This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft File: 4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft (raw, json) Hash identifier: jsvEVd2QmL73iimhfNCJZH248RhNTUbR3C1Trul+IDI= Subject key identifier: D4:04:1C:74:CA:F3:C8:36:19:AF:EB:23:35:A5:EC:AB:E7:A2:9A:67 Authority key identifier: 43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57 Certificate issuer: /CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657 Certificate serial: 629FD41DF4E62387979B89038224DC6A0CFA28E4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft Manifest number: 0308 Signing time: Sat 20 Dec 2025 18:31:50 +0000 Manifest this update: Sat 20 Dec 2025 18:26:50 +0000 Manifest next update: Tue 23 Dec 2025 18:51:50 +0000 Files and hashes: 1: 3130332e3137362e39362e302f32332d3233203d3e20313437313331.roa (hash: RvlNgfW0J+bVY7d2yjeoXrc2sRB1/6Dnvn34DHTz4kU=) 2: 4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl (hash: OABXG7eQwc2U51hFG6p3mVSnQRv6h/nE3IsLDMcNPQA=) 3: 3130332e3137362e39372e302f32342d3234203d3e20313437313331.roa (hash: gcQbwwcsgWLto/MeqdtpULkQCdJ/hBMpFsyWHdzWTU8=) 4: 3130332e3137362e39362e302f32342d3234203d3e20313437313331.roa (hash: omt0on/osncWzWrbGIk75aVtn8fXGKFlF84iedQ76S8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 18:51:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:9f:d4:1d:f4:e6:23:87:97:9b:89:03:82:24:dc:6a:0c:fa:28:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657 Validity Not Before: Dec 20 18:26:50 2025 GMT Not After : Dec 23 18:51:50 2025 GMT Subject: CN=D4041C74CAF3C83619AFEB2335A5ECABE7A29A67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b2:78:29:3c:22:c2:0b:91:23:c2:57:31:4f: 97:48:3d:ec:d2:c3:3d:71:7e:d3:e5:f4:cb:b2:c4: 4f:fb:b6:a3:d8:79:1a:fe:66:32:b1:0c:b4:e6:11: 47:cd:47:66:b2:e6:36:1b:8e:3f:08:02:bb:84:0a: f5:8f:60:ab:38:95:fd:e7:3e:e6:40:95:8b:4d:8f: 82:13:57:e0:0c:6a:c4:4f:d5:74:ee:77:23:c4:fc: 0c:9c:3b:b0:e7:30:90:45:03:17:41:94:71:ac:61: d9:48:88:6b:cb:a4:c4:2a:0a:cd:e5:70:be:bc:64: c4:cb:f0:37:4e:13:d9:3f:a8:94:9b:6c:01:ae:18: 50:f0:ab:66:bd:ac:2f:12:88:1c:71:ec:7d:e6:02: 95:d4:34:de:62:5a:99:15:fa:1c:60:b6:3f:ba:d8: da:22:60:a4:c2:72:00:59:ea:e0:f6:c3:5f:0b:43: ff:83:f0:1d:ff:67:d5:a8:a6:55:83:d2:2e:5f:5d: 76:dd:1d:1a:08:bf:3e:68:c7:91:f6:2a:22:dd:d1: 55:fd:26:2c:d3:62:9e:10:f3:c9:6a:61:da:37:da: d9:23:59:d9:dd:5f:46:94:82:9c:e0:d6:9d:bd:c8: 03:8b:d8:b5:da:ac:38:17:09:f3:95:d8:84:48:53: 83:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:04:1C:74:CA:F3:C8:36:19:AF:EB:23:35:A5:EC:AB:E7:A2:9A:67 X509v3 