This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft File: 8CFA88063D5C0A51C1D737A5170338865A245358.mft (raw, json) Hash identifier: gSLQ4k0SrSIT1Njk3a0FV20m4yPEBGXMpJIeAG2rcoc= Subject key identifier: BE:FA:E9:97:B5:1B:05:90:C4:91:9F:14:41:16:09:0E:09:25:EA:EB Authority key identifier: 8C:FA:88:06:3D:5C:0A:51:C1:D7:37:A5:17:03:38:86:5A:24:53:58 Certificate issuer: /CN=8CFA88063D5C0A51C1D737A5170338865A245358 Certificate serial: 2B17F27BF3B269240D3741369B5478B66FC53F3E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft Manifest number: 0535 Signing time: Mon 22 Dec 2025 14:32:28 +0000 Manifest this update: Mon 22 Dec 2025 14:27:28 +0000 Manifest next update: Thu 25 Dec 2025 17:06:28 +0000 Files and hashes: 1: 3130332e3132362e3230302e302f32322d3232203d3e20313338313133.roa (hash: iKqR4sdrDvQYzAbaXB9On/A/Jy5fdaFvtV4f3tabdnk=) 2: 8CFA88063D5C0A51C1D737A5170338865A245358.crl (hash: E1QtGzplVRWmp8OtYBLGu3Ty/O4C9mmD8PD+ymtIFeA=) 3: 323430343a313034303a3a2f33322d3332203d3e20313338313133.roa (hash: IwOy6L011wgRp4Z43jUYFVOd/TCfuz6IilpFz+BTytc=) 4: 3130332e3132362e3230322e302f32332d3233203d3e20313338313133.roa (hash: x7tsLph+/FB0QeKJjGm8RZPvo26S0bN0rsI7VAab3d8=) 5: 3130332e3132362e3230302e302f32332d3233203d3e20313338313133.roa (hash: OX5qJy0ELn8OIpv9cwcHP0OwwrzKVk8H6b2UKzBtyEg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.crl rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 17:06:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:17:f2:7b:f3:b2:69:24:0d:37:41:36:9b:54:78:b6:6f:c5:3f:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8CFA88063D5C0A51C1D737A5170338865A245358 Validity Not Before: Dec 22 14:27:28 2025 GMT Not After : Dec 25 17:06:28 2025 GMT Subject: CN=BEFAE997B51B0590C4919F144116090E0925EAEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:32:66:d1:e1:56:80:0c:a7:bc:13:e3:da:a3: 04:14:7f:8d:59:f1:18:1b:48:9c:c1:0b:96:36:cf: dc:0e:f1:8a:87:91:82:22:70:ea:7b:9c:3d:5c:39: 49:87:40:1f:bb:f2:1c:4a:af:c9:42:d7:7f:20:33: a9:31:d8:1b:1f:38:da:e1:0f:84:25:6b:8c:55:ff: fd:bf:27:dc:eb:3e:19:a5:fe:0d:c0:0d:35:2d:ed: 9a:a6:54:4f:89:9e:94:12:83:71:c5:45:67:e2:40: 1c:a2:73:22:ae:e1:93:be:2c:87:65:94:42:fe:a5: 15:b5:7a:ca:a3:b9:13:65:e1:7b:c3:f2:b0:3b:eb: 90:b2:9c:2d:a1:5e:50:5a:2c:c1:ab:7e:7a:40:a2: 35:2b:5d:31:64:7f:48:a2:07:0c:97:b2:a5:00:bf: 04:e9:14:21:42:2f:56:b7:d1:f2:6a:33:d8:55:84: cb:82:bd:1a:6c:40:1e:73:d1:d5:eb:4d:64:07:bb: cb:a8:6c:f8:cd:3f:48:50:79:a1:44:9c:b9:5b:5c: a9:a9:d9:db:c2:c0:05:18:dd:31:8b:7f:4b:af:7a: 09:91:f1:9c:15:81:df:01:f1:f5:55:99:96:db:9f: f3:d5:4c:57:01:1b:f4:ec:24:4f:57:e5:ae:27:7a: ad:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:FA:E9:97:B5:1B:05:90:C4:91:9F:14:41:16:09:0E:09:25:EA:EB