This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft File: B891A45840F824B9F116CBEAA3574A68343F5538.mft (raw, json) Hash identifier: JTXSQdUxUKai99lxl8aYIDJR7aCwdYnlj7qiMVm222A= Subject key identifier: DA:79:E3:B7:47:1A:D8:46:03:2A:59:2F:28:4A:59:82:78:DC:C4:3E Authority key identifier: B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38 Certificate issuer: /CN=B891A45840F824B9F116CBEAA3574A68343F5538 Certificate serial: 74FE20FA3E49BCF402B615E87286A62AFAE6D1E6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft Manifest number: A2 Signing time: Sat 06 Dec 2025 00:32:18 +0000 Manifest this update: Sat 06 Dec 2025 00:27:18 +0000 Manifest next update: Tue 09 Dec 2025 10:27:18 +0000 Files and hashes: 1: B891A45840F824B9F116CBEAA3574A68343F5538.crl (hash: nozs0X303RZeU6/8mkTFZLd4BXcsti7bhlsOFTTa090=) 2: 3130332e32382e3231382e302f32342d3234203d3e203538333835.roa (hash: LRVa/+g9Phm4DS1KM+ftjtti7KXy6ccI0ROhTKpj7KU=) 3: 3130332e32332e3131362e302f32332d3234203d3e203538333835.roa (hash: GOKg9RSCe07Sx9GP7mLWYk+y2Rm870vCrIk4OhiKGTc=) 4: 3131302e39322e37342e302f32332d3234203d3e203538333835.roa (hash: XhWdokRSZKsmkPslfMXYqoYsZmB36DXqHyY6n5ueEW4=) 5: 3130332e3234362e3136392e302f32342d3234203d3e203538333835.roa (hash: M7vZQHPEWxI5UNs6yi6gKlm3olQkDzTXBE8xEqwNtQY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 10:27:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:fe:20:fa:3e:49:bc:f4:02:b6:15:e8:72:86:a6:2a:fa:e6:d1:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B891A45840F824B9F116CBEAA3574A68343F5538 Validity Not Before: Dec 6 00:27:18 2025 GMT Not After : Dec 9 10:27:18 2025 GMT Subject: CN=DA79E3B7471AD846032A592F284A598278DCC43E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:16:df:a4:60:19:87:8b:d2:81:2b:e0:61:23: ed:04:35:4a:56:66:72:21:96:e6:64:d6:09:fc:4e: fe:eb:d5:cb:9d:ad:46:96:9d:47:06:5d:87:8c:15: 97:37:cd:0b:c7:e8:6e:cf:44:b4:bf:b1:91:3c:83: e9:2a:72:2c:60:02:b6:69:dc:8d:51:ab:48:12:90: fe:e8:26:9d:a3:dd:ad:32:72:e9:6a:af:6a:fd:27: cd:4b:ee:f7:b2:b4:de:9f:6a:e0:98:a2:d4:13:69: ff:98:5f:2b:f6:46:28:3a:84:a4:03:1f:1d:c1:63: c8:e9:12:a1:96:0d:27:83:b5:22:27:78:a1:22:f7: 1f:42:a4:e2:90:f8:0b:0c:55:78:dd:45:c3:1e:6a: 0c:20:41:40:1a:a0:ca:d2:9f:61:15:ce:e5:03:64: e4:be:ca:5d:b7:3a:b4:d8:be:e8:56:be:03:93:d1: 7e:72:43:81:de:e5:0d:3b:a0:a6:42:54:01:fb:37: cc:f1:7d:77:42:e2:b1:ec:6e:39:e8:49:2b:e9:e2: 10:5a:22:72:77:cf:2c:9e:28:40:8a:c3:1b:3a:75: d9:da:33:47:27:71:16:10:39:f7:c9:86:7b:aa:3f: 06:9a:63:66:b1:05:ef:1d:4a:ec:06:a0:a2:34:6f: b5:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:79:E3:B7:47:1A:D8:46:03:2A:59:2F:28:4A:59:82:78:DC:C4:3E