This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft
File:                     8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft (raw, json)
Hash identifier:          fgvwQndKJsOpJCwOXNuVr0P7VxRB0ER5sJqhqBgP1hQ=
Subject key identifier:   0E:3F:7A:D1:7A:49:ED:25:21:BC:28:26:99:44:87:16:94:41:37:67
Authority key identifier: 8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF
Certificate issuer:       /CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF
Certificate serial:       178565B269DAA9B512F04F9B01B358BDFFC8D0A4
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft
Manifest number:          FA
Signing time:             Wed 24 Dec 2025 04:41:17 +0000
Manifest this update:     Wed 24 Dec 2025 04:36:17 +0000
Manifest next update:     Sat 27 Dec 2025 11:12:17 +0000
Files and hashes:         1: 3130332e3133332e3134352e302f32342d3234203d3e20313338313339.roa (hash: AZoy99OzaaD9x6sZSBHTE/6tOjO7s0t/ExrzVTGMWVY=)
                          2: 3130332e3133332e3134362e302f32342d3234203d3e20313338313339.roa (hash: nNqPduu/JjsIMhgAQMQxpm1Co5pg16TuoWu2Q/HzWgA=)
                          3: 3130332e3133332e3134342e302f32342d3234203d3e20313338313339.roa (hash: 4N3xCB2x4rBoMiXQaq1TIxjQcspdHHBn4voGBhoXwMQ=)
                          4: 3130332e3133332e3134372e302f32342d3234203d3e20313338313339.roa (hash: aR62APrh1DccZKre5l7C6SLFps3TBPFdm3R3znGJ1fA=)
                          5: 8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl (hash: VFBAWfogYp8MgTz/viz6KBO3+eYpDyxj4Ji67NlUrbQ=)
                          6: 323430343a346563303a3a2f33322d3438203d3e20313338313339.roa (hash: A2G6b+fxTo20QvHK7lUw9boisWwmFFcOlzGIN95UCMI=)
                          7: 323430343a346563303a313a3a2f34382d3438203d3e20313338313339.roa (hash: X/C9vXKY/TY9dLHbewA4tddP0TItlp1o/B62rHS1ZLs=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl
                          rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 27 Dec 2025 11:12:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:85:65:b2:69:da:a9:b5:12:f0:4f:9b:01:b3:58:bd:ff:c8:d0:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF
        Validity
            Not Before: Dec 24 04:36:17 2025 GMT
            Not After : Dec 27 11:12:17 2025 GMT
        Subject: CN=0E3F7AD17A49ED2521BC28269944871694413767
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:53:d2:4c:f2:33:c2:4d:4a:5c:63:27:bd:04:
                    09:82:e9:46:ed:69:d5:96:a3:42:0a:ad:d6:45:f6:
                    de:0e:72:b4:c0:c7:0a:a0:49:0b:7e:69:64:3b:e0:
                    82:44:39:a1:06:42:21:b1:70:7d:75:10:de:6f:b7:
                    52:d3:c5:52:f7:c0:10:de:6f:99:05:d9:38:cb:86:
                    3b:17:71:77:10:cd:1f:e3:9c:16:37:dc:aa:47:f3:
                    f2:de:28:00:ad:a9:a6:90:83:9d:93:5b:4b:e4:a8:
                    19:0a:9c:ce:41:f1:5d:5d:e7:6c:c1:76:a4:86:a4:
                    55:9a:58:49:85:15:8d:93:34:41:55:db:a8:12:01:
                    1a:eb:b0:1a:c3:b7:85:e2:3b:62:8a:23:d3:f2:59:
                    bc:64:85:73:db:d7:02:f9:e4:b5:78:1d:6f:0a:1e:
                    d7:c3:ae:a1:46:2b:3c:c0:b1:cf:a3:6e:98:c5:0f:
