This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft File: 4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft (raw, json) Hash identifier: fHxNM7NHX7ypS5AM/Y2/oqj/UNVb+wkRnnEX1JEdV9c= Subject key identifier: 13:44:BA:C0:3F:C6:CB:F5:E0:2E:99:D2:DA:14:CC:A0:99:D7:90:6A Authority key identifier: 43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57 Certificate issuer: /CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657 Certificate serial: 091BB1F78F71FE6BD31FA317260F70F0AB294BC0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft Manifest number: 0300 Signing time: Wed 03 Dec 2025 06:41:15 +0000 Manifest this update: Wed 03 Dec 2025 06:36:15 +0000 Manifest next update: Sat 06 Dec 2025 10:38:15 +0000 Files and hashes: 1: 3130332e3137362e39362e302f32342d3234203d3e20313437313331.roa (hash: omt0on/osncWzWrbGIk75aVtn8fXGKFlF84iedQ76S8=) 2: 3130332e3137362e39362e302f32332d3233203d3e20313437313331.roa (hash: RvlNgfW0J+bVY7d2yjeoXrc2sRB1/6Dnvn34DHTz4kU=) 3: 3130332e3137362e39372e302f32342d3234203d3e20313437313331.roa (hash: gcQbwwcsgWLto/MeqdtpULkQCdJ/hBMpFsyWHdzWTU8=) 4: 4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl (hash: awe+TQQQUg1LGEQwNMVdWA9gpSPoMz/qFsA2zYDHVdA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 10:38:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:1b:b1:f7:8f:71:fe:6b:d3:1f:a3:17:26:0f:70:f0:ab:29:4b:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657 Validity Not Before: Dec 3 06:36:15 2025 GMT Not After : Dec 6 10:38:15 2025 GMT Subject: CN=1344BAC03FC6CBF5E02E99D2DA14CCA099D7906A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:eb:c3:88:ed:e0:42:88:88:50:b6:33:a5:bf: 47:95:1d:8a:d1:a2:41:54:f1:ab:10:21:c5:73:11: 0d:e5:57:29:6b:f0:5b:db:44:41:0f:fa:b7:2c:30: 9e:1e:75:4d:81:4d:2c:1f:60:b8:f9:5c:e7:d0:40: 8c:b1:dc:5e:e9:04:47:0c:45:9c:92:7c:a5:c5:97: 9a:a0:6c:27:b3:00:d2:8a:d7:27:81:6e:96:ca:ce: 20:bc:d7:e8:b1:71:b6:e9:7d:ec:ec:ed:de:e4:76: 9a:ca:e7:26:88:a2:97:bf:01:fb:74:c5:18:1f:b2: 23:33:e8:c1:a5:31:54:23:59:65:6f:a7:b0:99:bf: 99:03:c6:9b:00:79:ec:8b:8d:b5:81:19:04:1a:c2: 4a:64:60:84:9e:6a:b8:e5:16:0e:eb:0f:f3:e4:2e: 64:0c:45:ef:57:ab:d8:ec:7d:78:99:95:b2:72:83: db:3c:24:ee:ff:4e:32:f6:b6:1d:18:72:0f:c4:61: a7:97:7d:7e:45:03:ab:db:a0:1b:1f:bc:4d:b3:77: c4:d1:5f:7d:40:ed:d1:ad:c3:dd:d3:cd:ef:65:95: 7c:15:7e:ea:37:36:61:34:5d:5d:d0:9c:68:87:1a: 0e:9b:db:fb:98:71:fb:6c:1a:ba:5b:0d:fd:e6:3a: 21:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:44:BA:C0:3F:C6:CB:F5:E0:2E:99:D2:DA:14:CC:A0:99:D7:90:6A X509v3 