This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/386d6ba1-1f73-4776-8a6a-4f45120792b1/0/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.mft File: 458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.mft (raw, json) Hash identifier: 0yDfKobuPgwKODt50zud6lW5kgWpEF0DIH8Fi1g8vuo= Subject key identifier: 20:7F:E3:BC:61:D3:07:73:C0:52:E0:C0:F6:83:91:91:1F:01:13:61 Authority key identifier: 45:8D:9A:2B:4C:22:FF:50:16:AE:2E:24:72:9D:23:E2:BE:0D:FD:33 Certificate issuer: /CN=458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33 Certificate serial: 4464BEE28339B2BAC1C1F58E833BBE01874E73AE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.cer Subject info access: rsync://repo-rpki.idnic.net/repo/386d6ba1-1f73-4776-8a6a-4f45120792b1/0/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.mft Manifest number: 0219 Signing time: Wed 24 Dec 2025 15:02:15 +0000 Manifest this update: Wed 24 Dec 2025 14:57:15 +0000 Manifest next update: Sat 27 Dec 2025 15:44:15 +0000 Files and hashes: 1: 323030313a6466303a666534303a3a2f34382d3438203d3e20313439393133.roa (hash: a5a2FZuaU8+YwWyJiNpJaq/a07NXsjnc5SwcHCXziC4=) 2: 3130332e3139312e35352e302f32342d3234203d3e20313439393133.roa (hash: MzEupSrXlebebmZ66Gd92DusEJ4mRAdQ/8taDo8z+bk=) 3: 3130332e3139312e35342e302f32342d3234203d3e20313439393133.roa (hash: CllgKLcIRd3lX7KQsM2tAZpeFF8Rj9z8kpx3sCEVEDA=) 4: 458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.crl (hash: hFKD1/FIb1tKDtBTZ5XTCrr3J1ve4M7vlKMU5TwRKK0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/386d6ba1-1f73-4776-8a6a-4f45120792b1/0/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.crl rsync://repo-rpki.idnic.net/repo/386d6ba1-1f73-4776-8a6a-4f45120792b1/0/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 15:44:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:64:be:e2:83:39:b2:ba:c1:c1:f5:8e:83:3b:be:01:87:4e:73:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33 Validity Not Before: Dec 24 14:57:15 2025 GMT Not After : Dec 27 15:44:15 2025 GMT Subject: CN=207FE3BC61D30773C052E0C0F68391911F011361 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:97:ad:e7:d5:b7:85:ae:43:48:7e:67:59:ad: ca:43:ca:a8:98:69:92:99:c3:ea:95:41:98:29:b5: 2c:64:77:fc:da:60:cf:cf:84:69:59:90:9e:90:f8: cf:5b:d6:a1:3c:d8:2d:da:0b:a3:fa:a0:32:c1:f5: e5:73:e7:9c:41:50:47:53:c1:40:95:45:66:19:42: ae:0a:f6:03:c9:3e:53:e1:82:ce:68:15:fd:a8:35: 85:ef:d0:43:23:8e:fb:6a:5a:84:59:83:b0:0a:8e: e8:c7:d3:dc:a5:06:4f:b7:ff:88:0b:25:3d:01:27: 2a:ae:67:10:8b:6b:b2:78:8d:e6:73:50:ad:6e:d9: 26:e7:a2:dc:39:03:42:15:5b:52:a4:3f:88:3b:01: de:50:66:3f:72:0c:72:e2:6e:bd:6c:88:06:cd:64: 6f:df:e5:a4:a3:df:08:5c:4d:bc:bf:ca:77:72:05: 0a:0d:33:33:17:96:bf:5c:33:df:5a:5a:5f:27:b3: be:7e:7e:86:48:1d:af:57:12:19:2d:91:c8:ae:6f: 68:6f:40:77:89:f7:a8:fd:8f:7b:4b:14:42:31:95: fa:ce:f4:67:5f:90:9e:18:60:ae:00:68:cd:0f:18: 96:02:8d:98:59:02:ef:e5:96:5a:79:63:17:b8:89: b7:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:7F:E3:BC:61:D3:07:73:C0:52:E0:C0:F6:83:91:91:1F:01:13:61 X509v3 Authority Key Identifier: keyid:45:8D:9A:2B:4C:22:FF:50:16:AE:2E:24:72:9D:23:E2:BE:0D:FD:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/386d6ba1-1f73-4776-8a6a-4f45120792b1/0/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/386d6ba1-1f73-4776-8a6a-4f45120792b1/0/458D9A2B4C22FF5016AE2E24729D23E2BE0DFD33.