This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft File: X2mHOU7ukmatexkjRBv29RNP-VA.mft (raw, json) Hash identifier: 4oT8jrfbqoy1r/IBn3j9v+SkyjNJMKRgTWWHbyuU3A8= Subject key identifier: 28:13:C9:22:FA:94:BB:BB:49:DF:E2:73:1C:BC:D7:07:E3:63:94:E8 Authority key identifier: 5F:69:87:39:4E:EE:92:66:AD:7B:19:23:44:1B:F6:F5:13:4F:F9:50 Certificate issuer: /CN=A9147241/serialNumber=5F6987394EEE9266AD7B1923441BF6F5134FF950 Certificate serial: 0855 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft Manifest number: 084D Signing time: Mon 22 Dec 2025 20:04:48 +0000 Manifest this update: Mon 22 Dec 2025 20:04:48 +0000 Manifest next update: Mon 29 Dec 2025 20:04:48 +0000 Files and hashes: 1: X2mHOU7ukmatexkjRBv29RNP-VA.crl (hash: tSwGhXy7sG11PPTJ+/gEKhUhmxS6xHINYS+2ZwNZnPA=) 2: F69648C2ECF211EABBFDDD24C4F9AE02.roa (hash: iinohx2uez2EL2svxSw8QxTPKTPPk9i54jHLL6kBKQg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.crl rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 20:04:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2133 (0x855) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147241, serialNumber=5F6987394EEE9266AD7B1923441BF6F5134FF950 Validity Not Before: Dec 22 20:04:48 2025 GMT Not After : Dec 29 20:04:48 2025 GMT Subject: CN=6949a460-a081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:8d:c4:12:ab:a8:b4:92:16:9a:a6:2f:93:79: 00:9c:c7:c3:d9:8d:ce:5d:93:da:91:be:34:d4:a9: d9:27:63:6c:53:36:15:59:15:13:df:03:4a:69:08: 4a:4c:60:e7:8f:93:36:ca:7d:1c:6c:77:c0:41:c1: 16:7a:1b:b2:14:6c:46:f5:9a:2e:22:a6:d7:c5:2a: 80:dc:00:f5:61:36:f7:31:39:bc:15:f6:02:4e:52: 1a:38:90:40:29:69:50:c5:18:68:c9:74:fc:0d:76: 99:ae:c6:93:fa:72:b3:54:1e:a3:b4:7b:8e:71:43: 41:78:cc:00:ad:ed:89:06:20:15:5f:14:d6:d4:54: d9:a0:0b:a1:f2:ee:16:40:bc:dc:87:ae:21:1a:68: 80:ad:2a:b2:1b:c3:f1:1f:78:52:34:6e:a7:07:fe: ae:13:09:84:31:08:56:59:89:35:28:79:d0:54:da: 46:06:f1:59:50:e6:f4:75:cf:46:b1:93:9d:f4:70: c7:fb:e2:1b:58:bd:2f:ea:07:ac:0d:df:a3:6b:35: e0:f8:36:89:08:2a:f9:2e:9d:cb:13:91:13:85:9b: 82:c8:7f:9a:ed:ee:b1:07:16:1a:85:c3:ec:45:cf: 8f:b6:d8:a3:0a:30:1b:51:14:24:bc:69:e5:63:61: 36:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:13:C9:22:FA:94:BB:BB:49:DF:E2:73:1C:BC:D7:07:E3:63:94:E8 X509v3 Authority Key Identifier: keyid:5F:69:87:39:4E:EE:92:66:AD:7B:19:23:44:1B:F6:F5:13:4F:F9:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mHOU7ukmatexkjRBv29RNP-VA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147241/62BB5C74ECF111EAA39D5722C4F9AE02/X2mHOU7ukmatexkjRBv29RNP-VA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:5f:1f:fd:4f:0b:32:37:df:20:e8:20:48:90:31:0c:6a:9e: 