Authority Key Identifier: keyid:43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:ba:93:76:27:5f:a7:01:d6:ed:ef:49:01:0a:0c:30:64:87: b3:a7:71:0c:70:b8:76:d0:7b:90:3b:f2:48:4c:b3:3d:49:2e: 56:76:4e:1c:8b:27:63:3c:d8:02:4b:0a:51:01:86:e0:a5:67: 64:80:87:63:3d:04:55:6f:df:83:0a:c5:22:e3:75:f9:f9:82: 73:e6:b4:c0:90:5a:77:52:62:75:be:79:33:af:48:05:03:fb: 24:5a:38:14:84:df:2e:c5:79:62:1f:3c:99:03:eb:6e:76:0a: b5:5c:d9:fb:e0:16:26:39:7c:0e:0b:04:f0:eb:0d:ec:bb:41: 67:10:3f:3d:fa:49:08:08:a5:fe:77:a1:e0:0b:40:bc:7e:f8: 85:0a:8b:67:c0:82:bd:bb:ae:e7:97:2b:e7:72:bc:82:3c:ec: e5:c6:be:fc:36:45:a3:13:f7:5c:a9:8b:7e:bc:fd:2f:04:81: be:59:77:a5:ec:62:79:c8:ee:e7:31:bd:84:fd:3b:e1:22:1d: 5d:bf:33:83:40:e4:7e:18:52:98:d5:fc:8c:94:71:d6:85:23: 78:3e:f0:cd:f6:e8:18:14:ac:c0:ca:a5:62:61:34:9c:d7:a4: bf:86:e9:92:1d:83:50:52:d6:21:e2:7c:8b:50:f0:90:ec:a5: 9d:0b:78:be -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYp/UHfTmI4eXm4kDgiTcagz6KOQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVF MzdCQjY1NzAeFw0yNTEyMjAxODI2NTBaFw0yNTEyMjMxODUxNTBaMDMxMTAvBgNV BAMTKEQ0MDQxQzc0Q0FGM0M4MzYxOUFGRUIyMzM1QTVFQ0FCRTdBMjlBNjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqsngpPCLCC5EjwlcxT5dIPezS wz1xftPl9MuyxE/7tqPYeRr+ZjKxDLTmEUfNR2ay5jYbjj8IAruECvWPYKs4lf3n PuZAlYtNj4ITV+AMasRP1XTudyPE/AycO7DnMJBFAxdBlHGsYdlIiGvLpMQqCs3l cL68ZMTL8DdOE9k/qJSbbAGuGFDwq2a9rC8SiBxx7H3mApXUNN5iWpkV+hxgtj+6 2NoiYKTCcgBZ6uD2w18LQ/+D8B3/Z9WoplWD0i5fXXbdHRoIvz5ox5H2KiLd0VX9 JizTYp4Q88lqYdo32tkjWdndX0aUgpzg1p29yAOL2LXarDgXCfOV2IRIU4MBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1AQcdMrzyDYZr+sjNaXsq+eimmcwHwYDVR0j BBgwFoAUQzfp/5Ggy2XOHrj662EI9eN7tlcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YzM0ZGMzZi0zMDhmLTRkZTEtYTM2NS03MDFiZDljZjEwMDQvMC80MzM3RTlGRjkx QTBDQjY1Q0UxRUI4RkFFQjYxMDhGNUUzN0JCNjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVFMzdC QjY1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWMzNGRjM2YtMzA4Zi00ZGUxLWEz NjUtNzAxYmQ5Y2YxMDA0LzAvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4 RjVFMzdCQjY1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE+6k3YnX6cB1u3vSQEKDDBkh7OncQxwuHbQ e5A78khMsz1JLlZ2ThyLJ2M82AJLClEBhuClZ2SAh2M9BFVv34MKxSLjdfn5gnPm tMCQWndSYnW+eTOvSAUD+yRaOBSE3y7FeWIfPJkD6252CrVc2fvgFiY5fA4LBPDr Dey7QWcQPz36SQgIpf53oeALQLx++IUKi2fAgr27rueXK+dyvII87OXGvvw2RaMT 91ypi368/S8Egb5Zd6XsYnnI7ucxvYT9O+EiHV2/M4NA5H4YUpjV/IyUcdaFI3g+ 8M326BgUrMDKpWJhNJzXpL+G6ZIdg1BS1iHifItQ8JDspZ0LeL4= -----END CERTIFICATE-----Generated at Mon Dec 22 01:02:27 2025 by rpki-client