This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft File: aIdCVFR7NLOvid21tI0CAj9Xrhc.mft (raw, json) Hash identifier: FKHk1YK888vUiIsZn7WgX8w0uEBIAoz67bP3Omkxpq8= Subject key identifier: 39:2E:67:CD:7E:CD:B4:22:52:72:95:85:4D:A5:BA:1E:79:E5:EC:03 Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Certificate serial: 0D8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft Manifest number: 0D84 Signing time: Mon 22 Dec 2025 17:35:01 +0000 Manifest this update: Mon 22 Dec 2025 17:35:00 +0000 Manifest next update: Mon 29 Dec 2025 17:35:00 +0000 Files and hashes: 1: aIdCVFR7NLOvid21tI0CAj9Xrhc.crl (hash: j+xwNsIJtlhNfIHvq+eBJdWgRHqQR6NPBBDa3Nj+cC0=) 2: 0198539E94F311EA9429BF86C4F9AE02.roa (hash: 5GX92aioe88puPmyzGflssCck3bnuW06XT8lCNmGXB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 17:34:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3469 (0xd8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D52, serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Validity Not Before: Dec 22 17:35:00 2025 GMT Not After : Dec 29 17:35:00 2025 GMT Subject: CN=69498144-fb60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:58:d1:02:4e:19:48:a8:40:0c:3f:a5:c9:0e: bb:74:f0:a5:64:9b:05:90:cb:66:5e:0a:5f:83:b4: 40:11:f3:a4:73:88:d2:ec:16:8c:95:a6:a1:d3:23: c8:ee:90:0c:04:1c:64:97:87:f5:2a:b1:0e:5b:7f: 54:e9:ba:12:1e:67:d8:7f:cc:09:66:42:68:da:c8: ad:72:33:97:6b:ed:e1:8f:bb:d8:26:34:83:7b:2e: 98:85:f3:92:c5:90:20:31:58:17:c0:93:2e:93:b9: 31:0a:8b:76:de:e6:c7:d2:71:a9:1c:8c:42:9a:3c: ac:a3:7a:a2:8d:a8:f6:98:ad:b5:cd:25:c1:cb:ab: 4c:9b:93:cc:cd:97:b2:8b:5b:bf:fc:5e:e1:62:c9: fb:84:b7:ad:6c:e1:e0:4d:d3:63:0c:47:ba:cb:f2: b8:ea:62:3f:4e:3a:21:9c:8e:65:d9:f0:a2:20:0d: 2c:e5:e6:50:ff:08:1f:ff:ea:1f:17:56:19:77:9a: 31:9f:d0:fd:bc:b0:8b:2e:81:17:da:7b:22:a7:30: 99:f2:ff:d3:09:28:f8:0c:77:3f:5b:74:93:0b:fc: 9b:28:50:d8:a8:f4:f8:fa:cc:1b:3b:2d:d8:6f:dd: f7:1e:a2:31:ba:e9:57:9f:be:69:27:f2:37:62:5c: 4e:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:2E:67:CD:7E:CD:B4:22:52:72:95:85:4D:A5:BA:1E:79:E5:EC:03 X509v3 Authority Key Identifier: keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:ef:98:cf:a4:06:2a:c4:1d:4b:4d:be:ef:42:c3:39:82:5c: 91:1d:55:2e:78:fe:25:60:17:04:08:d4:70:6f:17:d0:e0:2f: a3:87:f8:56:5f:a7:90:b8:96:5c:1b:ad:54:07:f7:b8:ce:3a: 97:55:76:8d:a3:25:1d:3b:3b:77:8e:5c:a6:39:32:b7:c7:4e: 07:92:62:90:d4:cf:12:28:e6:e6:b1:be:57:a2:d3:e8:08:97: e0:03:c8:62:28:11:79:f5:dd:ef:fe:8f:3f:94:73:46:d5:85: b6:4c:38:92:37:b5:da:c4:1f:19:e9:07:21:a0:06:7a:02:93: ef:14:36:56:4f:0d:e1:0e:b3:eb:c2:c7:5c:34:9e:cc:55:de: 8e:9a:84:34:25:22:6e:56:58:29:ba:d4:48:a5:66:1c:e4:80: ca:12:7b:e8:b4:62:ec:a6:a2:a4:de:48:b5:cf:8e:b7:99:eb: 17:d7:aa:b8:78:e3:6b:eb:fa:2e:8d:a3:0c:84:43:a2:ba:44: d0:d3:a3:15:7e:74:10:c0:21:da:89:69:05:cf:23:68:45:54: ab:97:d0:01:f6:7e:09:6e:e7:c5:72:ec:6c:6c:86:d3:a1:89: 5b:07:91:e3:2b:a8:f3:4f:7b:f3:52:4d:a8:51:cd:b2:91:90: a6:30:09:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy M0Y1N0FFMTcwHhcNMjUxMjIyMTczNTAwWhcNMjUxMjI5MTczNTAwWjAYMRYwFAYD VQQDDA02OTQ5ODE0NC1mYjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlljRAk4ZSKhADD+lyQ67dPClZJsFkMtmXgpfg7RAEfOkc4jS7BaMlaah0yPI 7pAMBBxkl4f1KrEOW39U6boSHmfYf8wJZkJo2sitcjOXa+3hj7vYJjSDey6YhfOS xZAgMVgXwJMuk7kxCot23ubH0nGpHIxCmjyso3qijaj2mK21zSXBy6tMm5PMzZey i1u//F7hYsn7hLetbOHgTdNjDEe6y/K46mI/TjohnI5l2fCiIA0s5eZQ/wgf/+of F1YZd5oxn9D9vLCLLoEX2nsipzCZ8v/TCSj4DHc/W3STC/ybKFDYqPT4+swbOy3Y b933HqIxuulXn75pJ/I3YlxO1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDkuZ81+ zbQiUnKVhU2luh555ewDMB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEQ1Mi8xRDRCNDRFRURCNkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05M T3ZpZDIxdEkwQ0FqOVhyaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAD75jPpAYqxB1LTb7vQsM5glyRHVUueP4lYBcECNRwbxfQ4C+jh/hW X6eQuJZcG61UB/e4zjqXVXaNoyUdOzt3jlymOTK3x04HkmKQ1M8SKObmsb5XotPo CJfgA8hiKBF59d3v/o8/lHNG1YW2TDiSN7XaxB8Z6QchoAZ6ApPvFDZWTw3hDrPr wsdcNJ7MVd6OmoQ0JSJuVlgputRIpWYc5IDKEnvotGLspqKk3ki1z463mesX16q4 eONr6/oujaMMhEOiukTQ06MVfnQQwCHaiWkFzyNoRVSrl9AB9n4JbufFcuxsbIbT oYlbB5HjK6jzT3vzUk2oUc2ykZCmMAki -----END CERTIFICATE-----Generated at Wed Dec 24 17:40:32 2025 by rpki-client