This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft File: CmH1ryEJpoNhH7ogbyCM7-NImCE.mft (raw, json) Hash identifier: YZftxeyHHm23a3fwAem6YRyu6ULv0yrmbpkK1xMx2So= Subject key identifier: 89:A2:80:BB:78:B8:6F:A2:D3:58:91:F0:0C:35:29:49:65:E4:C6:BC Authority key identifier: 0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 Certificate issuer: /CN=A91559AC/serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Certificate serial: 0AF2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft Manifest number: 0B70 Signing time: Mon 22 Dec 2025 18:53:15 +0000 Manifest this update: Mon 22 Dec 2025 18:53:15 +0000 Manifest next update: Mon 29 Dec 2025 18:53:15 +0000 Files and hashes: 1: CmH1ryEJpoNhH7ogbyCM7-NImCE.crl (hash: C1+7GCfVmOS8FpMUJrbWChkOQSE2t7d/Z8+KxcpJsi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 18:53:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2802 (0xaf2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91559AC, serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Validity Not Before: Dec 22 18:53:15 2025 GMT Not After : Dec 29 18:53:15 2025 GMT Subject: CN=6949939b-1733 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:33:5d:fa:44:7c:1e:2b:6f:47:cf:75:ef:0b: 64:82:86:71:c3:e2:42:16:9f:ea:18:e7:27:34:67: 28:b3:c8:e3:14:8a:90:ae:e2:d8:38:c5:2b:8e:da: 16:b3:80:fa:b8:b0:ec:75:eb:3f:55:12:22:2d:00: 56:12:40:ad:9a:b2:e4:23:55:0c:7f:de:1f:40:57: 93:9b:a7:37:51:a4:e0:72:49:e2:2d:cf:d5:9c:59: 75:7f:7d:bf:58:77:37:a7:f7:32:9f:e5:00:02:f1: 97:f7:15:06:2f:cd:39:26:08:4c:36:f0:55:c2:e9: ee:6d:7c:d9:83:af:22:bb:70:01:f8:37:43:c6:61: 4e:98:de:28:62:cf:b4:9a:25:6e:f9:c7:70:96:03: 61:9c:19:e7:16:2b:10:cd:7d:38:d3:ad:29:82:73: 1e:dd:cc:42:9a:e7:ed:3d:4b:7f:36:12:01:ad:ac: 17:59:da:55:c3:b6:00:39:f8:50:67:3d:9e:e7:db: 7f:a7:9a:0f:37:66:41:3a:3d:cb:26:b5:39:34:6d: 97:3d:fc:79:d6:2c:85:a3:80:21:6a:65:75:76:9b: 30:d0:72:5f:26:c5:2e:ba:86:7b:f6:f5:0f:d4:9d: ef:18:37:b5:3b:b7:e9:b9:a9:e8:92:d5:19:05:93: 80:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:A2:80:BB:78:B8:6F:A2:D3:58:91:F0:0C:35:29:49:65:E4:C6:BC X509v3 Authority Key Identifier: keyid:0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:41:4e:07:32:9a:e3:f7:81:45:18:63:9a:19:52:63:da:ff: ba:8c:b8:c7:75:83:0e:cf:10:0f:97:5f:1b:9d:0e:51:0c:69: 49:b4:b0:c8:8e:2d:90:42:48:b8:a5:61:9c:fc:aa:f4:f6:43: 8b:06:e6:0c:a8:0f:3c:34:4e:86:cc:76:f6:af:65:c1:fa:c6: 56:6f:e6:47:c8:2f:cb:6d:8c:df:fd:8f:7d:c1:6b:5c:90:43: 7a:8e:e5:fa:63:70:9c:c9:fa:24:a9:4e:b8:92:94:b7:8e:11: fd:ae:73:52:8f:ae:fd:43:0c:a1:b3:4f:f0:6c:41:9a:b1:0a: 75:03:33:71:56:6f:91:c9:a4:f6:b4:89:7a:38:82:73:f3:cb: 64:96:5a:de:aa:7c:ad:97:13:92:f3:32:07:cc:f4:9f:d9:c5: 54:ca:ff:b7:06:a2:28:80:d3:8c:5d:82:4d:94:a3:a5:d0:e2: 11:d2:f0:d6:5f:15:77:b9:15:56:a6:3d:ca:4d:ee:be:cf:73: 1c:3b:70:0d:3e:50:c5:8d:81:86:47:5e:5d:9d:e3:72:76:04: 75:95:6f:a6:7d:1d:07:af:1e:d3:f4:64:27:3f:f9:a3:ed:c2: 45:70:ca:61:2d:11:2c:31:5d:11:24:9e:73:31:fd:19:03:1f: 1e:2b:ec:51 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU5QUMxMTAvBgNVBAUTKDBBNjFGNUFGMjEwOUE2ODM2MTFGQkEyMDZGMjA4Q0VG RTM0ODk4MjEwHhcNMjUxMjIyMTg1MzE1WhcNMjUxMjI5MTg1MzE1WjAYMRYwFAYD VQQDDA02OTQ5OTM5Yi0xNzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyTNd+kR8HitvR8917wtkgoZxw+JCFp/qGOcnNGcos8jjFIqQruLYOMUrjtoW s4D6uLDsdes/VRIiLQBWEkCtmrLkI1UMf94fQFeTm6c3UaTgckniLc/VnFl1f32/ WHc3p/cyn+UAAvGX9xUGL805JghMNvBVwunubXzZg68iu3AB+DdDxmFOmN4oYs+0 miVu+cdwlgNhnBnnFisQzX04060pgnMe3cxCmuftPUt/NhIBrawXWdpVw7YAOfhQ Zz2e59t/p5oPN2ZBOj3LJrU5NG2XPfx51iyFo4AhamV1dpsw0HJfJsUuuoZ79vUP 1J3vGDe1O7fpuanoktUZBZOAEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFImigLt4 uG+i01iR8Aw1KUll5Ma8MB8GA1UdIwQYMBaAFAph9a8hCaaDYR+6IG8gjO/jSJgh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTlBQy9DMDYxMzUxNjVG OEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBvTmhIN29nYnlDTTctTklt Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NtSDFyeUVKcG9OaEg3b2dieUNNNy1OSW1DRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTlBQy9DMDYxMzUxNjVGOEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBv TmhIN29nYnlDTTctTkltQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+QU4HMprj94FFGGOaGVJj2v+6jLjHdYMOzxAPl18bnQ5RDGlJtLDI ji2QQki4pWGc/Kr09kOLBuYMqA88NE6GzHb2r2XB+sZWb+ZHyC/LbYzf/Y99wWtc kEN6juX6Y3CcyfokqU64kpS3jhH9rnNSj679Qwyhs0/wbEGasQp1AzNxVm+RyaT2 tIl6OIJz88tkllreqnytlxOS8zIHzPSf2cVUyv+3BqIogNOMXYJNlKOl0OIR0vDW XxV3uRVWpj3KTe6+z3McO3ANPlDFjYGGR15dneNydgR1lW+mfR0Hrx7T9GQnP/mj 7cJFcMphLREsMV0RJJ5zMf0ZAx8eK+xR -----END CERTIFICATE-----Generated at Wed Dec 24 15:46:35 2025 by rpki-client