This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9144C70/82BC84EEAC6711ECB75CDA24C4F9AE02/Aonh4IK22hq6VVKEDAyrAsKjt04.mft File: Aonh4IK22hq6VVKEDAyrAsKjt04.mft (raw, json) Hash identifier: OuMhmDgzU+efvH23dg8hvKUWnERxtwginmaHH2ryVXk= Subject key identifier: 3D:36:4B:94:CE:90:AE:5C:B0:6E:70:7D:B2:01:E1:50:8D:8E:BC:B5 Authority key identifier: 02:89:E1:E0:82:B6:DA:1A:BA:55:52:84:0C:0C:AB:02:C2:A3:B7:4E Certificate issuer: /CN=A9144C70/serialNumber=0289E1E082B6DA1ABA5552840C0CAB02C2A3B74E Certificate serial: DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aonh4IK22hq6VVKEDAyrAsKjt04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144C70/82BC84EEAC6711ECB75CDA24C4F9AE02/Aonh4IK22hq6VVKEDAyrAsKjt04.mft Manifest number: 04F0 Signing time: Mon 22 Dec 2025 23:37:24 +0000 Manifest this update: Mon 22 Dec 2025 23:37:24 +0000 Manifest next update: Mon 29 Dec 2025 23:37:24 +0000 Files and hashes: 1: Aonh4IK22hq6VVKEDAyrAsKjt04.crl (hash: HX+Z1jp6sRmALMYuRBW9NbyLidHSg9cQOSo+5WbqT7k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144C70/82BC84EEAC6711ECB75CDA24C4F9AE02/Aonh4IK22hq6VVKEDAyrAsKjt04.crl rsync://rpki.apnic.net/member_repository/A9144C70/82BC84EEAC6711ECB75CDA24C4F9AE02/Aonh4IK22hq6VVKEDAyrAsKjt04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aonh4IK22hq6VVKEDAyrAsKjt04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 23:37:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 220 (0xdc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144C70, serialNumber=0289E1E082B6DA1ABA5552840C0CAB02C2A3B74E Validity Not Before: Dec 22 23:37:24 2025 GMT Not After : Dec 29 23:37:24 2025 GMT Subject: CN=6949d634-cbea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:9a:24:e8:97:7e:67:d3:82:6d:dd:6d:75:66: b1:a1:8d:b8:99:6d:6a:c5:07:80:a0:6b:ad:ac:4d: ca:31:09:db:bc:0c:e9:c7:1a:63:83:e3:6c:1d:b2: 79:85:f0:4c:f1:9d:ad:1b:82:1b:b5:06:93:64:b4: bf:f8:7a:00:44:8c:b4:2c:e2:e2:86:3a:c7:a9:d5: 54:f9:bc:f5:22:4b:82:1f:c8:c0:fd:35:55:fa:ea: 55:d1:ad:87:58:73:50:36:a1:91:1d:72:10:e0:37: 63:f6:cb:5d:69:fb:9a:64:6e:02:bb:19:15:92:6f: 79:9a:fb:d2:f5:bc:6a:bd:4f:2a:6c:a0:83:8a:09: 59:9c:10:0b:65:b7:6b:4f:3a:b6:52:33:66:1d:80: 07:22:c0:36:b6:d7:ef:8e:51:23:3f:1e:39:79:e3: 4c:2c:6e:4f:6d:aa:7b:a7:e9:e9:cd:8b:8c:ed:8b: ca:33:d9:15:83:5a:f2:d6:ab:12:ba:70:17:b1:d5: c7:bb:f2:18:db:87:fe:a6:d8:8b:c3:34:16:56:c8: 57:4a:8f:29:bb:fd:cf:5d:93:08:12:79:00:8c:30: 28:12:6a:ea:3f:b9:81:54:19:81:75:a5:4b:31:2e: b6:93:cf:79:82:95:9e:39:20:f3:0e:7a:96:26:6e: 57:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:36:4B:94:CE:90:AE:5C:B0:6E:70:7D:B2:01:E1:50:8D:8E:BC:B5 X509v3 Authority Key Identifier: keyid:02:89:E1:E0:82:B6:DA:1A:BA:55:52:84:0C:0C:AB:02:C2:A3:B7:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144C70/82BC84EEAC6711ECB75CDA24C4F9AE02/Aonh4IK22hq6VVKEDAyrAsKjt04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aonh4IK22hq6VVKEDAyrAsKjt04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144C70/82BC84EEAC6711ECB75CDA24C4F9AE02/Aonh4IK22hq6VVKEDAyrAsKjt04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:90:b8:c7:8c:91:fa:0b:73:36:00:f4:ee:59:6f:42:c1:28: 36:26:92:07:14:48:92:2d:ac:93:d0:70:cf:57:18:7a:a7:88: 02:61:cc:e5:f8:ba:e4:ec:63:26:7b:7c:a7:8a:33:51:ec:28: 23:b4:44:d3:07:1e:02:f2:90:fb:6b:3d:9f:22:42:1b:bf:cd: 98:42:bb:74:c4:2a:22:7e:49:ad:c6:db:44:fb:54:26:8a:4b: c2:0f:c9:9b:57:f7:68:1f:15:69:4a:2c:35:fe:28:a9:b8:0a: af:41:f1:29:55:91:7f:44:a7:2a:1e:67:6d:b2:ea:ef:b2:a3: 54:66:ce:98:aa:4d:48:cd:2c:4a:4d:3d:82:08:b8:e9:da:66: f9:6a:01:d2:7b:d1:16:16:77:c0:41:b9:14:aa:29:20:cd:9c: 67:1d:d8:86:c0:c1:8e:70:cd:e4:16:a0:05:fd:bf:61:06:40: 5a:06:78:a9:bd:7e:e2:38:a1:b3:12:15:fe:d2:b9:6e:d8:33: d3:4b:a3:c6:66:38:a3:20:b3:46:7d:63:a1:f0:ce:a5:81:f9: 8c:a6:53:35:21:b5:a3:be:00:d4:3e:f8:e4:7d:37:c1:86:ae: d2:78:80:53:a2:a3:2a:51:c7:f4:74:79:cf:96:84:aa:41:a7: f6:39:f4:2e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDRDNzAxMTAvBgNVBAUTKDAyODlFMUUwODJCNkRBMUFCQTU1NTI4NDBDMENBQjAy QzJBM0I3NEUwHhcNMjUxMjIyMjMzNzI0WhcNMjUxMjI5MjMzNzI0WjAYMRYwFAYD VQQDDA02OTQ5ZDYzNC1jYmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4pok6Jd+Z9OCbd1tdWaxoY24mW1qxQeAoGutrE3KMQnbvAzpxxpjg+NsHbJ5 hfBM8Z2tG4IbtQaTZLS/+HoARIy0LOLihjrHqdVU+bz1IkuCH8jA/TVV+upV0a2H WHNQNqGRHXIQ4Ddj9stdafuaZG4CuxkVkm95mvvS9bxqvU8qbKCDiglZnBALZbdr Tzq2UjNmHYAHIsA2ttfvjlEjPx45eeNMLG5Pbap7p+npzYuM7YvKM9kVg1ry1qsS unAXsdXHu/IY24f+ptiLwzQWVshXSo8pu/3PXZMIEnkAjDAoEmrqP7mBVBmBdaVL MS62k895gpWeOSDzDnqWJm5X8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD02S5TO kK5csG5wfbIB4VCNjry1MB8GA1UdIwQYMBaAFAKJ4eCCttoaulVShAwMqwLCo7dO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEM3MC84MkJDODRFRUFD NjcxMUVDQjc1Q0RBMjRDNEY5QUUwMi9Bb25oNElLMjJocTZWVktFREF5ckFzS2p0 MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Fvbmg0SUsyMmhxNlZWS0VEQXlyQXNLanQwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NEM3MC84MkJDODRFRUFDNjcxMUVDQjc1Q0RBMjRDNEY5QUUwMi9Bb25oNElLMjJo cTZWVktFREF5ckFzS2p0MDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPkLjHjJH6C3M2APTuWW9CwSg2JpIHFEiSLayT0HDPVxh6p4gCYczl +Lrk7GMme3ynijNR7CgjtETTBx4C8pD7az2fIkIbv82YQrt0xCoifkmtxttE+1Qm ikvCD8mbV/doHxVpSiw1/iipuAqvQfEpVZF/RKcqHmdtsurvsqNUZs6Yqk1IzSxK TT2CCLjp2mb5agHSe9EWFnfAQbkUqikgzZxnHdiGwMGOcM3kFqAF/b9hBkBaBnip vX7iOKGzEhX+0rlu2DPTS6PGZjijILNGfWOh8M6lgfmMplM1IbWjvgDUPvjkfTfB hq7SeIBToqMqUcf0dHnPloSqQaf2OfQu -----END CERTIFICATE-----Generated at Wed Dec 24 14:10:45 2025 by rpki-client