This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft File: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft (raw, json) Hash identifier: Uk9F3UO/zv7sdK47RZb2bvaQVp4hUk+BXXgMW+OuXms= Subject key identifier: D8:43:E8:90:3B:FA:E8:26:30:8C:09:9A:CB:D1:E4:AF:63:AF:10:81 Authority key identifier: B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 Certificate issuer: /CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Certificate serial: 18D384A790E3DEB77C8B8AC2A8287370E9E674B7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft Manifest number: 0228 Signing time: Thu 18 Dec 2025 23:01:01 +0000 Manifest this update: Thu 18 Dec 2025 22:56:01 +0000 Manifest next update: Mon 22 Dec 2025 09:56:01 +0000 Files and hashes: 1: 3130332e3138382e3235332e302f32342d3234203d3e20313439373337.roa (hash: fMitGvSIMZKR/xojJDzG2iWApTg4bDt/1kqJnOfFiTo=) 2: 3130332e3138382e3235322e302f32332d3233203d3e20313439373337.roa (hash: jokIBMvTnzkYHW/XHAeX7hxaG3x1GkvBjnS33CW0bpg=) 3: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl (hash: rHeTOl0eCJF9SpRQ0nomGwY3fVehGfLBDZbxBUp4c1E=) 4: 3130332e3138382e3235322e302f32342d3234203d3e20313439373337.roa (hash: kjCPg8CNqMlAMRebUqHb4gpHFMec5lXxDxlOd53bN+M=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Dec 2025 03:43:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:d3:84:a7:90:e3:de:b7:7c:8b:8a:c2:a8:28:73:70:e9:e6:74:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Validity Not Before: Dec 18 22:56:01 2025 GMT Not After : Dec 22 09:56:01 2025 GMT Subject: CN=D843E8903BFAE826308C099ACBD1E4AF63AF1081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:07:29:6e:11:c3:e5:85:25:2e:7e:4a:a0:86: 89:cc:0f:95:e1:15:e9:fd:c8:0b:df:f3:63:f1:e6: 55:c4:e2:ac:ed:f7:08:2c:08:aa:5c:dd:01:87:99: 11:60:25:c0:8c:31:8f:af:01:6f:f2:e5:88:b8:9c: 31:53:ad:2f:46:17:ac:04:70:f5:47:fe:dd:d5:61: 38:81:f7:61:6f:c6:71:82:97:55:9f:84:21:34:40: ad:10:d0:d7:10:58:a1:82:56:24:d8:df:d2:13:16: 09:61:6c:41:78:56:b7:87:bf:69:29:3f:e5:26:78: 87:b0:9c:68:95:aa:6d:c5:12:a0:9a:5a:07:26:2f: 16:5a:9c:16:2f:2f:24:71:ad:2c:52:ce:3e:6c:db: 10:cf:c7:b5:75:37:3b:a7:3b:ad:e2:2d:98:d7:4b: ef:d6:c6:71:ca:90:22:fc:79:28:68:cb:83:fc:61: 36:ee:cb:69:e9:b8:9d:24:50:d1:c4:40:cb:14:06: 09:8b:d7:7e:36:50:ad:56:0a:d5:c9:aa:14:c0:1b: b7:d4:b8:4d:6a:4c:67:b7:de:45:24:d0:28:7e:28: 3d:4d:7b:8a:63:2a:53:28:86:2e:bf:49:9a:98:e8: 6d:d5:c4:ab:95:9d:e6:1e:6c:64:cd:f6:d5:a7:d2: 71:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:43:E8:90:3B:FA:E8:26:30:8C:09:9A:CB:D1:E4:AF:63:AF:10:81 X509v3 