This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: QG4ZbFqw0M2qNvNBLBZfwJHJvkdTMe5/GP05MMNIzCc= Subject key identifier: 0A:58:DB:E3:9F:AF:46:17:48:A5:87:68:DF:51:C3:AF:54:5D:52:2B Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 2562 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 2562 Signing time: Tue 02 Dec 2025 14:16:24 +0000 Manifest this update: Tue 02 Dec 2025 14:16:23 +0000 Manifest next update: Tue 09 Dec 2025 14:16:23 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: 6NWKbKDBOS7WnQfjIxBYOzypYAMo7+xrciwf+DYCvD4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 14:16:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9570 (0x2562) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: Dec 2 14:16:23 2025 GMT Not After : Dec 9 14:16:23 2025 GMT Subject: CN=692ef4b8-faf2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f6:35:2e:9b:39:ec:2b:0c:9b:00:77:71:f1: c2:2e:e7:93:21:b1:9a:3d:21:22:be:09:a3:19:17: c0:82:c7:d3:2e:f6:38:ea:0c:f5:58:0f:4d:f2:a1: 1d:2f:8b:bf:2a:1c:29:dc:fd:e3:9f:3f:c0:ce:c5: 3a:ca:14:20:94:32:94:26:3f:34:f3:b5:d6:aa:27: e7:ad:30:d9:85:ba:23:1e:fe:0e:54:2f:b3:c3:a5: 35:67:59:07:84:23:43:31:30:1e:9e:68:f5:88:11: 44:10:c0:0a:23:72:f0:d7:4d:ae:b3:9a:38:66:c4: 1d:06:e4:53:c7:36:40:07:88:93:18:2e:95:95:aa: 44:b1:54:a5:43:5f:ee:d1:55:a5:b1:9b:95:34:cb: 0b:89:fb:1d:37:9f:60:be:d3:a7:5d:e6:c3:62:6b: 4c:e1:d8:db:59:ec:06:63:27:85:65:29:79:4f:52: b5:18:50:bb:50:03:54:b1:4c:cd:6f:de:1a:46:a4: 05:db:12:38:97:15:68:ec:d7:ec:a0:46:da:6c:0a: 0d:f5:58:3c:cf:86:44:49:26:aa:78:6f:65:23:b2: 6a:b1:3f:86:57:9c:67:bf:58:b4:72:b8:92:d1:ad: 17:8c:ed:7f:3e:f7:29:8a:8c:ec:47:6b:ab:30:98: b2:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:58:DB:E3:9F:AF:46:17:48:A5:87:68:DF:51:C3:AF:54:5D:52:2B X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:e5:c7:5f:ea:41:1a:43:e1:84:69:94:4e:67:49:c4:cf:2a: 45:52:38:08:8d:fc:16:17:81:08:53:bd:a6:16:16:99:33:b2: 73:ed:55:17:80:34:28:6b:09:24:7e:47:cc:0b:b4:25:cd:2b: df:a3:3c:d0:d4:e4:e6:fd:af:73:f2:6f:f4:7d:e5:74:18:36: 42:a7:98:fa:a0:88:25:c4:41:4d:f2:5c:70:a9:39:57:3e:4a: af:54:62:f5:0a:c2:dc:67:7c:23:40:e2:fe:18:08:c4:59:c5: 0b:c8:60:4e:8f:a1:7f:67:82:7e:57:fd:86:bb:c2:66:cc:63: 45:17:86:c8:0d:ee:e1:d8:b4:44:47:c1:4a:c8:20:d9:67:d9: 19:13:74:56:14:02:78:35:c3:e2:9d:31:55:b8:ef:ff:af:9f: cd:1e:6d:3f:e4:2c:fa:fc:db:9e:d1:3e:20:dc:27:e2:e8:d3: 5d:2c:61:b8:21:1d:a5:8e:74:84:a8:24:ab:37:46:5f:97:84: d9:2c:04:5a:36:78:5a:7c:35:16:48:00:7b:2d:20:dc:f3:70: b3:88:b3:04:5c:67:e7:5f:87:4c:41:b2:34:32:2c:bb:29:f4: a6:6e:33:58:c1:3d:56:bd:ad:14:dc:2a:77:7f:f2:e3:ce:ac: a5:33:5e:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUxMjAyMTQxNjIzWhcNMjUxMjA5MTQxNjIzWjAYMRYwFAYD VQQDEw02OTJlZjRiOC1mYWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz/Y1Lps57CsMmwB3cfHCLueTIbGaPSEivgmjGRfAgsfTLvY46gz1WA9N8qEd L4u/Khwp3P3jnz/AzsU6yhQglDKUJj8087XWqifnrTDZhbojHv4OVC+zw6U1Z1kH hCNDMTAenmj1iBFEEMAKI3Lw102us5o4ZsQdBuRTxzZAB4iTGC6VlapEsVSlQ1/u 0VWlsZuVNMsLifsdN59gvtOnXebDYmtM4djbWewGYyeFZSl5T1K1GFC7UANUsUzN b94aRqQF2xI4lxVo7NfsoEbabAoN9Vg8z4ZESSaqeG9lI7JqsT+GV5xnv1i0criS 0a0XjO1/PvcpiozsR2urMJiyFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFApY2+Of r0YXSKWHaN9Rw69UXVIrMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAB5cdf6kEaQ+GEaZROZ0nEzypFUjgIjfwWF4EIU72mFhaZM7Jz7VUX gDQoawkkfkfMC7QlzSvfozzQ1OTm/a9z8m/0feV0GDZCp5j6oIglxEFN8lxwqTlX PkqvVGL1CsLcZ3wjQOL+GAjEWcULyGBOj6F/Z4J+V/2Gu8JmzGNFF4bIDe7h2LRE R8FKyCDZZ9kZE3RWFAJ4NcPinTFVuO//r5/NHm0/5Cz6/Nue0T4g3Cfi6NNdLGG4 IR2ljnSEqCSrN0Zfl4TZLARaNnhafDUWSAB7LSDc83CziLMEXGfnX4dMQbI0Miy7 KfSmbjNYwT1Wva0U3Cp3f/LjzqylM157 -----END CERTIFICATE-----Generated at Wed Dec 3 13:58:27 2025 by rpki-client