This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.mft File: 16889A9053AE7EB169CF822E9EE670A5C618F97E.mft (raw, json) Hash identifier: 0aURQtVGVTqMefbVtwg5te7HjZEgSxwl5W4AFRu3fDM= Subject key identifier: 43:82:EE:01:F7:F5:5C:83:4D:9E:F3:90:6A:0A:C1:4D:9C:87:56:FA Authority key identifier: 16:88:9A:90:53:AE:7E:B1:69:CF:82:2E:9E:E6:70:A5:C6:18:F9:7E Certificate issuer: /CN=16889A9053AE7EB169CF822E9EE670A5C618F97E Certificate serial: 5D2CB0CA174E625FDCA146E0973592CD94A6CA84 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/16889A9053AE7EB169CF822E9EE670A5C618F97E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.mft Manifest number: 0152 Signing time: Fri 05 Dec 2025 11:11:15 +0000 Manifest this update: Fri 05 Dec 2025 11:06:15 +0000 Manifest next update: Mon 08 Dec 2025 14:12:15 +0000 Files and hashes: 1: 3130332e36372e38302e302f32342d3234203d3e20313532303031.roa (hash: u3jgsDSo3O7gCdt5jEOR1X0Y8olBMi4/W5ZYcUsryek=) 2: 16889A9053AE7EB169CF822E9EE670A5C618F97E.crl (hash: WL71055R8R0UWps+v/kyNO3RAzSenMG9oEIxJEa1TjQ=) 3: 3130332e36372e38302e302f32332d3233203d3e20313532303031.roa (hash: hdkprfHwU4RXLgXXOBxZ9L/4dynqLbbepC7imEy91UI=) 4: 3130332e36372e38312e302f32342d3234203d3e20313532303031.roa (hash: q8j/X9Ua/0mbnku+j9y9HsFIzPIhDRyObBOKzKCiRT8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.crl rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/16889A9053AE7EB169CF822E9EE670A5C618F97E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 14:12:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:2c:b0:ca:17:4e:62:5f:dc:a1:46:e0:97:35:92:cd:94:a6:ca:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=16889A9053AE7EB169CF822E9EE670A5C618F97E Validity Not Before: Dec 5 11:06:15 2025 GMT Not After : Dec 8 14:12:15 2025 GMT Subject: CN=4382EE01F7F55C834D9EF3906A0AC14D9C8756FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:5f:40:2e:e9:8c:2b:98:55:f7:4b:50:df:f4: 5d:0a:78:0a:30:f4:86:c3:3c:ee:d4:06:d7:8f:a3: 34:bf:aa:48:d9:87:a2:18:97:13:be:d9:4a:da:47: 77:74:ab:1a:4d:a8:32:3d:98:63:7a:a8:66:2d:2e: de:41:40:10:a6:bd:24:d2:6b:f9:0b:24:08:9f:be: e3:07:87:84:6f:26:ae:75:ef:4f:12:73:e6:7a:b6: a6:eb:c9:ad:ba:61:66:c7:ec:c7:61:42:cb:2e:75: 09:70:98:68:a6:e0:b6:db:1d:f3:05:38:35:bb:76: ea:f6:c1:e0:e1:bd:4b:9e:62:5d:21:db:7c:a6:88: 95:b0:b6:a1:ff:4e:fd:61:f8:99:be:16:6f:e8:ea: 6b:0c:30:d3:8e:51:a0:74:0c:8a:e5:98:67:c9:30: 49:9e:25:fe:6a:28:c0:f5:2b:b4:19:13:26:07:e4: 14:f1:ae:28:98:5d:64:96:54:7a:a3:9d:f5:07:3b: 86:ce:81:59:91:7a:8a:a9:0a:c0:c6:df:60:27:37: f9:20:a0:1e:11:54:ca:e0:85:cc:12:46:06:bf:2f: 0f:81:24:68:71:f7:01:75:5c:ef:00:26:6b:ec:fb: fa:fd:e6:36:2d:54:17:df:f6:3e:a2:a2:98:c8:5c: 5d:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:82:EE:01:F7:F5:5C:83:4D:9E:F3:90:6A:0A:C1:4D:9C:87:56:FA