This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft File: 2858C74CC23A557C73F59051B7FE8638AA491C94.mft (raw, json) Hash identifier: FRl/ycbIPl1RENQJvB2ybfr8Cv3ZNjB3lGyr+27WpG8= Subject key identifier: 68:2A:22:C0:8D:B6:04:39:AE:63:63:04:AE:CB:E4:3F:EF:88:82:7E Authority key identifier: 28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 Certificate issuer: /CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Certificate serial: 630F39EF23BC46346433D30116DF887598F76DC4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer Subject info access: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft Manifest number: 49 Signing time: Fri 26 Dec 2025 17:41:30 +0000 Manifest this update: Fri 26 Dec 2025 17:36:30 +0000 Manifest next update: Tue 30 Dec 2025 00:16:30 +0000 Files and hashes: 1: 323430303a366632303a3a2f33322d3438203d3e20313333383039.roa (hash: 8MTe8KcDcB0X2kj+3dmF5RSp4lHPV4hialaox1IdvHk=) 2: 2858C74CC23A557C73F59051B7FE8638AA491C94.crl (hash: 5awLnkO6mMMjP3WV1WSwv/9dJ13eaObYhb5HEm16zpA=) 3: 3130332e35302e3132382e302f32322d3234203d3e20313333383039.roa (hash: IB02l7aeS1Ctr7m+n8ymFsmUvTLgjo3obFTTz15X/C8=) 4: 323430303a366632303a353a3a2f34382d3438203d3e20313333383039.roa (hash: KGGUUPJetYRovMai9BvuYsEqHu8TgW6bYg4Sm8JWJcg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.crl rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 11:33:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:0f:39:ef:23:bc:46:34:64:33:d3:01:16:df:88:75:98:f7:6d:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Validity Not Before: Dec 26 17:36:30 2025 GMT Not After : Dec 30 00:16:30 2025 GMT Subject: CN=682A22C08DB60439AE636304AECBE43FEF88827E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7c:56:af:4b:d2:37:40:29:a9:fc:53:85:fd: 6d:58:e3:f0:47:51:41:ea:14:8e:35:fd:b5:c4:76: c4:77:09:0e:90:11:a9:49:18:87:94:ff:58:eb:e2: 52:55:a1:42:46:d6:fd:9a:2a:c7:f4:44:4b:ef:74: ff:92:12:34:3a:f0:17:21:fd:49:3a:55:af:e6:c3: 04:05:77:d5:3f:6c:15:03:ea:4c:a6:ca:b6:99:8b: ea:d1:cb:63:a6:71:ca:ce:04:c6:82:2a:2d:c6:8b: 0b:3c:d5:aa:84:d8:b7:06:54:4b:e5:10:c8:52:ce: 90:e7:aa:db:d8:f3:2a:0f:77:69:a0:aa:da:30:00: 29:86:b4:58:ea:81:06:b1:5d:05:9c:f9:52:aa:16: d3:71:ac:fd:aa:fd:c4:fa:76:7e:f7:7c:2b:2d:0f: a2:f6:2e:ea:6e:c5:75:e3:f3:4b:86:84:cb:18:bb: d0:71:91:c6:48:4a:4e:f3:20:96:d8:ef:5f:de:12: 6d:0f:09:f8:e2:86:b6:b3:1c:20:12:5d:60:4f:ba: da:a5:98:cd:a6:1a:01:85:82:c3:6d:8a:ea:16:f8: 06:27:28:7f:ac:c4:0b:d9:9b:c4:8c:26:d1:77:b5: c1:19:4b:68:ab:31:d2:48:1f:10:9b:a2:49:df:8e: 87:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:2A:22:C0:8D:B6:04:39:AE:63:63:04:AE:CB:E4:3F:EF:88:82:7E