This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft File: zOnFYkus-dCYXj8tbjHmsthtgq4.mft (raw, json) Hash identifier: CFRgYNTVdukEKbU0yrrWc0UC3Y4wADrPzEqq9b7qRek= Subject key identifier: 99:F2:EF:DC:26:E4:78:6C:19:7D:22:DA:F1:4D:75:8A:8D:80:C4:AD Authority key identifier: CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE Certificate issuer: /CN=A9157B07/serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft Manifest number: 34 Signing time: Tue 23 Dec 2025 06:23:38 +0000 Manifest this update: Tue 23 Dec 2025 06:23:37 +0000 Manifest next update: Tue 30 Dec 2025 06:23:37 +0000 Files and hashes: 1: zOnFYkus-dCYXj8tbjHmsthtgq4.crl (hash: 2I/tjjLucAU7YZkpZThn/9iYgmXl0BWXt0LLw+Z/ADI=) 2: 8CA88A568FD611F09FFCA92CC4F9AE02.roa (hash: X1O7W3t2SP7SDbQ67NRf7y+vow5VXeN/HZMH9HZxaRQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 06:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B07, serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Validity Not Before: Dec 23 06:23:37 2025 GMT Not After : Dec 30 06:23:37 2025 GMT Subject: CN=694a3569-f305 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:23:ea:f3:ab:8a:7d:b3:3c:97:0b:12:01:58: 4b:aa:f2:66:15:3d:38:2d:4b:92:43:16:71:8a:61: f9:f2:51:63:bd:43:39:48:90:51:7b:5e:e5:6b:ba: ef:db:2a:47:8f:1a:05:da:b0:ee:c0:1a:74:d6:29: e5:a1:75:ed:77:0f:2e:30:cb:2a:73:f3:9c:bf:db: 50:cd:20:09:0b:91:ad:56:f2:b1:d1:4f:55:bd:c6: 36:bd:6b:8d:ab:e6:cf:ea:b2:3c:bb:cd:ba:79:35: 1d:bc:89:19:4c:3d:a6:7b:b3:a7:e2:ec:8a:35:7f: 0d:1e:b8:75:69:ee:3c:6a:ed:88:82:75:76:40:28: cc:37:70:5a:a7:76:51:45:c8:00:08:a6:21:df:9a: 95:84:77:9b:30:f9:79:22:a2:6b:b6:de:9e:ab:ba: cc:dc:83:6f:2d:91:9f:b6:7b:0b:83:c4:ec:00:92: cb:63:08:cf:a5:21:0d:cf:6d:4f:d2:92:d7:69:8e: 3a:c4:25:55:bf:67:d5:f6:67:6d:57:0f:be:ef:0d: f0:8c:e6:c2:d8:da:75:e0:4f:ad:f2:03:cb:81:c1: 16:da:69:7f:f0:48:d9:bb:f4:13:7c:4a:ba:10:84: 95:bd:ae:82:84:ba:c4:5a:74:5d:f1:63:ac:f9:c9: ee:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:F2:EF:DC:26:E4:78:6C:19:7D:22:DA:F1:4D:75:8A:8D:80:C4:AD X509v3 Authority Key Identifier: keyid:CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:3c:b7:32:8d:3c:8f:fe:1a:f7:d9:b8:e6:6f:6d:6f:e7:98: 80:d1:91:d1:57:6e:91:24:10:09:7c:35:45:18:03:96:66:6a: a9:d2:53:fe:ca:cd:42:39:52:d2:75:1e:58:f9:95:08:ca:26: 81:45:e6:bc:0f:65:4f:7e:3c:26:f7:ad:8b:72:04:b3:42:1d: a5:5f:f7:3e:f2:ed:2e:29:78:35:28:9b:f9:92:f7:a4:12:53: 64:0f:3e:f3:c5:43:72:73:76:c0:0c:38:ce:23:3f:ab:a7:a6: 61:19:ba:20:d6:5f:e7:b9:6d:35:f4:3f:9d:eb:64:2b:ff:c8: 6e:55:f9:22:d8:9e:4c:da:f2:11:d6:4c:12:0c:fb:43:d2:1a: 31:cc:92:67:94:84:75:05:e3:c7:51:b5:39:d7:6b:9f:7a:4e: c0:6c:8d:74:25:a5:8b:33:09:1b:94:61:7c:c5:8d:2b:6c:5d: 65:34:1d:21:8d:36:fb:73:a0:4a:ec:fa:f1:ca:51:85:39:b1: 97:7d:3d:2b:c4:40:db:60:ef:66:48:07:8f:cc:2e:04:4f:d7: e5:32:0e:f7:a6:51:ba:1d:21:34:42:ce:80:5e:cd:74:43:2d: 07:46:2a:42:c2:ef:12:42:f8:2a:d0:9d:17:02:13:ed:d8:b1: 89:81:fa:8c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 N0IwNzExMC8GA1UEBRMoQ0NFOUM1NjI0QkFDRjlEMDk4NUUzRjJENkUzMUU2QjJE ODZEODJBRTAeFw0yNTEyMjMwNjIzMzdaFw0yNTEyMzAwNjIzMzdaMBgxFjAUBgNV BAMMDTY5NGEzNTY5LWYzMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBI+rzq4p9szyXCxIBWEuq8mYVPTgtS5JDFnGKYfnyUWO9QzlIkFF7XuVruu/b KkePGgXasO7AGnTWKeWhde13Dy4wyypz85y/21DNIAkLka1W8rHRT1W9xja9a42r 5s/qsjy7zbp5NR28iRlMPaZ7s6fi7Io1fw0euHVp7jxq7YiCdXZAKMw3cFqndlFF yAAIpiHfmpWEd5sw+Xkiomu23p6ruszcg28tkZ+2ewuDxOwAkstjCM+lIQ3PbU/S ktdpjjrEJVW/Z9X2Z21XD77vDfCM5sLY2nXgT63yA8uBwRbaaX/wSNm79BN8SroQ hJW9roKEusRadF3xY6z5ye5bAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUmfLv3Cbk eGwZfSLa8U11io2AxK0wHwYDVR0jBBgwFoAUzOnFYkus+dCYXj8tbjHmsthtgq4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3QjA3L0Q4ODU0NDkyOEZE NTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRDWVhqOHRiakhtc3RodGdx NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvek9uRllrdXMtZENZWGo4dGJqSG1zdGh0Z3E0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3 QjA3L0Q4ODU0NDkyOEZENTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRD WVhqOHRiakhtc3RodGdxNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC88tzKNPI/+GvfZuOZvbW/nmIDRkdFXbpEkEAl8NUUYA5ZmaqnSU/7K zUI5UtJ1Hlj5lQjKJoFF5rwPZU9+PCb3rYtyBLNCHaVf9z7y7S4peDUom/mS96QS U2QPPvPFQ3JzdsAMOM4jP6unpmEZuiDWX+e5bTX0P53rZCv/yG5V+SLYnkza8hHW TBIM+0PSGjHMkmeUhHUF48dRtTnXa596TsBsjXQlpYszCRuUYXzFjStsXWU0HSGN NvtzoErs+vHKUYU5sZd9PSvEQNtg72ZIB4/MLgRP1+UyDvemUbodITRCzoBezXRD LQdGKkLC7xJC+CrQnRcCE+3YsYmB+ow= -----END CERTIFICATE-----Generated at Wed Dec 24 14:14:13 2025 by rpki-client