This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft File: _KoIYibfAq-DlPqyLR-5bgt9Zd0.mft (raw, json) Hash identifier: +3UG9BijX2umkk8adFM3ZtPjq+kD8FixwBpLUpGT9lc= Subject key identifier: E7:01:F8:19:C7:B5:37:7A:B7:4B:00:60:9A:FE:E4:BE:7A:09:F8:88 Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD Certificate issuer: /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD Certificate serial: 0C8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft Manifest number: 0C53 Signing time: Mon 26 Jan 2026 18:22:10 +0000 Manifest this update: Mon 26 Jan 2026 18:22:09 +0000 Manifest next update: Mon 02 Feb 2026 18:22:09 +0000 Files and hashes: 1: _KoIYibfAq-DlPqyLR-5bgt9Zd0.crl (hash: G0BiDtxNSwV6iDIM5NJEB75AKK1e65F8ntpIxMVW/5U=) 2: 9FC61D303F7A11F0BC711E7FC4F9AE02.roa (hash: C5rUIoFqqclhdElugA0FvIj8IEg8cL4pnvwgzKHSew8=) 3: 16C56390B6FF11F096DEAA71C4F9AE02.roa (hash: 9b3Uw8bnyufS/OBVXlguzfB2u169cJ4rSP2ILg6tQfU=) 4: 336E2134D0FF11F0904A3785C4F9AE02.roa (hash: c1RpgwrUufTcQd8u+OaFuFL1aeVihxvmrVabdic0s14=) 5: 78E949B8BA2B11F091659A18C4F9AE02.roa (hash: YsiXmeBHLTVcWpQeQ+rN8puRINqRyvdIiKMOhQegReM=) 6: 45DE9550BADF11F09B91D509C4F9AE02.roa (hash: XtlGtbpiO/7+xxrhoFQsSF78u6N8z3Ii288HTo+RfiM=) 7: E2D5171C2F3211ED958A415DC4F9AE02.roa (hash: x2iHWFegIFwfUv7eETVYAeYmpK9xBEA15+t682RT6r8=) 8: 75775B8A5E3C11F094FDCD71C4F9AE02.roa (hash: FlA8+p87RbQ6mn+Uy7n2/3i41zgTeNGWUbO12H/DP9M=) 9: FD9DD964D0FE11F09871A984C4F9AE02.roa (hash: G1qGp3AbufezlzHrd+0qbgbIIfUHZdSitfvuprjoIJE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Feb 2026 18:22:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3215 (0xc8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91298DA, serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD Validity Not Before: Jan 26 18:22:09 2026 GMT Not After : Feb 2 18:22:09 2026 GMT Subject: CN=6977b0d2-f88e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:5c:cc:84:e9:46:fe:fb:78:7f:d3:70:f7:50: f9:a7:b9:ae:46:25:ea:6a:0a:93:88:48:f9:b0:81: 7a:f8:2a:ff:a4:52:a6:83:30:9e:d8:62:97:54:31: 34:9a:8f:47:b8:67:5c:39:72:c5:ac:60:99:e2:08: 25:87:16:49:74:1f:7e:4b:cf:30:e8:de:f2:50:69: f8:3b:e9:cf:5a:9d:0b:55:bd:5f:f3:69:a8:d8:f8: 4e:6c:27:ff:1f:ce:40:f2:9f:97:87:3c:b9:64:a7: b1:e1:11:0a:fb:56:d6:a0:9e:58:84:6f:7a:aa:63: 6b:69:84:49:8f:2a:20:30:2c:7f:49:fd:00:73:6b: 9d:95:57:6e:e4:71:57:3f:a4:30:85:c2:4c:b5:b9: 68:c1:f5:a6:7e:8b:10:47:13:9d:fb:4d:cf:49:24: 29:23:e9:47:b9:ef:07:9b:d0:ce:70:c1:f4:fb:56: db:1f:d8:26:1d:d9:6b:a9:47:13:2d:54:dc:e2:ca: 