This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft File: A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft (raw, json) Hash identifier: AaYTT0rhpKf/eurO+9A5+qqAA4WxAoPEvaqf1VLlE9Y= Subject key identifier: 9A:76:CD:26:3E:BF:88:62:7D:5E:CE:5E:21:2E:B2:6B:92:2A:B8:B0 Authority key identifier: A3:CE:6E:B5:31:A8:95:1D:24:A3:7D:F2:7A:01:EB:39:65:1D:7E:CA Certificate issuer: /CN=A91FD4CC0000/serialNumber=A3CE6EB531A8951D24A37DF27A01EB39651D7ECA Certificate serial: 52138E376A2473E4CB43254D61F505DA5D8EF4F3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft Manifest number: 0B Signing time: Sat 06 Dec 2025 15:44:37 +0000 Manifest this update: Sat 06 Dec 2025 15:39:37 +0000 Manifest next update: Sun 07 Dec 2025 18:33:37 +0000 Files and hashes: 1: 323430333a373163303a3a2f33322d3438203d3e2033323538.roa (hash: A+n33m7aMq8dWmlNODuImDbmHluR0nRCgY8pOPk9SGU=) 2: 3130332e3132312e3230382e302f32322d3234203d3e2033323538.roa (hash: m8YqiID+Q725PKBIKrUauO2lTKAbZU016aARa/XfmOg=) 3: A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl (hash: qxW13f1UKglKmRXeQ0rXjy6ODAIvn4IMCDb3P9gXVtw=) Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 18:33:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:13:8e:37:6a:24:73:e4:cb:43:25:4d:61:f5:05:da:5d:8e:f4:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD4CC0000, serialNumber=A3CE6EB531A8951D24A37DF27A01EB39651D7ECA Validity Not Before: Dec 6 15:39:37 2025 GMT Not After : Dec 7 18:33:37 2025 GMT Subject: CN=9A76CD263EBF88627D5ECE5E212EB26B922AB8B0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:bc:e7:4a:9f:ff:7c:cf:4d:d1:88:f5:9f:83: 61:2d:8a:88:18:9a:46:0c:de:ef:cc:cb:63:11:3b: 76:c0:7c:e7:6b:62:15:e6:ed:c9:f0:b7:73:da:c1: f4:6f:31:20:d4:31:4b:cc:1b:7f:0f:0f:cc:ae:9a: b4:8e:f0:04:95:cc:52:5b:39:2f:ba:97:55:1e:ad: d5:7b:84:cf:bf:19:b0:1a:f2:d9:a2:d0:43:6b:5c: 0b:42:93:c5:8a:cc:a4:fc:14:dd:cb:71:75:03:81: 21:00:0d:cb:d6:f4:86:a7:e4:a2:f7:f5:80:eb:a8: 57:61:db:4f:d4:6f:6d:b1:ce:92:dc:38:c8:e4:d8: ee:65:ef:56:23:31:bb:04:38:7b:6e:48:95:8d:66: 73:d9:9a:6f:6f:ea:a0:31:ad:51:d2:f6:2f:70:18: 50:8b:cc:8e:cf:08:29:05:cd:13:65:85:bd:f4:09: 23:85:ee:87:1c:bf:2d:34:df:7d:fd:7b:aa:87:0c: 5e:43:11:6f:5f:75:f6:30:36:38:a1:a2:49:f8:61: 11:f0:18:ef:30:29:79:81:e2:aa:15:35:f3:87:cc: ec:07:c9:c0:d9:32:0d:07:74:9e:35:01:46:88:88: 72:2d:31:af:bb:20:f4:60:3a:bf:75:fa:c3:ca:41: 70:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:76:CD:26:3E:BF:88:62:7D:5E:CE:5E:21:2E:B2:6B:92:2A:B8:B0 X509v3 Authority Key Identifier: keyid:A3:CE:6E:B5:31:A8:95:1D:24:A3:7D:F2:7A:01:EB:39:65:1D:7E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:6a:05:ff:f1:a0:01:84:b8:43:65:3f:9d:ce:78:8a:9e:ed: 6c:3d:1e:6e:ab:99:b7:5f:50:3d:58:a9:4a:8a:c8:cd:0d:95: 0c:69:57:26:4b:e1:f5:b3:98:00:db:a2:c9:81:8e:b9:ad:e3: 2b:ba:84:03:5d:bc:5e:d5:c0:62:eb:47:d1:f3:7b:e4:ea:f9: 40:a6:dc:85:4d:6c:eb:af:ee:fe:81:76:fa:a6:45:47:2a:e4: c1:b4:27:29:63:e0:91:8a:d8:c8:b2:ea:2d:7c:4c:cf:93:47: bc:22:64:c6:0a:04:f7:23:02:aa:5a:93:f5:bc:4d:fb:29:d5: 1b:29:a7:93:24:fc:6d:5f:ba:fa:ab:ab:a4:26:c2:31:58:ed: 4f:48:0b:79:0d:8a:27:a0:b1:ca:e8:05:e0:e3:e0:34:85:71: 7d:22:aa:a6:33:8c:be:ec:50:92:1d:f5:85:29:11:08:c5:3f: 60:ce:70:1b:36:68:28:79:83:47:b7:22:ea:44:9a:9b:12:5a: 59:18:d8:7d:ba:1c:de:f5:aa:4e:5b:80:e3:c0:ff:66:bd:fc: a6:88:2b:75:bb:30:1e:7f:be:1d:72:98:81:72:0e:8e:58:e1: 6e:eb:71:4a:15:84:52:45:87:9a:53:49:8c:f1:28:c3:44:f6: 3e:40:86:89 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUUhOON2okc+TLQyVNYfUF2l2O9PMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkQ0Q0MwMDAwMTEwLwYDVQQFEyhBM0NFNkVCNTMx QTg5NTFEMjRBMzdERjI3QTAxRUIzOTY1MUQ3RUNBMB4XDTI1MTIwNjE1MzkzN1oX DTI1MTIwNzE4MzMzN1owMzExMC8GA1UEAxMoOUE3NkNEMjYzRUJGODg2MjdENUVD RTVFMjEyRUIyNkI5MjJBQjhCMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMq850qf/3zPTdGI9Z+DYS2KiBiaRgze78zLYxE7dsB852tiFebtyfC3c9rB 9G8xINQxS8wbfw8PzK6atI7wBJXMUls5L7qXVR6t1XuEz78ZsBry2aLQQ2tcC0KT xYrMpPwU3ctxdQOBIQANy9b0hqfkovf1gOuoV2HbT9RvbbHOktw4yOTY7mXvViMx uwQ4e25IlY1mc9mab2/qoDGtUdL2L3AYUIvMjs8IKQXNE2WFvfQJI4Xuhxy/LTTf ff17qocMXkMRb1919jA2OKGiSfhhEfAY7zApeYHiqhU184fM7AfJwNkyDQd0njUB RoiIci0xr7sg9GA6v3X6w8pBcK8CAwEAAaOCAfUwggHxMB0GA1UdDgQWBBSads0m Pr+IYn1ezl4hLrJrkiq4sDAfBgNVHSMEGDAWgBSjzm61MaiVHSSjffJ6Aes5ZR1+ yjAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU5L0EzQ0U2RUI1MzFBODk1MUQyNEEzN0RGMjdB MDFFQjM5NjUxRDdFQ0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL284NXV0VEdvbFIwa28zM3llZ0hyT1dVZGZzby5j ZXIwagYIKwYBBQUHAQsEXjBcMFoGCCsGAQUFBzALhk5yc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTkvQTNDRTZFQjUzMUE4OTUxRDI0QTM3REYyN0EwMUVC Mzk2NTFEN0VDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJBqBf/xoAGEuENlP53OeIqe7Ww9Hm6rmbdf UD1YqUqKyM0NlQxpVyZL4fWzmADbosmBjrmt4yu6hANdvF7VwGLrR9Hze+Tq+UCm 3IVNbOuv7v6BdvqmRUcq5MG0Jylj4JGK2Miy6i18TM+TR7wiZMYKBPcjAqpak/W8 Tfsp1Rspp5Mk/G1fuvqrq6QmwjFY7U9IC3kNiiegscroBeDj4DSFcX0iqqYzjL7s UJId9YUpEQjFP2DOcBs2aCh5g0e3IupEmpsSWlkY2H26HN71qk5bgOPA/2a9/KaI K3W7MB5/vh1ymIFyDo5Y4W7rcUoVhFJFh5pTSYzxKMNE9j5Ahok= -----END CERTIFICATE-----Generated at Sun Dec 7 00:11:09 2025 by rpki-client