This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft File: B891A45840F824B9F116CBEAA3574A68343F5538.mft (raw, json) Hash identifier: XGVfHKb19SKHFMS4gTRKCGEsk2sZSpCUr6FfQQmWOPI= Subject key identifier: E8:87:54:E1:1A:B3:CC:70:76:9E:F4:AB:D0:D0:3B:18:72:B5:C4:11 Authority key identifier: B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38 Certificate issuer: /CN=B891A45840F824B9F116CBEAA3574A68343F5538 Certificate serial: 3609CFE9F299478BD0C77C173F007BB81C08F195 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft Manifest number: A6 Signing time: Mon 15 Dec 2025 13:42:21 +0000 Manifest this update: Mon 15 Dec 2025 13:37:21 +0000 Manifest next update: Thu 18 Dec 2025 22:14:21 +0000 Files and hashes: 1: 3131302e39322e37342e302f32332d3234203d3e203538333835.roa (hash: XhWdokRSZKsmkPslfMXYqoYsZmB36DXqHyY6n5ueEW4=) 2: 3130332e32382e3231382e302f32342d3234203d3e203538333835.roa (hash: LRVa/+g9Phm4DS1KM+ftjtti7KXy6ccI0ROhTKpj7KU=) 3: 3130332e3234362e3136392e302f32342d3234203d3e203538333835.roa (hash: M7vZQHPEWxI5UNs6yi6gKlm3olQkDzTXBE8xEqwNtQY=) 4: B891A45840F824B9F116CBEAA3574A68343F5538.crl (hash: 4BySAyKE8wtWQPsuRrrQUg4KBPssQUQH9gOrIbsiTpY=) 5: 3130332e32332e3131362e302f32332d3234203d3e203538333835.roa (hash: GOKg9RSCe07Sx9GP7mLWYk+y2Rm870vCrIk4OhiKGTc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Dec 2025 22:14:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:09:cf:e9:f2:99:47:8b:d0:c7:7c:17:3f:00:7b:b8:1c:08:f1:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B891A45840F824B9F116CBEAA3574A68343F5538 Validity Not Before: Dec 15 13:37:21 2025 GMT Not After : Dec 18 22:14:21 2025 GMT Subject: CN=E88754E11AB3CC70769EF4ABD0D03B1872B5C411 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:6b:1b:d1:94:51:b8:a5:87:a8:a9:36:29:58: ea:59:8b:91:51:52:4f:e1:78:d7:0a:b2:a2:59:08: 4c:57:aa:7f:bc:c3:71:08:99:37:26:d8:4c:49:74: 88:b4:4f:6d:f7:2b:9f:96:ea:88:36:2a:f8:6e:e1: af:0e:7b:e9:85:5b:2b:e2:b4:b6:e7:c2:9b:56:9f: 6b:b9:16:a0:5b:9a:d5:aa:87:72:01:a0:4d:3f:b1: c4:e1:3b:a9:07:aa:83:dc:13:67:9b:e5:4b:4a:11: 3a:b7:de:ae:51:cd:2d:76:05:eb:18:37:a1:86:c8: f7:4c:4c:30:6b:28:b4:13:87:27:d7:44:81:ef:6a: ad:e1:5c:5c:0a:7e:e3:6b:32:be:d5:65:10:67:df: dd:53:43:cf:95:2d:ad:9e:59:5b:7c:fb:9b:23:ab: c8:42:13:7c:7f:f2:83:df:f2:4b:5c:e2:10:3c:7f: fc:6f:89:af:cc:ae:12:2d:1e:91:65:f4:b5:fe:74: 7d:1e:1d:d5:38:20:b0:41:ca:75:18:0a:00:46:7d: 7d:a5:33:29:c0:0d:d5:70:08:49:87:8d:55:45:23: e7:b9:0a:33:f6:60:5b:a9:83:20:35:a1:c8:fe:2a: cb:95:17:82:11:04:f9:d8:65:ad:b8:c0:4c:dd:f1: a8:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:87:54:E1:1A:B3:CC:70:76:9E:F4:AB:D0:D0:3B:18:72:B5:C4:11 