:95:3f:22:3e:90:fe:da:ea:39:99:09:af: a7:3c:5a:ac:1f:7e:e1:eb:9a:fb:61:f7:5f:d8:ad: af:1c:30:cd:d6:cd:47:95:64:aa:b0:74:34:ae:84: 77:7b:70:e0:40:00:68:c2:02:e5:2e:01:38:a4:5f: df:6d:eb:e4:81:8c:55:c6:14:90:1c:e5:27:fb:ed: 01:58:53:4a:6c:76:92:29:2e:a0:66:0a:10:20:2e: ba:32:70:c5:bb:45:5e:88:d9:bc:99:08:88:b3:93: 5e:8e:af:fa:c4:13:20:d5:a7:ca:66:31:e4:14:d5: a6:57:46:38:6d:5c:75:87:41:a0:c1:d7:f8:3c:a8: cd:b0:45:b0:98:21:5b:12:ad:26:20:44:51:16:b3: b5:cd:00:7a:b5:d1:85:93:f1:0b:59:60:07:d0:7c: 84:99:d1:d0:ce:0c:20:82:2c:bd:38:ef:53:8c:3a: 95:50:4a:aa:b5:2b:23:8e:df:3e:3d:b2:7b:c0:70: 15:24:1d:a1:77:33:57:7c:ac:42:70:87:09:9e:90: bb:3d:45:74:8b:8b:e2:14:07:f6:20:7f:0c:6a:80: ed:18:8e:da:94:38:0c:81:51:35:b9:c5:84:eb:ba: d3:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:F7:CA:37:73:57:C5:A5:9C:43:A2:06:B6:29:D7:C7:2B:64:92:1D X509v3 Authority Key Identifier: keyid:21:F5:E1:52:BA:3E:25:56:1E:A4:D2:E2:98:65:46:41:2F:44:F1:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:90:a7:0e:8e:ce:95:31:6c:58:b7:58:e1:29:05:00:32:7e: 04:54:71:de:ce:16:ec:5c:4d:db:74:b7:a3:ea:f4:b0:ff:2f: 7b:7f:6f:b5:02:b2:f9:cb:64:6d:3c:82:60:ce:0b:98:ad:d5: ff:59:6d:3f:7b:37:74:8e:c5:7d:23:d5:b3:90:2a:1d:36:7d: df:82:a0:20:cc:e0:70:21:12:54:86:bd:06:bf:c6:93:81:97: 36:1d:8a:94:eb:b9:b2:29:c5:e2:99:27:13:0b:e1:15:7f:de: 3d:dc:89:4d:a7:fc:19:cb:25:15:1d:7f:b5:66:9d:71:93:82: 01:7a:49:2d:2e:f6:6d:ed:12:f9:4b:dc:a9:b5:3b:a5:14:dd: d8:4b:9b:4d:f9:f0:bc:71:14:42:dc:75:76:d2:b1:90:a2:c8: 7c:bc:7b:3b:3d:f3:2a:96:17:95:c0:59:df:fe:25:8d:58:43: 74:28:4c:20:4b:72:0d:2f:af:27:ff:80:a0:6d:6b:0a:2d:45: 54:13:01:08:34:56:27:0f:bc:4b:f0:a2:c4:79:5a:ab:49:2f: f6:dc:cc:31:ca:91:30:25:96:14:d4:43:c5:35:49:54:57:33: d6:2c:94:69:6b:ca:98:12:01:a5:c4:34:e6:51:26:4f:5f:e7: ff:64:51:bc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaFkaFcWioKliXVz2Mh8GbWRdXT0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2NDEy RjQ0RjE1QjAeFw0yNTEyMDUxMTA2NTlaFw0yNTEyMDgxNzA0NTlaMDMxMTAvBgNV BAMTKDhFRjdDQTM3NzM1N0M1QTU5QzQzQTIwNkI2MjlEN0M3MkI2NDkyMUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsY1Y8e2Dmmz1sgrebNNp5lJU/ Ij6Q/trqOZkJr6c8WqwffuHrmvth91/Yra8cMM3WzUeVZKqwdDSuhHd7cOBAAGjC AuUuATikX99t6+SBjFXGFJAc5Sf77QFYU0psdpIpLqBmChAgLroycMW7RV6I2byZ CIizk16Or/rEEyDVp8pmMeQU1aZXRjhtXHWHQaDB1/g8qM2wRbCYIVsSrSYgRFEW s7XNAHq10YWT8QtZYAfQfISZ0dDODCCCLL0471OMOpVQSqq1KyOO3z49snvAcBUk HaF3M1d8rEJwhwmekLs9RXSLi+IUB/YgfwxqgO0YjtqUOAyBUTW5xYTrutN/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUjvfKN3NXxaWcQ6IGtinXxytkkh0wHwYDVR0j BBgwFoAUIfXhUro+JVYepNLimGVGQS9E8VswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j M2RkNjEzNS01NDhjLTQ4ODEtYWY3OC05M2FmOWYyYTI1MTYvMC8yMUY1RTE1MkJB M0UyNTU2MUVBNEQyRTI5ODY1NDY0MTJGNDRGMTVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2NDEyRjQ0 RjE1Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYzNkZDYxMzUtNTQ4Yy00ODgxLWFm NzgtOTNhZjlmMmEyNTE2LzAvMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2 NDEyRjQ0RjE1Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIqQpw6OzpUxbFi3WOEpBQAyfgRUcd7OFuxc Tdt0t6Pq9LD/L3t/b7UCsvnLZG08gmDOC5it1f9ZbT97N3SOxX0j1bOQKh02fd+C oCDM4HAhElSGvQa/xpOBlzYdipTrubIpxeKZJxML4RV/3j3ciU2n/BnLJRUdf7Vm nXGTggF6SS0u9m3tEvlL3Km1O6UU3dhLm0358LxxFELcdXbSsZCiyHy8ezs98yqW F5XAWd/+JY1YQ3QoTCBLcg0vryf/gKBtawotRVQTAQg0VicPvEvwosR5WqtJL/bc zDHKkTAllhTUQ8U1SVRXM9YslGlrypgSAaXENOZRJk9f5/9kUbw= -----END CERTIFICATE-----Generated at Sat Dec 6 23:50:53 2025 by rpki-client