This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: bKkugQG64pVKyQlacL3itTnfiXfJjWcC7Nq87zbyVh4= Subject key identifier: 1E:99:80:A0:10:B3:2D:95:B5:05:76:08:C0:4E:28:92:05:59:E2:4D Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 645EA23C48D3C559812A0AE6455BCF4248A67F67 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: E1 Signing time: Sat 06 Dec 2025 21:41:50 +0000 Manifest this update: Sat 06 Dec 2025 21:36:50 +0000 Manifest next update: Wed 10 Dec 2025 02:08:50 +0000 Files and hashes: 1: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c=) 2: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: 3zu03iIsD0+Jy+baWTWJgzb502L0nLCQ0zJfVprXw0k=) 3: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: kSF1VyQJjpek8Mf3gy+lWICO98IQh62K2L543jgKTUA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:5e:a2:3c:48:d3:c5:59:81:2a:0a:e6:45:5b:cf:42:48:a6:7f:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Dec 6 21:36:50 2025 GMT Not After : Dec 10 02:08:50 2025 GMT Subject: CN=1E9980A010B32D95B5057608C04E28920559E24D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:2d:6c:5c:f7:bb:ae:b0:67:82:5a:d3:03:ca: 3c:48:6d:80:f5:00:73:9a:0e:da:5c:45:bd:76:27: e0:60:c1:8a:45:43:cd:88:30:e6:bc:27:94:d3:3e: 1e:65:b0:c0:bf:51:e6:fb:8f:15:3f:0b:dd:59:66: 4f:ec:85:e4:ad:9f:04:eb:f9:c0:7d:13:84:6b:c0: 1c:fe:da:aa:2c:0a:e1:ef:8a:5e:ba:1c:2a:a5:b5: 08:01:13:69:ca:c5:5e:b7:b9:be:c5:6d:5e:3f:98: 7d:a1:db:a7:27:07:c7:17:88:0a:d0:85:d9:67:38: 49:17:03:ad:c4:22:52:34:a0:b2:ea:c2:6c:19:de: d7:3b:df:a7:08:1e:d2:40:35:ed:19:d3:4c:13:91: e8:62:b3:cb:4e:39:9e:dd:9c:23:c3:cb:21:4b:74: 20:5d:17:4c:17:e0:e9:6c:52:e6:c6:a3:4c:64:76: 4b:5c:9e:70:e0:f6:e6:86:ff:3f:a7:b1:d5:72:c3: 1a:8e:10:20:9f:62:03:f8:6f:fe:bf:a3:9b:b4:5c: c0:51:6a:be:ac:4a:af:6e:98:6e:92:fd:a7:ba:4a: 71:64:65:cc:04:69:14:45:c3:f3:40:9f:3d:d3:44: 98:69:27:23:2a:37:19:bf:bf:6c:1e:f2:f4:14:d4: f5:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:99:80:A0:10:B3:2D:95:B5:05:76:08:C0:4E:28:92:05:59:E2:4D X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:cc:b9:c8:95:a6:88:53:4b:c8:d6:58:4e:c3:aa:5c:28:db: e3:d9:35:b4:1d:6d:d5:11:a2:54:14:8d:e5:30:bc:e1:cc:eb: 30:45:71:d4:12:21:96:ec:13:29:82:0c:c7:57:70:a9:53:15: c6:91:51:c7:04:d2:d3:f8:8c:76:58:1f:7a:b9:4e:6f:e8:5f: dc:08:86:7e:32:16:34:6f:d9:df:ed:76:0f:ab:05:af:a4:6b: 31:51:2c:1f:a0:3a:ca:72:d9:01:b0:b1:dc:c5:f3:6b:e9:de: 51:2e:d0:96:6b:67:86:f2:c8:ba:94:61:44:6c:02:ec:a8:34: 59:6f:ae:9e:bf:9c:11:4e:36:92:64:36:8c:6e:be:ee:4a:3a: 02:e8:24:c3:85:47:32:1c:e1:80:a7:fd:34:9a:e3:cc:73:d8: f4:91:57:12:1e:f7:b8:46:f2:3e:c9:7d:3b:93:0d:bf:e1:b9: 4c:fb:10:c9:8d:d9:95:8f:11:b9:35:01:0b:50:02:f4:55:98: e0:c1:15:29:56:74:46:90:48:ea:b3:14:e4:36:cb:b1:45:e2: d5:cd:0f:9a:ce:58:b2:2b:f4:e2:75:82:bd:e3:f7:f7:76:f1: eb:4f:d6:dd:a8:94:c0:03:3e:11:39:e7:22:05:6c:97:03:18: 69:58:67:52 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZF6iPEjTxVmBKgrmRVvPQkimf2cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNTEyMDYyMTM2NTBaFw0yNTEyMTAwMjA4NTBaMDMxMTAvBgNV BAMTKDFFOTk4MEEwMTBCMzJEOTVCNTA1NzYwOEMwNEUyODkyMDU1OUUyNEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjLWxc97uusGeCWtMDyjxIbYD1 AHOaDtpcRb12J+BgwYpFQ82IMOa8J5TTPh5lsMC/Ueb7jxU/C91ZZk/sheStnwTr +cB9E4RrwBz+2qosCuHvil66HCqltQgBE2nKxV63ub7FbV4/mH2h26cnB8cXiArQ hdlnOEkXA63EIlI0oLLqwmwZ3tc736cIHtJANe0Z00wTkehis8tOOZ7dnCPDyyFL dCBdF0wX4OlsUubGo0xkdktcnnDg9uaG/z+nsdVywxqOECCfYgP4b/6/o5u0XMBR ar6sSq9umG6S/ae6SnFkZcwEaRRFw/NAnz3TRJhpJyMqNxm/v2we8vQU1PU7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHpmAoBCzLZW1BXYIwE4okgVZ4k0wHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAB/MuciVpohTS8jWWE7Dqlwo2+PZNbQdbdUR olQUjeUwvOHM6zBFcdQSIZbsEymCDMdXcKlTFcaRUccE0tP4jHZYH3q5Tm/oX9wI hn4yFjRv2d/tdg+rBa+kazFRLB+gOspy2QGwsdzF82vp3lEu0JZrZ4byyLqUYURs AuyoNFlvrp6/nBFONpJkNoxuvu5KOgLoJMOFRzIc4YCn/TSa48xz2PSRVxIe97hG 8j7JfTuTDb/huUz7EMmN2ZWPEbk1AQtQAvRVmODBFSlWdEaQSOqzFOQ2y7FF4tXN D5rOWLIr9OJ1gr3j9/d28etP1t2olMADPhE55yIFbJcDGGlYZ1I= -----END CERTIFICATE-----Generated at Sun Dec 7 18:53:49 2025 by rpki-client