This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/14258e5c-0456-46a3-9632-709c767104bb/0/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.mft File: 89DCD9E9EB542D202BA36CB44CE75AD743EF544E.mft (raw, json) Hash identifier: z4zEc4NgdNl+zZG2QB1c0Q3DTg8uNHF0yI8NB1ku/MM= Subject key identifier: D5:71:02:60:7F:1B:5B:9F:A4:1A:73:A2:25:43:2A:07:3D:5A:FE:F5 Authority key identifier: 89:DC:D9:E9:EB:54:2D:20:2B:A3:6C:B4:4C:E7:5A:D7:43:EF:54:4E Certificate issuer: /CN=89DCD9E9EB542D202BA36CB44CE75AD743EF544E Certificate serial: 6A109B3F4625293DD4BF1C943D2D590CF3166E57 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/14258e5c-0456-46a3-9632-709c767104bb/0/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.mft Manifest number: 0129 Signing time: Sun 07 Dec 2025 12:00:00 +0000 Manifest this update: Sun 07 Dec 2025 11:55:00 +0000 Manifest next update: Wed 10 Dec 2025 23:59:00 +0000 Files and hashes: 1: 89DCD9E9EB542D202BA36CB44CE75AD743EF544E.crl (hash: KdVqLkxMRoC/Qi8Z8C+rtM61nSPbbmQuJFUgbaJFgOo=) 2: 3135372e31302e3135382e302f32342d3234203d3e20313532333535.roa (hash: PTT9MsWDPwZ9cRzvcXmuxxhA2JhY1zsKHAXPKrnZx/M=) 3: 3135372e31302e3135392e302f32342d3234203d3e20313532333535.roa (hash: dGVpmdtEGT3h+fNYGvG5smP/PxkVYYYHGNHC/rEeLpo=) 4: 3135372e31302e3135382e302f32332d3233203d3e20313532333535.roa (hash: lquMzYc1A9WezJfZrkZ7IH+M206UU3pQd22VWaKYVvM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/14258e5c-0456-46a3-9632-709c767104bb/0/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.crl rsync://repo-rpki.idnic.net/repo/14258e5c-0456-46a3-9632-709c767104bb/0/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:10:9b:3f:46:25:29:3d:d4:bf:1c:94:3d:2d:59:0c:f3:16:6e:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89DCD9E9EB542D202BA36CB44CE75AD743EF544E Validity Not Before: Dec 7 11:55:00 2025 GMT Not After : Dec 10 23:59:00 2025 GMT Subject: CN=D57102607F1B5B9FA41A73A225432A073D5AFEF5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:96:98:16:81:cf:33:31:e4:cc:32:e7:45:b7: e6:1d:91:51:a6:8a:ef:d6:70:63:67:17:b8:7e:bf: f9:e5:30:fb:61:22:05:57:0d:68:b9:ac:f0:15:b6: 9c:1e:57:fa:65:87:32:e9:f2:da:d0:23:85:91:e7: 37:12:83:b4:c8:9e:08:23:ed:ca:f9:e2:8f:c7:4d: 5b:ee:91:5f:39:00:6f:b0:44:ba:5d:e4:57:80:79: 73:50:0c:d6:1f:16:64:44:dc:8d:fb:d6:81:bc:5e: 92:df:f1:1b:ae:18:6c:a4:8b:7e:03:7a:8d:28:7f: ce:ab:35:df:c1:09:8c:ec:9c:65:42:e1:be:6a:f9: 41:e5:98:f1:e0:0a:bc:bb:55:a2:fc:8b:5c:00:6d: c9:10:a5:b6:6a:6e:f9:87:46:c9:25:c0:a9:8b:0b: 0f:6d:2e:fa:66:b2:63:c8:a3:ea:c5:8a:17:1a:0b: f4:39:e9:59:80:fc:9a:db:75:af:78:6c:ea:aa:49: fa:90:56:d5:07:b4:c9:62:d2:0a:4b:f1:6c:03:32: 47:70:af:9a:9e:e0:2d:33:50:2a:a3:60:e9:b6:0a: d0:84:18:bb:07:24:8f:31:02:20:64:78:c3:b1:e7: ba:e2:7f:fa:98:72:32:c6:e4:9a:ff:9a:b6:e3:98: b1:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:71:02:60:7F:1B:5B:9F:A4:1A:73:A2:25:43:2A:07:3D:5A:FE:F5 X509v3 