This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.mft File: iuWu7yqR89-GYD7cVP6ExbtXnBU.mft (raw, json) Hash identifier: krk2XFTS73kcEESaaI5dPbIsXQOJ1wGF0M/ZJ0Xd1rw= Subject key identifier: 9B:47:4E:1F:C9:8B:A2:B4:2D:EF:47:74:71:4D:8B:3A:0A:F9:FB:C3 Authority key identifier: 8A:E5:AE:EF:2A:91:F3:DF:86:60:3E:DC:54:FE:84:C5:BB:57:9C:15 Certificate issuer: /CN=A9167CB5/serialNumber=8AE5AEEF2A91F3DF86603EDC54FE84C5BB579C15 Certificate serial: 012A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iuWu7yqR89-GYD7cVP6ExbtXnBU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.mft Manifest number: 0126 Signing time: Tue 23 Dec 2025 03:42:13 +0000 Manifest this update: Tue 23 Dec 2025 03:42:13 +0000 Manifest next update: Tue 30 Dec 2025 03:42:13 +0000 Files and hashes: 1: iuWu7yqR89-GYD7cVP6ExbtXnBU.crl (hash: Q/StysZfFyeQd19bs96rgRi82FAaRBvVBM5aZH1HgMA=) 2: DC857BE8843111F09719836AC4F9AE02.roa (hash: qHV4LLtdLNsakUr43NtlwblQMKyqVyTmPBHeJjQSZeE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.crl rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iuWu7yqR89-GYD7cVP6ExbtXnBU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 03:42:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 298 (0x12a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167CB5, serialNumber=8AE5AEEF2A91F3DF86603EDC54FE84C5BB579C15 Validity Not Before: Dec 23 03:42:13 2025 GMT Not After : Dec 30 03:42:13 2025 GMT Subject: CN=694a0f95-e0c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:03:1c:ed:42:44:48:f8:65:d9:e0:7d:f4:d4: 8c:e1:45:f7:d4:2a:f1:72:b1:88:30:ab:bd:31:45: c4:90:78:35:82:46:37:9d:ed:5f:5c:47:6e:35:87: dd:23:1d:5c:dd:64:a2:9c:60:97:2d:13:c7:42:e1: 56:ac:a0:12:11:36:a7:0c:8e:e2:ab:28:d0:e5:e0: c7:e5:9d:35:de:1a:64:7c:f7:39:be:48:a6:5a:13: b2:64:e6:03:85:5d:b5:1f:ce:ba:7a:9c:13:b1:a0: 92:8a:4a:30:47:5a:2f:65:b0:2e:af:01:3a:13:22: e4:2b:89:e1:a6:20:ed:bb:16:9c:3d:63:d7:39:1f: 68:5f:f9:99:3c:30:c4:b8:cf:1b:d0:ae:21:a7:91: 99:81:d2:29:17:1e:65:42:8a:e6:4d:66:76:cf:1e: 14:ea:cd:08:d9:e5:05:e5:0b:d9:13:7d:43:bf:4c: 78:8b:10:37:86:fc:92:c7:8b:9f:23:ba:19:b2:4c: 70:ed:0f:f6:6e:84:6e:ec:a6:cc:57:d9:80:97:f0: 2e:e4:d4:2e:b4:73:4b:46:fd:8d:2a:e5:3e:69:78: 10:1d:96:10:23:0f:2c:6f:9d:7e:86:0b:3e:13:30: 6a:b7:ee:4e:c3:86:70:2a:70:2c:3c:65:a8:20:7d: 45:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:47:4E:1F:C9:8B:A2:B4:2D:EF:47:74:71:4D:8B:3A:0A:F9:FB:C3 X509v3 Authority Key Identifier: keyid:8A:E5:AE:EF:2A:91:F3:DF:86:60:3E:DC:54:FE:84:C5:BB:57:9C:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iuWu7yqR89-GYD7cVP6ExbtXnBU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:b2:11:2f:83:9c:b8:bb:07:22:3c:e0:bd:0e:3e:14:95:12: 3a:10:21:eb:7f:04:4a:e8:bd:10:c8:00:a7:d9:60:91:8b:a7: ad:00:7c:d5:c5:c9:62:8a:4f:47:c3:55:75:d3:f8:81:04:46: ef:bd:df:12:22:16:71:f7:09:b7:21:de:15:6a:97:eb:4b:55: 98:1d:2d:c0:12:33:93:01:cd:1a:e1:80:a1:81:05:36:5c:be: 3e:f0:a1:f2:79:92:35:84:85:a1:d0:a9:cc:da:4f:5e:ab:fb: 69:46:00:99:d5:65:bf:4e:2c:d3:5b:0b:9f:b7:55:0c:9b:e2: 28:1a:18:af:09:5a:9c:68:bb:d1:3a:af:d1:ba:0d:fd:f1:99: 03:06:90:3b:70:2b:f3:d3:4f:08:32:8b:33:ba:4e:34:0b:79: a1:f7:2b:19:fb:31:f5:de:c3:0b:e8:c8:5b:0c:ff:22:4b:4c: e9:9b:47:03:c9:7e:1d:db:5e:04:be:4d:ce:a9:87:cc:ea:76: 5e:fb:4e:e4:79:fb:4d:d4:d1:e3:a1:d3:3f:b1:29:c2:86:23: 75:d8:b7:c1:55:9e:41:6b:4e:5f:3d:9f:dd:9a:36:16:50:21: 1f:e4:a2:3c:ea:39:14:eb:23:cb:f1:a2:90:4b:74:ae:09:87: 6c:05:20:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDQjUxMTAvBgNVBAUTKDhBRTVBRUVGMkE5MUYzREY4NjYwM0VEQzU0RkU4NEM1 QkI1NzlDMTUwHhcNMjUxMjIzMDM0MjEzWhcNMjUxMjMwMDM0MjEzWjAYMRYwFAYD VQQDDA02OTRhMGY5NS1lMGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxQMc7UJESPhl2eB99NSM4UX31CrxcrGIMKu9MUXEkHg1gkY3ne1fXEduNYfd Ix1c3WSinGCXLRPHQuFWrKASETanDI7iqyjQ5eDH5Z013hpkfPc5vkimWhOyZOYD hV21H866epwTsaCSikowR1ovZbAurwE6EyLkK4nhpiDtuxacPWPXOR9oX/mZPDDE uM8b0K4hp5GZgdIpFx5lQormTWZ2zx4U6s0I2eUF5QvZE31Dv0x4ixA3hvySx4uf I7oZskxw7Q/2boRu7KbMV9mAl/Au5NQutHNLRv2NKuU+aXgQHZYQIw8sb51+hgs+ EzBqt+5Ow4ZwKnAsPGWoIH1FXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJtHTh/J i6K0Le9HdHFNizoK+fvDMB8GA1UdIwQYMBaAFIrlru8qkfPfhmA+3FT+hMW7V5wV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0NCNS9FRkQ0N0Q1NDIy NTYxMUVGQjc1NjFGNDZDNEY5QUUwMi9pdVd1N3lxUjg5LUdZRDdjVlA2RXhidFhu QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2l1V3U3eXFSODktR1lEN2NWUDZFeGJ0WG5CVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0NCNS9FRkQ0N0Q1NDIyNTYxMUVGQjc1NjFGNDZDNEY5QUUwMi9pdVd1N3lxUjg5 LUdZRDdjVlA2RXhidFhuQlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAoshEvg5y4uwciPOC9Dj4UlRI6ECHrfwRK6L0QyACn2WCRi6etAHzV xcliik9Hw1V10/iBBEbvvd8SIhZx9wm3Id4VapfrS1WYHS3AEjOTAc0a4YChgQU2 XL4+8KHyeZI1hIWh0KnM2k9eq/tpRgCZ1WW/TizTWwuft1UMm+IoGhivCVqcaLvR Oq/Rug398ZkDBpA7cCvz008IMoszuk40C3mh9ysZ+zH13sML6MhbDP8iS0zpm0cD yX4d214Evk3OqYfM6nZe+07keftN1NHjodM/sSnChiN12LfBVZ5Ba05fPZ/dmjYW UCEf5KI86jkU6yPL8aKQS3SuCYdsBSAo -----END CERTIFICATE-----Generated at Thu Dec 25 01:03:05 2025 by rpki-client