74:b4:38:99:6a:9f:b6:3d:d2:bb:2d:c0:53:43:3f:bf:3a:01: 32:97:27:c5:c8:e4:a1:a5:0b:68:69:cd:3c:0c:f7:28:66:57: 91:f2:85:08:a2:3d:b9:2b:70:11:7e:66:1b:69:5c:2b:06:bd: 60:c0:3f:5a:54:28:f3:1c:b9:e0:9b:46:fb:2c:db:1e:ea:1f: 97:cf:60:d3:60:c6:e5:67:a3:8c:18:ba:a9:a0:81:7d:a4:7b: 8e:df:8b:72:2e:fc:84:fa:e5:a8:98:4f:29:7d:9e:b4:88:35: 7f:b6:b1:ae:e6:9c:ca:fe:c0:07:54:bf:05:3b:f4:55:14:dd: 5b:10:30:d1:9e:c2:28:ba:08:65:99:4b:e6:d5:fe:40:ee:c7: f5:b8:bd:d3:2e:95:df:21:43:82:20:54:8f:2b:fb:3e:b8:50: 1b:fa:f6:83:d9:8c:88:5a:e5:01:50:2b:8b:b6:ed:f2:16:db: ff:bb:52:03:99:e8:84:0a:6f:21:8f:aa:71:04:2a:95:99:48: 8d:f7:9f:6c:3f:e9:ae:f4:49:9e:e6:22:c4:2f:a1:8d:2e:ba: 45:45:9a:d2:0e:15:a9:84:ff:f1:32:5d:24:49:0f:c5:ca:fc: d5:51:00:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDcyNDExMTAvBgNVBAUTKDVGNjk4NzM5NEVFRTkyNjZBRDdCMTkyMzQ0MUJGNkY1 MTM0RkY5NTAwHhcNMjUxMjIyMjAwNDQ4WhcNMjUxMjI5MjAwNDQ4WjAYMRYwFAYD VQQDDA02OTQ5YTQ2MC1hMDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA543EEquotJIWmqYvk3kAnMfD2Y3OXZPakb401KnZJ2NsUzYVWRUT3wNKaQhK TGDnj5M2yn0cbHfAQcEWehuyFGxG9ZouIqbXxSqA3AD1YTb3MTm8FfYCTlIaOJBA KWlQxRhoyXT8DXaZrsaT+nKzVB6jtHuOcUNBeMwAre2JBiAVXxTW1FTZoAuh8u4W QLzch64hGmiArSqyG8PxH3hSNG6nB/6uEwmEMQhWWYk1KHnQVNpGBvFZUOb0dc9G sZOd9HDH++IbWL0v6gesDd+jazXg+DaJCCr5Lp3LE5EThZuCyH+a7e6xBxYahcPs Rc+PttijCjAbURQkvGnlY2E2mQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCgTySL6 lLu7Sd/icxy81wfjY5ToMB8GA1UdIwQYMBaAFF9phzlO7pJmrXsZI0Qb9vUTT/lQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzI0MS82MkJCNUM3NEVD RjExMUVBQTM5RDU3MjJDNEY5QUUwMi9YMm1IT1U3dWttYXRleGtqUkJ2MjlSTlAt VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1gybUhPVTd1a21hdGV4a2pSQnYyOVJOUC1WQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzI0MS82MkJCNUM3NEVDRjExMUVBQTM5RDU3MjJDNEY5QUUwMi9YMm1IT1U3dWtt YXRleGtqUkJ2MjlSTlAtVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByXx/9TwsyN98g6CBIkDEMap50tDiZap+2PdK7LcBTQz+/OgEylyfF yOShpQtoac08DPcoZleR8oUIoj25K3ARfmYbaVwrBr1gwD9aVCjzHLngm0b7LNse 6h+Xz2DTYMblZ6OMGLqpoIF9pHuO34tyLvyE+uWomE8pfZ60iDV/trGu5pzK/sAH VL8FO/RVFN1bEDDRnsIoughlmUvm1f5A7sf1uL3TLpXfIUOCIFSPK/s+uFAb+vaD 2YyIWuUBUCuLtu3yFtv/u1IDmeiECm8hj6pxBCqVmUiN959sP+mu9Eme5iLEL6GN LrpFRZrSDhWphP/xMl0kSQ/FyvzVUQCD -----END CERTIFICATE-----Generated at Wed Dec 24 17:40:19 2025 by rpki-client