                    c3:20:b6:1c:cc:e1:76:eb:c2:c6:1e:64:2c:f4:1c:
                    e3:19:6f:08:79:f3:7c:0f:b8:71:f8:86:a5:ce:43:
                    a3:13:94:e4:f1:34:fd:d7:62:dd:20:3a:38:bc:71:
                    85:a7:40:3b:d9:66:b2:2e:f4:01:9f:b4:1b:85:3f:
                    96:19:96:38:41:4c:38:92:13:78:ff:10:80:c8:d8:
                    5c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:3F:7A:D1:7A:49:ED:25:21:BC:28:26:99:44:87:16:94:41:37:67
            X509v3 Authority Key Identifier:
                keyid:8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:62:74:85:3d:53:b9:d7:6a:ed:6c:a3:9a:b8:9c:5a:c3:f0:
         80:7a:4d:76:b9:bb:f3:02:78:ec:58:d7:df:f3:3e:75:02:ec:
         03:d2:ec:3d:3a:45:24:4b:94:74:c4:97:ee:a5:95:f6:0d:de:
         38:c3:a2:29:a5:d0:2a:50:3e:79:8f:84:f5:19:16:66:53:8a:
         22:3c:bd:1a:7d:ab:1f:7d:a9:69:05:37:b5:56:96:e7:02:2d:
         b4:9f:ec:b2:09:ae:1d:50:67:5a:57:a9:c4:4d:8d:b6:3c:47:
         10:77:05:49:14:e9:eb:24:c2:f1:f8:88:8f:45:58:58:16:58:
         5c:64:b6:67:ff:2e:95:0c:b0:a1:36:7d:27:6f:43:cd:73:59:
         a9:5c:95:3a:1f:b5:18:ac:81:88:6b:a6:07:82:0b:2c:f2:31:
         0d:da:10:d9:48:1b:24:db:22:ba:cb:29:6e:09:5f:18:ae:82:
         a7:3f:4a:35:11:0f:f8:06:55:f1:72:2d:cc:a3:43:b3:86:00:
         5d:39:29:5d:e5:dd:c1:90:6e:93:98:d6:51:d2:4d:da:80:d1:
         a9:b1:b3:6b:9a:ad:e3:e6:69:f5:ef:3a:86:38:98:77:64:83:
         8a:f0:50:ef:08:d9:72:e3:d9:71:e3:49:65:28:cf:eb:91:33:
         ee:ad:45:f9
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUF4VlsmnaqbUS8E+bAbNYvf/I0KQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJEMDQ0
MzUzRjZGRjAeFw0yNTEyMjQwNDM2MTdaFw0yNTEyMjcxMTEyMTdaMDMxMTAvBgNV
BAMTKDBFM0Y3QUQxN0E0OUVEMjUyMUJDMjgyNjk5NDQ4NzE2OTQ0MTM3NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6U9JM8jPCTUpcYye9BAmC6Ubt
adWWo0IKrdZF9t4OcrTAxwqgSQt+aWQ74IJEOaEGQiGxcH11EN5vt1LTxVL3wBDe
b5kF2TjLhjsXcXcQzR/jnBY33KpH8/LeKACtqaaQg52TW0vkqBkKnM5B8V1d52zB
dqSGpFWaWEmFFY2TNEFV26gSARrrsBrDt4XiO2KKI9PyWbxkhXPb1wL55LV4HW8K
HtfDrqFGKzzAsc+jbpjFD8MgthzM4XbrwsYeZCz0HOMZbwh583wPuHH4hqXOQ6MT
lOTxNP3XYt0gOji8cYWnQDvZZrIu9AGftBuFP5YZljhBTDiSE3j/EIDI2Fx3AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUDj960XpJ7SUhvCgmmUSHFpRBN2cwHwYDVR0j
BBgwFoAUi6K14H+tVyjH3vv0/BC9BENT9v8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Yzc2Yzg1Zi05YTRmLTRhZmMtOTY5Yi04ZGEyNTM2YzVjMjQvMC84QkEyQjVFMDdG
QUQ1NzI4QzdERUZCRjRGQzEwQkQwNDQzNTNGNkZGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJEMDQ0MzUz
RjZGRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGM3NmM4NWYtOWE0Zi00YWZjLTk2
OWItOGRhMjUzNmM1YzI0LzAvOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJE
MDQ0MzUzRjZGRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAEpidIU9U7nXau1so5q4nFrD8IB6TXa5u/MC
eOxY19/zPnUC7APS7D06RSRLlHTEl+6llfYN3jjDoiml0CpQPnmPhPUZFmZTiiI8
vRp9qx99qWkFN7VWlucCLbSf7LIJrh1QZ1pXqcRNjbY8RxB3BUkU6eskwvH4iI9F
WFgWWFxktmf/LpUMsKE2fSdvQ81zWalclToftRisgYhrpgeCCyzyMQ3aENlIGyTb
IrrLKW4JXxiugqc/SjURD/gGVfFyLcyjQ7OGAF05KV3l3cGQbpOY1lHSTdqA0amx
s2uarePmafXvOoY4mHdkg4rwUO8I2XLj2XHjSWUoz+uRM+6tRfk=
-----END CERTIFICATE-----