This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: vh9/HijTXot7sNqubLFx6v16kNVPGlKA7wpqOrF4c64= Subject key identifier: 03:FD:EE:9D:48:53:97:27:09:7A:76:BB:B2:B1:7B:9C:D0:5A:07:27 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 7B2CAF21051E71766D09CF373F1BF28AB2AB244B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: E7 Signing time: Sat 20 Dec 2025 18:21:54 +0000 Manifest this update: Sat 20 Dec 2025 18:16:54 +0000 Manifest next update: Tue 23 Dec 2025 19:50:54 +0000 Files and hashes: 1: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: kSF1VyQJjpek8Mf3gy+lWICO98IQh62K2L543jgKTUA=) 2: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c=) 3: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: lPzCXBqTxQHp/1KrEVR8AoKzHlldXDeauouSrz9vHoI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 15:37:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:2c:af:21:05:1e:71:76:6d:09:cf:37:3f:1b:f2:8a:b2:ab:24:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Dec 20 18:16:54 2025 GMT Not After : Dec 23 19:50:54 2025 GMT Subject: CN=03FDEE9D48539727097A76BBB2B17B9CD05A0727 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:c2:c0:ef:c7:6c:53:4d:df:9a:a0:c0:33:6c: 0c:f9:7e:b7:1f:dc:ec:fa:c5:c4:f0:02:44:43:03: b2:14:8c:42:e8:1e:0e:ea:26:16:7b:2a:ef:44:cd: 6b:5e:54:d9:ca:b7:cc:2a:97:98:fd:02:cf:92:8e: df:e6:3a:00:79:4d:44:8d:50:47:02:ad:47:99:9f: 82:5d:2c:6b:10:8e:2a:a2:be:5a:8e:fe:13:ad:b0: 3f:68:32:33:cf:0d:48:6f:35:29:f9:c3:36:3a:bc: 7d:c7:73:3a:26:7f:51:ac:8d:c6:fa:96:7c:0a:7e: 67:b5:fd:e6:67:19:f8:5a:91:4f:92:ff:9f:7d:f4: 3c:3a:bd:c7:b2:82:2b:2c:ad:13:ce:6b:72:48:aa: e5:e0:7a:66:47:53:17:a8:50:5f:d3:2b:b7:64:4b: ad:04:cb:14:34:6c:0c:55:ea:48:4e:83:db:09:df: fe:06:45:16:d3:f4:9b:1c:1b:b5:d3:a9:16:cb:cb: af:a0:df:bf:0b:ed:df:97:79:eb:d6:08:9a:c2:33: 03:8a:fc:19:b1:6f:8b:85:31:40:43:83:a6:ff:f7: 2c:25:28:94:42:49:c2:4d:03:29:c6:ae:09:48:13: f9:13:98:59:57:74:df:a7:17:37:f8:f9:6f:f5:7c: 44:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:FD:EE:9D:48:53:97:27:09:7A:76:BB:B2:B1:7B:9C:D0:5A:07:27 X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:37:73:9f:9d:70:56:93:3a:6f:fb:1c:88:49:f5:bd:5a:09: 40:0d:ff:58:80:a5:35:9e:92:2f:1c:2c:ca:e0:6f:02:73:eb: c4:2f:d7:a0:62:8a:0a:54:c5:a6:b4:c8:44:ed:56:f7:54:9b: 2e:af:ef:39:9f:98:9b:91:34:6e:51:8b:14:ca:74:9b:a1:a1: 3c:09:ca:5f:be:c5:46:c7:dc:73:52:4d:14:39:77:0b:4b:25: d9:d7:1d:ec:b2:f3:9a:1a:5b:ec:6d:ba:e3:2f:86:61:15:16: df:a2:b6:02:eb:b7:13:da:c1:b9:fe:11:9f:f8:78:4a:65:ce: d0:65:ad:23:b9:e9:b4:c0:2f:20:75:e7:0f:47:32:2e:aa:0a: ff:b9:90:22:43:0b:de:72:af:91:6a:ec:fa:b2:61:4a:f4:8d: 21:ba:ae:8c:13:76:eb:11:13:89:32:3a:64:c5:38:ab:15:5e: 63:24:b5:6b:bb:53:8e:c2:b8:9b:12:87:4b:b4:d5:2e:fb:12: 33:ba:d0:7f:d0:d2:aa:21:26:06:0b:2a:4f:54:a5:1b:5d:59: 78:f5:bb:61:0d:13:a8:f5:a5:c3:7c:e0:04:6e:76:6a:ab:82: 48:2f:76:74:8b:48:7f:66:f9:61:98:30:30:18:2e:d0:c3:d9: 34:74:92:2f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUeyyvIQUecXZtCc83PxvyirKrJEswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNTEyMjAxODE2NTRaFw0yNTEyMjMxOTUwNTRaMDMxMTAvBgNV BAMTKDAzRkRFRTlENDg1Mzk3MjcwOTdBNzZCQkIyQjE3QjlDRDA1QTA3MjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLwsDvx2xTTd+aoMAzbAz5frcf 3Oz6xcTwAkRDA7IUjELoHg7qJhZ7Ku9EzWteVNnKt8wql5j9As+Sjt/mOgB5TUSN UEcCrUeZn4JdLGsQjiqivlqO/hOtsD9oMjPPDUhvNSn5wzY6vH3Hczomf1Gsjcb6 lnwKfme1/eZnGfhakU+S/5999Dw6vceygissrRPOa3JIquXgemZHUxeoUF/TK7dk S60EyxQ0bAxV6khOg9sJ3/4GRRbT9JscG7XTqRbLy6+g378L7d+XeevWCJrCMwOK /Bmxb4uFMUBDg6b/9ywlKJRCScJNAynGrglIE/kTmFlXdN+nFzf4+W/1fEQ1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUA/3unUhTlycJena7srF7nNBaBycwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFg3c5+dcFaTOm/7HIhJ9b1aCUAN/1iApTWe ki8cLMrgbwJz68Qv16BiigpUxaa0yETtVvdUmy6v7zmfmJuRNG5RixTKdJuhoTwJ yl++xUbH3HNSTRQ5dwtLJdnXHeyy85oaW+xtuuMvhmEVFt+itgLrtxPawbn+EZ/4 eEplztBlrSO56bTALyB15w9HMi6qCv+5kCJDC95yr5Fq7PqyYUr0jSG6rowTdusR E4kyOmTFOKsVXmMktWu7U47CuJsSh0u01S77EjO60H/Q0qohJgYLKk9UpRtdWXj1 u2ENE6j1pcN84ARudmqrgkgvdnSLSH9m+WGYMDAYLtDD2TR0ki8= -----END CERTIFICATE-----Generated at Sun Dec 21 19:27:52 2025 by rpki-client