This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft
File:                     5A19D2FDC8392727696F70449B8B32AF772091A8.mft (raw, json)
Hash identifier:          JEii2uPI9X2CDv6uZzx3WjyZg55EyzdVreXM/71nLRQ=
Subject key identifier:   B9:F3:EC:45:0A:3F:A4:F6:58:82:EC:6B:3D:C1:B6:9F:94:25:20:44
Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8
Certificate issuer:       /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8
Certificate serial:       3A929AC36DE95F799F6C39132FE9A54EEA03BD9A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer
Subject info access:      rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft
Manifest number:          075F
Signing time:             Sun 07 Dec 2025 06:09:37 +0000
Manifest this update:     Sun 07 Dec 2025 06:04:37 +0000
Manifest next update:     Mon 08 Dec 2025 08:42:37 +0000
Files and hashes:         1: 3130332e35372e3136352e302f32342d3234203d3e203336333531.roa (hash: lBMQEgfNNqcQ4E5GtZaXErKNQCGw7C4a/0CUQvTz9ac=)
                          2: 323430333a326538303a3a2f33322d3438203d3e2038383838.roa (hash: aHLgsiUilAeuP0eUngFPa4NKmApL4+TTY785LIHVh2U=)
                          3: 323430333a326538303a3a2f33322d3438203d3e203233383538.roa (hash: yk45ao5jNqxMlDQT9mHO4gwIetHo/y3vLlvKtrGMEU4=)
                          4: 34352e3131372e3130332e302f32342d3234203d3e2034373835.roa (hash: 3QW6q7nlyaTHmuuayp38mJeD/0p6RSdiwoIkJYlbTEA=)
                          5: 5A19D2FDC8392727696F70449B8B32AF772091A8.crl (hash: 8mA/OiAaj3lpIED9Xf1LE5WRteLkv98UUrkGNyzaqC8=)
                          6: 34352e3131372e3130312e302f32342d3234203d3e2034373835.roa (hash: 77sdRzVq6pP1l7Vu8K2ysVi1R2suvoRUxVXi384mZhs=)
                          7: 34352e3131372e3130322e302f32342d3234203d3e2034373835.roa (hash: M7BFiLI/85eHFKyc8YCJdi5+AugJtg2SqbTW7w1G6LQ=)
                          8: 3130332e35372e3136342e302f32322d3234203d3e203233383538.roa (hash: 2qTnddQssGcU8sg+KC1UrSSj7O/cHGdq7aS7vBfMtvw=)
                          9: 34352e3131372e3130302e302f32342d3234203d3e203233383538.roa (hash: 5hG4RwSHZVnSqsO9x6f7nAjxYEbAb/HRse6WJYcZAOE=)
                          10: 34352e3131372e3130302e302f32342d3234203d3e2038383838.roa (hash: dxlqlSymD3+QS7EUByE6MriZabTKsAyLs26IGboQuBk=)
                          11: 3130332e35372e3136342e302f32322d3234203d3e2038383838.roa (hash: miNQAOvEV9cqqJweidH1Da7G+8UCj99vxs996hAnF9M=)
Validation:               OK
Signature path:           rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl
                          rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 08 Dec 2025 08:42:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:92:9a:c3:6d:e9:5f:79:9f:6c:39:13:2f:e9:a5:4e:ea:03:bd:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FA37D0000, serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8
        Validity
            Not Before: Dec  7 06:04:37 2025 GMT
            Not After : Dec  8 08:42:37 2025 GMT
        Subject: CN=B9F3EC450A3FA4F65882EC6B3DC1B69F94252044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:08:e3:e2:ff:28:a0:74:e7:11:ad:54:88:3c:
                    bb:31:0b:49:26:6c:d9:1a:97:db:66:8c:5e:73:49:
                    bb:e1:3c:d1:ed:68:f1:00:58:49:34:99:5f:cd:2c:
                    2f:e9:58:84:6c:af:fd:b7:d8:e7:ad:d6:b7:12:c5:
                    45:d6:e1:07:db:c2:2c:55:b2:a3:86:b5:e6:fc:31:
                    b7:c1:3b:1d:29:b5:11:57:c8:ab:1c:4e:c7:4f:46:
                    25:68:4f:d2:5d:e8:6c:98:b1:da:08:80:73:04:a8:
                    67:02:c6:8a:b8:d3:54:8b:20:23:c7:68:67:16:ba:
                    b6:39:9a:43:88:01:1a:5a:43:7d:5f:11:7e:51:91:
                    97:d7:eb:1d:15:83:68:1b:50:02:b5:2a:9c:37:fe:
                    f2:85:99:ad:c1:3e:fb:f0:3b:5e:62:29:d3:c1:3d:
                    4d:1c:b4:28:5d:9d:e8:14:43:ce:f8:a5:0d:db:ed:
                    7c:03:ee:5f:a5:a4:d9:f3:22:6b:65:1d:83:df:ec:
                    35:41:28:54:22:fb:eb:61:3e:29:f4:b1:d6:24:86:
                    35:5d:a5:95:3e:39:54:10:e6:3a:95:ec:8d:f9:2d:
                    ca:1e:4c:94:55:20:9a:d2:f8:7c:05:5e:3f:0e:00:
                    7e:db:28:b4:39:b7:b3:94:b0:94:ee:98:c3:54:52:
                    1a:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F3:EC:45:0A:3F:A4:F6:58:82:EC:6B:3D:C1:B6:9F:94:25:20:44
            X509v3 Authority Key Identifier:
                keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:91:17:8a:bc:59:ff:f2:3f:6f:0c:95:4c:e7:13:39:72:94:
         b0:d6:7c:ba:60:ec:0b:f0:c7:e9:40:00:09:4b:ce:40:34:9e:
         67:3e:ae:31:5b:3b:61:65:97:7e:6a:6f:2b:39:e7:8a:b0:5a:
         2e:77:07:b8:21:84:d7:ba:23:05:14:08:2c:a1:43:bc:c4:f6:
         6b:db:53:7d:de:26:16:d8:25:f2:42:fe:05:11:a1:d0:56:cb:
         bb:ca:06:c2:bd:fb:f5:f8:87:7d:c5:a6:a8:59:2c:6f:49:44:
         e4:96:20:26:3c:d6:ff:33:ac:ae:d4:3a:3d:26:be:9b:c8:2f:
         e5:2c:45:5f:3c:9d:50:fc:00:63:40:76:5f:70:0d:2b:0f:11:
         78:22:4f:e4:c9:6d:76:c8:91:9b:e6:66:d0:c6:a1:66:7d:fb:
         ef:40:11:8c:bc:9c:40:0c:a5:b3:bf:48:85:16:b8:92:90:76:
         6c:91:9b:60:b2:39:47:cf:64:f6:37:37:76:f7:24:cc:f0:a8:
         4b:bd:94:de:33:02:fd:1f:e0:c5:70:d9:87:11:28:bd:80:38:
         05:de:25:a1:72:05:5d:e0:98:2a:ae:2f:c4:e8:49:6e:44:fe:
         01:b0:bc:f3:b9:bf:c6:87:b3:39:95:42:aa:3c:40:bd:cf:37:
         55:e9:d6:03
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUOpKaw23pX3mfbDkTL+mlTuoDvZowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4
MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI1MTIwNzA2MDQzN1oX
DTI1MTIwODA4NDIzN1owMzExMC8GA1UEAxMoQjlGM0VDNDUwQTNGQTRGNjU4ODJF
QzZCM0RDMUI2OUY5NDI1MjA0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMI4+L/KKB05xGtVIg8uzELSSZs2RqX22aMXnNJu+E80e1o8QBYSTSZX80s
L+lYhGyv/bfY563WtxLFRdbhB9vCLFWyo4a15vwxt8E7HSm1EVfIqxxOx09GJWhP
0l3obJix2giAcwSoZwLGirjTVIsgI8doZxa6tjmaQ4gBGlpDfV8RflGRl9frHRWD
aBtQArUqnDf+8oWZrcE++/A7XmIp08E9TRy0KF2d6BRDzvilDdvtfAPuX6Wk2fMi
a2Udg9/sNUEoVCL762E+KfSx1iSGNV2llT45VBDmOpXsjfktyh5MlFUgmtL4fAVe
Pw4AftsotDm3s5SwlO6Yw1RSGokCAwEAAaOCAfUwggHxMB0GA1UdDgQWBBS58+xF
Cj+k9liC7Gs9wbaflCUgRDAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR
qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC
OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j
ZXIwagYIKwYBBQUHAQsEXjBcMFoGCCsGAQUFBzALhk5yc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNTcvNUExOUQyRkRDODM5MjcyNzY5NkY3MDQ0OUI4QjMy
QUY3NzIwOTFBOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAFqRF4q8Wf/yP28MlUznEzlylLDWfLpg7Avw
x+lAAAlLzkA0nmc+rjFbO2Fll35qbys554qwWi53B7ghhNe6IwUUCCyhQ7zE9mvb
U33eJhbYJfJC/gURodBWy7vKBsK9+/X4h33FpqhZLG9JROSWICY81v8zrK7UOj0m
vpvIL+UsRV88nVD8AGNAdl9wDSsPEXgiT+TJbXbIkZvmZtDGoWZ9++9AEYy8nEAM
pbO/SIUWuJKQdmyRm2CyOUfPZPY3N3b3JMzwqEu9lN4zAv0f4MVw2YcRKL2AOAXe
JaFyBV3gmCquL8ToSW5E/gGwvPO5v8aHszmVQqo8QL3PN1Xp1gM=
-----END CERTIFICATE-----