This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/52ac0ca5-5ce7-4e6e-9fff-7213ef1ef364/0/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.mft File: AF52E716DE71EEA9353FEA92FBF72DA2106A594C.mft (raw, json) Hash identifier: sYe3ERNLnmJ0nA00KHiW9xGLcXZFxSpOwPqTN+JkqzU= Subject key identifier: FA:F3:83:DD:FD:32:B6:72:A4:25:90:CA:EA:9A:21:11:09:E0:DE:1B Authority key identifier: AF:52:E7:16:DE:71:EE:A9:35:3F:EA:92:FB:F7:2D:A2:10:6A:59:4C Certificate issuer: /CN=AF52E716DE71EEA9353FEA92FBF72DA2106A594C Certificate serial: 6827099280E471DDA37297C91B53203D2714BCB7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/52ac0ca5-5ce7-4e6e-9fff-7213ef1ef364/0/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.mft Manifest number: 0538 Signing time: Wed 24 Dec 2025 06:51:14 +0000 Manifest this update: Wed 24 Dec 2025 06:46:14 +0000 Manifest next update: Sat 27 Dec 2025 10:40:14 +0000 Files and hashes: 1: 3130332e35352e33362e302f32322d3234203d3e20313336303532.roa (hash: Co7QnH1utLTo+OaXOBXDzn1d7u1X3FX72sJ2/V1LcRI=) 2: 3130332e32382e35322e302f32332d3234203d3e20313336303532.roa (hash: jH+vIlrKU7PfFq1iZrO7cUj2zjNXd2QDgqmIURJ9hHo=) 3: 3130332e31352e3232362e302f32342d3234203d3e20313336303532.roa (hash: 92iPAvFoV8ZIni26oBvQBCMwojDuPtSnBMptGXhyF7g=) 4: 3130332e3233362e3230312e302f32342d3234203d3e20313336303532.roa (hash: NJ/fZulIyr1e7dyoj8v3tiz901wVBYZYjvKtkVFLK3I=) 5: AF52E716DE71EEA9353FEA92FBF72DA2106A594C.crl (hash: bW5cAm8Bl7kVoHO0bl0ITNvd2/sxYWbbt+2UYer5hNw=) 6: 323030313a6466373a373430303a3a2f34382d3438203d3e20313336303532.roa (hash: q884sNHCW5gx53DgOjtLJ9QZQAoxktWTxQd/7H0Tgro=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/52ac0ca5-5ce7-4e6e-9fff-7213ef1ef364/0/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.crl rsync://repo-rpki.idnic.net/repo/52ac0ca5-5ce7-4e6e-9fff-7213ef1ef364/0/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 10:40:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:27:09:92:80:e4:71:dd:a3:72:97:c9:1b:53:20:3d:27:14:bc:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF52E716DE71EEA9353FEA92FBF72DA2106A594C Validity Not Before: Dec 24 06:46:14 2025 GMT Not After : Dec 27 10:40:14 2025 GMT Subject: CN=FAF383DDFD32B672A42590CAEA9A211109E0DE1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:db:0f:4e:dd:89:e3:64:b2:94:f8:28:de:53: 61:17:9a:40:be:9a:d3:ec:15:94:da:10:aa:bb:ac: ef:e9:1b:b1:90:de:88:db:98:1a:ce:e6:d4:7a:55: 0d:77:dd:fa:d9:e0:1a:2d:b8:99:08:cb:8f:dc:99: 8a:7f:a4:fd:f5:bf:c2:d9:74:a4:54:26:bd:00:55: 66:38:8f:63:19:9e:37:aa:48:40:97:28:30:98:0f: 95:0e:76:39:7e:aa:02:8c:ec:e7:f0:f4:fe:fd:ca: 81:76:27:78:b7:20:3d:7c:4b:f4:8d:2c:12:12:af: 19:55:75:0a:01:0b:e3:b6:2a:aa:a3:09:da:98:ef: b0:0f:57:3f:c4:e6:ea:c8:3f:bb:11:08:7f:25:16: 59:8b:fe:44:61:63:43:bb:6a:8b:62:5d:f3:32:87: aa:e0:04:ce:36:96:c7:3c:10:27:cb:a1:ca:ee:18: 06:20:b0:15:98:88:f7:33:35:cf:b3:27:c6:ef:2e: 55:74:d8:52:99:c2:e2:ee:a1:55:e9:65:ab:6c:3c: 86:26:66:f9:13:2f:7b:60:96:5a:95:fa:7f:b3:d2: 0e:9f:48:e9:ec:9f:9a:94:ad:0a:f6:21:e5:5e:d4: 