Authority Key Identifier: keyid:B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:53:a7:6b:75:2f:62:18:14:e6:a9:c1:e5:46:6b:ef:e4:18: 5c:fe:49:21:dd:54:92:44:66:77:1f:49:81:18:26:40:16:81: a6:02:5a:63:40:b4:8a:02:8f:d4:ac:14:2d:e3:5a:d5:a4:38: f5:cb:7a:06:41:49:c3:90:89:cf:ec:fe:b7:d0:12:74:51:f1: bc:75:7b:bf:9f:02:d3:b9:ad:23:11:32:78:4a:db:be:21:78: 51:14:21:8f:b1:0b:ae:ca:77:00:58:11:aa:c4:7c:60:1c:b1: 40:ec:b5:f8:a6:ba:1d:d6:4a:da:51:24:53:34:c5:f7:d2:c5: 21:c7:7c:0f:ff:57:f9:d0:38:9c:49:dc:f5:cd:13:c0:1f:1c: c2:47:da:62:cf:65:81:53:7a:db:9b:da:fb:c6:a7:f5:90:81: 12:04:91:ff:3e:f5:e2:23:5b:0c:85:67:17:d6:8c:99:51:38: 70:86:87:65:8a:e1:4f:3b:92:05:6c:3f:81:71:24:63:7c:90: e7:31:78:f9:ee:18:94:06:2a:51:d2:f6:01:05:eb:3c:55:fe: 60:c7:0f:2b:ba:f4:89:e1:96:9c:ab:50:c4:c9:43:c2:b4:21: 6c:7c:e8:7d:8d:97:97:2a:a0:e1:91:42:88:2d:b8:56:ae:36: 8a:82:3e:87 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGNOEp5Dj3rd8i4rCqChzcOnmdLcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5 ODI1NERCMjAeFw0yNTEyMTgyMjU2MDFaFw0yNTEyMjIwOTU2MDFaMDMxMTAvBgNV BAMTKEQ4NDNFODkwM0JGQUU4MjYzMDhDMDk5QUNCRDFFNEFGNjNBRjEwODEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoByluEcPlhSUufkqghonMD5Xh Fen9yAvf82Px5lXE4qzt9wgsCKpc3QGHmRFgJcCMMY+vAW/y5Yi4nDFTrS9GF6wE cPVH/t3VYTiB92FvxnGCl1WfhCE0QK0Q0NcQWKGCViTY39ITFglhbEF4VreHv2kp P+UmeIewnGiVqm3FEqCaWgcmLxZanBYvLyRxrSxSzj5s2xDPx7V1NzunO63iLZjX S+/WxnHKkCL8eShoy4P8YTbuy2npuJ0kUNHEQMsUBgmL1342UK1WCtXJqhTAG7fU uE1qTGe33kUk0Ch+KD1Ne4pjKlMohi6/SZqY6G3VxKuVneYebGTN9tWn0nGvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2EPokDv66CYwjAmay9Hkr2OvEIEwHwYDVR0j BBgwFoAUtel7cfr6JP+PorGjNVjYCpglTbIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 YWVkMDk4Yi00OWIxLTRmNTMtYjc1YS0yNzNlMTFjMjUxNDkvMC9CNUU5N0I3MUZB RkEyNEZGOEZBMkIxQTMzNTU4RDgwQTk4MjU0REIyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5ODI1 NERCMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOWFlZDA5OGItNDliMS00ZjUzLWI3 NWEtMjczZTExYzI1MTQ5LzAvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4 MEE5ODI1NERCMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJdTp2t1L2IYFOapweVGa+/kGFz+SSHdVJJE ZncfSYEYJkAWgaYCWmNAtIoCj9SsFC3jWtWkOPXLegZBScOQic/s/rfQEnRR8bx1 e7+fAtO5rSMRMnhK274heFEUIY+xC67KdwBYEarEfGAcsUDstfimuh3WStpRJFM0 xffSxSHHfA//V/nQOJxJ3PXNE8AfHMJH2mLPZYFTetub2vvGp/WQgRIEkf8+9eIj WwyFZxfWjJlROHCGh2WK4U87kgVsP4FxJGN8kOcxePnuGJQGKlHS9gEF6zxV/mDH Dyu69InhlpyrUMTJQ8K0IWx86H2Nl5cqoOGRQogtuFauNoqCPoc= -----END CERTIFICATE-----Generated at Fri Dec 19 10:53:17 2025 by rpki-client