This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: pjYSPp43s4UgWKPXcCTNkSUWVfj1xOCXqAqLXwGpJSo= Subject key identifier: 9A:90:5B:DE:2D:B1:13:F5:F3:AA:0B:13:02:FA:51:46:EC:D7:6E:15 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0CAE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0CA7 Signing time: Mon 22 Dec 2025 17:55:41 +0000 Manifest this update: Mon 22 Dec 2025 17:55:40 +0000 Manifest next update: Mon 29 Dec 2025 17:55:40 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: W2uEgXmdkPFm2YHK53OY9AMJT+fWKY8HrcoXwdjxcWY=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: zg4ngSvDnII0EgnGozN5wPgIbLHYCQwnbwFPTUFG8lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 17:55:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3246 (0xcae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Dec 22 17:55:40 2025 GMT Not After : Dec 29 17:55:40 2025 GMT Subject: CN=6949861d-245f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:14:ac:01:98:a5:73:bb:eb:dd:4d:b9:1c:43: 8a:60:8c:36:d5:5d:b5:40:4d:c9:97:f7:ef:ce:94: 85:1a:90:74:60:ba:4f:5d:68:3c:36:90:5a:51:f0: b0:8a:f1:96:cd:b4:28:5a:f6:25:5e:33:3e:b0:d5: 8c:5a:35:09:0d:99:fb:4f:7f:94:f5:e8:5a:6a:ec: 8d:70:11:95:d8:d4:dc:ea:24:da:b6:9a:76:3c:3a: 27:79:72:fe:d3:e9:09:e8:6a:e4:fb:c5:30:9e:5e: 10:5c:4e:65:5e:f4:fe:98:e7:67:24:44:56:c2:8a: 5b:44:69:c2:9d:60:4c:f0:47:52:84:65:50:bc:9c: d2:58:08:37:00:91:5c:05:d6:6a:ca:b7:6a:c5:6b: 1f:c4:a5:df:af:8e:ab:2f:fa:0a:e5:b2:58:e8:c1: aa:a5:a8:45:0e:5d:d4:0e:43:e6:2e:65:73:98:79: 40:7e:c4:a9:20:0c:1a:35:ba:66:ce:2f:59:b5:d7: 73:e9:fd:c1:13:c9:35:71:39:51:36:cc:5b:e4:97: ac:b4:50:33:70:2b:f3:76:f4:95:41:cc:79:77:f4: 75:28:a4:ea:4b:24:8a:42:19:26:bf:ed:7d:f1:c5: 7b:e0:44:2c:91:37:f1:48:17:15:f8:53:5a:d5:a0: bf:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:90:5B:DE:2D:B1:13:F5:F3:AA:0B:13:02:FA:51:46:EC:D7:6E:15 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:38:e3:7a:38:5f:3f:2c:6a:bd:4a:d6:13:2d:7b:13:58:d3: e9:56:23:2d:97:47:23:84:0e:aa:27:3f:9f:d9:ce:e2:d3:ac: 36:5b:ea:b2:d1:63:03:5a:9a:51:31:5f:9f:66:b5:3f:9d:24: 2b:e1:d6:21:ce:8a:b3:84:89:a8:0b:5a:50:a2:f0:eb:44:c9: 8f:6f:f2:70:24:cb:a0:3b:cb:40:53:04:79:98:fe:43:90:20: 6e:df:59:ee:eb:87:cd:78:16:a9:56:bc:b1:1d:57:d0:27:a6: 57:50:b2:5d:75:8e:ad:7d:f0:f6:39:e2:01:20:e7:93:aa:c4: d2:b8:21:6b:17:b8:d9:a9:99:df:f4:f3:d6:d7:b5:ce:32:fe: 06:e1:f0:76:4f:45:3e:9a:8d:78:61:fd:6c:87:82:09:79:07: 97:99:fc:ad:fa:d9:82:43:ac:a5:ca:55:67:98:8f:d3:f3:e4: 7a:d6:b9:cc:81:4d:dd:9e:07:bb:36:d3:45:db:4e:8b:0e:6b: 3e:24:ce:8d:1c:48:d7:55:ea:52:67:ca:7c:f9:d5:02:5e:24: d1:7b:27:52:bd:7a:7f:f5:e9:f5:f2:dc:ae:fc:e2:cf:8e:57: be:b1:72:61:8a:ef:5a:a0:b1:7b:ea:ce:d7:ff:59:d6:be:51: ad:4d:3d:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUxMjIyMTc1NTQwWhcNMjUxMjI5MTc1NTQwWjAYMRYwFAYD VQQDDA02OTQ5ODYxZC0yNDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvhSsAZilc7vr3U25HEOKYIw21V21QE3Jl/fvzpSFGpB0YLpPXWg8NpBaUfCw ivGWzbQoWvYlXjM+sNWMWjUJDZn7T3+U9ehaauyNcBGV2NTc6iTatpp2PDoneXL+ 0+kJ6Grk+8Uwnl4QXE5lXvT+mOdnJERWwopbRGnCnWBM8EdShGVQvJzSWAg3AJFc BdZqyrdqxWsfxKXfr46rL/oK5bJY6MGqpahFDl3UDkPmLmVzmHlAfsSpIAwaNbpm zi9Ztddz6f3BE8k1cTlRNsxb5JestFAzcCvzdvSVQcx5d/R1KKTqSySKQhkmv+19 8cV74EQskTfxSBcV+FNa1aC/+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJqQW94t sRP186oLEwL6UUbs124VMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLOON6OF8/LGq9StYTLXsTWNPpViMtl0cjhA6qJz+f2c7i06w2W+qy 0WMDWppRMV+fZrU/nSQr4dYhzoqzhImoC1pQovDrRMmPb/JwJMugO8tAUwR5mP5D kCBu31nu64fNeBapVryxHVfQJ6ZXULJddY6tffD2OeIBIOeTqsTSuCFrF7jZqZnf 9PPW17XOMv4G4fB2T0U+mo14Yf1sh4IJeQeXmfyt+tmCQ6ylylVnmI/T8+R61rnM gU3dnge7NtNF206LDms+JM6NHEjXVepSZ8p8+dUCXiTReydSvXp/9en18tyu/OLP jle+sXJhiu9aoLF76s7X/1nWvlGtTT1I -----END CERTIFICATE-----Generated at Wed Dec 24 15:45:10 2025 by rpki-client