This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.mft
File:                     821F16581F931A19A14B40DBF1E2B053A9C0B6A0.mft (raw, json)
Hash identifier:          OFpPQHxc/r/B1Ve4GFeL8aAPq5ecs4qwmmdLrEfTJ8E=
Subject key identifier:   81:89:C3:53:4C:1F:7E:31:1F:99:AA:3E:0A:39:E0:E5:51:6F:97:7D
Authority key identifier: 82:1F:16:58:1F:93:1A:19:A1:4B:40:DB:F1:E2:B0:53:A9:C0:B6:A0
Certificate issuer:       /CN=821F16581F931A19A14B40DBF1E2B053A9C0B6A0
Certificate serial:       7F3DEAAE8381FAB54EB051C7DC10E0E926C0334D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.mft
Manifest number:          0533
Signing time:             Mon 15 Dec 2025 10:41:21 +0000
Manifest this update:     Mon 15 Dec 2025 10:36:21 +0000
Manifest next update:     Thu 18 Dec 2025 22:29:21 +0000
Files and hashes:         1: 3130332e35322e31362e302f32342d3234203d3e20313333383131.roa (hash: KMXBXh+Hz9t8Vs+CANui3lrLwoDdVGoivVhKoGTM+n0=)
                          2: 3130332e35322e31362e302f32322d3234203d3e20313333383131.roa (hash: E70nlSvwN/YRzt3ipt5eUpiof5ZiDppc9oAiJGHFIb4=)
                          3: 3130332e35322e31392e302f32342d3234203d3e20313333383131.roa (hash: frS3InbJAyXvfYFJ9oqdkhlt6S7xP80lfV9ZpnmpcMc=)
                          4: 3130332e35322e31372e302f32342d3234203d3e20313333383131.roa (hash: hHPw+Xqwsov7fA4EH++xE5Fe/5zBy6SOylLmX+aVZlE=)
                          5: 3130332e35322e31382e302f32342d3234203d3e20313333383131.roa (hash: MpDUQT8A3dZvwWRQtlzD2B+hHv7+ces35KG+DCb4lSw=)
                          6: 821F16581F931A19A14B40DBF1E2B053A9C0B6A0.crl (hash: eeUQcKQ9cFvrU6OqJdQYGyGdO9sPX2dM9gR8xJ78yU0=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.crl
                          rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 18 Dec 2025 22:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:3d:ea:ae:83:81:fa:b5:4e:b0:51:c7:dc:10:e0:e9:26:c0:33:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821F16581F931A19A14B40DBF1E2B053A9C0B6A0
        Validity
            Not Before: Dec 15 10:36:21 2025 GMT
            Not After : Dec 18 22:29:21 2025 GMT
        Subject: CN=8189C3534C1F7E311F99AA3E0A39E0E5516F977D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a1:71:47:28:57:8c:d4:1d:dd:b0:51:5f:1b:
                    13:5c:f0:35:f3:1e:1a:73:fd:b9:fb:85:73:6c:42:
                    2f:06:88:58:0e:33:16:d1:fc:51:eb:dc:ec:80:ea:
                    5c:0c:c5:0c:d7:52:b4:de:c9:72:8f:16:70:f1:73:
                    b3:9f:fd:32:d3:ba:40:c0:3f:3b:3e:6f:cd:d8:37:
                    5f:4c:a7:b8:f9:48:4b:9f:60:d0:95:f8:fd:e4:22:
                    e2:50:3b:25:cf:b6:51:f8:e0:df:d3:c9:d5:7a:21:
                    db:19:a7:ca:d9:e0:19:46:63:12:03:fb:90:db:60:
                    75:28:4b:d6:c6:15:5b:fe:42:dc:7f:a8:e1:ff:66:
                    9a:f3:0c:05:de:d1:0a:f1:7a:3c:69:49:04:c6:7f:
                    23:62:bf:5c:48:01:ab:e8:bf:39:f0:03:fe:ce:6a:
                    3a:a3:7b:8c:ff:a4:c9:b8:4b:b5:b9:6f:e1:67:48:
                    9f:52:cd:aa:3e:d3:2d:5a:57:7a:38:77:68:00:ec:
                    90:69:a5:30:fc:4b:54:47:ee:8f:64:d8:ad:8a:83:
