This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft File: 528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft (raw, json) Hash identifier: LnyxMubijBmRwb4gUzJhpY4u814/Q1cPcrXoNQcTAq0= Subject key identifier: C5:BB:A0:74:7C:57:1F:E1:08:21:6A:09:ED:EF:0A:0F:D8:0D:AD:02 Authority key identifier: 52:8A:79:9E:94:BD:50:52:F6:F5:8A:CF:DD:9F:4D:ED:3A:0E:D5:BB Certificate issuer: /CN=528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB Certificate serial: 5F94351E3EBD8968CF181AE9C4B6B4236BE28FE2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft Manifest number: 04FE Signing time: Wed 24 Dec 2025 13:20:54 +0000 Manifest this update: Wed 24 Dec 2025 13:15:54 +0000 Manifest next update: Sat 27 Dec 2025 21:27:54 +0000 Files and hashes: 1: 528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.crl (hash: BIdelv9FKnl6HHYvLQ9V9ucC279FYOYz5+1ICl3SM0c=) 2: 3130332e3139352e39302e302f32332d3234203d3e203538343034.roa (hash: /RTTrDt1roX5iqnN5YmyZ+CyR+tqtyybCHqOwLYwxXI=) 3: 323030313a6466363a616330303a3a2f34382d3438203d3e203538343034.roa (hash: hmq0uoHwUsEo+oTXEtyTpYYQCEB74jpeYd9ceOhWLKI=) 4: 3130332e3139352e38392e302f32342d3234203d3e203538343034.roa (hash: 8vEqnPeXr9755NhRmkDVV3kvpgE2wfzA2jlzpFzSE/0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.crl rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 17:20:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:94:35:1e:3e:bd:89:68:cf:18:1a:e9:c4:b6:b4:23:6b:e2:8f:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB Validity Not Before: Dec 24 13:15:54 2025 GMT Not After : Dec 27 21:27:54 2025 GMT Subject: CN=C5BBA0747C571FE108216A09EDEF0A0FD80DAD02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:01:b0:ab:d6:d2:60:5a:fa:49:5a:41:d5:57: bc:98:47:59:a2:6f:a5:21:80:bc:cc:92:49:0e:a9: c8:96:c9:a2:bc:58:c8:2b:a4:29:49:c7:e1:f6:60: a3:7f:8b:8b:7f:58:cc:52:f6:31:a9:e3:34:1d:a1: 7e:bc:62:6f:77:34:fc:0a:a7:4a:14:7a:f5:ac:62: fe:da:88:48:68:d5:87:49:b9:3c:ab:f6:94:35:e1: 7a:af:d1:b8:6f:f6:a5:c2:5a:c9:9e:81:21:77:f9: ed:7b:9d:00:de:77:df:f9:8e:50:33:fa:c6:ee:f2: 62:36:a7:8b:c1:00:cb:05:e0:d7:c1:b1:23:24:9a: a8:f6:9e:a9:a1:57:33:4d:4e:12:36:87:eb:16:7c: 15:e7:30:87:26:ac:2b:95:c1:ec:a4:f4:7d:d3:1f: c0:28:55:cf:47:d3:24:2a:fd:d1:4f:b4:ae:b5:98: 3e:ff:33:6c:d1:4a:61:f3:c4:75:18:91:94:fe:6c: 9a:ac:b1:cf:4a:9b:5c:d4:cc:d1:88:5f:32:74:88: 26:90:d7:39:43:47:a7:43:71:b7:15:b9:e7:4b:27: 52:bb:5f:62:0a:57:5e:f9:38:d0:b6:f8:f0:dd:c4: a6:5a:f6:1a:39:b3:f4:51:32:4d:2f:fd:0e:a4:12: 69:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:BB:A0:74:7C:57:1F:E1:08:21:6A:09:ED:EF:0A:0F:D8:0D:AD:02 X509v3 Authority Key Identifier: keyid:52:8A:79:9E:94:BD:50:52:F6:F5:8A:CF:DD:9F:4D:ED:3A:0E:D5:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:23:ea:74:92:31:ec:a7:b4:63:21:86:44:e4:c6:a5:54:f3: 9e:9c:35:46:06:17:de:3e:79:1d:6b:8a:96:89:11:67:b2:a0: de:6d:ba:67:f5:db:e2:48:b7:c6:29:c4:c3:41:00:8f:81:ff: db:b3:8c:cb:54:bd:aa:54:5e:6f:14:f7:f7:a9:b0:77:b0:63: 4c:1c:4e:9f:e9:ea:b4:fb:d8:1c:91:aa:24:4b:46:7d:60:64: 51:5c:0f:f1:92:02:39:9a:54:f7:de:d8:ac:67:eb:ee:df:aa: 07:3c:c7:e5:f0:c5:3a:61:d7:6a:84:ab:de:4b:8c:0b:31:73: af:2c:88:72:b0:13:7a:ee:36:69:27:c4:0a:c8:4a:5a:f8:52: b3:d5:f6:f2:f4:46:e3:87:73:17:aa:75:30:65:22:6b:e1:de: 28:f1:52:cc:15:e1:4d:b4:5d:90:16:97:5e:c1:e8:43:6e:7e: 60:79:a0:8c:69:04:29:59:08:59:53:c0:28:d3:d6:8f:79:c7: 6d:5e:9d:09:52:b8:db:19:4a:17:57:43:10:52:1d:40:6f:f2: 63:f2:c7:81:98:de:4a:c1:21:6e:e6:ef:d5:af:07:44:03:ca: be:a4:62:d9:59:47:4d:66:03:7e:90:52:0d:cb:c8:84:4d:ee: e2:f7:31:86 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUX5Q1Hj69iWjPGBrpxLa0I2vij+IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTI4QTc5OUU5NEJENTA1MkY2RjU4QUNGREQ5RjRERUQz QTBFRDVCQjAeFw0yNTEyMjQxMzE1NTRaFw0yNTEyMjcyMTI3NTRaMDMxMTAvBgNV BAMTKEM1QkJBMDc0N0M1NzFGRTEwODIxNkEwOUVERUYwQTBGRDgwREFEMDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4AbCr1tJgWvpJWkHVV7yYR1mi b6UhgLzMkkkOqciWyaK8WMgrpClJx+H2YKN/i4t/WMxS9jGp4zQdoX68Ym93NPwK p0oUevWsYv7aiEho1YdJuTyr9pQ14Xqv0bhv9qXCWsmegSF3+e17nQDed9/5jlAz +sbu8mI2p4vBAMsF4NfBsSMkmqj2nqmhVzNNThI2h+sWfBXnMIcmrCuVweyk9H3T H8AoVc9H0yQq/dFPtK61mD7/M2zRSmHzxHUYkZT+bJqssc9Km1zUzNGIXzJ0iCaQ 1zlDR6dDcbcVuedLJ1K7X2IKV175ONC2+PDdxKZa9ho5s/RRMk0v/Q6kEmmbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUxbugdHxXH+EIIWoJ7e8KD9gNrQIwHwYDVR0j BBgwFoAUUop5npS9UFL29YrP3Z9N7ToO1bswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m OThmMTljMy1lNGUxLTQxYTEtYWFmMC1kNjEzYWNhNDkzMGMvMC81MjhBNzk5RTk0 QkQ1MDUyRjZGNThBQ0ZERDlGNERFRDNBMEVENUJCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTI4QTc5OUU5NEJENTA1MkY2RjU4QUNGREQ5RjRERUQzQTBF RDVCQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjk4ZjE5YzMtZTRlMS00MWExLWFh ZjAtZDYxM2FjYTQ5MzBjLzAvNTI4QTc5OUU5NEJENTA1MkY2RjU4QUNGREQ5RjRE RUQzQTBFRDVCQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEcj6nSSMeyntGMhhkTkxqVU856cNUYGF94+ eR1ripaJEWeyoN5tumf12+JIt8YpxMNBAI+B/9uzjMtUvapUXm8U9/epsHewY0wc Tp/p6rT72ByRqiRLRn1gZFFcD/GSAjmaVPfe2Kxn6+7fqgc8x+XwxTph12qEq95L jAsxc68siHKwE3ruNmknxArISlr4UrPV9vL0RuOHcxeqdTBlImvh3ijxUswV4U20 XZAWl17B6ENufmB5oIxpBClZCFlTwCjT1o95x21enQlSuNsZShdXQxBSHUBv8mPy x4GY3krBIW7m79WvB0QDyr6kYtlZR01mA36QUg3LyIRN7uL3MYY= -----END CERTIFICATE-----Generated at Wed Dec 24 22:05:08 2025 by rpki-client