This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft File: 433E2CR2A-hIwAZsRFuc2NpzUNY.mft (raw, json) Hash identifier: SvQ2l03JOK2Y5kJQZKh77rWxLtUvwj1UQHXXDsBunbY= Subject key identifier: 86:6B:A4:46:F3:F7:56:CA:2C:82:D7:38:6C:2F:F3:65:DA:F4:09:8A Authority key identifier: E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 Certificate issuer: /CN=A916C8F2/serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Certificate serial: 5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft Manifest number: 5A Signing time: Tue 23 Dec 2025 06:00:09 +0000 Manifest this update: Tue 23 Dec 2025 06:00:09 +0000 Manifest next update: Tue 30 Dec 2025 06:00:09 +0000 Files and hashes: 1: 433E2CR2A-hIwAZsRFuc2NpzUNY.crl (hash: DWDRjPY8HlTevwHSYo2t22oYHDIoODZ9+OgeZZkCzG8=) 2: 730C503A56C611F096620043C4F9AE02.roa (hash: m+BAyP5CIYN6CIS7MvKKiKoAky/65ZLjF2ZjJHqu8U0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 06:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 91 (0x5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C8F2, serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Validity Not Before: Dec 23 06:00:09 2025 GMT Not After : Dec 30 06:00:09 2025 GMT Subject: CN=694a2fe9-76a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:13:dc:ea:d3:27:30:c8:06:be:10:48:a4:6c: 07:28:23:de:03:f8:d1:21:3d:e9:e2:97:e4:49:ab: 12:eb:04:09:ec:a9:12:af:07:8c:9f:f7:7b:22:71: 07:6c:8f:ce:46:98:56:f7:c9:c2:01:21:d1:cc:b3: 2b:61:4b:6d:86:e1:43:5c:e8:03:a8:80:3b:7c:0b: f4:5f:be:2b:a0:d2:d2:f7:19:ae:f0:3c:7a:1d:2b: 49:05:b0:b3:c9:24:34:a1:3d:72:77:64:d3:6e:f5: 0b:ec:22:a7:5a:66:6b:86:58:90:ca:86:44:59:5b: 92:53:96:5d:35:e1:a4:15:70:4a:89:44:c2:ef:2d: 62:8a:55:a6:c0:da:28:2f:f2:3b:22:be:61:1e:87: 7b:b9:3f:c5:4b:55:5e:78:9d:17:1f:c2:6c:cd:c2: 25:e0:6f:fa:43:35:05:a0:65:50:90:09:f9:fa:d3: 48:92:f7:4c:9f:31:c3:89:51:2e:af:e1:53:c7:04: 00:7b:f5:3c:7b:9a:51:a8:47:c7:1f:2e:4a:7a:39: da:d7:5a:75:ff:ef:48:2e:f4:a7:7b:fb:51:f3:91: a2:bc:02:b0:09:cb:a3:1d:87:28:14:46:03:87:0b: a2:a9:c1:e9:a2:0f:db:77:e3:b9:bc:3d:55:e3:d2: 99:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:6B:A4:46:F3:F7:56:CA:2C:82:D7:38:6C:2F:F3:65:DA:F4:09:8A X509v3 Authority Key Identifier: keyid:E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:82:3b:23:b0:64:a8:cd:5a:5d:3e:87:30:1f:5b:c2:c6:5c: c6:d5:cd:e6:32:7f:1c:a1:03:f8:84:c7:f2:b9:99:a0:d9:77: c6:f4:e3:28:72:2e:26:a9:02:a6:2c:81:5e:a5:b1:56:50:d8: 9c:d8:39:6e:23:1a:91:65:51:4c:1d:c6:99:25:ad:58:7e:55: 58:2b:59:56:fe:36:7b:dc:84:d2:a2:13:a9:46:73:c8:1d:16: e5:84:5b:ae:5b:90:c3:dd:0d:09:ff:fa:79:d3:0d:51:2d:53: 38:fe:30:e3:c0:98:4a:eb:0e:db:b3:77:ab:cd:c4:10:ad:2c: cf:cb:8b:d5:1f:2a:6c:e5:68:92:7f:5e:2e:f8:05:4a:cd:8d: d2:8c:d1:da:cc:e7:1a:f7:a7:cf:49:93:4e:4c:07:3f:3f:d0: 89:50:ca:29:ca:b9:f0:74:f6:89:ff:4a:85:fe:fe:d4:00:e1: f1:2a:e1:4c:9f:57:50:79:94:07:51:e8:df:dc:68:3d:82:7f: e0:e9:27:90:01:1e:e0:e7:93:81:c8:8e:f5:66:a5:cb:60:9d: 0f:c9:6b:47:a6:54:6a:de:8a:58:c4:bb:34:28:e1:01:17:bb: d6:20:b0:95:3c:6f:d1:ee:bc:e8:bd:d0:8f:1b:aa:e8:f0:36: 14:c4:5d:70 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 QzhGMjExMC8GA1UEBRMoRTM3REM0RDgyNDc2MDNFODQ4QzAwNjZDNDQ1QjlDRDhE QTczNTBENjAeFw0yNTEyMjMwNjAwMDlaFw0yNTEyMzAwNjAwMDlaMBgxFjAUBgNV BAMMDTY5NGEyZmU5LTc2YTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCfE9zq0ycwyAa+EEikbAcoI94D+NEhPenil+RJqxLrBAnsqRKvB4yf93sicQds j85GmFb3ycIBIdHMsythS22G4UNc6AOogDt8C/Rfviug0tL3Ga7wPHodK0kFsLPJ JDShPXJ3ZNNu9QvsIqdaZmuGWJDKhkRZW5JTll014aQVcEqJRMLvLWKKVabA2igv 8jsivmEeh3u5P8VLVV54nRcfwmzNwiXgb/pDNQWgZVCQCfn600iS90yfMcOJUS6v 4VPHBAB79Tx7mlGoR8cfLkp6OdrXWnX/70gu9Kd7+1HzkaK8ArAJy6MdhygURgOH C6KpwemiD9t347m8PVXj0pnZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhmukRvP3 Vsosgtc4bC/zZdr0CYowHwYDVR0jBBgwFoAU433E2CR2A+hIwAZsRFuc2NpzUNYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDOEYyLzI4N0RFNzM2NTZD NjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1oSXdBWnNSRnVjMk5welVO WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNDMzRTJDUjJBLWhJd0Fac1JGdWMyTnB6VU5ZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZD OEYyLzI4N0RFNzM2NTZDNjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1o SXdBWnNSRnVjMk5welVOWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAA2COyOwZKjNWl0+hzAfW8LGXMbVzeYyfxyhA/iEx/K5maDZd8b04yhy LiapAqYsgV6lsVZQ2JzYOW4jGpFlUUwdxpklrVh+VVgrWVb+NnvchNKiE6lGc8gd FuWEW65bkMPdDQn/+nnTDVEtUzj+MOPAmErrDtuzd6vNxBCtLM/Li9UfKmzlaJJ/ Xi74BUrNjdKM0drM5xr3p89Jk05MBz8/0IlQyinKufB09on/SoX+/tQA4fEq4Uyf V1B5lAdR6N/caD2Cf+DpJ5ABHuDnk4HIjvVmpctgnQ/Ja0emVGreiljEuzQo4QEX u9YgsJU8b9HuvOi90I8bqujwNhTEXXA= -----END CERTIFICATE-----Generated at Wed Dec 24 15:43:33 2025 by rpki-client