This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: 5zG3G739gPYAHPnx+p4L5j1l3ErwdVkx3ym81JY30Bg= Subject key identifier: B1:ED:65:62:F5:D1:84:57:8B:11:78:87:9F:5F:E0:AC:DA:43:97:8F Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 316D587D5A1996ED0A36682A336B40A298670285 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 0533 Signing time: Wed 17 Dec 2025 12:32:09 +0000 Manifest this update: Wed 17 Dec 2025 12:27:09 +0000 Manifest next update: Sat 20 Dec 2025 23:53:09 +0000 Files and hashes: 1: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 2: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 3: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 4: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 5: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 6: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: JY5X7Ni0FqjOLHL/IBAcPoDotTFSEzReZjChPfIbLws=) 7: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: bwvRYZZEnq/Ruxpl0VNSeoebCnLCiOn+wNPW+9Yo5qw=) 8: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 23:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:6d:58:7d:5a:19:96:ed:0a:36:68:2a:33:6b:40:a2:98:67:02:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Dec 17 12:27:09 2025 GMT Not After : Dec 20 23:53:09 2025 GMT Subject: CN=B1ED6562F5D184578B1178879F5FE0ACDA43978F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0a:d4:e4:e6:5c:9f:83:cb:a1:2c:4d:f5:52: 48:6b:1d:56:0c:80:57:9f:5f:6d:d2:bc:49:47:86: 86:b1:48:26:f8:43:80:70:62:85:6d:6e:d3:b4:1e: 64:52:1b:d1:ee:ca:04:68:f8:92:64:4c:03:97:e8: 6c:72:be:4c:a6:7f:92:5f:73:29:54:93:d6:5b:ff: 32:03:5e:21:c4:0d:7e:98:c8:ba:8c:6a:a5:27:81: b4:64:ea:84:f0:dd:34:b2:42:90:3f:e0:3f:6a:e6: d4:c8:2a:e2:62:96:c6:a0:5c:bd:9a:08:65:7a:e7: 2a:45:0f:72:3b:69:f3:f2:cd:63:a7:f9:89:17:b3: e2:9a:d0:52:f9:24:06:14:87:cf:f0:74:c4:da:c1: 2a:5a:cd:6a:e1:f7:d6:69:1d:21:7a:20:b3:f3:25: 61:01:71:09:25:a3:89:71:04:92:6d:31:b6:7f:7b: a5:59:d8:cc:79:0b:3f:cc:93:32:f0:96:55:40:a8: 5f:72:2b:09:42:31:a4:fd:a3:1d:94:b2:84:23:c2: aa:5a:b0:cf:e9:90:8b:c4:c8:17:79:57:5b:bb:eb: 72:46:1e:c5:b8:f0:5d:a1:b3:b9:15:e2:9a:37:78: 24:53:ea:f7:53:3e:9a:75:f3:2b:90:dc:0f:e8:13: 14:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:ED:65:62:F5:D1:84:57:8B:11:78:87:9F:5F:E0:AC:DA:43:97:8F X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:0d:67:5e:ef:df:d0:8f:0b:00:15:30:b3:f9:ab:be:b5:19: b6:f6:dd:b2:ba:51:28:92:20:6d:28:7b:38:9a:39:07:9b:97: 1b:5d:4e:0d:d0:b1:05:ed:e8:b4:3b:b5:85:cd:11:43:15:c2: 02:ea:a0:e5:b7:8e:ed:f7:6a:8a:b4:28:41:71:2c:11:d2:7d: 7d:55:54:66:a5:56:c0:56:7b:c3:61:0c:52:8e:e5:fc:8f:43: 89:cd:25:21:5a:f6:ab:75:ff:b4:55:f9:04:45:5f:be:8a:8f: 7d:2f:b1:ad:d2:ef:be:b2:db:a4:ba:fa:a4:c6:f7:8c:27:52: d0:e2:c5:17:7a:52:8c:2b:12:3f:de:be:d4:81:3e:c3:0c:f7: 2a:11:56:6f:ff:8f:95:68:8a:70:57:cf:b1:c6:42:e0:b5:de: b7:8f:46:22:68:e6:b5:1f:bd:09:fd:de:df:2f:89:e3:9f:59: 0e:d0:f8:5b:60:03:74:92:cb:bd:b4:fd:b3:3d:36:26:90:a1: e1:52:3f:47:75:05:f6:f7:43:0d:48:6f:10:6a:a3:ef:79:b2: 0e:be:01:e2:b5:ac:1e:1f:f9:fd:bd:48:b1:a0:a5:ee:a3:e4: 51:50:eb:b0:5b:bc:b1:70:37:9b:a3:db:ad:78:5a:fc:ea:38: 0e:34:34:4a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMW1YfVoZlu0KNmgqM2tAophnAoUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTEyMTcxMjI3MDlaFw0yNTEyMjAyMzUzMDlaMDMxMTAvBgNV BAMTKEIxRUQ2NTYyRjVEMTg0NTc4QjExNzg4NzlGNUZFMEFDREE0Mzk3OEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHCtTk5lyfg8uhLE31UkhrHVYM gFefX23SvElHhoaxSCb4Q4BwYoVtbtO0HmRSG9HuygRo+JJkTAOX6Gxyvkymf5Jf cylUk9Zb/zIDXiHEDX6YyLqMaqUngbRk6oTw3TSyQpA/4D9q5tTIKuJilsagXL2a CGV65ypFD3I7afPyzWOn+YkXs+Ka0FL5JAYUh8/wdMTawSpazWrh99ZpHSF6ILPz JWEBcQklo4lxBJJtMbZ/e6VZ2Mx5Cz/MkzLwllVAqF9yKwlCMaT9ox2UsoQjwqpa sM/pkIvEyBd5V1u763JGHsW48F2hs7kV4po3eCRT6vdTPpp18yuQ3A/oExQNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUse1lYvXRhFeLEXiHn1/grNpDl48wHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJ8NZ17v39CPCwAVMLP5q761Gbb23bK6USiS IG0oeziaOQeblxtdTg3QsQXt6LQ7tYXNEUMVwgLqoOW3ju33aoq0KEFxLBHSfX1V VGalVsBWe8NhDFKO5fyPQ4nNJSFa9qt1/7RV+QRFX76Kj30vsa3S776y26S6+qTG 94wnUtDixRd6UowrEj/evtSBPsMM9yoRVm//j5VoinBXz7HGQuC13rePRiJo5rUf vQn93t8vieOfWQ7Q+FtgA3SSy720/bM9NiaQoeFSP0d1Bfb3Qw1IbxBqo+95sg6+ AeK1rB4f+f29SLGgpe6j5FFQ67BbvLFwN5uj2614WvzqOA40NEo= -----END CERTIFICATE-----Generated at Fri Dec 19 08:50:00 2025 by rpki-client