This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft File: OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft (raw, json) Hash identifier: daMD/c1UkFf8wn3fG3UPYriJVzqXpl1CARW89ZE0Ug4= Subject key identifier: 3E:EE:AE:29:36:92:82:E7:28:9E:6C:C0:C8:5F:1B:0E:91:6B:03:CF Authority key identifier: 3A:43:78:0F:6C:43:2D:EE:47:4A:8A:95:68:59:02:82:DB:EA:5D:B3 Certificate issuer: /CN=A915802B/serialNumber=3A43780F6C432DEE474A8A9568590282DBEA5DB3 Certificate serial: 0AE9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft Manifest number: 0AE0 Signing time: Mon 22 Dec 2025 18:53:32 +0000 Manifest this update: Mon 22 Dec 2025 18:53:31 +0000 Manifest next update: Mon 29 Dec 2025 18:53:31 +0000 Files and hashes: 1: OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl (hash: tWnFdRNVDmfRdZpg0LlPW1OzGpqiR0WMsDcVjT7+VjI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 18:53:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2793 (0xae9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915802B, serialNumber=3A43780F6C432DEE474A8A9568590282DBEA5DB3 Validity Not Before: Dec 22 18:53:31 2025 GMT Not After : Dec 29 18:53:31 2025 GMT Subject: CN=694993ac-07ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:bc:02:1c:b7:af:7b:82:34:39:92:8b:86:63: e6:ab:56:54:43:9c:f2:f5:1d:31:29:c5:01:d6:7a: dc:36:64:5d:23:38:39:cd:d5:8a:2b:96:db:71:92: 04:59:fe:9f:eb:ac:67:26:27:fc:40:08:95:58:a7: 0c:56:37:53:ec:f2:bf:ec:05:8e:17:93:99:28:42: 39:44:f9:8c:3b:1c:43:3e:84:1e:fa:20:6a:09:c7: 09:d7:29:e9:29:a7:d9:c9:27:51:e1:16:61:51:32: 7c:87:bc:b6:35:95:02:83:52:cc:6a:3d:2a:7d:0c: f2:ac:1e:03:48:04:90:f2:c0:ce:c5:5a:a1:52:0e: 26:89:71:61:76:4d:4e:cf:5f:2b:4d:cd:0d:f4:f6: 86:ba:ee:52:78:0b:bf:45:b1:2d:3c:0f:01:83:58: 2a:ea:7d:07:e7:0a:41:a3:61:fe:b7:46:93:91:51: cd:42:c7:6f:e3:fc:50:63:9d:bd:27:32:9d:b7:51: 6c:30:94:d7:42:6a:57:a8:a7:f2:b3:61:bd:a1:40: 64:b1:34:43:2d:fd:2a:74:1f:3a:16:14:29:b3:04: 8e:3c:8f:3b:65:42:db:1c:09:0f:85:f2:f8:fb:02: ae:19:33:44:62:f9:60:32:2e:09:75:25:b5:59:4b: 3c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:EE:AE:29:36:92:82:E7:28:9E:6C:C0:C8:5F:1B:0E:91:6B:03:CF X509v3 Authority Key Identifier: keyid:3A:43:78:0F:6C:43:2D:EE:47:4A:8A:95:68:59:02:82:DB:EA:5D:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:b4:03:90:a6:e0:6e:49:09:ac:62:59:83:71:b0:f6:4f:2b: 