This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft File: A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft (raw, json) Hash identifier: o9Lmh62rcSfPQxrFVeqzhHXhuSSRYgW1vVThOAhFxWc= Subject key identifier: 09:67:10:9E:4B:9E:23:1F:D0:E5:30:D2:9F:BC:E0:C9:A8:57:87:C8 Authority key identifier: A3:CE:6E:B5:31:A8:95:1D:24:A3:7D:F2:7A:01:EB:39:65:1D:7E:CA Certificate issuer: /CN=A91FD4CC0000/serialNumber=A3CE6EB531A8951D24A37DF27A01EB39651D7ECA Certificate serial: 3FBF84B10E4012888C98B2FD9DA427B2376310E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft Manifest number: 1C Signing time: Thu 18 Dec 2025 23:30:25 +0000 Manifest this update: Thu 18 Dec 2025 23:25:25 +0000 Manifest next update: Sat 20 Dec 2025 00:49:25 +0000 Files and hashes: 1: 3130332e3132312e3230382e302f32322d3234203d3e2033323538.roa (hash: m8YqiID+Q725PKBIKrUauO2lTKAbZU016aARa/XfmOg=) 2: A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl (hash: Gof9whCfvyR+JkJX5enE9308awnRMIXk1bTvzxjAxtM=) 3: 323430333a373163303a3a2f33322d3438203d3e2033323538.roa (hash: A+n33m7aMq8dWmlNODuImDbmHluR0nRCgY8pOPk9SGU=) Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 00:49:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:bf:84:b1:0e:40:12:88:8c:98:b2:fd:9d:a4:27:b2:37:63:10:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD4CC0000, serialNumber=A3CE6EB531A8951D24A37DF27A01EB39651D7ECA Validity Not Before: Dec 18 23:25:25 2025 GMT Not After : Dec 20 00:49:25 2025 GMT Subject: CN=0967109E4B9E231FD0E530D29FBCE0C9A85787C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:f5:7e:97:a3:50:d4:ea:6a:b5:07:1f:ed:4d: 2f:5d:d7:57:88:f3:0f:b5:5c:0a:d6:8a:74:78:72: b6:07:c0:fa:8a:8e:11:cc:fe:6e:b3:45:2d:41:44: 7e:1c:74:e8:0b:4f:9d:a2:15:80:a2:67:54:69:d0: 24:d1:61:f9:34:07:f3:e2:09:e1:08:38:d0:62:3f: 18:40:e7:ea:89:d9:bf:fa:c5:ea:b6:f0:e3:38:af: 9e:fb:17:f5:8c:20:78:00:f8:e6:95:ec:1f:f5:95: 97:8a:33:3e:64:1e:05:53:fb:60:08:a3:27:f7:c6: 08:0d:7a:20:11:0b:c3:4e:fa:73:84:f5:82:7f:1f: e4:b2:de:71:7f:82:fa:c2:6a:f7:aa:aa:18:82:90: 95:2b:df:92:eb:4c:38:c7:08:71:7c:03:ea:3a:f8: 52:b5:49:ca:97:6d:97:e7:ae:19:cf:e5:47:75:50: 63:6e:d6:f3:b3:7e:62:83:45:d7:09:e2:c5:96:e6: db:9a:b5:61:2b:b3:69:34:9c:63:b2:41:0c:54:8d: fd:f3:db:78:45:b5:b4:f3:f0:42:ac:29:99:6f:aa: 36:cd:14:b3:32:16:b2:cc:2d:11:9e:af:15:f3:66: 5e:86:d4:de:9e:71:4e:75:aa:4d:32:1b:fb:04:bc: 1a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:67:10:9E:4B:9E:23:1F:D0:E5:30:D2:9F:BC:E0:C9:A8:57:87:C8 X509v3 Authority Key Identifier: keyid:A3:CE:6E:B5:31:A8:95:1D:24:A3:7D:F2:7A:01:EB:39:65:1D:7E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:c1:01:f4:55:b3:53:86:ab:fe:fa:77:82:88:e1:f1:54:45: a0:4d:b4:98:47:a2:9c:92:f1:ca:e9:73:89:e7:e6:14:44:5d: f0:52:0d:1f:4d:8e:64:41:f1:f0:73:2d:88:42:84:26:de:dd: 56:fc:b2:ef:c2:9e:ba:c1:8c:78:09:93:58:1c:12:2b:05:32: 08:b3:d1:ce:97:33:12:8c:21:a7:5a:79:14:5a:4e:9b:19:15: ac:02:d3:a9:43:d8:bc:22:85:8a:46:b9:d4:9a:54:83:31:a7: ff:7f:95:e5:b3:a5:0b:5c:be:69:0b:ef:8f:20:bd:84:62:bf: 0b:a2:cb:cd:cb:35:0c:32:79:94:55:a3:ab:95:bc:fb:f6:39: 2d:fc:76:3e:6b:98:03:56:7d:98:17:cc:06:f1:70:98:54:c2: fd:26:8f:92:7f:6a:2f:49:c8:e8:48:c6:c4:d2:d7:d8:fa:44: 58:af:fb:77:31:e4:17:1f:69:cd:0b:d2:a2:4e:a7:1d:49:2d: 06:9d:a9:73:61:e6:0d:20:9e:75:ec:5f:b7:43:0b:80:47:4e: 3e:a5:62:65:b3:1a:27:4b:04:33:d3:8b:c9:e4:cd:49:1b:61: 63:7f:4f:c8:df:08:79:4f:fe:b0:64:36:24:75:87:46:6e:44: 1c:14:28:b7 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUP7+EsQ5AEoiMmLL9naQnsjdjEOgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkQ0Q0MwMDAwMTEwLwYDVQQFEyhBM0NFNkVCNTMx QTg5NTFEMjRBMzdERjI3QTAxRUIzOTY1MUQ3RUNBMB4XDTI1MTIxODIzMjUyNVoX DTI1MTIyMDAwNDkyNVowMzExMC8GA1UEAxMoMDk2NzEwOUU0QjlFMjMxRkQwRTUz MEQyOUZCQ0UwQzlBODU3ODdDODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALn1fpejUNTqarUHH+1NL13XV4jzD7VcCtaKdHhytgfA+oqOEcz+brNFLUFE fhx06AtPnaIVgKJnVGnQJNFh+TQH8+IJ4Qg40GI/GEDn6onZv/rF6rbw4zivnvsX 9YwgeAD45pXsH/WVl4ozPmQeBVP7YAijJ/fGCA16IBELw076c4T1gn8f5LLecX+C +sJq96qqGIKQlSvfkutMOMcIcXwD6jr4UrVJypdtl+euGc/lR3VQY27W87N+YoNF 1wnixZbm25q1YSuzaTScY7JBDFSN/fPbeEW1tPPwQqwpmW+qNs0UszIWsswtEZ6v FfNmXobU3p5xTnWqTTIb+wS8GsMCAwEAAaOCAfUwggHxMB0GA1UdDgQWBBQJZxCe S54jH9DlMNKfvODJqFeHyDAfBgNVHSMEGDAWgBSjzm61MaiVHSSjffJ6Aes5ZR1+ yjAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU5L0EzQ0U2RUI1MzFBODk1MUQyNEEzN0RGMjdB MDFFQjM5NjUxRDdFQ0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL284NXV0VEdvbFIwa28zM3llZ0hyT1dVZGZzby5j ZXIwagYIKwYBBQUHAQsEXjBcMFoGCCsGAQUFBzALhk5yc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTkvQTNDRTZFQjUzMUE4OTUxRDI0QTM3REYyN0EwMUVC Mzk2NTFEN0VDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAALBAfRVs1OGq/76d4KI4fFURaBNtJhHopyS 8crpc4nn5hREXfBSDR9NjmRB8fBzLYhChCbe3Vb8su/CnrrBjHgJk1gcEisFMgiz 0c6XMxKMIadaeRRaTpsZFawC06lD2LwihYpGudSaVIMxp/9/leWzpQtcvmkL748g vYRivwuiy83LNQwyeZRVo6uVvPv2OS38dj5rmANWfZgXzAbxcJhUwv0mj5J/ai9J yOhIxsTS19j6RFiv+3cx5Bcfac0L0qJOpx1JLQadqXNh5g0gnnXsX7dDC4BHTj6l YmWzGidLBDPTi8nkzUkbYWN/T8jfCHlP/rBkNiR1h0ZuRBwUKLc= -----END CERTIFICATE-----Generated at Fri Dec 19 17:40:20 2025 by rpki-client