This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft File: 8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft (raw, json) Hash identifier: bkJhrT9o52Cfel6LF+0nasvVGeZJ2HBqManiCjRK2+s= Subject key identifier: 1B:DF:2D:E9:16:5C:24:05:30:4F:DF:55:0A:3C:18:2E:55:1E:06:C1 Authority key identifier: 8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF Certificate issuer: /CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF Certificate serial: 5B58C2D028C588945267DF7349D5BD7DFF04ABEB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft Manifest number: F0 Signing time: Mon 01 Dec 2025 13:01:12 +0000 Manifest this update: Mon 01 Dec 2025 12:56:12 +0000 Manifest next update: Thu 04 Dec 2025 22:06:12 +0000 Files and hashes: 1: 323430343a346563303a3a2f33322d3438203d3e20313338313339.roa (hash: A2G6b+fxTo20QvHK7lUw9boisWwmFFcOlzGIN95UCMI=) 2: 3130332e3133332e3134372e302f32342d3234203d3e20313338313339.roa (hash: aR62APrh1DccZKre5l7C6SLFps3TBPFdm3R3znGJ1fA=) 3: 8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl (hash: PfGVrDL5wi3lKIZcN8B58RDFjye5hnlE1fomEgCUTbM=) 4: 3130332e3133332e3134352e302f32342d3234203d3e20313338313339.roa (hash: AZoy99OzaaD9x6sZSBHTE/6tOjO7s0t/ExrzVTGMWVY=) 5: 3130332e3133332e3134362e302f32342d3234203d3e20313338313339.roa (hash: nNqPduu/JjsIMhgAQMQxpm1Co5pg16TuoWu2Q/HzWgA=) 6: 323430343a346563303a313a3a2f34382d3438203d3e20313338313339.roa (hash: X/C9vXKY/TY9dLHbewA4tddP0TItlp1o/B62rHS1ZLs=) 7: 3130332e3133332e3134342e302f32342d3234203d3e20313338313339.roa (hash: 4N3xCB2x4rBoMiXQaq1TIxjQcspdHHBn4voGBhoXwMQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 04 Dec 2025 22:06:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:58:c2:d0:28:c5:88:94:52:67:df:73:49:d5:bd:7d:ff:04:ab:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF Validity Not Before: Dec 1 12:56:12 2025 GMT Not After : Dec 4 22:06:12 2025 GMT Subject: CN=1BDF2DE9165C2405304FDF550A3C182E551E06C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:1a:bc:3b:cc:51:36:35:1e:70:a5:cb:27:e2: 63:8f:19:8e:c9:60:72:e9:ba:67:4b:32:6b:1b:f7: 91:23:aa:e3:16:31:ad:98:1c:89:27:fc:12:42:22: ab:84:6f:57:c0:d8:5f:fc:4b:a2:d6:8b:f1:71:d6: e2:5f:54:c9:a6:40:ed:2c:d8:f1:20:a2:a7:80:27: ac:be:ad:46:47:85:72:5a:76:8c:0f:a3:af:bf:68: 75:b0:cf:72:7f:4f:8d:83:fe:76:28:e5:d0:1f:ee: 85:14:5d:8a:9b:a5:3f:3c:10:aa:e7:b5:0a:ec:42: b5:2d:ac:bf:e7:04:5b:25:0e:40:27:ef:54:ba:77: ae:74:b1:a6:11:c6:d7:47:78:99:24:83:53:b7:11: d2:64:57:d8:a9:65:8a:85:c9:88:a5:51:ec:47:95: 6b:4c:fb:f2:d2:a6:9e:d6:09:09:b8:14:63:65:da: 6f:f8:93:5d:6f:de:df:99:96:ee:7b:cd:f3:10:21: bb:b8:9a:17:79:70:7d:b7:e1:c2:80:d8:6b:45:db: 0a:19:14:1a:5d:10:fc:f1:23:45:33:0b:28:a2:02: da:52:42:02:9f:87:5f:99:2b:55:b4:6e:14:28:aa: aa:f0:62:9a:1f:e2:3a:0b:38:f8:77:b3:b1:ac:ac: 66:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:DF:2D:E9:16:5C:24:05:30:4F:DF:55:0A:3C:18:2E:55:1E:06:C1 X509v3 Authority Key Identifier: keyid:8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:b6:3b:40:80:82:e4:9d:b2:7c:4c:57:d0:13:74:4a:16:1c: 85:3d:e9:b8:61:ec:97:e1:da:86:d7:0f:04:1d:7e:3e:ad:d5: 14:85:2f:c3:2d:1b:54:a6:fe:cd:b2:6c:8e:09:fe:9c:a9:48: bb:21:42:d6:e7:fa:dc:3e:55:e2:fb:a0:d9:6e:5a:5c:84:75: fb:85:4d:cd:04:72:1f:c1:d4:44:39:1a:72:d3:cb:9e:93:ab: 4a:34:02:c8:ae:38:6e:01:4b:21:37:8a:65:af:f2:71:f2:5e: 1b:15:dd:b8:36:98:3d:d5:65:01:e0:6f:4f:2c:dc:fd:e8:95: 63:31:01:ed:ef:10:13:b8:08:91:9e:78:78:26:d3:51:02:bb: d0:3a:ce:47:da:07:5f:01:06:91:c7:48:3e:7e:39:57:78:04: 5a:08:d3:bc:e6:5a:25:f5:e2:a0:19:de:99:88:95:54:04:74: a2:70:ef:b3:58:e0:24:91:c2:29:73:ca:85:db:54:91:2c:2b: 13:99:11:1e:90:c4:6e:fb:a2:f5:b3:d1:f6:1f:f6:0a:f1:86: e1:4f:01:04:fa:06:c7:99:17:3b:fd:55:74:3a:bc:a9:3c:d1: 9f:aa:68:bc:f2:94:e4:40:c3:73:42:74:5a:7f:5c:83:66:06: 57:62:01:e0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUW1jC0CjFiJRSZ99zSdW9ff8Eq+swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJEMDQ0 MzUzRjZGRjAeFw0yNTEyMDExMjU2MTJaFw0yNTEyMDQyMjA2MTJaMDMxMTAvBgNV BAMTKDFCREYyREU5MTY1QzI0MDUzMDRGREY1NTBBM0MxODJFNTUxRTA2QzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDGrw7zFE2NR5wpcsn4mOPGY7J YHLpumdLMmsb95EjquMWMa2YHIkn/BJCIquEb1fA2F/8S6LWi/Fx1uJfVMmmQO0s 2PEgoqeAJ6y+rUZHhXJadowPo6+/aHWwz3J/T42D/nYo5dAf7oUUXYqbpT88EKrn tQrsQrUtrL/nBFslDkAn71S6d650saYRxtdHeJkkg1O3EdJkV9ipZYqFyYilUexH lWtM+/LSpp7WCQm4FGNl2m/4k11v3t+Zlu57zfMQIbu4mhd5cH234cKA2GtF2woZ FBpdEPzxI0UzCyiiAtpSQgKfh1+ZK1W0bhQoqqrwYpof4joLOPh3s7GsrGZJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUG98t6RZcJAUwT99VCjwYLlUeBsEwHwYDVR0j BBgwFoAUi6K14H+tVyjH3vv0/BC9BENT9v8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Yzc2Yzg1Zi05YTRmLTRhZmMtOTY5Yi04ZGEyNTM2YzVjMjQvMC84QkEyQjVFMDdG QUQ1NzI4QzdERUZCRjRGQzEwQkQwNDQzNTNGNkZGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJEMDQ0MzUz RjZGRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGM3NmM4NWYtOWE0Zi00YWZjLTk2 OWItOGRhMjUzNmM1YzI0LzAvOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJE MDQ0MzUzRjZGRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADy2O0CAguSdsnxMV9ATdEoWHIU96bhh7Jfh 2obXDwQdfj6t1RSFL8MtG1Sm/s2ybI4J/pypSLshQtbn+tw+VeL7oNluWlyEdfuF Tc0Ech/B1EQ5GnLTy56Tq0o0AsiuOG4BSyE3imWv8nHyXhsV3bg2mD3VZQHgb08s 3P3olWMxAe3vEBO4CJGeeHgm01ECu9A6zkfaB18BBpHHSD5+OVd4BFoI07zmWiX1 4qAZ3pmIlVQEdKJw77NY4CSRwilzyoXbVJEsKxOZER6QxG77ovWz0fYf9grxhuFP AQT6BseZFzv9VXQ6vKk80Z+qaLzylORAw3NCdFp/XINmBldiAeA= -----END CERTIFICATE-----Generated at Wed Dec 3 16:05:27 2025 by rpki-client