72:70:4f:67:ef:47:61:a0:1d:67:7a:38:c7:99:3d: a0:90:08:88:89:05:73:96:cf:d0:9f:c0:15:8a:b3: 33:0f:5d:12:ae:cd:85:86:b0:83:88:93:57:83:92: 9a:51:66:24:4c:30:f4:39:33:c8:36:36:d1:60:78: 63:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:01:F8:19:C7:B5:37:7A:B7:4B:00:60:9A:FE:E4:BE:7A:09:F8:88 X509v3 Authority Key Identifier: keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:50:30:17:2a:98:4d:dd:0c:2c:7c:f1:97:70:be:97:04:f5: 88:9a:60:15:59:3c:0c:eb:3f:cd:7a:ea:24:70:e1:34:3c:6f: 4d:04:2c:80:3c:08:44:2c:5d:2d:a6:5f:72:05:9e:6c:f3:c6: 1e:31:cf:8e:82:f6:c8:9b:a5:fa:74:2b:e3:c4:94:c3:a6:8b: 9c:c8:a1:b2:f3:3a:2e:fd:91:2a:26:39:c3:55:37:7e:30:95: ff:d2:8c:ec:2e:c7:80:24:f5:53:75:7f:88:77:73:11:4f:1d: 97:41:56:2f:95:21:b4:d5:36:cf:2b:7e:19:da:e4:19:f0:09: fb:fb:8d:8f:34:e2:6b:87:1b:5f:92:6e:a0:56:58:d3:dc:8a: de:f8:1a:26:cf:56:48:ac:43:fe:7d:78:68:fb:38:e7:84:85: 67:46:24:df:e4:f0:bf:41:fb:74:ee:01:6f:ff:7e:b1:a2:96: 0b:8f:10:cf:cf:06:02:60:e4:75:4a:1a:79:0a:eb:bc:61:09: 57:88:d8:5c:56:73:16:7f:97:4c:dc:0a:b4:6f:fc:60:cd:de: a2:05:ad:87:e7:7c:2f:5d:19:af:91:7b:22:c3:7f:20:2b:a8: 73:8c:0e:c7:fb:cc:de:c3:09:e9:09:1f:d9:f6:f7:9a:02:44: 62:ef:4e:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF MEI3RDY1REQwHhcNMjYwMTI2MTgyMjA5WhcNMjYwMjAyMTgyMjA5WjAYMRYwFAYD VQQDDA02OTc3YjBkMi1mODhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6lzMhOlG/vt4f9Nw91D5p7muRiXqagqTiEj5sIF6+Cr/pFKmgzCe2GKXVDE0 mo9HuGdcOXLFrGCZ4gglhxZJdB9+S88w6N7yUGn4O+nPWp0LVb1f82mo2PhObCf/ H85A8p+Xhzy5ZKex4REK+1bWoJ5YhG96qmNraYRJjyogMCx/Sf0Ac2udlVdu5HFX P6QwhcJMtblowfWmfosQRxOd+03PSSQpI+lHue8Hm9DOcMH0+1bbH9gmHdlrqUcT LVTc4spycE9n70dhoB1nejjHmT2gkAiIiQVzls/Qn8AVirMzD10Srs2FhrCDiJNX g5KaUWYkTDD0OTPINjbRYHhjKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOcB+BnH tTd6t0sAYJr+5L56CfiIMB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2 ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OThEQS8zNEYzNjEyRTI2ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFx LURsUHF5TFItNWJndDlaZDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOUDAXKphN3QwsfPGXcL6XBPWImmAVWTwM6z/NeuokcOE0PG9NBCyA PAhELF0tpl9yBZ5s88YeMc+OgvbIm6X6dCvjxJTDpoucyKGy8zou/ZEqJjnDVTd+ MJX/0ozsLseAJPVTdX+Id3MRTx2XQVYvlSG01TbPK34Z2uQZ8An7+42PNOJrhxtf km6gVljT3Ire+Bomz1ZIrEP+fXho+zjnhIVnRiTf5PC/Qft07gFv/36xopYLjxDP zwYCYOR1Shp5Cuu8YQlXiNhcVnMWf5dM3Aq0b/xgzd6iBa2H53wvXRmvkXsiw38g K6hzjA7H+8zewwnpCR/Z9veaAkRi704J -----END CERTIFICATE-----Generated at Tue Jan 27 13:24:11 2026 by rpki-client