X509v3 Authority Key Identifier: keyid:B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:f1:62:b7:74:dc:c1:23:c8:b9:4a:0a:ff:c4:70:ca:b1:24: d2:3e:e0:de:7c:1e:b0:2b:8d:68:ac:16:38:1c:9d:58:c9:2d: 5a:42:92:de:ed:8f:8a:b5:b4:7e:fa:c2:f7:fc:fc:1f:66:ef: 75:f2:4f:d7:e0:c2:7e:35:72:73:94:5c:64:16:53:d2:f3:a1: 44:75:9a:07:e4:d0:eb:0d:22:3d:89:fc:87:f5:30:9f:42:6c: 0e:fc:bd:99:e2:18:f0:9f:e8:6e:95:42:cd:28:fb:fa:84:03: bc:30:8c:cd:c3:47:5c:d6:c3:35:13:38:c2:d9:09:c6:b2:8a: 70:2e:a7:77:b9:be:80:9c:33:0a:3a:a5:11:85:69:44:5e:d2: cc:e1:cd:22:3a:bc:e7:4b:0e:d3:1e:02:ea:29:74:40:c5:26: 31:c9:74:2c:2e:a1:2f:ea:db:2a:ea:ad:02:1c:05:f0:99:f8: d5:c4:2b:b4:71:71:f3:62:41:95:14:79:d0:a8:21:4f:00:87: 1b:9c:c2:1f:97:3d:98:f1:45:d6:89:71:2b:ac:66:9c:da:62: de:42:6f:fb:56:49:16:83:96:23:e8:94:88:0e:f3:11:dc:4d: 84:31:14:e5:7d:04:c8:5f:f1:5c:c9:09:b9:00:6f:f2:de:ac: a1:ff:f3:b0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNgnP6fKZR4vQx3wXPwB7uBwI8ZUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgz NDNGNTUzODAeFw0yNTEyMTUxMzM3MjFaFw0yNTEyMTgyMjE0MjFaMDMxMTAvBgNV BAMTKEU4ODc1NEUxMUFCM0NDNzA3NjlFRjRBQkQwRDAzQjE4NzJCNUM0MTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXaxvRlFG4pYeoqTYpWOpZi5FR Uk/heNcKsqJZCExXqn+8w3EImTcm2ExJdIi0T233K5+W6og2Kvhu4a8Oe+mFWyvi tLbnwptWn2u5FqBbmtWqh3IBoE0/scThO6kHqoPcE2eb5UtKETq33q5RzS12BesY N6GGyPdMTDBrKLQThyfXRIHvaq3hXFwKfuNrMr7VZRBn391TQ8+VLa2eWVt8+5sj q8hCE3x/8oPf8ktc4hA8f/xvia/MrhItHpFl9LX+dH0eHdU4ILBBynUYCgBGfX2l MynADdVwCEmHjVVFI+e5CjP2YFupgyA1ocj+KsuVF4IRBPnYZa24wEzd8aiXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6IdU4RqzzHB2nvSr0NA7GHK1xBEwHwYDVR0j BBgwFoAUuJGkWED4JLnxFsvqo1dKaDQ/VTgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MzkyNTM4OC0zNWM2LTQxZDctOWRjNC1kYjRkMTE4ZDEzNWEvMC9CODkxQTQ1ODQw RjgyNEI5RjExNkNCRUFBMzU3NEE2ODM0M0Y1NTM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgzNDNG NTUzOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDM5MjUzODgtMzVjNi00MWQ3LTlk YzQtZGI0ZDExOGQxMzVhLzAvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRB NjgzNDNGNTUzOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACHxYrd03MEjyLlKCv/EcMqxJNI+4N58HrAr jWisFjgcnVjJLVpCkt7tj4q1tH76wvf8/B9m73XyT9fgwn41cnOUXGQWU9LzoUR1 mgfk0OsNIj2J/If1MJ9CbA78vZniGPCf6G6VQs0o+/qEA7wwjM3DR1zWwzUTOMLZ CcayinAup3e5voCcMwo6pRGFaURe0szhzSI6vOdLDtMeAuopdEDFJjHJdCwuoS/q 2yrqrQIcBfCZ+NXEK7RxcfNiQZUUedCoIU8Ahxucwh+XPZjxRdaJcSusZpzaYt5C b/tWSRaDliPolIgO8xHcTYQxFOV9BMhf8VzJCbkAb/LerKH/87A= -----END CERTIFICATE-----Generated at Wed Dec 17 19:19:43 2025 by rpki-client