This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft File: PFRw6B-koZCHAh0K130zbOvipo0.mft (raw, json) Hash identifier: EkReFlX5MWADQhzKL5BDFmNFKA1xkR7/OKPh8hVmlVI= Subject key identifier: 6D:BF:4E:6E:34:2C:53:D3:76:A3:D5:74:BC:E4:DF:A8:48:21:99:74 Authority key identifier: 3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D Certificate issuer: /CN=A9143CB3/serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D Certificate serial: 1B43 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft Manifest number: 1B40 Signing time: Tue 02 Dec 2025 16:07:00 +0000 Manifest this update: Tue 02 Dec 2025 16:07:00 +0000 Manifest next update: Tue 09 Dec 2025 16:07:00 +0000 Files and hashes: 1: PFRw6B-koZCHAh0K130zbOvipo0.crl (hash: O8xBxlA0dKuVbqs/1GPFVCpOG/ZzJa0pz0Z1K9DjFZs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 16:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6979 (0x1b43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143CB3, serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D Validity Not Before: Dec 2 16:07:00 2025 GMT Not After : Dec 9 16:07:00 2025 GMT Subject: CN=692f0ea4-7a1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:a9:b1:79:d9:cd:85:af:8f:2b:12:80:58:92: 4e:c7:e7:27:4f:ca:aa:be:10:5e:b5:3b:d5:4b:ba: 01:33:fe:64:bd:5d:a9:ac:8e:e7:e5:3d:c8:53:b4: 79:71:ea:30:e1:a0:87:9e:3e:5f:eb:d4:14:d5:08: 87:82:99:f2:bb:58:c0:d0:1e:c5:50:80:03:9c:07: 2c:48:03:23:a8:29:97:78:0c:15:7d:81:39:22:56: 8d:21:e1:64:19:3a:f9:d5:4b:4d:f8:a6:b9:8e:67: 59:6b:0b:1a:66:1e:13:49:f9:4e:f4:4f:ac:9d:73: ec:81:bc:7a:a6:18:39:06:30:f4:b0:3b:12:dc:ab: a9:e8:fa:d8:dc:43:3c:e4:bc:e5:71:4a:5c:3d:9c: ee:e9:5b:5f:c9:43:71:0b:fc:66:0e:d2:1a:00:39: f4:98:b1:64:1b:b8:b2:0c:f2:27:0f:07:d8:ee:ce: 3a:da:12:20:71:5c:e2:ee:5e:68:d2:6d:4a:68:1a: 57:a3:b9:88:a8:eb:43:ab:23:13:e7:31:11:40:15: 7f:64:3b:2e:11:73:e7:59:d6:0e:3f:84:b0:0e:98: d9:dc:33:42:f2:11:62:76:2c:75:87:92:9e:f2:7e: 11:c4:4a:63:71:0e:94:39:c6:79:74:53:88:ed:53: 85:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:BF:4E:6E:34:2C:53:D3:76:A3:D5:74:BC:E4:DF:A8:48:21:99:74 X509v3 Authority Key Identifier: keyid:3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:24:f4:cd:0f:87:89:22:ec:e4:d2:6f:63:f8:f1:60:f0:51: e0:be:16:66:d7:b6:c5:44:f8:88:05:d1:64:d2:ee:dc:27:54: 8c:83:31:55:28:96:3d:70:06:07:a8:8c:a0:3f:32:26:ee:53: 73:e7:59:34:7d:67:82:eb:85:1b:e1:45:84:ec:ad:73:bb:11: 25:c9:01:3c:6a:ef:5c:a7:42:cf:96:3a:05:ac:ef:10:02:4b: d2:fd:ef:82:b1:60:fa:e0:f4:7a:b0:9c:2e:db:4a:be:77:cb: b9:8a:c9:95:5b:e6:d5:22:12:58:28:47:a1:f5:2c:a8:7e:22: e8:8f:bc:a1:2a:11:df:d8:84:25:94:07:5e:6a:78:aa:ee:e1: bc:a1:51:e9:5f:61:54:04:ea:05:f1:e5:39:17:c9:3d:2d:53: 65:b5:e9:d6:db:cf:e8:37:7c:45:3f:57:c6:ff:30:be:13:7b: e0:2d:29:56:d3:08:d2:92:f8:83:b8:7e:2f:1d:6c:45:df:85: ab:ad:9a:2c:14:77:06:d7:2d:04:8c:b4:4d:eb:01:b5:2e:b4: 1b:12:58:5f:19:1f:c4:07:e4:ee:e7:48:93:c7:a9:4d:b9:2d: b3:a7:e7:b7:30:70:00:22:d1:22:78:d6:4d:25:fb:e0:9d:9f: a7:a0:e6:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICG0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNDQjMxMTAvBgNVBAUTKDNDNTQ3MEU4MUZBNEExOTA4NzAyMUQwQUQ3N0QzMzZD RUJFMkE2OEQwHhcNMjUxMjAyMTYwNzAwWhcNMjUxMjA5MTYwNzAwWjAYMRYwFAYD VQQDEw02OTJmMGVhNC03YTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0KmxednNha+PKxKAWJJOx+cnT8qqvhBetTvVS7oBM/5kvV2prI7n5T3IU7R5 ceow4aCHnj5f69QU1QiHgpnyu1jA0B7FUIADnAcsSAMjqCmXeAwVfYE5IlaNIeFk GTr51UtN+Ka5jmdZawsaZh4TSflO9E+snXPsgbx6phg5BjD0sDsS3Kup6PrY3EM8 5LzlcUpcPZzu6VtfyUNxC/xmDtIaADn0mLFkG7iyDPInDwfY7s462hIgcVzi7l5o 0m1KaBpXo7mIqOtDqyMT5zERQBV/ZDsuEXPnWdYOP4SwDpjZ3DNC8hFidix1h5Ke 8n4RxEpjcQ6UOcZ5dFOI7VOFNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG2/Tm40 LFPTdqPVdLzk36hIIZl0MB8GA1UdIwQYMBaAFDxUcOgfpKGQhwIdCtd9M2zr4qaN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xNTE2Njc5RTI1 OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29aQ0hBaDBLMTMwemJPdmlw bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BGUnc2Qi1rb1pDSEFoMEsxMzB6Yk92aXBvMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0NCMy8xNTE2Njc5RTI1OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29a Q0hBaDBLMTMwemJPdmlwbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBXJPTND4eJIuzk0m9j+PFg8FHgvhZm17bFRPiIBdFk0u7cJ1SMgzFV KJY9cAYHqIygPzIm7lNz51k0fWeC64Ub4UWE7K1zuxElyQE8au9cp0LPljoFrO8Q AkvS/e+CsWD64PR6sJwu20q+d8u5ismVW+bVIhJYKEeh9SyofiLoj7yhKhHf2IQl lAdeaniq7uG8oVHpX2FUBOoF8eU5F8k9LVNltenW28/oN3xFP1fG/zC+E3vgLSlW 0wjSkviDuH4vHWxF34WrrZosFHcG1y0EjLRN6wG1LrQbElhfGR/EB+Tu50iTx6lN uS2zp+e3MHAAItEieNZNJfvgnZ+noOYC -----END CERTIFICATE-----Generated at Wed Dec 3 14:56:45 2025 by rpki-client