This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft File: 645C9D445B2796662EE98A03E50C124F3E962CAB.mft (raw, json) Hash identifier: OQ2YADdYx/PYEBzHKIN6uoEBjkkDVN4bBbd/hIhf7+k= Subject key identifier: 32:F1:8D:C9:CB:4B:E3:49:D2:C2:98:22:EA:33:BD:E6:C6:81:F9:B0 Authority key identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB Certificate issuer: /CN=645C9D445B2796662EE98A03E50C124F3E962CAB Certificate serial: 3957429C0FCDF03EA530D7AF18D7FB8D471BE204 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft Manifest number: 03D5 Signing time: Fri 19 Dec 2025 12:21:12 +0000 Manifest this update: Fri 19 Dec 2025 12:16:12 +0000 Manifest next update: Tue 23 Dec 2025 00:05:12 +0000 Files and hashes: 1: 3130332e3130302e3137352e302f32342d3234203d3e20313336383431.roa (hash: qbkH1qedbuL2nkb9oW2AlysgwJB8XaNgGrzurioAZP0=) 2: 645C9D445B2796662EE98A03E50C124F3E962CAB.crl (hash: T1hZmgHln49hhMHxxIu+B5d47CcILFdPQMKqsRMansA=) 3: 3130332e3130302e3137322e302f32342d3234203d3e20313336383431.roa (hash: ehP408+CXUe13X4F5TvwPj6ddCoH7T+4InUUhWjVyGw=) 4: 3130332e3130302e3137332e302f32342d3234203d3e20313336383431.roa (hash: Yo/r10NdHpCyWdp4iTpRbnPv2TKKyCyVTnBiO8AmbDc=) 5: 323430313a626534303a3a2f33322d3332203d3e20313336383431.roa (hash: UnpWLg0+2SsmnDXBrwzCKp1VDUDBelXMewYvLJ0BJ+c=) 6: 3130332e3130302e3137342e302f32342d3234203d3e20313336383431.roa (hash: pfMM3/ygiEY34vdGoVOYeg8tWN4ZaCnJmX0NJOGEX00=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 00:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:57:42:9c:0f:cd:f0:3e:a5:30:d7:af:18:d7:fb:8d:47:1b:e2:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=645C9D445B2796662EE98A03E50C124F3E962CAB Validity Not Before: Dec 19 12:16:12 2025 GMT Not After : Dec 23 00:05:12 2025 GMT Subject: CN=32F18DC9CB4BE349D2C29822EA33BDE6C681F9B0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:6a:e7:26:a2:69:3e:8b:ce:10:e3:90:e1:d0: 5d:83:e6:ed:c8:5c:c9:ff:79:07:67:2f:11:6c:04: eb:8a:47:8a:4d:18:07:98:bb:3e:8c:38:2c:ac:75: d2:f0:24:94:5f:3b:34:0f:b1:03:6c:c0:bf:5c:01: b8:10:c0:b8:36:5d:25:bd:12:7d:52:49:df:98:68: 53:e8:51:80:94:01:d9:02:da:54:4a:fd:bd:aa:df: cb:7d:bb:90:ca:92:78:37:ad:71:73:07:9d:85:e6: 74:73:82:d2:6f:3f:30:da:d7:da:ea:ba:82:66:51: 54:e8:24:62:e2:db:a1:e5:62:00:5f:4a:25:73:12: 06:af:6f:b4:c1:d8:2e:01:54:96:01:6b:ff:41:81: 5b:4d:9f:80:a4:43:e0:7a:4a:e0:6b:97:8d:35:52: 97:50:f9:d7:78:75:31:c0:d9:7a:67:81:47:3d:fa: 81:88:06:90:ae:e8:9c:f0:39:42:0a:07:73:d1:49: 76:84:28:91:3b:72:82:05:c7:b4:e8:7c:9c:75:06: cf:0d:05:46:a6:34:64:2f:1c:75:93:28:ef:22:f5: 1b:d8:10:fd:ba:04:ed:f6:41:8b:8e:dd:fe:0e:2b: d1:5e:f8:ae:b0:d5:a0:e7:1e:de:75:f8:30:90:3d: 40:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:F1:8D:C9:CB:4B:E3:49:D2:C2:98:22:EA:33:BD:E6:C6:81:F9:B0 X509v3 Authority Key Identifier: keyid:64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:56:cc:94:93:f1:d3:3a:f7:f5:31:d1:c0:42:45:d6:40:35: ac:2b:10:c7:9d:d8:c7:05:f3:6b:88:52:08:7d:a1:37:05:c9: 9b:28:ae:b0:de:12:06:01:2a:20:d5:7f:59:e7:3c:de:a4:3e: fc:c6:c2:3f:79:c2:f1:bc:c8:4f:c0:b6:1a:2b:dc:48:3f:ed: ae:b0:ea:2d:2c:0c:47:0f:7c:95:f2:29:81:fa:7d:61:31:57: 26:c3:69:91:9f:0e:62:ae:4e:65:56:92:50:13:c7:27:8f:c6: 31:93:ea:09:65:9b:4f:0d:8c:70:bd:a9:1b:6d:7b:ef:fd:e8: 25:95:22:ea:08:79:c4:b0:31:88:49:f6:e4:d5:ff:be:a8:5e: b5:3d:cd:2e:90:8b:29:a9:ba:cd:0d:3d:e7:74:ff:23:72:72: 32:75:cf:c7:5f:f8:29:9e:89:d5:84:79:d2:da:0c:70:17:02: a2:e0:19:d0:b9:2d:5a:ea:7a:0d:44:6b:17:fb:6c:8c:42:c1: 09:4f:6c:57:48:b3:81:1c:1f:21:19:3a:5a:c0:8a:d6:4a:b8: 2e:ce:d5:a9:f7:b6:6d:0f:8b:6f:3c:2f:05:72:03:9d:2d:9f: 1a:6f:ed:22:f2:22:39:e3:9b:15:ef:43:c2:c3:ea:eb:d2:b7: 74:d5:4f:5a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOVdCnA/N8D6lMNevGNf7jUcb4gQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYz RTk2MkNBQjAeFw0yNTEyMTkxMjE2MTJaFw0yNTEyMjMwMDA1MTJaMDMxMTAvBgNV BAMTKDMyRjE4REM5Q0I0QkUzNDlEMkMyOTgyMkVBMzNCREU2QzY4MUY5QjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUaucmomk+i84Q45Dh0F2D5u3I XMn/eQdnLxFsBOuKR4pNGAeYuz6MOCysddLwJJRfOzQPsQNswL9cAbgQwLg2XSW9 En1SSd+YaFPoUYCUAdkC2lRK/b2q38t9u5DKkng3rXFzB52F5nRzgtJvPzDa19rq uoJmUVToJGLi26HlYgBfSiVzEgavb7TB2C4BVJYBa/9BgVtNn4CkQ+B6SuBrl401 UpdQ+dd4dTHA2XpngUc9+oGIBpCu6JzwOUIKB3PRSXaEKJE7coIFx7TofJx1Bs8N BUamNGQvHHWTKO8i9RvYEP26BO32QYuO3f4OK9Fe+K6w1aDnHt51+DCQPUDJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMvGNyctL40nSwpgi6jO95saB+bAwHwYDVR0j BBgwFoAUZFydRFsnlmYu6YoD5QwSTz6WLKswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMC82NDVDOUQ0NDVC Mjc5NjY2MkVFOThBMDNFNTBDMTI0RjNFOTYyQ0FCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYzRTk2 MkNBQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDczMDRiODMtMzBhYS00YmJmLTlm ZDctMmZjZWFkYmYwMDMwLzAvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEy NEYzRTk2MkNBQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJdWzJST8dM69/Ux0cBCRdZANawrEMed2McF 82uIUgh9oTcFyZsorrDeEgYBKiDVf1nnPN6kPvzGwj95wvG8yE/Athor3Eg/7a6w 6i0sDEcPfJXyKYH6fWExVybDaZGfDmKuTmVWklATxyePxjGT6gllm08NjHC9qRtt e+/96CWVIuoIecSwMYhJ9uTV/76oXrU9zS6Qiympus0NPed0/yNycjJ1z8df+Cme idWEedLaDHAXAqLgGdC5LVrqeg1Eaxf7bIxCwQlPbFdIs4EcHyEZOlrAitZKuC7O 1an3tm0Pi288LwVyA50tnxpv7SLyIjnjmxXvQ8LD6uvSt3TVT1o= -----END CERTIFICATE-----Generated at Sat Dec 20 13:05:40 2025 by rpki-client