This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft File: A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft (raw, json) Hash identifier: SkRhpL3fqJyZw/gAs1R2Ua5pRRdwJYXEcmtk73sJ8D8= Subject key identifier: AE:2E:3F:F9:E0:24:47:87:1F:D4:35:F0:28:6A:26:72:53:D1:13:8D Authority key identifier: A3:CE:6E:B5:31:A8:95:1D:24:A3:7D:F2:7A:01:EB:39:65:1D:7E:CA Certificate issuer: /CN=A91FD4CC0000/serialNumber=A3CE6EB531A8951D24A37DF27A01EB39651D7ECA Certificate serial: 5725CEB4E13A15063C17B90275ACFFD4701C053A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft Manifest number: 16 Signing time: Sun 14 Dec 2025 14:33:16 +0000 Manifest this update: Sun 14 Dec 2025 14:28:16 +0000 Manifest next update: Mon 15 Dec 2025 17:55:16 +0000 Files and hashes: 1: 3130332e3132312e3230382e302f32322d3234203d3e2033323538.roa (hash: m8YqiID+Q725PKBIKrUauO2lTKAbZU016aARa/XfmOg=) 2: A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl (hash: oJ7TIrGOdcrDG4jAXCMttZ9ynzzw8eEZkRiaOd/ebsQ=) 3: 323430333a373163303a3a2f33322d3438203d3e2033323538.roa (hash: A+n33m7aMq8dWmlNODuImDbmHluR0nRCgY8pOPk9SGU=) Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Dec 2025 17:55:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:25:ce:b4:e1:3a:15:06:3c:17:b9:02:75:ac:ff:d4:70:1c:05:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD4CC0000, serialNumber=A3CE6EB531A8951D24A37DF27A01EB39651D7ECA Validity Not Before: Dec 14 14:28:16 2025 GMT Not After : Dec 15 17:55:16 2025 GMT Subject: CN=AE2E3FF9E02447871FD435F0286A267253D1138D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:95:bf:2f:d2:49:ab:a1:0d:9a:89:ce:5d:e4: 16:00:43:5f:1d:d2:85:e7:ee:cd:d1:93:d0:b3:95: 9a:4a:ca:f0:66:3c:32:b3:04:fe:b3:fe:80:a7:2b: 38:e8:d7:fb:10:c8:43:8e:4a:32:9f:9b:5f:62:89: 5f:90:03:84:6f:24:9a:ba:91:2a:85:b2:46:da:10: 6f:61:7b:6c:08:41:37:da:0f:d9:1d:ae:04:e9:be: bc:95:e1:44:6f:2a:94:9a:31:b1:63:a0:fa:fd:2b: e9:8b:66:bc:47:a9:9c:e3:03:c8:b2:08:57:4f:c6: 0f:7b:77:8e:e9:90:51:20:37:c9:81:bc:3c:82:bc: d5:3b:60:df:65:1f:7b:a1:e6:fa:a3:4a:aa:3b:8d: ea:48:fb:e1:d6:79:35:4c:26:28:36:86:4c:91:ef: a9:a4:d8:d2:68:64:91:91:92:a0:ce:02:d2:79:9a: 2f:34:15:89:6f:91:c0:50:3f:7a:dd:d9:11:96:ae: fc:9b:2e:fa:e9:c2:aa:ed:33:af:5f:9d:5d:1b:73: 47:22:71:e4:37:c0:b8:fd:32:d0:36:99:f7:44:d6: 7b:0d:b1:03:24:b1:20:dc:f2:65:de:ba:a1:25:f7: 43:39:80:44:97:e4:bc:26:32:a8:cf:a4:0d:76:0d: 83:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:2E:3F:F9:E0:24:47:87:1F:D4:35:F0:28:6A:26:72:53:D1:13:8D X509v3 Authority Key Identifier: keyid:A3:CE:6E:B5:31:A8:95:1D:24:A3:7D:F2:7A:01:EB:39:65:1D:7E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o85utTGolR0ko33yegHrOWUdfso.