This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft File: ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft (raw, json) Hash identifier: qnWFS9Z/G+dDsJRxN7WVAfw6Y35dKDfeu34u3FrjUE8= Subject key identifier: 16:BE:98:14:D2:68:0D:26:68:A6:67:33:40:8F:FD:AA:78:6E:A8:D2 Authority key identifier: 72:41:E8:F0:38:B9:F2:52:FB:61:CA:41:B6:A4:FC:16:7B:77:55:26 Certificate issuer: /CN=A9161477/serialNumber=7241E8F038B9F252FB61CA41B6A4FC167B775526 Certificate serial: 9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft Manifest number: 9A Signing time: Sun 21 Dec 2025 05:28:42 +0000 Manifest this update: Sun 21 Dec 2025 05:28:42 +0000 Manifest next update: Sun 28 Dec 2025 05:28:42 +0000 Files and hashes: 1: ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl (hash: s6Fsop+/WewhpTtCWvx55RZySy5NpHV8hXH/f7B7LV0=) 2: CAB73E3AF3FC11EF83B4DD30C4F9AE02.roa (hash: BR0iac6RCibng8iXx5EGv9yUT7uect2xiyJYOcbA9Hs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 05:28:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 156 (0x9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161477, serialNumber=7241E8F038B9F252FB61CA41B6A4FC167B775526 Validity Not Before: Dec 21 05:28:42 2025 GMT Not After : Dec 28 05:28:42 2025 GMT Subject: CN=6947858a-e9b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:4d:6d:5a:d0:75:9b:12:bc:d0:f0:85:b4:07: a7:5b:7e:c1:0c:16:66:06:ae:7a:5e:0d:37:a6:06: 55:fb:62:c4:2a:7c:77:ba:d3:81:0d:08:f2:da:c9: 24:78:fc:67:1f:94:46:e8:28:e8:5d:27:54:83:12: 53:00:cb:a1:a3:20:7f:b5:9c:3c:84:f9:fd:99:8e: 47:f8:d8:1e:dc:09:02:ee:24:e6:64:bf:0e:61:12: 05:ca:cf:3f:3d:41:1f:dd:bf:e4:b8:09:f3:8d:36: af:03:05:fe:39:50:b1:7a:dc:3a:13:eb:15:84:19: 5c:4a:6a:a8:00:72:62:d8:bb:19:24:69:c9:f2:7d: 67:70:9b:9e:3a:16:0a:06:ad:06:81:91:f7:14:d2: e6:31:73:a0:d6:ba:a6:ab:ab:53:25:13:5f:d1:dd: 23:f6:45:9c:b5:a6:8c:58:0b:3c:b1:3b:bd:8b:08: 7e:38:28:fe:a6:19:43:b5:95:20:55:eb:e9:2a:e4: a9:07:f7:36:24:e9:33:88:6b:d3:b0:f3:fd:d2:c1: d9:50:d7:c1:46:be:42:44:92:a2:f0:4c:61:f0:64: 6f:cf:e0:05:8e:d3:ac:72:51:b2:b7:75:df:00:4b: 07:3e:45:c7:64:56:47:a3:3f:a9:5d:98:47:2d:3a: 24:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:BE:98:14:D2:68:0D:26:68:A6:67:33:40:8F:FD:AA:78:6E:A8:D2 X509v3 Authority Key Identifier: keyid:72:41:E8:F0:38:B9:F2:52:FB:61:CA:41:B6:A4:FC:16:7B:77:55:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:05:b5:af:74:e9:26:16:a5:0b:8b:44:14:07:eb:34:3f:03: 