This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
File:                     B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft (raw, json)
Hash identifier:          B51e63lROyclY/GRCytvIdApSanzH9daS4VPBieCBdk=
Subject key identifier:   EC:C2:E4:5F:BA:D6:5C:D3:B9:F9:50:BE:EE:B1:B4:56:EA:D8:96:61
Authority key identifier: B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1
Certificate issuer:       /CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
Certificate serial:       4F2061F25B68A194F0EC8083B1E54C9AF06CC196
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
Manifest number:          02C7
Signing time:             Thu 18 Dec 2025 15:31:56 +0000
Manifest this update:     Thu 18 Dec 2025 15:26:56 +0000
Manifest next update:     Sun 21 Dec 2025 17:27:56 +0000
Files and hashes:         1: 3130332e33302e3232312e302f32342d3234203d3e203338313438.roa (hash: 7jwgwmu5p9Vx0nJtBBICc1jR6TLu2T+YBURAKlHLhFY=)
                          2: 3130332e33302e3232332e302f32342d3234203d3e203338313438.roa (hash: Oz3xD+pukxgYWpnFQL+j6A86Gc4jUZiZu2sP1l7btM0=)
                          3: 3130332e33302e3232302e302f32342d3234203d3e203338313438.roa (hash: o3fKHuVWFD6jkUIoyhNcY5O2uYQKepNEkJqsRTcT0Zs=)
                          4: 3130332e33302e3232322e302f32342d3234203d3e203338313438.roa (hash: +SJaFJQyqBdRsoSnVqf1c6YDNbR+iItpuCQMYo/GJwM=)
                          5: 3130332e33302e3232302e302f32322d3233203d3e203338313438.roa (hash: dip5cfpPOxv7j5avMlkj27CtA1ffgVlncphql09alQk=)
                          6: 3132322e3230302e3134342e302f32312d3234203d3e203338313438.roa (hash: q36ZaNZnng4e3YSesfRm7Xhg/e4wHbxv2r58SbE/Hyw=)
                          7: B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl (hash: sYO9NaE1S39y5aWhm6YXbGWSGtLhhh8L3W2otz/RmuE=)
                          8: 323430313a396230303a3a2f33322d3438203d3e203338313438.roa (hash: KdtiKUAOdh5Pdj0OkOpsBFHlVClUvcCXmF1ngZraMiI=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl
                          rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 21 Dec 2025 17:27:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:20:61:f2:5b:68:a1:94:f0:ec:80:83:b1:e5:4c:9a:f0:6c:c1:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
        Validity
            Not Before: Dec 18 15:26:56 2025 GMT
            Not After : Dec 21 17:27:56 2025 GMT
        Subject: CN=ECC2E45FBAD65CD3B9F950BEEEB1B456EAD89661
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:db:b8:5d:3a:2c:fd:cb:29:74:13:1d:37:2d:
                    bc:d5:a3:11:26:d9:22:83:9e:73:81:f6:e8:be:f0:
                    6a:7d:50:d5:7b:0b:89:97:3b:26:1f:49:84:99:f4:
                    4a:4d:1c:90:44:d8:8d:b0:aa:5b:89:24:a2:be:50:
                    20:74:33:c6:18:ee:1d:e9:fb:41:a0:1e:aa:d2:2f:
                    98:9c:d1:dd:d5:d4:13:be:9f:9b:60:b5:29:28:47:
                    22:9e:37:a6:3e:8b:92:d6:32:bb:7f:a5:03:71:fd:
                    de:b0:76:01:94:a0:4a:2b:00:f2:4e:73:1a:ec:05:
                    b8:3c:b8:06:f8:ed:ae:85:e6:fe:f4:90:ce:9f:a1:
                    9f:24:56:ac:28:eb:b8:9e:c0:b3:7a:a1:1c:87:97:
                    68:f7:8a:55:b7:37:0f:9a:c0:b4:c7:12:38:82:7f:
