This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.mft File: D5BpKh7v5_ChrGi14awJ9wJpccw.mft (raw, json) Hash identifier: 2dxOJ3IgCFjWn4G6ruAteaQvBPBdVReRIpF/HsJqxTE= Subject key identifier: 6E:4E:DC:E1:7F:70:42:B1:7F:06:AE:12:F4:C4:E8:72:CC:88:B1:11 Authority key identifier: 0F:90:69:2A:1E:EF:E7:F0:A1:AC:68:B5:E1:AC:09:F7:02:69:71:CC Certificate issuer: /CN=A91185B8/serialNumber=0F90692A1EEFE7F0A1AC68B5E1AC09F7026971CC Certificate serial: 0200 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D5BpKh7v5_ChrGi14awJ9wJpccw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.mft Manifest number: 0200 Signing time: Wed 03 Dec 2025 01:02:09 +0000 Manifest this update: Wed 03 Dec 2025 01:02:08 +0000 Manifest next update: Wed 10 Dec 2025 01:02:08 +0000 Files and hashes: 1: D5BpKh7v5_ChrGi14awJ9wJpccw.crl (hash: HFfGrZC2dUs9PlXsqx3bon/1zDLEFHGPphd1Lj0q+BQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.crl rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D5BpKh7v5_ChrGi14awJ9wJpccw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 01:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 512 (0x200) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91185B8, serialNumber=0F90692A1EEFE7F0A1AC68B5E1AC09F7026971CC Validity Not Before: Dec 3 01:02:08 2025 GMT Not After : Dec 10 01:02:08 2025 GMT Subject: CN=692f8c11-aa32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a6:4f:71:57:98:42:7e:73:3d:d6:f8:b8:94: 85:f6:a9:0c:35:31:e2:fb:ba:29:5e:6e:f0:2a:72: 5c:b9:8d:98:a2:18:d2:ac:68:e2:ad:a3:8d:98:b7: 5e:87:92:4f:10:42:08:f0:6f:81:c2:51:b4:72:c4: 3e:c0:04:eb:80:d5:76:d5:fc:7c:f5:9e:c1:0c:19: 1e:73:b8:63:72:12:10:75:49:5f:00:d9:2b:f7:47: 92:3e:04:af:1b:11:ae:c9:7c:e8:7a:ae:a3:34:c5: 07:44:67:38:32:30:f7:e0:fc:1a:2c:21:1e:f2:f5: f4:d4:bb:cf:2d:53:c7:c8:03:84:ea:14:b1:7a:d2: 83:c4:cc:ef:de:7f:4f:e0:b6:d0:ad:14:31:34:1d: c2:03:e9:40:36:7e:9a:3e:17:72:9e:59:01:3c:06: 92:b5:f8:69:8a:25:d5:b7:bf:ac:6f:7f:80:4f:e9: 52:dd:3f:3f:96:8d:63:a4:37:87:8a:38:5d:8a:5d: 4c:bb:aa:9e:58:c3:95:26:18:f7:7f:f8:e8:f0:bf: 07:5c:1d:b9:a4:bc:69:b7:29:f1:f9:60:36:88:13: 9d:52:0b:d0:dc:fd:5f:96:8f:89:22:9e:2a:61:c5: 44:2c:05:25:fe:92:2b:30:9a:50:70:60:87:80:94: 46:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:4E:DC:E1:7F:70:42:B1:7F:06:AE:12:F4:C4:E8:72:CC:88:B1:11 X509v3 Authority Key Identifier: keyid:0F:90:69:2A:1E:EF:E7:F0:A1:AC:68:B5:E1:AC:09:F7:02:69:71:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D5BpKh7v5_ChrGi14awJ9wJpccw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:62:6b:88:50:9d:07:fb:1f:b5:04:c4:cc:33:ef:4f:97:ec: e4:09:50:65:91:26:31:e3:63:a8:c6:aa:59:a1:2a:6c:57:e3: 04:c1:51:af:d1:70:72:9c:8f:a8:ba:ac:ad:74:cf:0c:e2:f4: 52:be:5c:cd:7b:38:13:98:0a:a5:bf:22:9e:80:21:93:13:d0: 4a:46:7e:88:04:16:10:fd:32:ab:09:c9:d4:10:2b:92:77:11: 4e:f1:c1:62:91:5c:63:5a:e0:8b:79:70:c2:ad:22:90:7b:fa: 71:02:0c:c3:2f:85:af:50:08:e4:4d:59:bb:34:69:6a:6a:11: 39:e5:d9:4e:bd:01:ae:21:11:11:e1:4e:e3:5e:6b:a6:ad:cf: db:ae:c2:30:6b:c2:06:44:9e:1f:78:91:23:3e:36:c5:3d:91: fe:76:1b:d5:1e:df:4c:b6:7b:6f:ca:a8:36:12:0c:5b:a0:d5: 16:30:e3:cf:b2:65:df:63:a1:2b:84:d3:91:11:43:f0:17:8c: 9a:93:7a:74:c8:10:50:e5:72:da:91:f1:5e:83:14:ff:69:72: e0:05:b8:75:5d:da:a4:1d:85:71:e3:c5:32:0f:8a:ec:aa:a2: 37:eb:8f:49:51:6f:c1:6c:02:b7:b6:27:7b:3b:c1:23:44:93: b1:8a:f7:e4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTg1QjgxMTAvBgNVBAUTKDBGOTA2OTJBMUVFRkU3RjBBMUFDNjhCNUUxQUMwOUY3 MDI2OTcxQ0MwHhcNMjUxMjAzMDEwMjA4WhcNMjUxMjEwMDEwMjA4WjAYMRYwFAYD VQQDEw02OTJmOGMxMS1hYTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvaZPcVeYQn5zPdb4uJSF9qkMNTHi+7opXm7wKnJcuY2YohjSrGjiraONmLde h5JPEEII8G+BwlG0csQ+wATrgNV21fx89Z7BDBkec7hjchIQdUlfANkr90eSPgSv GxGuyXzoeq6jNMUHRGc4MjD34PwaLCEe8vX01LvPLVPHyAOE6hSxetKDxMzv3n9P 4LbQrRQxNB3CA+lANn6aPhdynlkBPAaStfhpiiXVt7+sb3+AT+lS3T8/lo1jpDeH ijhdil1Mu6qeWMOVJhj3f/jo8L8HXB25pLxptynx+WA2iBOdUgvQ3P1flo+JIp4q YcVELAUl/pIrMJpQcGCHgJRGowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG5O3OF/ cEKxfwauEvTE6HLMiLERMB8GA1UdIwQYMBaAFA+QaSoe7+fwoaxoteGsCfcCaXHM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODVCOC9DRkEzNDA5QUJF MzExMUVEQjRGRjdEMzRDNEY5QUUwMi9ENUJwS2g3djVfQ2hyR2kxNGF3Sjl3SnBj Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0Q1QnBLaDd2NV9DaHJHaTE0YXdKOXdKcGNjdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx ODVCOC9DRkEzNDA5QUJFMzExMUVEQjRGRjdEMzRDNEY5QUUwMi9ENUJwS2g3djVf Q2hyR2kxNGF3Sjl3SnBjY3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKYmuIUJ0H+x+1BMTMM+9Pl+zkCVBlkSYx42OoxqpZoSpsV+MEwVGv 0XBynI+ouqytdM8M4vRSvlzNezgTmAqlvyKegCGTE9BKRn6IBBYQ/TKrCcnUECuS dxFO8cFikVxjWuCLeXDCrSKQe/pxAgzDL4WvUAjkTVm7NGlqahE55dlOvQGuIRER 4U7jXmumrc/brsIwa8IGRJ4feJEjPjbFPZH+dhvVHt9Mtntvyqg2EgxboNUWMOPP smXfY6ErhNOREUPwF4yak3p0yBBQ5XLakfFegxT/aXLgBbh1XdqkHYVx48UyD4rs qqI3649JUW/BbAK3tid7O8EjRJOxivfk -----END CERTIFICATE-----Generated at Wed Dec 3 13:58:19 2025 by rpki-client