This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft File: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft (raw, json) Hash identifier: uW+/ZXMj9YuyKbsd0o0puY5EyozLVmGjkqVCl5cW81k= Subject key identifier: 05:64:48:84:8A:B3:06:1A:FE:D1:E0:EC:B0:D8:FF:27:47:72:37:4D Authority key identifier: DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD Certificate issuer: /CN=A9147CA8/serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Certificate serial: 4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft Manifest number: 4D Signing time: Tue 23 Dec 2025 06:12:36 +0000 Manifest this update: Tue 23 Dec 2025 06:12:36 +0000 Manifest next update: Tue 30 Dec 2025 06:12:36 +0000 Files and hashes: 1: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl (hash: Uv3saggRLVfpM5QqoVUtPIwvLqoRaGTVqfJYWjyrfx0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 06:12:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147CA8, serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Validity Not Before: Dec 23 06:12:36 2025 GMT Not After : Dec 30 06:12:36 2025 GMT Subject: CN=694a32d4-021f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:19:bc:e3:a4:c7:2a:ba:e3:9c:9c:3c:fb:db: 94:63:ff:71:09:43:2f:64:08:6e:cf:a6:80:f4:6d: 0d:17:d6:0d:ba:a7:47:bd:ff:40:e1:a8:8d:94:b8: 7c:e6:f3:d2:2c:5d:e7:95:ab:46:a3:82:b3:c3:56: e3:1c:b4:4b:3b:1f:fb:14:99:dc:c0:03:99:ea:07: 92:7e:0d:34:a9:92:91:56:41:3e:e4:97:f7:11:1b: 0b:fa:ad:03:fd:06:fa:e9:5b:17:b6:a8:96:88:0a: 02:8e:2d:e4:7c:17:fa:60:36:e2:10:d5:69:38:26: 88:18:b8:b7:4f:35:24:f3:9b:b2:6d:10:41:6d:f1: c5:fc:8b:f6:26:fb:6c:2d:c9:71:5d:1e:e6:3d:56: 29:d7:98:5e:ab:df:da:42:2a:95:f9:d0:e1:f6:1e: de:14:0e:b7:f5:f4:f1:39:a9:4e:23:76:96:1c:4d: 6b:46:13:f7:9a:a9:c8:2c:f9:ad:d5:09:f9:f7:69: 47:6b:de:a8:fd:be:53:34:63:25:ff:0b:09:1a:05: e0:be:95:31:ac:ae:59:77:1f:e2:c7:f3:4c:ab:59: 8b:ae:48:67:37:b9:ca:5c:74:6c:a9:8c:52:2c:04: b8:c6:42:b9:70:24:62:71:5b:0a:9c:98:12:c2:76: 96:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:64:48:84:8A:B3:06:1A:FE:D1:E0:EC:B0:D8:FF:27:47:72:37:4D X509v3 Authority Key Identifier: keyid:DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:e2:1e:7e:f3:20:03:ed:85:8a:0b:1a:74:9e:c0:e6:08:d9: 65:a4:58:c5:30:9c:cc:c3:f4:f6:53:3c:8a:f6:51:96:a8:ac: 5d:a2:12:a9:29:f0:46:51:cc:7d:76:48:b5:03:76:a4:5a:a1: a2:44:8c:fb:09:33:39:25:60:1b:8a:f9:08:6e:ec:b3:e4:91: d9:d0:ae:d9:9b:43:57:90:76:ce:a6:04:48:f4:b9:e6:97:a9: ab:97:3c:78:73:f4:cf:b8:3d:ce:6b:89:8b:9c:de:76:56:12: 88:81:01:0e:59:c9:e7:27:13:54:73:d2:43:88:bd:78:4f:5e: 48:b1:24:10:3a:ca:10:00:b6:a1:c6:11:68:aa:b7:52:e9:c9: 27:29:95:86:c4:23:c7:7c:6c:74:dd:9a:5a:97:dd:87:4c:7c: d8:d0:bd:36:5e:ee:26:50:1b:03:70:d3:84:c8:b6:cd:3a:e8: fd:ba:e9:cd:81:16:99:51:dc:28:37:44:f8:39:7d:09:86:9a: 43:cf:d3:5a:35:8d:80:a5:fb:7e:c8:f7:d9:bd:bb:e1:41:a9: 9a:e9:0b:51:68:03:e7:ae:50:c7:16:3f:ef:32:ae:28:0a:ba: 8a:c4:33:a0:9a:b9:b2:71:51:03:14:1e:d9:40:09:1d:48:7e: 4d:da:fe:e8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 N0NBODExMC8GA1UEBRMoREQyODA4MjhGRjA5OTZBOENCRUYyOUJGMEQ5MTRERjI1 MkRGMUNCRDAeFw0yNTEyMjMwNjEyMzZaFw0yNTEyMzAwNjEyMzZaMBgxFjAUBgNV BAMMDTY5NGEzMmQ0LTAyMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+GbzjpMcquuOcnDz725Rj/3EJQy9kCG7PpoD0bQ0X1g26p0e9/0DhqI2UuHzm 89IsXeeVq0ajgrPDVuMctEs7H/sUmdzAA5nqB5J+DTSpkpFWQT7kl/cRGwv6rQP9 BvrpWxe2qJaICgKOLeR8F/pgNuIQ1Wk4JogYuLdPNSTzm7JtEEFt8cX8i/Ym+2wt yXFdHuY9VinXmF6r39pCKpX50OH2Ht4UDrf19PE5qU4jdpYcTWtGE/eaqcgs+a3V Cfn3aUdr3qj9vlM0YyX/CwkaBeC+lTGsrll3H+LH80yrWYuuSGc3ucpcdGypjFIs BLjGQrlwJGJxWwqcmBLCdpZxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUBWRIhIqz Bhr+0eDssNj/J0dyN00wHwYDVR0jBBgwFoAU3SgIKP8JlqjL7ym/DZFN8lLfHL0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3Q0E4LzZBOUU5MTVDNkVF OTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFqTDd5bV9EWkZOOGxMZkhM MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM1NnSUtQOEpscWpMN3ltX0RaRk44bExmSEwwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 Q0E4LzZBOUU5MTVDNkVFOTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFq TDd5bV9EWkZOOGxMZkhMMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKviHn7zIAPthYoLGnSewOYI2WWkWMUwnMzD9PZTPIr2UZaorF2iEqkp 8EZRzH12SLUDdqRaoaJEjPsJMzklYBuK+Qhu7LPkkdnQrtmbQ1eQds6mBEj0ueaX qauXPHhz9M+4Pc5riYuc3nZWEoiBAQ5ZyecnE1Rz0kOIvXhPXkixJBA6yhAAtqHG EWiqt1LpyScplYbEI8d8bHTdmlqX3YdMfNjQvTZe7iZQGwNw04TIts066P266c2B FplR3Cg3RPg5fQmGmkPP01o1jYCl+37I99m9u+FBqZrpC1FoA+euUMcWP+8yrigK uorEM6CaubJxUQMUHtlACR1Ifk3a/ug= -----END CERTIFICATE-----Generated at Wed Dec 24 15:46:49 2025 by rpki-client