This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft File: d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft (raw, json) Hash identifier: 1kbE4VgvErqwS3YaHfr86gNjyAA4JS6xZk/htho3U8o= Subject key identifier: DE:FD:6C:40:8B:7C:80:49:22:0E:02:53:EF:91:79:E7:A0:8C:3A:08 Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92 Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892 Certificate serial: 04C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft Manifest number: 048F Signing time: Thu 18 Dec 2025 23:29:06 +0000 Manifest this update: Thu 18 Dec 2025 23:29:05 +0000 Manifest next update: Thu 25 Dec 2025 23:29:05 +0000 Files and hashes: 1: d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl (hash: +IJphPkLeBpBGJlw5FutbBTDuhcHFybko6wSk3tdwzY=) 2: E0C5B7148F2C11EEA361B22FC4F9AE02.roa (hash: LQAzx13tozFHaI0HVuth0BIpfSl3xV9vs2/iuXhYbao=) 3: 216DB034DE9711EC9289256FC4F9AE02.roa (hash: wYrjUP6ABXM9BKVFoyMoT84PmJsIQ6eyebTIC1QQGZ0=) 4: 204E25DADE9711EC9289256FC4F9AE02.roa (hash: /aQYygAsI5fV2mFcfHBoburj5j4bXjYX8PU+kzkSJik=) 5: E184C6F48F2C11EEA361B22FC4F9AE02.roa (hash: hroMg7e8nFXh4Bq6R1BL3suX2BZ1hZT6N2FbEkOK+8A=) 6: 1FBEA1EEDE9711EC9289256FC4F9AE02.roa (hash: Pw1VfyFxavHvFST5T+H3g0H5LvyxMCtjtqjSFSOsHV4=) 7: E84DD6FAC9C311F0ACE5A118C4F9AE02.roa (hash: k9zWu2QJsnTRLP5WsBWNL6UAK85169EhgA+nfe0CwrY=) 8: EEECC55A8C3611EFA07E612DC4F9AE02.roa (hash: S448nKM+pkzyKAVAq+QLZ6c2Rwj7lMGOSqjzi17yKYo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 23:29:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1218 (0x4c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEB81, serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892 Validity Not Before: Dec 18 23:29:05 2025 GMT Not After : Dec 25 23:29:05 2025 GMT Subject: CN=69448e41-64a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:88:fa:db:5c:93:ac:50:10:bc:b6:c7:72:ef: 15:ef:d4:28:1b:be:47:6c:b8:08:b1:98:91:bd:54: 6d:fd:90:51:e7:74:a1:ab:e4:0a:79:2b:09:c7:af: e6:27:e3:e0:4d:5c:f4:88:30:40:7e:73:b0:98:20: 18:ea:65:e7:ad:88:c1:27:b8:a3:b0:1d:8d:dc:9d: f7:5a:e9:b9:2b:73:2d:41:dc:fc:2b:dd:4c:bb:82: 7d:ea:a2:92:82:4a:d4:86:41:8a:72:92:1b:65:2a: 79:a0:bf:96:2d:bc:1a:fe:cb:a9:14:00:7e:9f:39: be:6d:2e:4a:4a:42:b3:ea:5e:04:3b:f3:02:4f:81: 3c:96:8b:7c:3e:88:20:45:fb:ae:50:a0:62:cb:54: 3b:ee:26:2d:38:d5:97:5e:10:9a:f7:93:d0:45:9a: 2d:fc:a8:fc:9e:b4:c0:7b:7e:4b:7a:a5:8f:c2:68: e5:ea:0a:31:19:90:05:01:32:67:92:b6:79:52:c7: bc:8f:d8:e4:37:13:bb:da:6c:64:ef:68:f8:a8:a5: 