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/59/A3CE6EB531A8951D24A37DF27A01EB39651D7ECA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:1d:74:3c:fb:1b:86:8f:8a:ef:55:3d:b8:4a:32:b2:00:4a: 1f:59:62:ac:1c:84:2a:55:14:f8:3a:ed:4c:9d:50:6a:e6:3b: c7:df:74:a3:81:90:a3:d1:f1:42:08:8f:30:dc:ff:99:27:4b: 0a:aa:b6:7c:64:6e:c4:30:53:86:b5:3c:c9:7a:f7:7d:e2:f6: b1:0b:17:17:85:74:2f:4f:33:2c:f2:e5:89:8c:99:72:14:64: a2:a9:f3:16:4d:52:89:ba:22:35:fa:bb:ad:36:94:37:c8:c4: 13:3e:2b:01:b8:ad:59:ff:75:32:d6:92:d5:15:42:0c:4b:79: 19:7a:33:a3:57:10:e7:f0:fd:78:b1:04:df:d0:92:cb:2a:05: dd:f3:11:59:61:53:80:59:64:5a:25:5c:79:68:16:3e:78:a9: cb:79:60:c4:a7:62:1b:10:6c:c7:46:7a:89:e9:48:19:c4:54: 06:cf:3d:1a:24:6d:92:32:4f:8f:a9:32:84:30:74:e7:32:1b: 8d:12:16:a6:91:eb:25:ed:f4:21:86:10:b3:4b:75:ed:ef:cf: 59:50:a9:6d:56:05:a1:ec:63:4c:23:4d:46:3b:12:25:5f:00: 6a:d9:1b:04:b7:43:ba:f2:3b:25:57:90:9c:23:de:0e:58:b8: 82:99:0d:83 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUVyXOtOE6FQY8F7kCdaz/1HAcBTowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkQ0Q0MwMDAwMTEwLwYDVQQFEyhBM0NFNkVCNTMx QTg5NTFEMjRBMzdERjI3QTAxRUIzOTY1MUQ3RUNBMB4XDTI1MTIxNDE0MjgxNloX DTI1MTIxNTE3NTUxNlowMzExMC8GA1UEAxMoQUUyRTNGRjlFMDI0NDc4NzFGRDQz NUYwMjg2QTI2NzI1M0QxMTM4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmVvy/SSauhDZqJzl3kFgBDXx3ShefuzdGT0LOVmkrK8GY8MrME/rP+gKcr OOjX+xDIQ45KMp+bX2KJX5ADhG8kmrqRKoWyRtoQb2F7bAhBN9oP2R2uBOm+vJXh RG8qlJoxsWOg+v0r6YtmvEepnOMDyLIIV0/GD3t3jumQUSA3yYG8PIK81Ttg32Uf e6Hm+qNKqjuN6kj74dZ5NUwmKDaGTJHvqaTY0mhkkZGSoM4C0nmaLzQViW+RwFA/ et3ZEZau/Jsu+unCqu0zr1+dXRtzRyJx5DfAuP0y0DaZ90TWew2xAySxINzyZd66 oSX3QzmARJfkvCYyqM+kDXYNgzUCAwEAAaOCAfUwggHxMB0GA1UdDgQWBBSuLj/5 4CRHhx/UNfAoaiZyU9ETjTAfBgNVHSMEGDAWgBSjzm61MaiVHSSjffJ6Aes5ZR1+ yjAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU5L0EzQ0U2RUI1MzFBODk1MUQyNEEzN0RGMjdB MDFFQjM5NjUxRDdFQ0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL284NXV0VEdvbFIwa28zM3llZ0hyT1dVZGZzby5j ZXIwagYIKwYBBQUHAQsEXjBcMFoGCCsGAQUFBzALhk5yc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTkvQTNDRTZFQjUzMUE4OTUxRDI0QTM3REYyN0EwMUVC Mzk2NTFEN0VDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIYddDz7G4aPiu9VPbhKMrIASh9ZYqwchCpV FPg67UydUGrmO8ffdKOBkKPR8UIIjzDc/5knSwqqtnxkbsQwU4a1PMl6933i9rEL FxeFdC9PMyzy5YmMmXIUZKKp8xZNUom6IjX6u602lDfIxBM+KwG4rVn/dTLWktUV QgxLeRl6M6NXEOfw/XixBN/QkssqBd3zEVlhU4BZZFolXHloFj54qct5YMSnYhsQ bMdGeonpSBnEVAbPPRokbZIyT4+pMoQwdOcyG40SFqaR6yXt9CGGELNLde3vz1lQ qW1WBaHsY0wjTUY7EiVfAGrZGwS3Q7ryOyVXkJwj3g5YuIKZDYM= -----END CERTIFICATE-----Generated at Sun Dec 14 22:14:50 2025 by rpki-client