                    d2:ed:52:2c:a8:87:4f:d4:3f:22:eb:10:12:91:9d:
                    07:e0:c0:60:bb:35:ec:78:a1:13:97:b6:02:ee:2a:
                    fd:bc:30:89:b9:05:8f:cf:88:99:37:c7:d7:3f:f8:
                    20:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:89:C3:53:4C:1F:7E:31:1F:99:AA:3E:0A:39:E0:E5:51:6F:97:7D
            X509v3 Authority Key Identifier:
                keyid:82:1F:16:58:1F:93:1A:19:A1:4B:40:DB:F1:E2:B0:53:A9:C0:B6:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:ee:17:89:55:7e:69:53:73:01:59:5e:92:e0:45:81:fc:a1:
         dc:2f:3d:0f:6e:ab:c5:ac:51:72:24:94:37:08:76:d2:60:e8:
         c7:5a:52:5f:b4:09:5c:d6:1e:57:0e:36:5a:d6:01:56:69:cd:
         92:27:b9:4d:61:0a:c5:1b:8e:dc:68:6c:70:1e:7b:64:bc:4d:
         4b:e9:12:a0:50:62:f4:45:05:97:21:96:f2:70:ed:34:fe:1d:
         d8:06:b8:1f:61:a7:ea:c4:9c:67:81:6a:61:6d:d5:f2:7a:08:
         ec:34:70:2b:ae:47:94:07:d6:54:f2:bd:de:8d:32:4e:10:9b:
         c7:1d:1a:55:80:9c:a3:96:9c:90:aa:d9:47:2e:d4:ee:26:8f:
         99:e1:06:3b:4d:74:27:1b:72:e2:ad:d6:77:2d:b7:85:db:e8:
         50:fe:a0:6f:74:97:be:16:13:77:f4:b8:21:2e:c2:7c:6f:7c:
         64:31:55:31:94:5b:e7:31:56:fb:79:30:50:eb:ac:34:05:00:
         bd:60:36:aa:34:4e:73:c2:39:49:14:14:2d:27:7d:dd:b8:29:
         40:ec:e8:9e:55:b7:c2:57:45:e0:a7:b9:c5:8e:e9:2e:28:23:
         87:6a:17:28:eb:b8:67:20:2a:3f:fc:5e:1f:c5:38:2b:f0:32:
         1c:95:eb:5e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUfz3qroOB+rVOsFHH3BDg6SbAM00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODIxRjE2NTgxRjkzMUExOUExNEI0MERCRjFFMkIwNTNB
OUMwQjZBMDAeFw0yNTEyMTUxMDM2MjFaFw0yNTEyMTgyMjI5MjFaMDMxMTAvBgNV
BAMTKDgxODlDMzUzNEMxRjdFMzExRjk5QUEzRTBBMzlFMEU1NTE2Rjk3N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/oXFHKFeM1B3dsFFfGxNc8DXz
Hhpz/bn7hXNsQi8GiFgOMxbR/FHr3OyA6lwMxQzXUrTeyXKPFnDxc7Of/TLTukDA
Pzs+b83YN19Mp7j5SEufYNCV+P3kIuJQOyXPtlH44N/TydV6IdsZp8rZ4BlGYxID
+5DbYHUoS9bGFVv+Qtx/qOH/ZprzDAXe0QrxejxpSQTGfyNiv1xIAavovznwA/7O
ajqje4z/pMm4S7W5b+FnSJ9Szao+0y1aV3o4d2gA7JBppTD8S1RH7o9k2K2Kg9Lt
Uiyoh0/UPyLrEBKRnQfgwGC7Nex4oROXtgLuKv28MIm5BY/PiJk3x9c/+CDXAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUgYnDU0wffjEfmao+Cjng5VFvl30wHwYDVR0j
BBgwFoAUgh8WWB+TGhmhS0Db8eKwU6nAtqAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
YWRkN2MwZi0wMmQzLTQyMTctOWZjMy0wMDQ3YWUxODM2ZGMvMC84MjFGMTY1ODFG
OTMxQTE5QTE0QjQwREJGMUUyQjA1M0E5QzBCNkEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODIxRjE2NTgxRjkzMUExOUExNEI0MERCRjFFMkIwNTNBOUMw
QjZBMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZmFkZDdjMGYtMDJkMy00MjE3LTlm
YzMtMDA0N2FlMTgzNmRjLzAvODIxRjE2NTgxRjkzMUExOUExNEI0MERCRjFFMkIw
NTNBOUMwQjZBMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAAPuF4lVfmlTcwFZXpLgRYH8odwvPQ9uq8Ws
UXIklDcIdtJg6MdaUl+0CVzWHlcONlrWAVZpzZInuU1hCsUbjtxobHAee2S8TUvp
EqBQYvRFBZchlvJw7TT+HdgGuB9hp+rEnGeBamFt1fJ6COw0cCuuR5QH1lTyvd6N
Mk4Qm8cdGlWAnKOWnJCq2Ucu1O4mj5nhBjtNdCcbcuKt1nctt4Xb6FD+oG90l74W
E3f0uCEuwnxvfGQxVTGUW+cxVvt5MFDrrDQFAL1gNqo0TnPCOUkUFC0nfd24KUDs
6J5Vt8JXReCnucWO6S4oI4dqFyjruGcgKj/8Xh/FOCvwMhyV614=
-----END CERTIFICATE-----