This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/104A7E1EDFAD11ED95153D31C4F9AE02/NCaEGmQGa3hlW77KDAH9CfZXBTY.mft File: NCaEGmQGa3hlW77KDAH9CfZXBTY.mft (raw, json) Hash identifier: PHzr5kAMbmtVG98W1847/r4tNvdjBdj56KLTFN5es30= Subject key identifier: 27:0D:04:D5:D6:A4:5B:FE:B3:DE:B6:D9:76:D7:8F:C2:B4:23:B0:DF Authority key identifier: 34:26:84:1A:64:06:6B:78:65:5B:BE:CA:0C:01:FD:09:F6:57:05:36 Certificate issuer: /CN=A9157DAE/serialNumber=3426841A64066B78655BBECA0C01FD09F6570536 Certificate serial: 0209 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/NCaEGmQGa3hlW77KDAH9CfZXBTY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/104A7E1EDFAD11ED95153D31C4F9AE02/NCaEGmQGa3hlW77KDAH9CfZXBTY.mft Manifest number: 0209 Signing time: Tue 20 Jan 2026 16:47:12 +0000 Manifest this update: Tue 20 Jan 2026 16:47:11 +0000 Manifest next update: Tue 27 Jan 2026 16:47:11 +0000 Files and hashes: 1: NCaEGmQGa3hlW77KDAH9CfZXBTY.crl (hash: D3Rrnv2zbZRv+Z3AfmrCJO8pI1B49+iMhXi2rB3iC0A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/104A7E1EDFAD11ED95153D31C4F9AE02/NCaEGmQGa3hlW77KDAH9CfZXBTY.crl rsync://rpki.apnic.net/member_repository/A9157DAE/104A7E1EDFAD11ED95153D31C4F9AE02/NCaEGmQGa3hlW77KDAH9CfZXBTY.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/NCaEGmQGa3hlW77KDAH9CfZXBTY.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 16:47:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 521 (0x209) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=3426841A64066B78655BBECA0C01FD09F6570536 Validity Not Before: Jan 20 16:47:11 2026 GMT Not After : Jan 27 16:47:11 2026 GMT Subject: CN=696fb190-7c19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:92:d0:7c:e3:12:96:c5:a5:ec:a2:8c:79:7c: c3:38:4b:e1:d7:49:4e:59:43:69:f6:1a:19:f1:58: 17:68:fc:57:ef:23:f2:8b:5a:90:db:8b:2e:84:b1: 5b:f2:c0:e9:ab:4e:d0:93:01:45:c4:96:c3:38:2b: 59:a7:8f:50:80:5b:4d:4a:9b:ac:d3:dd:8e:97:12: ff:e0:44:b0:d8:f3:80:6e:54:56:51:8c:03:29:38: 51:ee:13:b8:61:ea:01:4f:62:79:9c:33:65:52:8c: 92:3b:d7:67:f9:2c:f9:94:21:54:1d:60:ac:d3:b6: 39:ab:f8:4f:05:c3:1b:4b:b0:31:56:26:36:57:5f: ac:7e:1f:34:d1:21:9c:21:1c:7d:c8:3b:9a:1e:0b: 17:31:9e:e1:88:83:ac:f0:55:00:48:17:65:f9:b7: 49:af:8c:ae:39:91:78:c6:93:e5:c0:93:86:ae:31: e1:e9:ea:0c:47:d6:27:dc:8c:da:d2:e5:ec:b3:dd: fa:6a:e0:97:fb:d0:57:f3:1d:67:04:ce:80:5b:ef: ba:2d:0f:55:8e:28:17:e3:88:0e:c5:51:26:85:03: 20:46:ed:8b:2a:ee:a9:a2:2d:cb:a8:d4:e9:e9:ee: e9:58:22:db:34:4d:74:1b:27:d5:aa:df:c0:5c:b9: 35:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:0D:04:D5:D6:A4:5B:FE:B3:DE:B6:D9:76:D7:8F:C2:B4:23:B0:DF X509v3 Authority Key Identifier: keyid:34:26:84:1A:64:06:6B:78:65:5B:BE:CA:0C:01:FD:09:F6:57:05:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/104A7E1EDFAD11ED95153D31C4F9AE02/NCaEGmQGa3hlW77KDAH9CfZXBTY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/NCaEGmQGa3hlW77KDAH9CfZXBTY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/104A7E1EDFAD11ED95153D31C4F9AE02/NCaEGmQGa3hlW77KDAH9CfZXBTY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:7d:85:24:fe:17:4a:d5:68:fa:a2:29:1e:6b:23:74:68:1d: 25:57:72:a9:ca:6e:74:1a:51:53:ee:03:ac:4d:74:bc:69:da: b0:7c:fa:13:30:43:2d:68:9a:c6:1c:88:5c:d0:c1:be:cc:29: b3:10:5f:3f:1e:72:71:c9:0c:49:b4:f7:c5:3d:c1:86:d0:3a: 93:7c:f0:1f:68:ae:10:96:f7:b5:48:46:18:dc:61:80:65:89: de:75:fe:36:5c:ea:2a:da:8a:18:1f:41:82:67:37:d0:bc:11: a3:be:22:43:ea:d0:da:e7:89:29:35:04:42:f2:9b:93:11:c7: be:54:ed:2f:9b:53:fc:bb:61:fb:04:2a:a3:09:31:47:3d:a5: 91:a2:de:42:01:50:de:c8:b9:28:a8:c6:7f:4f:b9:ae:29:d0: 84:7d:cd:dd:72:17:96:d7:28:ed:dd:7e:80:6b:cf:49:2b:0d: f9:32:b1:07:b8:a0:94:ef:5a:f3:3a:61:81:32:f3:ce:69:8c: 5b:30:29:e7:aa:95:cb:c8:d0:20:f7:45:85:59:f8:23:53:e5: 8b:37:e0:37:2a:b7:7b:47:08:4b:ee:39:62:63:46:96:ce:58: 5c:bf:9d:bf:4b:22:27:48:d5:ec:90:d1:ff:7a:d4:18:89:72: 45:9b:f4:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx NTdEQUUxMTAvBgNVBAUTKDM0MjY4NDFBNjQwNjZCNzg2NTVCQkVDQTBDMDFGRDA5 RjY1NzA1MzYwHhcNMjYwMTIwMTY0NzExWhcNMjYwMTI3MTY0NzExWjAYMRYwFAYD VQQDDA02OTZmYjE5MC03YzE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqpLQfOMSlsWl7KKMeXzDOEvh10lOWUNp9hoZ8VgXaPxX7yPyi1qQ24suhLFb 8sDpq07QkwFFxJbDOCtZp49QgFtNSpus092OlxL/4ESw2POAblRWUYwDKThR7hO4 YeoBT2J5nDNlUoySO9dn+Sz5lCFUHWCs07Y5q/hPBcMbS7AxViY2V1+sfh800SGc IRx9yDuaHgsXMZ7hiIOs8FUASBdl+bdJr4yuOZF4xpPlwJOGrjHh6eoMR9Yn3Iza 0uXss936auCX+9BX8x1nBM6AW++6LQ9VjigX44gOxVEmhQMgRu2LKu6poi3LqNTp 6e7pWCLbNE10GyfVqt/AXLk1RwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCcNBNXW pFv+s9622XbXj8K0I7DfMB8GA1UdIwQYMBaAFDQmhBpkBmt4ZVu+ygwB/Qn2VwU2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS8xMDRBN0UxRURG QUQxMUVEOTUxNTNEMzFDNEY5QUUwMi9OQ2FFR21RR2EzaGxXNzdLREFIOUNmWlhC VFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL05DYUVHbVFHYTNobFc3N0tEQUg5Q2ZaWEJUWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS8xMDRBN0UxRURGQUQxMUVEOTUxNTNEMzFDNEY5QUUwMi9OQ2FFR21RR2Ez aGxXNzdLREFIOUNmWlhCVFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFfYUk/hdK1Wj6oikeayN0aB0lV3Kpym50GlFT7gOsTXS8adqwfPoT MEMtaJrGHIhc0MG+zCmzEF8/HnJxyQxJtPfFPcGG0DqTfPAfaK4Qlve1SEYY3GGA ZYnedf42XOoq2ooYH0GCZzfQvBGjviJD6tDa54kpNQRC8puTEce+VO0vm1P8u2H7 BCqjCTFHPaWRot5CAVDeyLkoqMZ/T7muKdCEfc3dcheW1yjt3X6Aa89JKw35MrEH uKCU71rzOmGBMvPOaYxbMCnnqpXLyNAg90WFWfgjU+WLN+A3Krd7RwhL7jliY0aW zlhcv52/SyInSNXskNH/etQYiXJFm/RZ -----END CERTIFICATE-----Generated at Wed Jan 21 07:51:08 2026 by rpki-client