Authority Key Identifier: keyid:89:DC:D9:E9:EB:54:2D:20:2B:A3:6C:B4:4C:E7:5A:D7:43:EF:54:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/14258e5c-0456-46a3-9632-709c767104bb/0/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/14258e5c-0456-46a3-9632-709c767104bb/0/89DCD9E9EB542D202BA36CB44CE75AD743EF544E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:be:5c:06:8a:6d:be:87:a6:ea:bc:97:9c:52:50:fb:f4:4e: d8:ad:d3:ef:c7:c2:be:bb:4e:9b:84:a7:93:ff:92:01:42:3a: 5a:a4:55:e5:94:42:e1:6b:fe:7f:72:a8:0e:28:c9:72:a3:4c: 05:60:2f:a8:02:8c:6e:f4:57:31:2c:a1:a4:ee:74:90:2f:30: c6:0f:fe:73:b4:b7:40:51:da:4b:38:3a:db:f5:e8:25:ab:ad: b2:ab:e0:9e:50:19:27:0e:a1:e9:61:7b:24:af:ea:25:35:95: 5d:a5:8b:c2:ab:35:ec:75:43:ca:25:56:81:40:71:f2:37:1f: 37:c8:71:d4:77:ab:b1:92:b6:8b:79:2e:bd:d9:c9:15:f7:e1: 5a:43:05:8c:7b:eb:92:3c:57:8c:44:a1:97:31:a2:b7:43:89: d9:1d:06:14:b7:50:4e:9a:ac:6e:e9:ec:64:ef:d2:0d:d9:6f: 72:2e:d4:15:bb:37:33:8c:ab:9c:bf:41:b6:ca:1b:63:0f:8b: af:5c:e6:34:eb:2d:17:a9:f5:b0:81:ad:8e:ac:f6:fe:98:6c: 68:66:3f:4f:da:1e:b8:de:26:47:78:49:d3:9c:96:2a:f9:fb: 39:46:ed:6c:fe:0e:c9:5d:3f:2d:20:9b:b1:7d:f0:03:1c:b7: db:62:cf:34 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUahCbP0YlKT3UvxyUPS1ZDPMWblcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODlEQ0Q5RTlFQjU0MkQyMDJCQTM2Q0I0NENFNzVBRDc0 M0VGNTQ0RTAeFw0yNTEyMDcxMTU1MDBaFw0yNTEyMTAyMzU5MDBaMDMxMTAvBgNV BAMTKEQ1NzEwMjYwN0YxQjVCOUZBNDFBNzNBMjI1NDMyQTA3M0Q1QUZFRjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDElpgWgc8zMeTMMudFt+YdkVGm iu/WcGNnF7h+v/nlMPthIgVXDWi5rPAVtpweV/plhzLp8trQI4WR5zcSg7TInggj 7cr54o/HTVvukV85AG+wRLpd5FeAeXNQDNYfFmRE3I371oG8XpLf8RuuGGyki34D eo0of86rNd/BCYzsnGVC4b5q+UHlmPHgCry7VaL8i1wAbckQpbZqbvmHRsklwKmL Cw9tLvpmsmPIo+rFihcaC/Q56VmA/Jrbda94bOqqSfqQVtUHtMli0gpL8WwDMkdw r5qe4C0zUCqjYOm2CtCEGLsHJI8xAiBkeMOx57rif/qYcjLG5Jr/mrbjmLHfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1XECYH8bW5+kGnOiJUMqBz1a/vUwHwYDVR0j BBgwFoAUidzZ6etULSAro2y0TOda10PvVE4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NDI1OGU1Yy0wNDU2LTQ2YTMtOTYzMi03MDljNzY3MTA0YmIvMC84OURDRDlFOUVC NTQyRDIwMkJBMzZDQjQ0Q0U3NUFENzQzRUY1NDRFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvODlEQ0Q5RTlFQjU0MkQyMDJCQTM2Q0I0NENFNzVBRDc0M0VG NTQ0RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTQyNThlNWMtMDQ1Ni00NmEzLTk2 MzItNzA5Yzc2NzEwNGJiLzAvODlEQ0Q5RTlFQjU0MkQyMDJCQTM2Q0I0NENFNzVB RDc0M0VGNTQ0RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMO+XAaKbb6Hpuq8l5xSUPv0Ttit0+/Hwr67 TpuEp5P/kgFCOlqkVeWUQuFr/n9yqA4oyXKjTAVgL6gCjG70VzEsoaTudJAvMMYP /nO0t0BR2ks4Otv16CWrrbKr4J5QGScOoelheySv6iU1lV2li8KrNex1Q8olVoFA cfI3HzfIcdR3q7GStot5Lr3ZyRX34VpDBYx765I8V4xEoZcxordDidkdBhS3UE6a rG7p7GTv0g3Zb3Iu1BW7NzOMq5y/QbbKG2MPi69c5jTrLRep9bCBrY6s9v6YbGhm P0/aHrjeJkd4SdOclir5+zlG7Wz+DsldPy0gm7F98AMct9tizzQ= -----END CERTIFICATE-----Generated at Sun Dec 7 18:53:05 2025 by rpki-client