This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: I5R9L5ZZI+6fY/K189BZ11c4/8p2JoqlOFHIt2zA+O0= Subject key identifier: 21:6F:BD:BA:E0:4D:A2:79:C0:7F:8E:01:2A:F6:62:BA:53:8E:63:77 Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: FB Signing time: Tue 23 Dec 2025 04:11:05 +0000 Manifest this update: Tue 23 Dec 2025 04:11:04 +0000 Manifest next update: Tue 30 Dec 2025 04:11:04 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: 4QDWLNq/+wQJPcBsWpHcUWOiE2tS8F6pDrjsQRjXX+M=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: ssSab392rUEklfenSvYRYq8TUWajk4XJZygnBh6m+8Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 04:11:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 253 (0xfd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: Dec 23 04:11:04 2025 GMT Not After : Dec 30 04:11:04 2025 GMT Subject: CN=694a1658-c509 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:ad:a3:a4:f7:17:17:97:a1:dc:a2:3f:80:fa: 93:37:ab:1f:4d:fb:6f:c0:7b:1e:16:b2:48:69:43: 90:b9:47:fb:d1:c5:8a:e2:2c:cc:38:f5:6b:cc:90: 6d:9a:f2:57:3d:f2:9f:fd:9b:86:e8:61:7c:e1:44: ec:60:7b:a2:c6:27:ef:a5:6a:63:a7:f4:28:5b:25: ea:8e:19:07:ce:e1:17:0f:f9:24:7c:0e:9d:77:48: 73:20:96:13:f3:34:21:28:ab:e9:70:37:df:aa:f0: 5a:76:9c:50:28:f9:88:c1:63:31:1f:40:13:1f:95: ac:00:60:f8:94:65:4e:94:d3:55:88:6c:9e:f3:3e: e0:8a:24:88:45:e5:81:73:22:60:c3:df:8e:78:91: d9:9b:f5:f0:15:0d:93:4c:5a:d0:3c:80:cc:21:8b: b4:fa:aa:aa:5b:1c:fc:47:52:1f:0c:4b:45:40:71: 05:8d:5f:5b:ca:db:e2:3f:7d:1e:ce:44:23:8f:87: 6e:c8:87:8c:2c:8f:f2:e4:03:6e:ef:ef:8c:19:9c: bb:49:64:03:02:80:fc:89:e2:00:9a:25:f1:46:43: eb:bb:85:38:42:7e:0d:41:39:bf:1c:ae:fd:d2:20: 6a:81:82:b4:ef:4a:0d:79:65:a7:5c:ef:6b:d2:9d: 8a:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:6F:BD:BA:E0:4D:A2:79:C0:7F:8E:01:2A:F6:62:BA:53:8E:63:77 X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:72:67:9b:9d:85:e5:3d:7b:ac:76:86:91:eb:a5:12:87:cb: 56:a3:ce:4a:98:7d:a1:ea:5b:b5:92:4f:64:34:6f:eb:ad:d6: 32:74:9a:ab:69:6d:61:7c:45:70:ca:f2:cc:8c:6b:8e:cf:e2: 68:60:0d:fb:25:14:2e:c8:36:2a:55:fd:a0:d8:7a:ac:38:1a: 56:f6:bd:12:fe:47:70:f5:a0:40:1e:7b:05:db:74:f8:66:51: 49:99:d9:c7:25:ca:cc:c9:a4:ed:8f:1a:ad:e3:f2:f2:6f:8d: 04:61:d5:ee:75:ea:d4:af:37:ef:10:ca:34:67:72:d1:cc:34: 87:b9:20:36:38:8d:25:43:91:46:4c:b5:a3:f2:07:7d:69:cb: 3a:a4:3b:f5:b0:51:e6:e9:c4:e0:b3:10:af:7b:8b:c1:1e:dc: c7:9a:66:9c:7e:de:85:15:96:8c:48:69:e2:28:89:b7:f0:82: 28:31:ba:a5:f6:b5:06:bc:83:a4:ce:cf:de:8a:c5:6d:c0:1b: d6:20:87:72:03:31:75:23:26:85:58:bc:ba:b3:36:52:fd:c0: 11:46:1b:7c:c7:b4:b2:fd:d4:db:e5:cb:8b:0e:04:d6:01:4b: 9e:e4:b9:27:fa:13:bf:ce:f2:ee:43:12:47:6d:b6:a1:9d:de: 03:1e:0c:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUxMjIzMDQxMTA0WhcNMjUxMjMwMDQxMTA0WjAYMRYwFAYD VQQDDA02OTRhMTY1OC1jNTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAha2jpPcXF5eh3KI/gPqTN6sfTftvwHseFrJIaUOQuUf70cWK4izMOPVrzJBt mvJXPfKf/ZuG6GF84UTsYHuixifvpWpjp/QoWyXqjhkHzuEXD/kkfA6dd0hzIJYT 8zQhKKvpcDffqvBadpxQKPmIwWMxH0ATH5WsAGD4lGVOlNNViGye8z7giiSIReWB cyJgw9+OeJHZm/XwFQ2TTFrQPIDMIYu0+qqqWxz8R1IfDEtFQHEFjV9bytviP30e zkQjj4duyIeMLI/y5ANu7++MGZy7SWQDAoD8ieIAmiXxRkPru4U4Qn4NQTm/HK79 0iBqgYK070oNeWWnXO9r0p2KwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFvvbrg TaJ5wH+OASr2YrpTjmN3MB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+cmebnYXlPXusdoaR66USh8tWo85KmH2h6lu1kk9kNG/rrdYydJqr aW1hfEVwyvLMjGuOz+JoYA37JRQuyDYqVf2g2HqsOBpW9r0S/kdw9aBAHnsF23T4 ZlFJmdnHJcrMyaTtjxqt4/Lyb40EYdXuderUrzfvEMo0Z3LRzDSHuSA2OI0lQ5FG TLWj8gd9acs6pDv1sFHm6cTgsxCve4vBHtzHmmacft6FFZaMSGniKIm38IIoMbql 9rUGvIOkzs/eisVtwBvWIIdyAzF1IyaFWLy6szZS/cARRht8x7Sy/dTb5cuLDgTW AUue5Lkn+hO/zvLuQxJHbbahnd4DHgzr -----END CERTIFICATE-----Generated at Wed Dec 24 15:50:55 2025 by rpki-client