This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft File: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json) Hash identifier: XGgPVd3Hv7i+znRBsBZDvU0+mDDnaUemuYcg+UK4eNI= Subject key identifier: ED:41:AA:7D:63:5B:9C:DF:01:8B:B8:FF:05:F2:EE:50:6D:A8:91:E1 Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D Certificate issuer: /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Certificate serial: 0EB5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft Manifest number: 0EA7 Signing time: Sat 20 Dec 2025 17:23:33 +0000 Manifest this update: Sat 20 Dec 2025 17:23:33 +0000 Manifest next update: Sat 27 Dec 2025 17:23:33 +0000 Files and hashes: 1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: rDK8C9nsmsxCjG/hPRvlF/4STeuuzkqjLefiM6wXqBQ=) 2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: MmZvnPTLEUK2uOO8LldttqheyhLmSNsa1D7UmikJt9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 17:23:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3765 (0xeb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Validity Not Before: Dec 20 17:23:33 2025 GMT Not After : Dec 27 17:23:33 2025 GMT Subject: CN=6946db95-75dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:c7:b1:ee:1e:e6:59:0c:38:4d:ae:6d:9e:57: d9:87:50:a0:55:68:9c:13:85:80:75:cc:24:f1:c7: 6c:be:3e:ca:1e:89:bc:0b:5f:d9:77:a0:6c:dc:92: d9:10:24:ac:d4:a4:f3:05:71:81:6c:b2:db:3a:29: 8c:03:9b:11:d0:07:4e:73:d4:b4:ea:26:4d:1d:92: 3b:19:7d:22:38:30:97:3e:8e:be:c3:77:d6:38:80: 5c:ae:66:0e:0d:42:b3:06:9a:93:37:8b:3d:72:6d: 54:5d:ed:d5:c1:dc:b0:7c:1a:fb:40:4e:51:7f:6c: 33:8f:05:9a:28:a7:89:48:9b:da:44:a6:68:1f:6b: 9f:91:34:52:ad:36:12:e7:67:0e:41:d8:5d:76:06: 52:d5:cd:d0:aa:9b:62:5c:23:a2:a2:f4:de:ea:e6: 4b:4d:b3:9d:48:fd:f5:1c:6a:1f:4e:69:60:cf:41: 64:c0:82:eb:d0:5e:90:b5:82:40:cf:a2:65:8a:2d: cb:38:5c:e6:bd:f4:2b:18:47:73:f9:25:ee:0f:89: 16:76:d8:fe:e2:5c:01:0c:e3:30:bd:b0:8f:cd:e5: 10:5b:5c:17:23:a9:50:ca:b0:95:2f:b9:0b:01:11: c1:e4:ff:dc:0e:13:fd:fb:b5:bb:95:b4:99:d7:e1: 53:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:41:AA:7D:63:5B:9C:DF:01:8B:B8:FF:05:F2:EE:50:6D:A8:91:E1 X509v3 Authority Key Identifier: keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:ea:6c:68:6e:e9:6c:c6:d9:1a:c9:67:8f:58:a0:07:80:c3: 25:42:b8:cf:b3:8c:60:dd:dd:5b:73:c0:24:81:dc:a2:f9:85: 94:f7:76:06:75:7e:cf:b8:54:92:08:3c:7e:f7:2e:57:1b:7c: 09:f1:85:c8:de:56:5f:8e:2e:f8:dd:6c:5e:59:0d:93:ac:e6: 16:65:25:da:7e:79:cb:8e:ab:ee:bf:45:00:6d:ac:aa:60:0a: c5:c7:45:43:81:e7:34:22:f5:d6:9e:b4:d2:2f:0d:9c:35:04: 13:d3:81:16:06:e7:0f:a9:4a:5d:b8:d3:7f:19:99:1d:35:ea: b3:0b:89:90:e0:01:9c:31:36:06:55:8f:9c:c6:e7:e6:88:79: 6b:f1:ee:22:94:ef:b4:38:c6:ca:74:cf:34:7b:b6:81:7d:2b: 5a:d5:cb:50:93:77:19:1b:a9:c7:47:0f:d9:d5:ff:c4:97:e1: ee:86:71:ae:e6:4e:fa:48:dd:a4:aa:31:3c:53:ad:1b:77:7c: 7b:ba:30:cb:b0:b6:0d:6d:cf:ee:24:bd:4f:f6:84:53:43:93: 66:6a:e0:02:f4:30:71:3f:6b:36:8e:e6:c9:74:0d:d5:bb:59: cc:b9:a5:dd:3b:12:2d:a6:10:b2:dd:8a:3c:b5:a9:c4:73:1c: 6f:09:58:dc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDrUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE QjM3N0IxMUQwHhcNMjUxMjIwMTcyMzMzWhcNMjUxMjI3MTcyMzMzWjAYMRYwFAYD VQQDDA02OTQ2ZGI5NS03NWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6sex7h7mWQw4Ta5tnlfZh1CgVWicE4WAdcwk8cdsvj7KHom8C1/Zd6Bs3JLZ ECSs1KTzBXGBbLLbOimMA5sR0AdOc9S06iZNHZI7GX0iODCXPo6+w3fWOIBcrmYO DUKzBpqTN4s9cm1UXe3VwdywfBr7QE5Rf2wzjwWaKKeJSJvaRKZoH2ufkTRSrTYS 52cOQdhddgZS1c3QqptiXCOiovTe6uZLTbOdSP31HGofTmlgz0FkwILr0F6QtYJA z6Jlii3LOFzmvfQrGEdz+SXuD4kWdtj+4lwBDOMwvbCPzeUQW1wXI6lQyrCVL7kL ARHB5P/cDhP9+7W7lbSZ1+FT/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO1Bqn1j W5zfAYu4/wXy7lBtqJHhMB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBq6mxobulsxtkayWePWKAHgMMlQrjPs4xg3d1bc8Akgdyi+YWU93YG dX7PuFSSCDx+9y5XG3wJ8YXI3lZfji743WxeWQ2TrOYWZSXafnnLjqvuv0UAbayq YArFx0VDgec0IvXWnrTSLw2cNQQT04EWBucPqUpduNN/GZkdNeqzC4mQ4AGcMTYG VY+cxufmiHlr8e4ilO+0OMbKdM80e7aBfSta1ctQk3cZG6nHRw/Z1f/El+HuhnGu 5k76SN2kqjE8U60bd3x7ujDLsLYNbc/uJL1P9oRTQ5NmauAC9DBxP2s2jubJdA3V u1nMuaXdOxItphCy3Yo8tanEcxxvCVjc -----END CERTIFICATE-----Generated at Mon Dec 22 04:22:38 2025 by rpki-client