This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft File: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft (raw, json) Hash identifier: LC8ZlO5zzKNrFv91+h94+vZUqVKb2bB751mShS+P3dg= Subject key identifier: 45:6C:E9:13:6E:77:41:73:79:78:AB:C9:F9:81:D4:D2:B9:2A:A2:DC Authority key identifier: DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 Certificate issuer: /CN=A912BAAD/serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Certificate serial: 0C65 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft Manifest number: 0C56 Signing time: Mon 22 Dec 2025 18:12:41 +0000 Manifest this update: Mon 22 Dec 2025 18:12:41 +0000 Manifest next update: Mon 29 Dec 2025 18:12:41 +0000 Files and hashes: 1: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl (hash: nGwe5k63Tj+W19DUWlgSPtCwD72qSwWRQ1AuAFF0HAA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 18:12:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3173 (0xc65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BAAD, serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Validity Not Before: Dec 22 18:12:41 2025 GMT Not After : Dec 29 18:12:41 2025 GMT Subject: CN=69498a19-5a62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:4d:10:68:33:7b:ae:0d:7e:b2:c6:bd:3f:0d: 85:26:dc:57:4b:dd:90:98:95:74:48:3f:5e:42:9f: b7:74:30:2b:90:f7:f1:3f:bf:e2:b3:49:be:93:55: 2c:15:d3:ec:7a:9a:e4:50:2c:aa:5e:d2:ff:78:f1: 23:b8:c5:f9:a6:fc:53:4d:c7:7f:52:e4:6b:c2:fb: e8:12:ef:e5:26:c6:20:72:4e:1e:c3:6f:6d:cf:b8: a8:d6:10:b4:00:ec:72:e3:c0:d6:fa:45:4b:24:8e: 67:cf:f5:d8:40:18:8f:e9:fb:58:47:c3:14:78:da: 4d:fe:56:42:83:2c:82:29:e2:36:d8:54:9d:18:1c: 15:ff:ac:dd:72:44:af:5e:66:f1:e4:9d:e3:06:24: 01:73:15:99:39:40:05:4d:84:e6:85:2f:f0:2e:b2: 63:51:13:5d:e1:1a:0f:a9:2a:cb:28:8b:53:3f:c9: 7f:4a:06:90:51:cb:70:60:c7:6b:96:87:db:e3:cb: d4:c4:95:53:a8:b6:92:d6:fa:07:89:95:fd:a7:57: af:b2:1d:02:21:55:7f:cb:3e:bd:27:22:a8:95:e9: 37:c2:62:7e:fc:0c:04:f7:1a:f0:29:1e:c3:ae:f8: 72:23:21:6b:e7:f7:69:3b:40:39:0e:62:85:3c:2d: fc:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:6C:E9:13:6E:77:41:73:79:78:AB:C9:F9:81:D4:D2:B9:2A:A2:DC X509v3 Authority Key Identifier: keyid:DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:a9:e2:5f:d2:0c:d5:45:2b:48:3b:24:b3:c1:48:d5:66:24: 2d:59:3d:a6:5b:8e:f8:af:01:bf:21:17:06:98:20:c5:92:eb: 2b:64:60:a6:8f:8c:34:70:23:d5:39:a5:4c:ec:72:83:0a:b3: 91:9b:6a:0d:1d:48:c2:cd:35:fa:04:b4:e5:c4:54:df:9c:dd: f4:78:5a:af:8b:47:52:a5:1c:05:ed:a0:13:e3:e2:90:b1:66: 2e:d2:61:0b:67:9e:2f:42:8c:0e:44:92:d0:9f:7c:f6:56:12: 6c:23:40:1c:6e:a6:ea:79:0d:65:42:77:6e:8c:85:cd:46:46: c0:cf:f4:a8:12:b4:59:3e:ff:09:bf:f0:eb:e3:f0:74:9e:14: 6f:6c:bd:33:07:95:f9:60:a5:ee:99:0b:f1:26:9f:db:56:b2: 59:d7:b1:da:f7:31:e1:22:b7:ca:5d:ea:e5:0f:ae:eb:df:9c: 46:7c:eb:b1:7c:75:a0:c1:ca:1f:07:6c:81:3b:a9:2e:2e:f2: b1:33:0b:ab:ab:72:bf:3e:73:c9:b7:e6:73:93:73:90:3e:0f: 6e:e4:fa:cb:91:f5:8e:1e:83:6d:72:f1:fe:2e:de:7a:66:57: 87:7f:b0:78:0b:c9:19:cc:4d:0f:e5:0c:54:27:32:e8:3b:0a: 0f:7c:8f:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDGUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJBQUQxMTAvBgNVBAUTKERERjg4NDkxMUFEM0YyOENDOUQ5NkE4QzI0QTkzOUE2 NUY4QjI1NzYwHhcNMjUxMjIyMTgxMjQxWhcNMjUxMjI5MTgxMjQxWjAYMRYwFAYD VQQDDA02OTQ5OGExOS01YTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApU0QaDN7rg1+ssa9Pw2FJtxXS92QmJV0SD9eQp+3dDArkPfxP7/is0m+k1Us FdPseprkUCyqXtL/ePEjuMX5pvxTTcd/UuRrwvvoEu/lJsYgck4ew29tz7io1hC0 AOxy48DW+kVLJI5nz/XYQBiP6ftYR8MUeNpN/lZCgyyCKeI22FSdGBwV/6zdckSv Xmbx5J3jBiQBcxWZOUAFTYTmhS/wLrJjURNd4RoPqSrLKItTP8l/SgaQUctwYMdr lofb48vUxJVTqLaS1voHiZX9p1evsh0CIVV/yz69JyKolek3wmJ+/AwE9xrwKR7D rvhyIyFr5/dpO0A5DmKFPC38+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEVs6RNu d0FzeXiryfmB1NK5KqLcMB8GA1UdIwQYMBaAFN34hJEa0/KMydlqjCSpOaZfiyV2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkFBRC81MjFBRERDODE4 NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhvekoyV3FNSktrNXBsLUxK WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNmaUVrUnJUOG96SjJXcU1KS2s1cGwtTEpYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkFBRC81MjFBRERDODE4NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhv ekoyV3FNSktrNXBsLUxKWFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbqeJf0gzVRStIOySzwUjVZiQtWT2mW474rwG/IRcGmCDFkusrZGCm j4w0cCPVOaVM7HKDCrORm2oNHUjCzTX6BLTlxFTfnN30eFqvi0dSpRwF7aAT4+KQ sWYu0mELZ54vQowORJLQn3z2VhJsI0AcbqbqeQ1lQndujIXNRkbAz/SoErRZPv8J v/Dr4/B0nhRvbL0zB5X5YKXumQvxJp/bVrJZ17Ha9zHhIrfKXerlD67r35xGfOux fHWgwcofB2yBO6kuLvKxMwurq3K/PnPJt+Zzk3OQPg9u5PrLkfWOHoNtcvH+Lt56 ZleHf7B4C8kZzE0P5QxUJzLoOwoPfI9j -----END CERTIFICATE-----Generated at Wed Dec 24 14:10:49 2025 by rpki-client