This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
File:                     B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft (raw, json)
Hash identifier:          wwwOjA4+SOZKfxXmhbiaB6bdaPveYvuqnqL8M03vZdA=
Subject key identifier:   A4:A7:D3:02:09:00:9E:50:65:8B:F5:67:AD:9E:0D:B3:6C:A7:44:C9
Authority key identifier: B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1
Certificate issuer:       /CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
Certificate serial:       2D4AD0161440A2BB831C2085BE5FC510B3E71D44
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
Manifest number:          02C8
Signing time:             Sat 20 Dec 2025 17:32:17 +0000
Manifest this update:     Sat 20 Dec 2025 17:27:17 +0000
Manifest next update:     Wed 24 Dec 2025 00:16:17 +0000
Files and hashes:         1: 3130332e33302e3232322e302f32342d3234203d3e203338313438.roa (hash: +SJaFJQyqBdRsoSnVqf1c6YDNbR+iItpuCQMYo/GJwM=)
                          2: 323430313a396230303a3a2f33322d3438203d3e203338313438.roa (hash: KdtiKUAOdh5Pdj0OkOpsBFHlVClUvcCXmF1ngZraMiI=)
                          3: B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl (hash: 5xzsymVoqvJqk+JoeB0J+f+67Ryl4FzZmkRlC2gT1jU=)
                          4: 3130332e33302e3232312e302f32342d3234203d3e203338313438.roa (hash: 7jwgwmu5p9Vx0nJtBBICc1jR6TLu2T+YBURAKlHLhFY=)
                          5: 3132322e3230302e3134342e302f32312d3234203d3e203338313438.roa (hash: q36ZaNZnng4e3YSesfRm7Xhg/e4wHbxv2r58SbE/Hyw=)
                          6: 3130332e33302e3232302e302f32342d3234203d3e203338313438.roa (hash: o3fKHuVWFD6jkUIoyhNcY5O2uYQKepNEkJqsRTcT0Zs=)
                          7: 3130332e33302e3232332e302f32342d3234203d3e203338313438.roa (hash: Oz3xD+pukxgYWpnFQL+j6A86Gc4jUZiZu2sP1l7btM0=)
                          8: 3130332e33302e3232302e302f32322d3233203d3e203338313438.roa (hash: dip5cfpPOxv7j5avMlkj27CtA1ffgVlncphql09alQk=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl
                          rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 24 Dec 2025 00:16:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:4a:d0:16:14:40:a2:bb:83:1c:20:85:be:5f:c5:10:b3:e7:1d:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
        Validity
            Not Before: Dec 20 17:27:17 2025 GMT
            Not After : Dec 24 00:16:17 2025 GMT
        Subject: CN=A4A7D30209009E50658BF567AD9E0DB36CA744C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:74:3b:a7:4f:a4:ce:f5:c4:b2:31:cc:64:06:
                    b0:68:af:99:a6:ba:cc:bd:73:05:7e:6e:7e:46:6f:
                    23:8c:83:a8:97:eb:be:be:ae:e9:ea:7b:df:58:30:
                    86:bf:7d:39:c6:80:d1:e9:f6:3c:af:e1:d4:3a:00:
                    a1:d3:92:8d:87:d5:0d:e7:64:2b:4f:9a:0b:d6:6e:
                    3e:58:90:80:48:4a:4d:a0:7c:a7:c5:56:d8:31:18:
                    f7:06:e3:98:5b:81:a2:cd:ed:46:d8:1d:e7:43:4b:
                    f0:71:d5:a0:0f:d6:8f:f3:b7:08:a0:33:c2:6c:6c:
                    c0:8c:5a:05:3d:73:4e:99:22:1e:8e:ed:b9:cc:72:
                    ef:d8:6b:e5:78:ff:d8:f7:34:13:5e:22:11:ca:24:
                    25:bb:73:c2:59:b7:cc:97:6b:db:04:1f:70:4f:63:
                    48:b6:b9:0f:40:1b:3e:86:17:01:f8:c5:75:63:23:
                    45:f0:f8:cf:48:c9:05:be:ac:97:2c:6d:60:e8:ed:
                    de:ff:43:37:a5:c9:6f:1d:74:f6:df:3a:3a:83:6b:
                    42:f5:5a:c2:7c:f1:9f:db:3c:1e:a3:80:79:da:e3:
                    63:80:1d:c9:27:57:3f:fc:01:9d:fc:38:94:8a:6b:
                    33:c8:85:8b:d6:59:a4:b1:25:8f:9e:88:51:71:be:
                    a8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:A7:D3:02:09:00:9E:50:65:8B:F5:67:AD:9E:0D:B3:6C:A7:44:C9
            X509v3 Authority Key Identifier:
                keyid:B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:82:44:1f:c5:9d:06:4b:93:8d:56:6a:8f:bc:e0:0f:b2:72:
         14:d4:fb:69:4f:f7:24:85:e7:11:d4:59:b4:db:1d:fc:a7:5f:
         13:3e:b6:99:97:55:1b:e6:8d:93:f1:58:16:3c:9c:57:a8:bc:
         e4:1a:61:03:03:68:8c:6e:2c:ef:6e:b4:0e:b4:92:64:94:62:
         f7:cc:e3:1e:e3:c4:b9:cc:a0:46:51:43:45:44:3a:33:57:b2:
         82:98:92:df:f6:50:83:79:3f:04:ef:6b:cc:87:41:5e:45:99:
         c3:95:cd:7d:5b:f0:d4:71:a1:f7:47:ce:df:9e:ac:e3:fc:b9:
         3c:31:32:04:e7:1a:82:24:ba:2f:af:90:9a:2a:d1:b0:37:72:
         37:13:85:95:d6:7d:8c:0c:e4:50:32:67:fb:35:b2:6d:ad:e3:
         09:e0:4c:47:22:9e:44:0b:de:f2:52:ff:aa:8a:64:a7:7f:d2:
         e6:ca:d6:aa:c4:34:88:86:0a:90:54:20:1b:ca:e1:4c:70:38:
         a8:5c:55:51:ef:53:bd:5e:c9:ae:15:26:ca:da:56:d5:d4:f1:
         66:db:f3:db:47:da:94:5d:58:5d:52:dc:00:e7:c8:1f:27:92:
         b1:cd:89:86:a8:f7:81:c8:d4:34:91:61:de:92:9c:0b:f1:78:
         96:d6:62:15
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIULUrQFhRAoruDHCCFvl/FELPnHUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEw
RUIzODRFMTAeFw0yNTEyMjAxNzI3MTdaFw0yNTEyMjQwMDE2MTdaMDMxMTAvBgNV
BAMTKEE0QTdEMzAyMDkwMDlFNTA2NThCRjU2N0FEOUUwREIzNkNBNzQ0QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5dDunT6TO9cSyMcxkBrBor5mm
usy9cwV+bn5GbyOMg6iX676+runqe99YMIa/fTnGgNHp9jyv4dQ6AKHTko2H1Q3n
ZCtPmgvWbj5YkIBISk2gfKfFVtgxGPcG45hbgaLN7UbYHedDS/Bx1aAP1o/ztwig
M8JsbMCMWgU9c06ZIh6O7bnMcu/Ya+V4/9j3NBNeIhHKJCW7c8JZt8yXa9sEH3BP
Y0i2uQ9AGz6GFwH4xXVjI0Xw+M9IyQW+rJcsbWDo7d7/QzelyW8ddPbfOjqDa0L1
WsJ88Z/bPB6jgHna42OAHcknVz/8AZ38OJSKazPIhYvWWaSxJY+eiFFxvqg/AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUpKfTAgkAnlBli/VnrZ4Ns2ynRMkwHwYDVR0j
BBgwFoAUuSHaq7hJSd3CUA1PCm2T+g6zhOEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NTkyYzI3NC0xMWRiLTQxMjctYmFiYi1hZWFlOTkyODRiMDAvMC9COTIxREFBQkI4
NDk0OUREQzI1MDBENEYwQTZEOTNGQTBFQjM4NEUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEwRUIz
ODRFMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTU5MmMyNzQtMTFkYi00MTI3LWJh
YmItYWVhZTk5Mjg0YjAwLzAvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkz
RkEwRUIzODRFMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBADOCRB/FnQZLk41Wao+84A+ychTU+2lP9ySF
5xHUWbTbHfynXxM+tpmXVRvmjZPxWBY8nFeovOQaYQMDaIxuLO9utA60kmSUYvfM
4x7jxLnMoEZRQ0VEOjNXsoKYkt/2UIN5PwTva8yHQV5FmcOVzX1b8NRxofdHzt+e
rOP8uTwxMgTnGoIkui+vkJoq0bA3cjcThZXWfYwM5FAyZ/s1sm2t4wngTEcinkQL
3vJS/6qKZKd/0ubK1qrENIiGCpBUIBvK4UxwOKhcVVHvU71eya4VJsraVtXU8Wbb
89tH2pRdWF1S3ADnyB8nkrHNiYao94HI1DSRYd6SnAvxeJbWYhU=
-----END CERTIFICATE-----