31:95:1f:3a:0b:c2:8c:1c:14:05:8f:b3:b9:2a:c9:24:17:65: 3a:84:e3:ea:21:69:ec:b3:3a:35:18:fb:b0:02:79:32:7c:0d: 6f:c4:1c:1d:20:2c:ee:37:70:85:43:54:7c:a9:46:0a:ba:51: 89:2f:d9:7c:30:ad:7c:d3:05:7d:e6:94:a2:83:e1:8f:ca:32: 81:0b:ec:a5:2c:67:da:6d:c2:e1:d1:48:3c:de:3b:68:7c:0e: 9a:9f:e5:e0:c1:d2:3e:3b:94:d9:3e:c6:87:89:7c:ad:bd:5f: 97:e8:f5:06:86:24:47:67:ac:81:5c:04:5b:9f:d8:65:40:5c: e1:2f:66:6d:7f:b1:ab:b6:2c:5d:8f:cd:6c:4b:ea:7c:ea:3f: 66:0c:89:7b:0b:62:ba:c1:a2:c7:9a:6c:06:f0:57:32:ed:df: cf:f9:ab:0e:bf:3d:80:ff:be:47:40:0b:9d:dd:66:0c:53:d8: 62:e5:ca:08:51:4c:23:68:56:34:5f:d3:a5:a2:ca:df:1e:10: 1d:4e:d7:0e:40:85:be:ae:e4:22:5c:01:4e:11:b5:f3:ca:2f: 6c:b1:5e:f3:b3:62:3a:fd:d1:d7:dd:a0:67:b5:0f:90:49:ec: 89:ff:34:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjE0NzcxMTAvBgNVBAUTKDcyNDFFOEYwMzhCOUYyNTJGQjYxQ0E0MUI2QTRGQzE2 N0I3NzU1MjYwHhcNMjUxMjIxMDUyODQyWhcNMjUxMjI4MDUyODQyWjAYMRYwFAYD VQQDDA02OTQ3ODU4YS1lOWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+U1tWtB1mxK80PCFtAenW37BDBZmBq56Xg03pgZV+2LEKnx3utOBDQjy2skk ePxnH5RG6CjoXSdUgxJTAMuhoyB/tZw8hPn9mY5H+Nge3AkC7iTmZL8OYRIFys8/ PUEf3b/kuAnzjTavAwX+OVCxetw6E+sVhBlcSmqoAHJi2LsZJGnJ8n1ncJueOhYK Bq0GgZH3FNLmMXOg1rqmq6tTJRNf0d0j9kWctaaMWAs8sTu9iwh+OCj+phlDtZUg VevpKuSpB/c2JOkziGvTsPP90sHZUNfBRr5CRJKi8Exh8GRvz+AFjtOsclGyt3Xf AEsHPkXHZFZHoz+pXZhHLTokKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBa+mBTS aA0maKZnM0CP/ap4bqjSMB8GA1UdIwQYMBaAFHJB6PA4ufJS+2HKQbak/BZ7d1Um MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTQ3Ny82QjcwMzVGOEYz RkMxMUVGOTlENTM3MzBDNEY5QUUwMi9ja0hvOERpNThsTDdZY3BCdHFUOEZudDNW U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NrSG84RGk1OGxMN1ljcEJ0cVQ4Rm50M1ZTWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MTQ3Ny82QjcwMzVGOEYzRkMxMUVGOTlENTM3MzBDNEY5QUUwMi9ja0hvOERpNThs TDdZY3BCdHFUOEZudDNWU1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCvBbWvdOkmFqULi0QUB+s0PwMxlR86C8KMHBQFj7O5KskkF2U6hOPq IWnsszo1GPuwAnkyfA1vxBwdICzuN3CFQ1R8qUYKulGJL9l8MK180wV95pSig+GP yjKBC+ylLGfabcLh0Ug83jtofA6an+XgwdI+O5TZPsaHiXytvV+X6PUGhiRHZ6yB XARbn9hlQFzhL2Ztf7Grtixdj81sS+p86j9mDIl7C2K6waLHmmwG8Fcy7d/P+asO vz2A/75HQAud3WYMU9hi5coIUUwjaFY0X9OlosrfHhAdTtcOQIW+ruQiXAFOEbXz yi9ssV7zs2I6/dHX3aBntQ+QSeyJ/zQq -----END CERTIFICATE-----Generated at Sun Dec 21 18:59:03 2025 by rpki-client