This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: V8R+qYRpWsDql/AQSLIGP2xWWh4mqwAe2Lg2UEGWB2w= Subject key identifier: B9:DA:F7:8C:64:6B:E5:93:18:51:4C:A8:1F:B0:AA:3A:5C:79:64:1C Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 258D9AF95F7D448B93E41B851066F19DF2B70856 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 052C Signing time: Tue 02 Dec 2025 07:32:12 +0000 Manifest this update: Tue 02 Dec 2025 07:27:12 +0000 Manifest next update: Fri 05 Dec 2025 14:30:12 +0000 Files and hashes: 1: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 2: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 3: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: us2DdeF7+D+chnlscjVnTEotbwXl4l6uRMCjgCYo25E=) 4: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: JY5X7Ni0FqjOLHL/IBAcPoDotTFSEzReZjChPfIbLws=) 5: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 6: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 7: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 8: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 14:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:8d:9a:f9:5f:7d:44:8b:93:e4:1b:85:10:66:f1:9d:f2:b7:08:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Dec 2 07:27:12 2025 GMT Not After : Dec 5 14:30:12 2025 GMT Subject: CN=B9DAF78C646BE59318514CA81FB0AA3A5C79641C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:84:56:bf:42:4d:75:7f:74:25:c9:5d:2d:67: a1:c3:21:f2:ed:a9:06:10:9e:2e:7c:06:0c:8d:c0: 09:7f:c6:2c:b6:45:73:a1:5a:bc:60:d2:62:af:e5: 33:cc:f1:d2:65:46:b2:e4:91:ba:dd:bf:12:45:8b: 8d:e0:05:0c:20:fa:62:33:77:c3:e6:95:75:27:fe: d3:6e:23:7b:ba:c4:cf:4b:e2:04:c0:9d:43:03:42: f4:85:44:2c:46:96:87:df:25:9f:79:3e:31:c0:ed: d4:9b:c1:f8:13:16:d4:f0:d8:01:f0:db:58:cd:e5: 26:e5:c9:5c:ab:d8:2d:1d:8d:07:41:67:5b:44:78: 02:14:27:07:79:36:36:02:62:62:a0:f0:2a:14:d8: f2:34:6f:f8:44:9e:cf:e6:df:74:de:17:40:5b:07: ab:d6:0c:d4:e8:b6:1d:8e:e1:c9:dc:b1:c9:32:db: 41:21:5e:37:7d:6e:8c:46:10:49:05:dc:95:38:1b: 5e:6b:64:3e:a4:fe:ed:d7:ee:49:a5:88:05:87:91: fb:28:ee:86:9d:ad:fe:f2:ea:15:cf:26:f3:08:27: 8d:23:c3:25:2d:c1:fa:6b:8a:2b:22:60:71:b3:13: be:3d:c1:53:2e:e9:f1:c0:b4:fa:69:aa:0d:06:22: e2:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:DA:F7:8C:64:6B:E5:93:18:51:4C:A8:1F:B0:AA:3A:5C:79:64:1C X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:06:4d:32:ac:87:33:3b:eb:f7:29:eb:96:24:ba:e6:7a:e4: bf:e4:64:e7:a5:fc:6f:8c:41:a9:1d:04:91:6a:cb:ee:f9:da: d1:5a:82:5d:d6:6a:b4:ec:04:65:0e:7e:cd:06:cb:50:68:b3: 20:3e:33:dc:23:63:e2:6d:0a:60:e8:1d:a7:1f:c9:fd:4f:83: ed:ad:9a:6d:b6:17:f5:66:bc:fe:97:cb:7c:4a:e2:1b:0e:7f: d8:e4:6e:ab:c8:a0:3e:7a:2c:13:23:de:25:55:24:a3:19:d1: 39:5b:fc:d6:6b:eb:ad:56:f5:2f:c8:84:0e:58:d1:22:7a:52: d7:21:79:59:ce:a2:a0:4e:33:3e:94:56:15:93:18:f9:2e:06: 13:5f:cb:55:01:70:1c:fd:6d:53:25:62:8a:97:2a:45:bf:0d: 91:62:4d:07:70:d5:61:12:0b:30:c8:b5:dc:16:55:01:45:ea: 12:59:2f:1e:43:93:d6:f1:8f:d8:04:ab:1e:5f:3b:97:6f:07: 56:17:8e:7e:53:89:a1:5a:b3:e0:b0:36:fa:79:2e:80:43:c5: 0d:ea:80:b1:80:d4:60:dd:82:be:84:34:c9:a4:47:0f:4b:07: 55:a4:8c:96:9c:bc:d0:31:25:66:ac:44:5b:de:04:7e:5a:1f: f1:75:29:cc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJY2a+V99RIuT5BuFEGbxnfK3CFYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTEyMDIwNzI3MTJaFw0yNTEyMDUxNDMwMTJaMDMxMTAvBgNV BAMTKEI5REFGNzhDNjQ2QkU1OTMxODUxNENBODFGQjBBQTNBNUM3OTY0MUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdhFa/Qk11f3QlyV0tZ6HDIfLt qQYQni58BgyNwAl/xiy2RXOhWrxg0mKv5TPM8dJlRrLkkbrdvxJFi43gBQwg+mIz d8PmlXUn/tNuI3u6xM9L4gTAnUMDQvSFRCxGloffJZ95PjHA7dSbwfgTFtTw2AHw 21jN5SblyVyr2C0djQdBZ1tEeAIUJwd5NjYCYmKg8CoU2PI0b/hEns/m33TeF0Bb B6vWDNToth2O4cncscky20EhXjd9boxGEEkF3JU4G15rZD6k/u3X7kmliAWHkfso 7oadrf7y6hXPJvMIJ40jwyUtwfpriisiYHGzE749wVMu6fHAtPppqg0GIuI/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUudr3jGRr5ZMYUUyoH7CqOlx5ZBwwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJQGTTKshzM76/cp65YkuuZ65L/kZOel/G+M QakdBJFqy+752tFagl3WarTsBGUOfs0Gy1BosyA+M9wjY+JtCmDoHacfyf1Pg+2t mm22F/VmvP6Xy3xK4hsOf9jkbqvIoD56LBMj3iVVJKMZ0Tlb/NZr661W9S/IhA5Y 0SJ6UtcheVnOoqBOMz6UVhWTGPkuBhNfy1UBcBz9bVMlYoqXKkW/DZFiTQdw1WES CzDItdwWVQFF6hJZLx5Dk9bxj9gEqx5fO5dvB1YXjn5TiaFas+CwNvp5LoBDxQ3q gLGA1GDdgr6ENMmkRw9LB1WkjJacvNAxJWasRFveBH5aH/F1Kcw= -----END CERTIFICATE-----Generated at Wed Dec 3 14:43:45 2025 by rpki-client