This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: m5qP1juOt9IXGVga3SeidxcE9nP+YRQPQFN8n7Yi0vo= Subject key identifier: 97:47:4B:A6:38:26:40:86:E8:B9:B1:05:5E:14:C6:25:FC:A3:F6:78 Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 1576 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 156A Signing time: Mon 22 Dec 2025 16:31:26 +0000 Manifest this update: Mon 22 Dec 2025 16:31:25 +0000 Manifest next update: Mon 29 Dec 2025 16:31:25 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: RN6ohFvdpUUafhc7wQAD7TlfiAlp7b0ekQ9u4yiTAIk=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: Iuc0hvonCQ52vF8J3PK6U6v3ddTApNkT2+JlMCbgaDs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 16:31:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5494 (0x1576) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: Dec 22 16:31:25 2025 GMT Not After : Dec 29 16:31:25 2025 GMT Subject: CN=6949725e-d165 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:2b:21:fd:c3:66:81:d9:17:7b:79:a6:64:d5: 2f:15:95:7e:7f:38:68:63:7a:0e:9c:9c:c9:c7:29: 28:dd:eb:7e:1d:0f:1b:d0:fd:22:1c:d1:8b:ad:4a: 3b:bd:92:5e:da:60:89:eb:8e:ee:b0:f5:b3:40:03: 06:cc:e0:9a:41:a5:3a:fb:d1:04:0a:98:39:ff:c2: 65:5a:97:63:46:6c:f5:4d:14:77:d1:e3:ff:af:e5: 30:a8:7b:10:54:08:5e:e4:69:7e:51:04:9c:1d:a4: de:aa:4c:d5:42:07:c8:64:58:2d:f2:c2:5c:53:6e: f6:16:3a:1c:e5:0c:70:98:ed:c8:25:c1:54:b5:53: 50:fe:b0:5b:3e:d2:75:7a:cd:f6:41:32:3c:70:e3: 3b:92:61:64:b3:9e:53:2d:70:e0:01:b6:46:37:ea: c2:4d:bc:3a:39:2e:e1:8c:c5:7c:40:97:f1:21:45: e5:43:b2:36:ee:88:01:db:4c:fc:18:f4:19:2c:4b: 47:86:cc:f4:3d:fc:5a:4b:9a:f5:4d:a3:0e:a6:42: af:af:b3:3f:99:6b:6e:88:5b:cb:07:ce:b8:df:23: bb:01:1c:d8:b2:06:0c:4e:41:64:e4:91:ef:49:40: 92:51:fd:28:91:c9:db:dd:25:c7:f5:55:c3:a1:56: 7f:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:47:4B:A6:38:26:40:86:E8:B9:B1:05:5E:14:C6:25:FC:A3:F6:78 X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:8c:64:c4:e3:af:16:64:a1:cc:3f:5b:1e:a0:19:68:94:50: 2f:5d:66:cc:ad:01:bb:b1:28:fb:2b:aa:80:a2:38:a7:a4:d5: da:8a:e0:25:da:c3:fc:26:72:c5:12:3a:23:f5:30:df:fb:31: 31:08:5f:d8:4a:19:8d:c7:3c:cc:c5:94:24:34:23:f6:1f:27: 6e:3a:d1:a5:80:08:4e:4a:59:d0:8c:fb:d8:d2:64:43:09:b2: 00:fe:45:7a:c5:ed:89:f1:29:92:1a:be:d4:6e:f9:0a:f5:3f: af:68:a4:90:74:d9:29:5f:cf:7e:89:7b:c7:05:81:bd:aa:e0: dd:f0:b4:ab:07:b7:73:a1:f5:19:2d:d9:3b:7e:11:81:d0:f2: cd:c1:97:8a:0b:aa:dc:fe:97:5e:c7:ab:50:1c:e3:f8:30:61: 60:2e:6b:3d:fa:9c:ef:e1:0b:a1:57:a3:98:95:0f:2b:3b:0f: e4:93:6b:3d:74:91:02:bf:69:12:04:e4:11:41:59:7e:17:93: e1:ee:6d:70:b8:f0:47:50:7a:1f:9a:ca:9f:ab:07:49:26:5a: 87:a1:0f:0d:90:95:d0:9e:81:42:fb:48:06:f3:8f:2d:cb:0f: f2:78:16:9e:bf:9b:24:88:11:73:4f:2a:bc:39:a4:77:35:77: b5:55:91:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUxMjIyMTYzMTI1WhcNMjUxMjI5MTYzMTI1WjAYMRYwFAYD VQQDDA02OTQ5NzI1ZS1kMTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0ysh/cNmgdkXe3mmZNUvFZV+fzhoY3oOnJzJxyko3et+HQ8b0P0iHNGLrUo7 vZJe2mCJ647usPWzQAMGzOCaQaU6+9EECpg5/8JlWpdjRmz1TRR30eP/r+UwqHsQ VAhe5Gl+UQScHaTeqkzVQgfIZFgt8sJcU272Fjoc5QxwmO3IJcFUtVNQ/rBbPtJ1 es32QTI8cOM7kmFks55TLXDgAbZGN+rCTbw6OS7hjMV8QJfxIUXlQ7I27ogB20z8 GPQZLEtHhsz0PfxaS5r1TaMOpkKvr7M/mWtuiFvLB8643yO7ARzYsgYMTkFk5JHv SUCSUf0okcnb3SXH9VXDoVZ/uwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJdHS6Y4 JkCG6LmxBV4UxiX8o/Z4MB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDEjGTE468WZKHMP1seoBlolFAvXWbMrQG7sSj7K6qAojinpNXaiuAl 2sP8JnLFEjoj9TDf+zExCF/YShmNxzzMxZQkNCP2HyduOtGlgAhOSlnQjPvY0mRD CbIA/kV6xe2J8SmSGr7UbvkK9T+vaKSQdNkpX89+iXvHBYG9quDd8LSrB7dzofUZ Ldk7fhGB0PLNwZeKC6rc/pdex6tQHOP4MGFgLms9+pzv4QuhV6OYlQ8rOw/kk2s9 dJECv2kSBOQRQVl+F5Ph7m1wuPBHUHofmsqfqwdJJlqHoQ8NkJXQnoFC+0gG848t yw/yeBaev5skiBFzTyq8OaR3NXe1VZED -----END CERTIFICATE-----Generated at Tue Dec 23 11:25:09 2025 by rpki-client