This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: OKzTivmw+FWBuFPq2SIhz7fmanlum7Sa21N3EssuWTY= Subject key identifier: CB:87:AA:73:4A:F0:97:A7:88:08:7C:90:DE:72:34:CA:1B:D7:D8:46 Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0C31 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0C2A Signing time: Mon 24 Nov 2025 18:08:36 +0000 Manifest this update: Mon 24 Nov 2025 18:08:35 +0000 Manifest next update: Mon 01 Dec 2025 18:08:35 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: zZb2ZbHMNjCN97IsY6JhPCZ8PxUUsQU48Ndrl/p5yNc=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: CqtlIV8oyS/ltG/c7wrvUbZ8dS3VADjXiEg/AjA1Uu4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Dec 2025 18:08:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3121 (0xc31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Nov 24 18:08:35 2025 GMT Not After : Dec 1 18:08:35 2025 GMT Subject: CN=69249f23-1d5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:88:c8:7a:19:72:44:98:23:e5:8d:d8:04:1e: bb:1f:d7:79:ba:ee:f7:0d:07:1d:95:96:97:37:86: bc:a6:6c:91:75:ed:49:84:55:90:ae:d2:1f:f4:15: ef:eb:75:7b:d5:a7:51:e2:48:fe:28:b0:8b:ed:1c: b7:02:aa:b7:fa:b2:20:ae:9c:96:a0:d6:85:e6:00: d9:b8:be:08:a8:f2:7c:26:f8:e9:19:1f:cb:80:5d: 2f:49:99:89:df:e5:e8:00:37:cf:07:2c:5f:de:7c: 81:e1:1b:a9:a9:ad:f0:6c:fa:86:de:2f:3e:86:83: 88:01:63:21:e7:fb:6d:01:b8:f7:67:0f:44:05:6a: 65:74:ab:8b:a2:6e:fc:66:04:20:54:43:05:ca:4a: f5:9e:94:a4:cd:09:80:7d:32:b3:09:9a:83:dd:cd: ff:09:7f:4a:fb:da:7a:8e:f5:99:f3:1b:6a:e4:89: 97:6b:27:3b:8d:6d:8e:1f:e1:3b:f6:8f:ba:ea:66: db:4e:e7:c7:72:ec:51:19:2b:d5:01:b1:85:dc:1d: 09:9a:59:34:b7:88:c4:c8:02:ce:3a:e0:c0:92:7b: 0c:b4:02:d8:de:47:3f:e8:41:32:ad:24:2a:5c:26: d0:1b:f0:b3:4d:64:ac:d4:25:7f:94:13:0f:a8:bc: 8e:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:87:AA:73:4A:F0:97:A7:88:08:7C:90:DE:72:34:CA:1B:D7:D8:46 X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:31:3c:96:77:25:a3:9f:5f:fe:05:ba:86:c0:c1:09:dc:fe: 74:91:17:e3:6b:92:c7:a6:2c:a5:bc:92:cb:ae:3f:8e:68:50: 91:ea:77:0e:64:92:3e:46:f9:98:65:a5:aa:54:26:62:ee:78: e9:00:ce:35:be:71:02:03:17:78:a4:24:ef:7a:bb:f8:6a:51: 79:5e:6e:ef:84:cd:be:51:22:0a:05:56:f5:59:fe:46:86:c4: d4:55:83:fd:83:96:2f:7b:d6:1c:98:8b:48:65:45:b5:a9:45: 13:b5:30:e2:a7:74:38:6a:c5:b5:3c:51:8f:be:90:f4:0e:fd: b6:4d:e1:23:14:c8:cf:af:09:91:ec:05:25:82:6d:e2:70:9e: db:b9:6c:4b:f9:58:4c:a2:62:69:25:0c:d3:73:09:d1:d1:29: 4c:fe:37:1d:f0:38:0b:44:2a:60:f8:e0:fe:a0:81:21:84:e3: 07:85:38:ee:23:0a:68:52:38:d9:83:17:42:19:8b:3a:c7:8e: 16:d9:cb:fc:00:64:ba:62:54:49:0f:d8:90:51:4d:5b:d1:bd: 36:5b:0d:e4:19:00:97:76:bd:fd:5f:00:88:ca:8c:e9:2b:72: c4:40:63:d2:4d:ea:73:58:4f:19:2b:d6:fa:c7:2c:3c:bf:23: 12:34:c5:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUxMTI0MTgwODM1WhcNMjUxMjAxMTgwODM1WjAYMRYwFAYD VQQDEw02OTI0OWYyMy0xZDVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu4jIehlyRJgj5Y3YBB67H9d5uu73DQcdlZaXN4a8pmyRde1JhFWQrtIf9BXv 63V71adR4kj+KLCL7Ry3Aqq3+rIgrpyWoNaF5gDZuL4IqPJ8JvjpGR/LgF0vSZmJ 3+XoADfPByxf3nyB4Rupqa3wbPqG3i8+hoOIAWMh5/ttAbj3Zw9EBWpldKuLom78 ZgQgVEMFykr1npSkzQmAfTKzCZqD3c3/CX9K+9p6jvWZ8xtq5ImXayc7jW2OH+E7 9o+66mbbTufHcuxRGSvVAbGF3B0Jmlk0t4jEyALOOuDAknsMtALY3kc/6EEyrSQq XCbQG/CzTWSs1CV/lBMPqLyOwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMuHqnNK 8JeniAh8kN5yNMob19hGMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWMTyWdyWjn1/+BbqGwMEJ3P50kRfja5LHpiylvJLLrj+OaFCR6ncO ZJI+RvmYZaWqVCZi7njpAM41vnECAxd4pCTverv4alF5Xm7vhM2+USIKBVb1Wf5G hsTUVYP9g5Yve9YcmItIZUW1qUUTtTDip3Q4asW1PFGPvpD0Dv22TeEjFMjPrwmR 7AUlgm3icJ7buWxL+VhMomJpJQzTcwnR0SlM/jcd8DgLRCpg+OD+oIEhhOMHhTju IwpoUjjZgxdCGYs6x44W2cv8AGS6YlRJD9iQUU1b0b02Ww3kGQCXdr39XwCIyozp K3LEQGPSTepzWE8ZK9b6xyw8vyMSNMVA -----END CERTIFICATE-----Generated at Tue Nov 25 20:35:06 2025 by rpki-client