19:7c:f9:a7:15:2c:1d:6a:ed:d9:ab:ac:0b:e9:0d: b8:39:47:17:1c:69:22:fe:ae:ce:38:f0:ef:a6:69: 3f:07:cc:10:a6:c3:87:bc:8e:ca:56:f5:e4:29:d4: 23:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:FD:6C:40:8B:7C:80:49:22:0E:02:53:EF:91:79:E7:A0:8C:3A:08 X509v3 Authority Key Identifier: keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:01:8e:5b:a2:8f:ee:bd:34:80:dc:26:a3:83:2d:8f:b2:95: 6b:44:bc:84:41:72:c5:9c:f1:e1:76:92:14:df:f5:4f:3e:09: 63:dd:6c:72:68:ac:e9:1f:28:da:ad:c9:9d:b0:8d:ab:bc:49: c3:00:5c:59:1c:0c:cf:59:ed:fe:3b:4f:57:d1:51:ef:27:57: e0:81:ef:5a:60:02:d7:7d:ff:e0:9a:1f:28:ca:4b:d6:36:ad: 84:a5:a6:ee:cd:45:74:b3:7e:ae:9b:3a:3c:a3:33:6e:d4:b2: 83:71:1b:98:18:98:00:19:07:6f:b9:14:d8:07:ef:22:ae:07: 79:3b:60:a3:4e:4e:6b:6c:4c:f0:e6:1f:17:0b:1b:f3:cb:be: e9:79:90:96:09:80:66:10:ca:80:fd:6d:f8:83:0a:62:87:36: f7:b5:58:b1:d8:0f:ba:50:db:8b:45:23:1f:fc:23:e7:56:69: 7b:dc:c1:ca:d7:6a:39:fa:26:1b:31:25:33:b9:00:04:11:6b: fb:1c:36:4c:b8:74:aa:d6:31:c5:b0:0b:ea:02:7d:c8:78:c2: af:64:2f:31:d7:d4:71:17:d4:1c:30:8e:5a:6c:0c:61:f7:ab: 5e:de:fa:80:51:6e:98:bd:ba:b4:17:a0:10:d5:77:ae:f9:da: 59:5b:2a:bf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBMIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC RUQ1RDk4OTIwHhcNMjUxMjE4MjMyOTA1WhcNMjUxMjI1MjMyOTA1WjAYMRYwFAYD VQQDDA02OTQ0OGU0MS02NGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApIj621yTrFAQvLbHcu8V79QoG75HbLgIsZiRvVRt/ZBR53Shq+QKeSsJx6/m J+PgTVz0iDBAfnOwmCAY6mXnrYjBJ7ijsB2N3J33Wum5K3MtQdz8K91Mu4J96qKS gkrUhkGKcpIbZSp5oL+WLbwa/supFAB+nzm+bS5KSkKz6l4EO/MCT4E8lot8Pogg RfuuUKBiy1Q77iYtONWXXhCa95PQRZot/Kj8nrTAe35LeqWPwmjl6goxGZAFATJn krZ5Use8j9jkNxO72mxk72j4qKUZfPmnFSwdau3Zq6wL6Q24OUcXHGki/q7OOPDv pmk/B8wQpsOHvI7KVvXkKdQj/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN79bECL fIBJIg4CU++ReeegjDoIMB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RUI4MS9DRjk2NjNDNjcwRjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xR cG11UEUyZ0xNRmktMWRtSkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBXAY5boo/uvTSA3Cajgy2PspVrRLyEQXLFnPHhdpIU3/VPPglj3Wxy aKzpHyjarcmdsI2rvEnDAFxZHAzPWe3+O09X0VHvJ1fgge9aYALXff/gmh8oykvW Nq2EpabuzUV0s36umzo8ozNu1LKDcRuYGJgAGQdvuRTYB+8irgd5O2CjTk5rbEzw 5h8XCxvzy77peZCWCYBmEMqA/W34gwpihzb3tVix2A+6UNuLRSMf/CPnVml73MHK 12o5+iYbMSUzuQAEEWv7HDZMuHSq1jHFsAvqAn3IeMKvZC8x19RxF9QcMI5abAxh 96te3vqAUW6Yvbq0F6AQ1Xeu+dpZWyq/ -----END CERTIFICATE-----Generated at Sat Dec 20 03:23:16 2025 by rpki-client