X509v3 Authority Key Identifier: keyid:8C:FA:88:06:3D:5C:0A:51:C1:D7:37:A5:17:03:38:86:5A:24:53:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:a6:cc:2d:08:b9:0a:28:2e:a1:99:01:c7:12:9a:d4:c4:9b: 75:ad:1e:45:13:e4:fd:cb:90:ea:f7:5d:c7:58:ff:61:78:ef: 6a:c6:85:3b:7e:ce:dd:af:c7:81:f7:18:fa:60:64:bb:29:22: 30:fe:fc:9a:42:81:17:41:7f:0c:63:ff:e3:c3:8d:bf:40:93: 36:02:ac:68:7a:9b:b2:6a:97:0b:30:b9:71:42:26:48:38:77: 4a:7d:f2:a3:53:f8:d1:b9:1b:8f:fe:5d:f6:69:82:d4:fa:78: 1c:f7:86:e4:a7:b0:72:34:ff:52:e2:77:25:c7:3d:9a:74:2d: 14:4d:f3:98:f6:13:1b:25:ec:3f:eb:0b:a2:a2:e9:e3:fb:43: e1:65:2a:a7:c6:f3:3c:65:79:58:59:87:e2:e1:4a:db:68:28: 27:e0:9c:d7:10:e5:5c:e8:af:4b:30:15:e9:81:e4:38:ec:80: e0:36:19:b2:63:d2:dd:42:87:09:ea:b3:37:1b:bd:d8:ab:fb: 5e:38:74:dc:f5:d8:78:68:45:5b:af:bd:75:fa:21:6b:75:12: f2:19:cd:50:e9:f9:61:9b:2d:c6:9b:fb:d7:39:4d:ea:3c:12: 78:b2:29:25:2d:78:e6:8d:42:05:be:c6:6e:8a:fc:34:2b:bb: 4a:c7:f9:d2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKxfye/OyaSQNN0E2m1R4tm/FPz4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4ODY1 QTI0NTM1ODAeFw0yNTEyMjIxNDI3MjhaFw0yNTEyMjUxNzA2MjhaMDMxMTAvBgNV BAMTKEJFRkFFOTk3QjUxQjA1OTBDNDkxOUYxNDQxMTYwOTBFMDkyNUVBRUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDMmbR4VaADKe8E+PaowQUf41Z 8RgbSJzBC5Y2z9wO8YqHkYIicOp7nD1cOUmHQB+78hxKr8lC138gM6kx2BsfONrh D4Qla4xV//2/J9zrPhml/g3ADTUt7ZqmVE+JnpQSg3HFRWfiQByicyKu4ZO+LIdl lEL+pRW1esqjuRNl4XvD8rA765CynC2hXlBaLMGrfnpAojUrXTFkf0iiBwyXsqUA vwTpFCFCL1a30fJqM9hVhMuCvRpsQB5z0dXrTWQHu8uobPjNP0hQeaFEnLlbXKmp 2dvCwAUY3TGLf0uvegmR8ZwVgd8B8fVVmZbbn/PVTFcBG/TsJE9X5a4neq2bAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUvvrpl7UbBZDEkZ8UQRYJDgkl6uswHwYDVR0j BBgwFoAUjPqIBj1cClHB1zelFwM4hlokU1gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YTJlNWI2OS1hZGJkLTRlMmQtODQ3ZC0zNzQ4MTU1ODFkODYvMC84Q0ZBODgwNjNE NUMwQTUxQzFENzM3QTUxNzAzMzg4NjVBMjQ1MzU4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4ODY1QTI0 NTM1OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGEyZTViNjktYWRiZC00ZTJkLTg0 N2QtMzc0ODE1NTgxZDg2LzAvOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4 ODY1QTI0NTM1OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFSmzC0IuQooLqGZAccSmtTEm3WtHkUT5P3L kOr3XcdY/2F472rGhTt+zt2vx4H3GPpgZLspIjD+/JpCgRdBfwxj/+PDjb9AkzYC rGh6m7JqlwswuXFCJkg4d0p98qNT+NG5G4/+XfZpgtT6eBz3huSnsHI0/1LidyXH PZp0LRRN85j2Exsl7D/rC6Ki6eP7Q+FlKqfG8zxleVhZh+LhSttoKCfgnNcQ5Vzo r0swFemB5DjsgOA2GbJj0t1Chwnqszcbvdir+144dNz12HhoRVuvvXX6IWt1EvIZ zVDp+WGbLcab+9c5Teo8EniyKSUteOaNQgW+xm6K/DQru0rH+dI= -----END CERTIFICATE-----Generated at Wed Dec 24 10:33:10 2025 by rpki-client