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:11:ec:92:5a:80:16:05:c7:19:df:ee:89:20:18:0d:42:d7: 56:68:a1:bb:a1:ca:5c:e1:c7:79:b7:76:ff:77:4b:e7:ff:ea: f3:2d:82:e9:f8:a6:81:67:64:49:fe:2d:78:a6:fb:59:cc:71: 94:a2:c5:f1:98:aa:ec:d8:cf:fc:17:fb:b2:82:19:d4:27:51: 5f:0f:47:5c:66:42:c7:2e:38:25:64:c6:ec:c9:c0:d0:a1:2e: 42:7d:a4:56:5c:f1:77:85:5f:06:e6:67:7d:df:93:25:3e:4a: 61:74:bd:f0:99:b7:82:82:bf:8b:f9:45:94:e9:fe:e4:85:5c: f9:48:eb:2c:eb:47:63:4c:5d:f8:4c:f8:1a:6f:98:63:21:7b: 6a:7a:ce:28:d3:2a:6c:5e:48:61:dc:10:02:14:b8:12:6c:9a: ef:2a:26:7c:67:0a:82:a7:13:36:53:19:ec:2f:43:65:c6:04: 03:09:05:8b:03:02:eb:a1:c1:4b:42:5f:0a:96:bd:8e:7c:96: bb:41:4a:03:bb:94:05:8d:b7:73:90:6a:81:14:79:96:3c:aa: 20:fc:b9:d3:77:a7:35:94:cd:38:a7:ef:a2:db:68:65:7e:ea: ef:0b:99:b3:f5:6f:79:e2:9a:c1:13:67:50:4a:17:cd:df:8b: 68:89:34:a9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURGS+4oM5srrBwfWOgzu+AYdOc64wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDU4RDlBMkI0QzIyRkY1MDE2QUUyRTI0NzI5RDIzRTJC RTBERkQzMzAeFw0yNTEyMjQxNDU3MTVaFw0yNTEyMjcxNTQ0MTVaMDMxMTAvBgNV BAMTKDIwN0ZFM0JDNjFEMzA3NzNDMDUyRTBDMEY2ODM5MTkxMUYwMTEzNjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhl63n1beFrkNIfmdZrcpDyqiY aZKZw+qVQZgptSxkd/zaYM/PhGlZkJ6Q+M9b1qE82C3aC6P6oDLB9eVz55xBUEdT wUCVRWYZQq4K9gPJPlPhgs5oFf2oNYXv0EMjjvtqWoRZg7AKjujH09ylBk+3/4gL JT0BJyquZxCLa7J4jeZzUK1u2Sbnotw5A0IVW1KkP4g7Ad5QZj9yDHLibr1siAbN ZG/f5aSj3whcTby/yndyBQoNMzMXlr9cM99aWl8ns75+foZIHa9XEhktkciub2hv QHeJ96j9j3tLFEIxlfrO9GdfkJ4YYK4AaM0PGJYCjZhZAu/lllp5Yxe4ibfTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIH/jvGHTB3PAUuDA9oORkR8BE2EwHwYDVR0j BBgwFoAURY2aK0wi/1AWri4kcp0j4r4N/TMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ODZkNmJhMS0xZjczLTQ3NzYtOGE2YS00ZjQ1MTIwNzkyYjEvMC80NThEOUEyQjRD MjJGRjUwMTZBRTJFMjQ3MjlEMjNFMkJFMERGRDMzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDU4RDlBMkI0QzIyRkY1MDE2QUUyRTI0NzI5RDIzRTJCRTBE RkQzMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzg2ZDZiYTEtMWY3My00Nzc2LThh NmEtNGY0NTEyMDc5MmIxLzAvNDU4RDlBMkI0QzIyRkY1MDE2QUUyRTI0NzI5RDIz RTJCRTBERkQzMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABER7JJagBYFxxnf7okgGA1C11Zoobuhylzh x3m3dv93S+f/6vMtgun4poFnZEn+LXim+1nMcZSixfGYquzYz/wX+7KCGdQnUV8P R1xmQscuOCVkxuzJwNChLkJ9pFZc8XeFXwbmZ33fkyU+SmF0vfCZt4KCv4v5RZTp /uSFXPlI6yzrR2NMXfhM+BpvmGMhe2p6zijTKmxeSGHcEAIUuBJsmu8qJnxnCoKn EzZTGewvQ2XGBAMJBYsDAuuhwUtCXwqWvY58lrtBSgO7lAWNt3OQaoEUeZY8qiD8 udN3pzWUzTin76LbaGV+6u8LmbP1b3nimsETZ1BKF83fi2iJNKk= -----END CERTIFICATE-----Generated at Wed Dec 24 22:08:39 2025 by rpki-client