This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft File: SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft (raw, json) Hash identifier: OU2QJGX5QiL//KR8bKM7C5SNcQlwwhDUtY73m79T82U= Subject key identifier: 82:FA:DD:17:31:DF:F5:7D:8C:FB:EA:6C:B6:D3:75:B5:0A:7B:BA:0F Authority key identifier: 48:52:E8:72:6C:14:48:A1:04:0C:CF:A0:43:B8:31:4A:AE:4C:4E:9A Certificate issuer: /CN=A916BCDF/serialNumber=4852E8726C1448A1040CCFA043B8314AAE4C4E9A Certificate serial: 0C8E Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/SFLocmwUSKEEDM-gQ7gxSq5MTpo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft Manifest number: 0C85 Signing time: Tue 20 Jan 2026 16:49:33 +0000 Manifest this update: Tue 20 Jan 2026 16:49:32 +0000 Manifest next update: Tue 27 Jan 2026 16:49:32 +0000 Files and hashes: 1: SFLocmwUSKEEDM-gQ7gxSq5MTpo.crl (hash: VY2Q97BIm4A/9Br0nj3KzPDljQEpa9b0RZm+G45BrpQ=) 2: 16572A3CEB3511F08C2D5B303F6F56BC.roa (hash: XLcDiA/e/g3NOE/mRtgv3M4weMGp247mHoEvFmNb7AY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.crl rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/SFLocmwUSKEEDM-gQ7gxSq5MTpo.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 16:49:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3214 (0xc8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916BCDF, serialNumber=4852E8726C1448A1040CCFA043B8314AAE4C4E9A Validity Not Before: Jan 20 16:49:32 2026 GMT Not After : Jan 27 16:49:32 2026 GMT Subject: CN=696fb21d-53fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ea:a8:12:2d:33:49:e1:25:1a:d3:c9:64:70: e0:a9:05:d2:73:31:d9:3f:bc:a5:04:df:65:a4:5b: 8d:68:bc:00:9c:2c:45:5f:86:6f:60:c0:ea:67:18: e1:4f:8f:d7:2d:58:a4:5e:e7:33:6a:84:c7:c7:3a: 8a:41:62:42:e8:db:32:c0:e9:9e:2a:fd:0d:bf:f9: 0a:d1:8e:88:8a:2b:75:05:6d:e9:12:c7:a4:b4:e1: a9:93:cb:73:81:d1:df:e7:6f:b2:04:6e:92:9b:42: a7:9a:06:8b:3b:97:77:0a:bd:dd:be:0f:f2:9c:41: 58:19:78:2b:00:7e:f0:07:b5:e3:84:c9:9c:26:67: 3b:e0:dd:dd:20:43:b2:34:0c:bd:a9:c0:53:64:fd: 60:7d:bd:72:52:85:7c:79:c7:84:9e:62:12:28:47: b9:69:f6:f0:47:44:1a:0b:56:0f:a5:4b:78:2a:13: 9d:b3:4e:13:6a:c7:a6:d7:15:5b:b3:46:da:b3:9f: 76:37:17:35:a7:dc:7e:a3:c5:e0:ea:5e:d7:8d:1e: 96:a4:b2:fa:28:fe:73:56:e4:d0:d1:73:c5:c2:4b: db:a6:f8:88:7a:f2:c9:19:f9:cc:f5:fa:49:80:92: 84:ba:45:86:b6:50:05:88:97:40:8c:18:35:ac:51: a3:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:FA:DD:17:31:DF:F5:7D:8C:FB:EA:6C:B6:D3:75:B5:0A:7B:BA:0F X509v3 Authority Key Identifier: keyid:48:52:E8:72:6C:14:48:A1:04:0C:CF:A0:43:B8:31:4A:AE:4C:4E:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/SFLocmwUSKEEDM-gQ7gxSq5MTpo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:6c:9b:4f:89:95:3e:83:dd:5f:b1:76:1e:43:05:1c:b9:87: f8:7a:d2:f5:18:6e:43:9b:d0:55:55:1f:06:dd:97:4f:6c:a2: b3:9e:b4:df:d8:b8:8f:38:98:d8:7a:48:8f:73:f8:99:8b:db: d3:ed:68:33:5b:db:be:2e:ba:90:70:a1:61:b3:bf:39:54:10: 7c:88:1c:37:49:2d:f2:6d:33:6d:5f:33:7f:2f:b8:27:40:95: 25:f8:ed:32:46:e4:4d:98:b5:3e:19:d2:ec:de:38:6f:2c:93: 72:7a:39:89:e6:70:dd:08:5b:f1:dc:f5:7a:c9:5f:29:b5:33: 80:6d:1d:1e:00:96:68:f1:f9:ef:bb:ac:58:7f:de:f9:49:e3: 3d:45:58:80:6b:28:43:ff:dc:e8:38:06:ef:2e:57:25:64:1f: 7d:a0:dd:fa:15:e7:c1:c4:79:81:ad:95:52:a1:6c:36:df:1e: 8c:ca:d4:b3:7b:0e:61:86:0c:71:e4:57:8f:08:b4:23:32:eb: 81:fb:26:63:af:c8:98:f9:44:b3:15:9f:13:9a:54:cd:47:36: 55:39:41:ba:06:52:21:70:36:b7:10:83:21:5d:32:1e:3f:fd: 63:f1:6f:c8:fd:c6:f5:c4:ad:b5:50:8a:ed:52:30:c3:c8:4b: 6d:c4:6e:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkJDREYxMTAvBgNVBAUTKDQ4NTJFODcyNkMxNDQ4QTEwNDBDQ0ZBMDQzQjgzMTRB QUU0QzRFOUEwHhcNMjYwMTIwMTY0OTMyWhcNMjYwMTI3MTY0OTMyWjAYMRYwFAYD VQQDDA02OTZmYjIxZC01M2ZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAueqoEi0zSeElGtPJZHDgqQXSczHZP7ylBN9lpFuNaLwAnCxFX4ZvYMDqZxjh T4/XLVikXuczaoTHxzqKQWJC6NsywOmeKv0Nv/kK0Y6Iiit1BW3pEsektOGpk8tz gdHf52+yBG6Sm0KnmgaLO5d3Cr3dvg/ynEFYGXgrAH7wB7XjhMmcJmc74N3dIEOy NAy9qcBTZP1gfb1yUoV8eceEnmISKEe5afbwR0QaC1YPpUt4KhOds04Tasem1xVb s0bas592Nxc1p9x+o8Xg6l7XjR6WpLL6KP5zVuTQ0XPFwkvbpviIevLJGfnM9fpJ gJKEukWGtlAFiJdAjBg1rFGjBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIL63Rcx 3/V9jPvqbLbTdbUKe7oPMB8GA1UdIwQYMBaAFEhS6HJsFEihBAzPoEO4MUquTE6a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkNERi9DMUNCMkRGMjEw RDgxMUVBOUJEMUE1NURDNEY5QUUwMi9TRkxvY213VVNLRUVETS1nUTdneFNxNU1U cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1NGTG9jbXdVU0tFRURNLWdRN2d4U3E1TVRwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QkNERi9DMUNCMkRGMjEwRDgxMUVBOUJEMUE1NURDNEY5QUUwMi9TRkxvY213VVNL RUVETS1nUTdneFNxNU1UcG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASbJtPiZU+g91fsXYeQwUcuYf4etL1GG5Dm9BVVR8G3ZdPbKKznrTf 2LiPOJjYekiPc/iZi9vT7WgzW9u+LrqQcKFhs785VBB8iBw3SS3ybTNtXzN/L7gn QJUl+O0yRuRNmLU+GdLs3jhvLJNyejmJ5nDdCFvx3PV6yV8ptTOAbR0eAJZo8fnv u6xYf975SeM9RViAayhD/9zoOAbvLlclZB99oN36FefBxHmBrZVSoWw23x6MytSz ew5hhgxx5FePCLQjMuuB+yZjr8iY+USzFZ8TmlTNRzZVOUG6BlIhcDa3EIMhXTIe P/1j8W/I/cb1xK21UIrtUjDDyEttxG4O -----END CERTIFICATE-----Generated at Wed Jan 21 07:52:25 2026 by rpki-client