X509v3 Authority Key Identifier: keyid:28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:a5:29:b0:ec:40:ac:6e:6e:88:44:a1:fb:65:a3:52:34:6a: 00:ed:cb:34:3e:fd:f9:4a:ab:40:ac:3b:b8:f3:d6:5c:bf:ad: f6:70:82:c3:cd:44:76:55:e4:2e:2d:22:d2:49:fd:3f:36:6b: 6d:7b:04:6e:08:93:76:eb:8f:d7:8b:e9:c7:7f:da:ba:be:64: e4:de:82:47:66:dd:90:ad:fd:b6:2c:0e:81:5c:89:a6:fe:52: bb:1c:5e:c3:26:bc:62:88:33:42:6e:97:78:1c:60:82:30:82: 69:b5:2c:79:27:9a:11:37:44:6b:bc:ab:9b:91:37:54:50:13: 3b:3c:23:2c:ee:af:64:57:58:7b:42:44:b4:de:da:2d:7a:4c: c5:c1:7d:cb:51:03:28:f7:bf:ec:34:4a:d1:50:eb:aa:4d:6a: 92:ef:c5:39:3e:f6:80:c0:ad:2a:68:cf:b2:2f:b2:d4:4a:2e: 19:ae:13:3e:00:f7:72:af:7a:7e:b5:8c:5a:12:06:d2:ba:0e: f8:fc:e7:a2:58:64:14:07:37:23:24:ad:81:4b:2e:d8:54:57: 25:7d:ba:de:c0:ff:b9:6e:d0:67:54:c6:c5:0f:0c:c2:c8:ad: 89:74:19:a6:17:46:98:26:bc:b5:7c:95:55:ec:4d:69:30:19: 1e:29:4a:61 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYw857yO8RjRkM9MBFt+IdZj3bcQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2MzhB QTQ5MUM5NDAeFw0yNTEyMjYxNzM2MzBaFw0yNTEyMzAwMDE2MzBaMDMxMTAvBgNV BAMTKDY4MkEyMkMwOERCNjA0MzlBRTYzNjMwNEFFQ0JFNDNGRUY4ODgyN0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6fFavS9I3QCmp/FOF/W1Y4/BH UUHqFI41/bXEdsR3CQ6QEalJGIeU/1jr4lJVoUJG1v2aKsf0REvvdP+SEjQ68Bch /Uk6Va/mwwQFd9U/bBUD6kymyraZi+rRy2OmccrOBMaCKi3Giws81aqE2LcGVEvl EMhSzpDnqtvY8yoPd2mgqtowACmGtFjqgQaxXQWc+VKqFtNxrP2q/cT6dn73fCst D6L2LupuxXXj80uGhMsYu9BxkcZISk7zIJbY71/eEm0PCfjihrazHCASXWBPutql mM2mGgGFgsNtiuoW+AYnKH+sxAvZm8SMJtF3tcEZS2irMdJIHxCboknfjoc9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUaCoiwI22BDmuY2MErsvkP++Ign4wHwYDVR0j BBgwFoAUKFjHTMI6VXxz9ZBRt/6GOKpJHJQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 OWNlZjhiMC1iYTY0LTRjMGMtOGRlOC0xZjUwYTg1ZDVmZGUvMC8yODU4Qzc0Q0My M0E1NTdDNzNGNTkwNTFCN0ZFODYzOEFBNDkxQzk0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2MzhBQTQ5 MUM5NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTljZWY4YjAtYmE2NC00YzBjLThk ZTgtMWY1MGE4NWQ1ZmRlLzAvMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2 MzhBQTQ5MUM5NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAD6lKbDsQKxubohEoftlo1I0agDtyzQ+/flK q0CsO7jz1ly/rfZwgsPNRHZV5C4tItJJ/T82a217BG4Ik3brj9eL6cd/2rq+ZOTe gkdm3ZCt/bYsDoFciab+UrscXsMmvGKIM0Jul3gcYIIwgmm1LHknmhE3RGu8q5uR N1RQEzs8Iyzur2RXWHtCRLTe2i16TMXBfctRAyj3v+w0StFQ66pNapLvxTk+9oDA rSpoz7IvstRKLhmuEz4A93Kven61jFoSBtK6Dvj856JYZBQHNyMkrYFLLthUVyV9 ut7A/7lu0GdUxsUPDMLIrYl0GaYXRpgmvLV8lVXsTWkwGR4pSmE= -----END CERTIFICATE-----Generated at Sun Dec 28 08:17:06 2025 by rpki-client