43:f3:af:3b:16:34:6e:a1:08:4b:76:bb:85:9e:27:16:99:08: 26:2c:d9:4d:b5:4e:3d:61:bd:43:1c:af:b1:c9:1d:79:f9:37: 35:f5:ae:dc:b0:3a:03:17:1e:ff:2e:58:09:77:16:c5:f6:90: af:06:d9:29:27:28:35:9d:7d:7c:17:a9:8a:e3:6b:87:04:a4: ff:a6:3b:a9:90:7b:ec:a8:e1:53:f7:ac:ea:f9:08:72:ce:7a: 9d:c6:b0:1e:bc:b4:2a:0b:d9:27:cc:c5:3c:f0:db:1b:aa:c1: a6:1a:59:53:e2:44:7a:ca:c2:57:c4:cc:86:c8:7b:c8:eb:e8: 70:88:55:9a:ad:e4:37:56:30:af:70:44:14:d3:6e:e4:b1:cb: 40:e9:2a:e9:96:75:68:f6:9f:1b:f4:13:51:f6:93:e2:9a:5c: 02:85:b8:00:0f:d0:57:ff:57:c9:55:c1:8d:cc:c7:f3:3f:96: 9c:58:11:35:19:85:9d:01:d2:0e:fb:5f:51:9a:b7:6a:79:1c: 8d:f2:9c:53:c0:2d:d7:ff:c1:78:4c:6a:c3:1b:2b:2c:6b:1a: 73:89:91:16:23:8b:2a:38:c7:63:cf:6f:63:51:a7:86:cd:2c: 4b:e1:ef:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCukwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgwMkIxMTAvBgNVBAUTKDNBNDM3ODBGNkM0MzJERUU0NzRBOEE5NTY4NTkwMjgy REJFQTVEQjMwHhcNMjUxMjIyMTg1MzMxWhcNMjUxMjI5MTg1MzMxWjAYMRYwFAYD VQQDDA02OTQ5OTNhYy0wN2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtrwCHLeve4I0OZKLhmPmq1ZUQ5zy9R0xKcUB1nrcNmRdIzg5zdWKK5bbcZIE Wf6f66xnJif8QAiVWKcMVjdT7PK/7AWOF5OZKEI5RPmMOxxDPoQe+iBqCccJ1ynp KafZySdR4RZhUTJ8h7y2NZUCg1LMaj0qfQzyrB4DSASQ8sDOxVqhUg4miXFhdk1O z18rTc0N9PaGuu5SeAu/RbEtPA8Bg1gq6n0H5wpBo2H+t0aTkVHNQsdv4/xQY529 JzKdt1FsMJTXQmpXqKfys2G9oUBksTRDLf0qdB86FhQpswSOPI87ZULbHAkPhfL4 +wKuGTNEYvlgMi4JdSW1WUs8KwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD7urik2 koLnKJ5swMhfGw6RawPPMB8GA1UdIwQYMBaAFDpDeA9sQy3uR0qKlWhZAoLb6l2z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODAyQi8zMzBDQzNDNDYw NTAxMUVBOTU3NzY3NTRDNEY5QUUwMi9Pa040RDJ4RExlNUhTb3FWYUZrQ2d0dnFY Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rTjREMnhETGU1SFNvcVZhRmtDZ3R2cVhiTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODAyQi8zMzBDQzNDNDYwNTAxMUVBOTU3NzY3NTRDNEY5QUUwMi9Pa040RDJ4RExl NUhTb3FWYUZrQ2d0dnFYYk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8tAOQpuBuSQmsYlmDcbD2TytD8687FjRuoQhLdruFnicWmQgmLNlN tU49Yb1DHK+xyR15+Tc19a7csDoDFx7/LlgJdxbF9pCvBtkpJyg1nX18F6mK42uH BKT/pjupkHvsqOFT96zq+QhyznqdxrAevLQqC9knzMU88NsbqsGmGllT4kR6ysJX xMyGyHvI6+hwiFWareQ3VjCvcEQU027ksctA6SrplnVo9p8b9BNR9pPimlwChbgA D9BX/1fJVcGNzMfzP5acWBE1GYWdAdIO+19RmrdqeRyN8pxTwC3X/8F4TGrDGyss axpziZEWI4sqOMdjz29jUaeGzSxL4e+W -----END CERTIFICATE-----Generated at Wed Dec 24 15:47:16 2025 by rpki-client