X509v3 Authority Key Identifier: keyid:16:88:9A:90:53:AE:7E:B1:69:CF:82:2E:9E:E6:70:A5:C6:18:F9:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/16889A9053AE7EB169CF822E9EE670A5C618F97E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:94:a7:2d:1c:8d:2b:16:8b:a7:16:d3:b5:a2:56:3c:f3:b1: a0:bf:39:ea:49:f4:cf:0d:a7:06:1f:e5:bb:5d:e2:7a:ff:60: b5:d5:8d:b8:22:83:b4:77:f6:72:f6:7f:d7:41:45:da:a4:21: f1:81:d9:3e:98:42:7b:7c:c6:fa:f5:33:75:0b:2c:c1:03:03: a8:bb:df:92:60:42:83:ec:93:03:99:c2:5e:bb:8f:63:b1:42: dd:d0:71:21:5a:b7:17:bf:32:d3:d7:30:6f:4e:4b:52:90:5e: b6:8e:5a:b9:ff:dd:47:dd:10:da:11:2a:35:2c:ad:28:c5:39: c5:12:f8:d0:ef:da:b8:0e:cf:85:80:33:c1:3f:75:cc:f1:1f: 9f:0e:1c:49:65:51:a8:82:4b:12:b6:58:9c:a0:ce:e6:fa:73: 13:df:73:0f:76:01:7a:dd:4f:7b:a6:8e:12:5b:cf:e5:e3:92: aa:d9:87:68:54:1a:eb:c9:ef:d0:dc:f9:cf:39:30:25:67:1b: 77:5b:5d:10:7f:d2:be:2e:8e:14:b2:c5:6d:8e:0a:dd:e8:73: 74:ff:c5:e2:93:fb:d3:6a:d6:03:5b:3c:2d:85:c8:a3:7a:51: f7:87:3e:17:33:de:8a:36:3c:53:c8:12:f0:2f:3f:cc:8f:d8: 3a:80:96:34 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXSywyhdOYl/coUbglzWSzZSmyoQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTY4ODlBOTA1M0FFN0VCMTY5Q0Y4MjJFOUVFNjcwQTVD NjE4Rjk3RTAeFw0yNTEyMDUxMTA2MTVaFw0yNTEyMDgxNDEyMTVaMDMxMTAvBgNV BAMTKDQzODJFRTAxRjdGNTVDODM0RDlFRjM5MDZBMEFDMTREOUM4NzU2RkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcX0Au6YwrmFX3S1Df9F0KeAow 9IbDPO7UBtePozS/qkjZh6IYlxO+2UraR3d0qxpNqDI9mGN6qGYtLt5BQBCmvSTS a/kLJAifvuMHh4RvJq51708Sc+Z6tqbrya26YWbH7MdhQssudQlwmGim4LbbHfMF ODW7dur2weDhvUueYl0h23ymiJWwtqH/Tv1h+Jm+Fm/o6msMMNOOUaB0DIrlmGfJ MEmeJf5qKMD1K7QZEyYH5BTxriiYXWSWVHqjnfUHO4bOgVmReoqpCsDG32AnN/kg oB4RVMrghcwSRga/Lw+BJGhx9wF1XO8AJmvs+/r95jYtVBff9j6iopjIXF0XAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQ4LuAff1XINNnvOQagrBTZyHVvowHwYDVR0j BBgwFoAUFoiakFOufrFpz4IunuZwpcYY+X4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZTNmMmU5Yi0xMDY4LTRmYTktYmExZC01OWQwNzFhNDEyYTIvMC8xNjg4OUE5MDUz QUU3RUIxNjlDRjgyMkU5RUU2NzBBNUM2MThGOTdFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTY4ODlBOTA1M0FFN0VCMTY5Q0Y4MjJFOUVFNjcwQTVDNjE4 Rjk3RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGUzZjJlOWItMTA2OC00ZmE5LWJh MWQtNTlkMDcxYTQxMmEyLzAvMTY4ODlBOTA1M0FFN0VCMTY5Q0Y4MjJFOUVFNjcw QTVDNjE4Rjk3RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJaUpy0cjSsWi6cW07WiVjzzsaC/OepJ9M8N pwYf5btd4nr/YLXVjbgig7R39nL2f9dBRdqkIfGB2T6YQnt8xvr1M3ULLMEDA6i7 35JgQoPskwOZwl67j2OxQt3QcSFatxe/MtPXMG9OS1KQXraOWrn/3UfdENoRKjUs rSjFOcUS+NDv2rgOz4WAM8E/dczxH58OHEllUaiCSxK2WJygzub6cxPfcw92AXrd T3umjhJbz+XjkqrZh2hUGuvJ79Dc+c85MCVnG3dbXRB/0r4ujhSyxW2OCt3oc3T/ xeKT+9Nq1gNbPC2FyKN6UfeHPhcz3oo2PFPIEvAvP8yP2DqAljQ= -----END CERTIFICATE-----Generated at Sun Dec 7 02:04:06 2025 by rpki-client