Authority Key Identifier: keyid:43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:17:a2:6c:64:b0:53:79:3a:83:e0:1e:10:31:c5:78:ab:fb: 5a:7f:2b:eb:91:ed:b7:73:ed:ee:7c:71:dc:2e:66:35:7f:e4: cf:9a:b8:0d:65:34:7f:46:b2:70:b0:f6:c6:5a:7e:1d:63:9f: 90:03:83:de:f0:ac:48:e2:79:15:a5:ff:fd:76:97:07:51:bd: 45:5f:11:b4:41:18:16:db:96:29:34:12:cb:6a:a3:80:19:47: b8:57:67:85:29:30:46:4a:e1:78:14:e4:82:7e:12:56:42:bf: 8d:ed:10:17:bd:cf:eb:c1:ae:e0:9b:79:69:3a:69:23:0d:d8: 1c:59:0a:10:59:d3:ce:2b:57:9a:1d:18:28:87:ff:51:1e:b1: a4:1d:11:2c:97:e8:03:d7:d2:75:df:57:71:ce:da:74:9c:fd: 90:57:3b:e5:ca:08:37:dc:29:90:f9:72:02:97:8e:2f:f3:c7: 4b:36:bd:69:b0:39:4c:60:1d:00:2b:7a:47:d4:d2:af:15:b8: d1:46:37:9c:df:4b:51:70:b3:0a:91:0a:b4:79:12:be:4b:e3: 7e:ac:57:0a:0f:7b:4c:49:65:c5:89:43:4c:69:1d:38:c7:be: 24:5e:45:bf:20:58:b5:af:fe:1b:1d:23:ca:b6:bf:99:c3:40: 7c:9b:5c:cd -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCRux949x/mvTH6MXJg9w8KspS8AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVF MzdCQjY1NzAeFw0yNTEyMDMwNjM2MTVaFw0yNTEyMDYxMDM4MTVaMDMxMTAvBgNV BAMTKDEzNDRCQUMwM0ZDNkNCRjVFMDJFOTlEMkRBMTRDQ0EwOTlENzkwNkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl68OI7eBCiIhQtjOlv0eVHYrR okFU8asQIcVzEQ3lVylr8FvbREEP+rcsMJ4edU2BTSwfYLj5XOfQQIyx3F7pBEcM RZySfKXFl5qgbCezANKK1yeBbpbKziC81+ixcbbpfezs7d7kdprK5yaIope/Aft0 xRgfsiMz6MGlMVQjWWVvp7CZv5kDxpsAeeyLjbWBGQQawkpkYISearjlFg7rD/Pk LmQMRe9Xq9jsfXiZlbJyg9s8JO7/TjL2th0Ycg/EYaeXfX5FA6vboBsfvE2zd8TR X31A7dGtw93Tze9llXwVfuo3NmE0XV3QnGiHGg6b2/uYcftsGrpbDf3mOiFZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUE0S6wD/Gy/XgLpnS2hTMoJnXkGowHwYDVR0j BBgwFoAUQzfp/5Ggy2XOHrj662EI9eN7tlcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YzM0ZGMzZi0zMDhmLTRkZTEtYTM2NS03MDFiZDljZjEwMDQvMC80MzM3RTlGRjkx QTBDQjY1Q0UxRUI4RkFFQjYxMDhGNUUzN0JCNjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVFMzdC QjY1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWMzNGRjM2YtMzA4Zi00ZGUxLWEz NjUtNzAxYmQ5Y2YxMDA0LzAvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4 RjVFMzdCQjY1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJAXomxksFN5OoPgHhAxxXir+1p/K+uR7bdz 7e58cdwuZjV/5M+auA1lNH9GsnCw9sZafh1jn5ADg97wrEjieRWl//12lwdRvUVf EbRBGBbblik0Estqo4AZR7hXZ4UpMEZK4XgU5IJ+ElZCv43tEBe9z+vBruCbeWk6 aSMN2BxZChBZ084rV5odGCiH/1EesaQdESyX6APX0nXfV3HO2nSc/ZBXO+XKCDfc KZD5cgKXji/zx0s2vWmwOUxgHQArekfU0q8VuNFGN5zfS1FwswqRCrR5Er5L436s VwoPe0xJZcWJQ0xpHTjHviReRb8gWLWv/hsdI8q2v5nDQHybXM0= -----END CERTIFICATE-----Generated at Wed Dec 3 14:51:27 2025 by rpki-client