                    60:c9:df:a9:ea:5c:2e:2c:c3:3e:0d:fc:53:2d:48:
                    2f:85:59:01:3b:33:f2:a7:5a:31:98:be:60:69:62:
                    a0:e5:cb:bf:ff:3c:66:33:ea:27:1e:b8:8d:33:64:
                    28:3f:8c:a8:14:a9:18:aa:55:39:02:d5:62:71:86:
                    3d:d5:4d:d0:03:5d:8f:20:20:9e:ae:d7:06:bc:8c:
                    b2:10:8a:84:ee:99:c8:67:19:61:93:9d:fa:04:17:
                    a0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C2:E4:5F:BA:D6:5C:D3:B9:F9:50:BE:EE:B1:B4:56:EA:D8:96:61
            X509v3 Authority Key Identifier:
                keyid:B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:9a:6b:78:9b:ac:1a:0f:0f:cb:08:d0:86:1d:79:76:80:47:
         0d:1e:d3:81:48:c9:0f:e8:7b:93:cd:83:3c:3f:5e:3c:86:f0:
         fb:22:6b:39:29:73:7c:c6:dc:87:54:b5:25:0b:be:9e:20:49:
         dd:e3:56:2e:c1:d2:17:1b:4c:87:7e:28:5e:23:01:4d:c1:7a:
         16:c4:e9:0d:be:e6:74:85:f2:7b:e1:7e:8d:68:05:9b:13:20:
         65:61:01:d1:fd:0c:58:91:67:90:92:1d:a0:2b:49:19:3e:11:
         07:28:94:a9:9f:8e:1c:cb:d7:e1:35:db:3b:ac:71:4a:af:e0:
         9b:da:ff:6c:22:04:11:f2:cb:2c:e0:fc:ad:1d:e3:70:4c:77:
         f1:0d:3b:87:27:b0:10:a4:7f:4d:f2:f0:2c:b0:99:5d:b2:e8:
         cf:16:0f:96:13:27:6b:c9:1b:f6:58:47:bc:9c:77:e2:09:a2:
         6b:7e:67:c0:4d:ed:b4:87:8a:a7:ba:89:50:a0:8f:a4:bd:e1:
         e0:bb:62:64:c7:2c:52:0f:30:ef:50:af:c8:71:6b:8e:b7:0d:
         08:b8:57:95:ae:81:4d:e7:33:c7:49:30:08:2e:6d:05:7b:82:
         eb:7f:99:60:90:72:28:45:ab:7a:78:ee:f7:e0:29:be:fb:ab:
         e4:1e:6d:22
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUTyBh8ltooZTw7ICDseVMmvBswZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEw
RUIzODRFMTAeFw0yNTEyMTgxNTI2NTZaFw0yNTEyMjExNzI3NTZaMDMxMTAvBgNV
BAMTKEVDQzJFNDVGQkFENjVDRDNCOUY5NTBCRUVFQjFCNDU2RUFEODk2NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl27hdOiz9yyl0Ex03LbzVoxEm
2SKDnnOB9ui+8Gp9UNV7C4mXOyYfSYSZ9EpNHJBE2I2wqluJJKK+UCB0M8YY7h3p
+0GgHqrSL5ic0d3V1BO+n5tgtSkoRyKeN6Y+i5LWMrt/pQNx/d6wdgGUoEorAPJO
cxrsBbg8uAb47a6F5v70kM6foZ8kVqwo67iewLN6oRyHl2j3ilW3Nw+awLTHEjiC
f2DJ36nqXC4swz4N/FMtSC+FWQE7M/KnWjGYvmBpYqDly7//PGYz6iceuI0zZCg/
jKgUqRiqVTkC1WJxhj3VTdADXY8gIJ6u1wa8jLIQioTumchnGWGTnfoEF6DtAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU7MLkX7rWXNO5+VC+7rG0VurYlmEwHwYDVR0j
BBgwFoAUuSHaq7hJSd3CUA1PCm2T+g6zhOEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NTkyYzI3NC0xMWRiLTQxMjctYmFiYi1hZWFlOTkyODRiMDAvMC9COTIxREFBQkI4
NDk0OUREQzI1MDBENEYwQTZEOTNGQTBFQjM4NEUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEwRUIz
ODRFMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTU5MmMyNzQtMTFkYi00MTI3LWJh
YmItYWVhZTk5Mjg0YjAwLzAvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkz
RkEwRUIzODRFMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAA2aa3ibrBoPD8sI0IYdeXaARw0e04FIyQ/o
e5PNgzw/XjyG8Psiazkpc3zG3IdUtSULvp4gSd3jVi7B0hcbTId+KF4jAU3BehbE
6Q2+5nSF8nvhfo1oBZsTIGVhAdH9DFiRZ5CSHaArSRk+EQcolKmfjhzL1+E12zus
cUqv4Jva/2wiBBHyyyzg/K0d43BMd/ENO4cnsBCkf03y8CywmV2y6M8WD5YTJ2vJ
G/ZYR7ycd+IJomt+Z8BN7bSHiqe6iVCgj6S94eC7YmTHLFIPMO9Qr8hxa463DQi4
V5WugU3nM8dJMAgubQV7gut/mWCQcihFq3p47vfgKb77q+QebSI=
-----END CERTIFICATE-----