X509v3 Authority Key Identifier: keyid:B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:35:f1:25:22:20:28:b9:18:a1:68:b7:64:75:2b:db:6f:2f: 2a:5a:11:96:9d:2b:7a:be:d0:ee:b2:ea:f6:4a:ae:a9:47:3d: 61:5e:db:dc:38:74:59:72:2a:94:29:ea:3d:d3:01:81:96:68: f3:6a:97:b8:25:1c:17:4f:8c:30:34:3f:6a:35:d3:57:9e:19: 6f:de:b5:98:97:a2:fd:04:bf:37:4a:06:2d:db:f7:93:41:75: 7e:c4:19:33:37:a5:9e:75:8e:69:7b:60:03:b7:1b:ce:37:5e: 58:36:b1:ea:bc:ef:fa:14:a2:13:52:ce:ff:31:64:c7:a7:9b: 97:f0:11:03:22:ee:12:d1:5a:86:d5:de:10:7a:bf:58:76:03: 7d:8b:66:31:ca:c2:e2:a3:fa:8b:39:be:b7:5f:91:5c:4b:dd: 26:32:5d:92:71:67:39:d2:04:84:af:e8:70:3f:be:6c:63:79: db:e7:3c:06:07:43:33:a8:69:ba:dc:b7:95:14:92:f5:51:0a: 51:7f:6f:ea:c2:ee:64:e6:fa:ac:80:31:f8:f4:54:b8:5b:98: c5:a2:94:b6:52:e9:d6:1d:44:ad:91:1e:25:60:86:87:c8:0d: 98:2e:28:f8:4b:46:70:08:81:68:0e:28:d7:d5:85:db:6b:3e: 7b:ef:76:ea -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdP4g+j5JvPQCthXocoamKvrm0eYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgz NDNGNTUzODAeFw0yNTEyMDYwMDI3MThaFw0yNTEyMDkxMDI3MThaMDMxMTAvBgNV BAMTKERBNzlFM0I3NDcxQUQ4NDYwMzJBNTkyRjI4NEE1OTgyNzhEQ0M0M0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Ft+kYBmHi9KBK+BhI+0ENUpW ZnIhluZk1gn8Tv7r1cudrUaWnUcGXYeMFZc3zQvH6G7PRLS/sZE8g+kqcixgArZp 3I1Rq0gSkP7oJp2j3a0yculqr2r9J81L7veytN6fauCYotQTaf+YXyv2Rig6hKQD Hx3BY8jpEqGWDSeDtSIneKEi9x9CpOKQ+AsMVXjdRcMeagwgQUAaoMrSn2EVzuUD ZOS+yl23OrTYvuhWvgOT0X5yQ4He5Q07oKZCVAH7N8zxfXdC4rHsbjnoSSvp4hBa InJ3zyyeKECKwxs6ddnaM0cncRYQOffJhnuqPwaaY2axBe8dSuwGoKI0b7WRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2nnjt0ca2EYDKlkvKEpZgnjcxD4wHwYDVR0j BBgwFoAUuJGkWED4JLnxFsvqo1dKaDQ/VTgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MzkyNTM4OC0zNWM2LTQxZDctOWRjNC1kYjRkMTE4ZDEzNWEvMC9CODkxQTQ1ODQw RjgyNEI5RjExNkNCRUFBMzU3NEE2ODM0M0Y1NTM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgzNDNG NTUzOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDM5MjUzODgtMzVjNi00MWQ3LTlk YzQtZGI0ZDExOGQxMzVhLzAvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRB NjgzNDNGNTUzOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHk18SUiICi5GKFot2R1K9tvLypaEZadK3q+ 0O6y6vZKrqlHPWFe29w4dFlyKpQp6j3TAYGWaPNql7glHBdPjDA0P2o101eeGW/e tZiXov0EvzdKBi3b95NBdX7EGTM3pZ51jml7YAO3G843Xlg2seq87/oUohNSzv8x ZMenm5fwEQMi7hLRWobV3hB6v1h2A32LZjHKwuKj+os5vrdfkVxL3SYyXZJxZznS BISv6HA/vmxjedvnPAYHQzOoabrct5UUkvVRClF/b+rC7mTm+qyAMfj0VLhbmMWi lLZS6dYdRK2RHiVghofIDZguKPhLRnAIgWgOKNfVhdtrPnvvduo= -----END CERTIFICATE-----Generated at Sun Dec 7 01:39:36 2025 by rpki-client