10:af:e7:e3:f3:49:ba:2c:46:3e:df:6a:70:98:68: bb:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:F3:83:DD:FD:32:B6:72:A4:25:90:CA:EA:9A:21:11:09:E0:DE:1B X509v3 Authority Key Identifier: keyid:AF:52:E7:16:DE:71:EE:A9:35:3F:EA:92:FB:F7:2D:A2:10:6A:59:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/52ac0ca5-5ce7-4e6e-9fff-7213ef1ef364/0/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/52ac0ca5-5ce7-4e6e-9fff-7213ef1ef364/0/AF52E716DE71EEA9353FEA92FBF72DA2106A594C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:e1:11:97:62:3e:a5:e4:1c:58:f2:92:1d:45:72:7d:f4:8b: 46:bb:0c:af:41:dc:64:e0:e3:84:7a:14:70:d3:bd:14:4b:9e: 8c:e3:52:49:f6:6e:a3:20:68:a9:f1:9e:7b:60:41:fa:c5:79: bc:ba:c1:ef:11:6b:83:44:5b:ef:12:a9:80:2a:14:a4:4c:5d: 59:4a:59:d2:a8:34:46:10:68:52:81:b8:a3:39:68:62:86:28: e1:b9:d4:b5:61:fb:de:a7:ee:22:47:9d:9b:46:42:2b:03:87: a6:56:63:2d:68:04:ab:30:8d:16:97:1b:7e:06:e2:57:d7:6c: bb:9c:8a:c6:bd:bf:ca:00:73:48:81:94:1c:73:4b:9e:2d:b5: d3:ed:50:b5:46:fc:e5:6e:29:ae:b3:9a:89:d2:0b:e7:4c:61: 0d:5c:44:15:cf:92:75:d4:90:c8:2f:19:80:65:7a:f3:93:78: 56:f4:25:10:cf:76:d7:0f:28:f3:b0:ce:ac:39:9f:2d:5a:92: 6f:4a:f9:0d:b8:63:c6:4a:21:74:34:bd:bc:8f:3b:a1:e4:e2: f1:3b:67:6f:83:ff:c1:6c:b5:a7:52:e9:04:ce:0b:4c:7a:d4: d5:93:fb:3f:58:a1:6c:43:6d:4c:cd:4f:5a:6f:8b:78:29:78: 82:ea:13:92 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaCcJkoDkcd2jcpfJG1MgPScUvLcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUY1MkU3MTZERTcxRUVBOTM1M0ZFQTkyRkJGNzJEQTIx MDZBNTk0QzAeFw0yNTEyMjQwNjQ2MTRaFw0yNTEyMjcxMDQwMTRaMDMxMTAvBgNV BAMTKEZBRjM4M0RERkQzMkI2NzJBNDI1OTBDQUVBOUEyMTExMDlFMERFMUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp2w9O3YnjZLKU+CjeU2EXmkC+ mtPsFZTaEKq7rO/pG7GQ3ojbmBrO5tR6VQ133frZ4BotuJkIy4/cmYp/pP31v8LZ dKRUJr0AVWY4j2MZnjeqSECXKDCYD5UOdjl+qgKM7Ofw9P79yoF2J3i3ID18S/SN LBISrxlVdQoBC+O2KqqjCdqY77APVz/E5urIP7sRCH8lFlmL/kRhY0O7aotiXfMy h6rgBM42lsc8ECfLocruGAYgsBWYiPczNc+zJ8bvLlV02FKZwuLuoVXpZatsPIYm ZvkTL3tgllqV+n+z0g6fSOnsn5qUrQr2IeVe1BCv5+PzSbosRj7fanCYaLvLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU+vOD3f0ytnKkJZDK6pohEQng3hswHwYDVR0j BBgwFoAUr1LnFt5x7qk1P+qS+/ctohBqWUwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 MmFjMGNhNS01Y2U3LTRlNmUtOWZmZi03MjEzZWYxZWYzNjQvMC9BRjUyRTcxNkRF NzFFRUE5MzUzRkVBOTJGQkY3MkRBMjEwNkE1OTRDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUY1MkU3MTZERTcxRUVBOTM1M0ZFQTkyRkJGNzJEQTIxMDZB NTk0Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTJhYzBjYTUtNWNlNy00ZTZlLTlm ZmYtNzIxM2VmMWVmMzY0LzAvQUY1MkU3MTZERTcxRUVBOTM1M0ZFQTkyRkJGNzJE QTIxMDZBNTk0Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADvhEZdiPqXkHFjykh1Fcn30i0a7DK9B3GTg 44R6FHDTvRRLnozjUkn2bqMgaKnxnntgQfrFeby6we8Ra4NEW+8SqYAqFKRMXVlK WdKoNEYQaFKBuKM5aGKGKOG51LVh+96n7iJHnZtGQisDh6ZWYy1oBKswjRaXG34G 4lfXbLucisa9v8oAc0iBlBxzS54ttdPtULVG/OVuKa6zmonSC+dMYQ1cRBXPknXU kMgvGYBlevOTeFb0JRDPdtcPKPOwzqw5ny1akm9K+Q24Y8ZKIXQ0vbyPO6Hk4vE7 Z2+D/8FstadS6QTOC0x61NWT+z9YoWxDbUzNT1pvi3gpeILqE5I= -----END CERTIFICATE-----Generated at Wed Dec 24 20:03:30 2025 by rpki-client