This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft File: 320AK7yrolDSrmtEVOPL_WfSx-o.mft (raw, json) Hash identifier: ntkt7r+XhiMpEaHfKsUL3ckC4anKgAgYMSU95oq6MnY= Subject key identifier: 37:94:ED:F0:E4:FB:49:1F:6F:A6:D9:A9:35:8A:BC:A2:A5:EC:A8:82 Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Certificate serial: 09F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft Manifest number: 09EF Signing time: Mon 22 Dec 2025 19:18:10 +0000 Manifest this update: Mon 22 Dec 2025 19:18:09 +0000 Manifest next update: Mon 29 Dec 2025 19:18:09 +0000 Files and hashes: 1: 320AK7yrolDSrmtEVOPL_WfSx-o.crl (hash: O+d2/kxxolQZ6XHk2cHChi1XlDiYv8+Et62bLfNrIHY=) 2: C07738FE9F4511EB88EBCA76C4F9AE02.roa (hash: EW5gw++/Nv/7XkyhmrGAdJFCyCQBgQSX+Pdw0qIT5p4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 19:18:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2553 (0x9f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143DE2, serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Validity Not Before: Dec 22 19:18:09 2025 GMT Not After : Dec 29 19:18:09 2025 GMT Subject: CN=69499972-4bab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:2f:d8:76:c7:af:98:86:d9:2c:e7:ce:a0:40: b5:5e:95:d2:98:ea:67:63:37:ec:30:a5:61:38:a6: ef:e7:11:e0:ae:e9:c6:04:ad:d2:56:06:84:6a:3b: 02:af:3c:23:5c:c2:2f:97:e6:bf:4f:a6:53:fb:ea: 6e:dd:60:60:6a:af:c6:38:26:e7:78:b6:6c:fc:78: b7:49:da:83:d2:ca:12:82:1b:ce:8f:d5:ec:db:2e: 5d:e8:90:1b:32:5d:c6:3c:8a:b3:1d:e7:2d:66:84: cb:5a:80:ad:63:30:b5:ed:e1:fa:ce:dc:ea:33:a4: 50:6d:6e:0f:09:23:c9:81:92:b5:14:73:78:47:7e: 61:fa:e0:a6:3b:bd:ff:fe:5b:3d:47:a9:43:51:cc: 9f:cb:b6:f0:b7:6d:7b:13:fe:49:ff:a5:00:b5:13: d7:ac:3a:ab:49:a1:8d:12:a8:bb:a4:1d:39:33:62: 8a:76:2d:07:96:ff:bf:98:7d:4b:5e:e1:e0:75:8d: 46:92:ae:a5:e8:1c:50:76:c9:5e:5e:40:99:e9:2d: 65:0e:33:73:17:3e:6d:cb:e2:eb:cd:ae:e4:b9:3a: 00:06:a4:af:4c:05:29:68:bd:60:fe:46:95:54:90: 63:d6:5c:eb:4d:1e:e2:af:dc:51:dd:18:3d:2c:a9: bd:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:94:ED:F0:E4:FB:49:1F:6F:A6:D9:A9:35:8A:BC:A2:A5:EC:A8:82 X509v3 Authority Key Identifier: keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:4d:ed:79:f4:30:a3:77:68:20:d5:2e:27:20:55:d9:53:f9: 47:36:b2:a0:50:77:ea:de:b7:e6:2d:c3:58:07:a8:15:9f:17: 86:7c:3b:52:e0:34:d4:d6:ab:f8:c9:57:6e:80:7b:a0:64:0f: 98:1b:f7:ac:14:b0:c2:0c:31:82:66:2a:5d:a2:0c:67:01:d1: 69:d5:48:8d:0b:4e:27:68:ac:79:83:8c:b9:10:ff:7d:d3:d4: c1:d4:e2:cc:7b:56:1d:df:5a:92:4d:fd:1a:18:fb:18:6d:24: 9a:a3:8c:4b:92:32:4b:80:e2:c7:44:66:f8:13:cf:0c:72:b0: 70:3a:a8:74:b2:39:a9:eb:59:ba:22:18:89:9e:bf:cf:c4:d2: a3:f0:2b:4e:bc:b7:8e:fc:46:68:5c:b9:22:11:a9:9c:35:3d: b9:72:a1:b9:cb:c4:75:1c:14:c6:d8:5b:9c:7e:29:08:64:c4: 7a:76:50:64:fd:ba:57:a4:3a:65:6b:47:8d:af:57:c5:1d:53: 40:9e:50:0e:f7:30:dc:aa:61:e7:f6:30:a2:f1:21:b2:d0:84: 78:48:3a:46:0a:61:3f:c8:a3:a7:50:f4:7c:08:99:90:c9:eb: 63:d6:73:06:76:12:4a:85:95:98:c4:c8:99:04:40:51:ff:df: e7:97:7c:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE NjdEMkM3RUEwHhcNMjUxMjIyMTkxODA5WhcNMjUxMjI5MTkxODA5WjAYMRYwFAYD VQQDDA02OTQ5OTk3Mi00YmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0i/YdsevmIbZLOfOoEC1XpXSmOpnYzfsMKVhOKbv5xHgrunGBK3SVgaEajsC rzwjXMIvl+a/T6ZT++pu3WBgaq/GOCbneLZs/Hi3SdqD0soSghvOj9Xs2y5d6JAb Ml3GPIqzHectZoTLWoCtYzC17eH6ztzqM6RQbW4PCSPJgZK1FHN4R35h+uCmO73/ /ls9R6lDUcyfy7bwt217E/5J/6UAtRPXrDqrSaGNEqi7pB05M2KKdi0Hlv+/mH1L XuHgdY1Gkq6l6BxQdsleXkCZ6S1lDjNzFz5ty+Lrza7kuToABqSvTAUpaL1g/kaV VJBj1lzrTR7ir9xR3Rg9LKm9lwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDeU7fDk +0kfb6bZqTWKvKKl7KiCMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4 LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0RFMi9EMjE4REQ1MjhFOTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9s RFNybXRFVk9QTF9XZlN4LW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjTe159DCjd2gg1S4nIFXZU/lHNrKgUHfq3rfmLcNYB6gVnxeGfDtS 4DTU1qv4yVdugHugZA+YG/esFLDCDDGCZipdogxnAdFp1UiNC04naKx5g4y5EP99 09TB1OLMe1Yd31qSTf0aGPsYbSSao4xLkjJLgOLHRGb4E88McrBwOqh0sjmp61m6 IhiJnr/PxNKj8CtOvLeO/EZoXLkiEamcNT25cqG5y8R1HBTG2FucfikIZMR6dlBk /bpXpDpla0eNr1fFHVNAnlAO9zDcqmHn9jCi8SGy0IR4SDpGCmE/yKOnUPR8CJmQ yetj1nMGdhJKhZWYxMiZBEBR/9/nl3wi -----END CERTIFICATE-----Generated at Wed Dec 24 15:47:09 2025 by rpki-client