This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A916CCFF/9A5EC16C46FE11EC94E3D24AC4F9AE02/CANmLFcTJXKPJPqtjLGl8ZAHFe0.mft File: CANmLFcTJXKPJPqtjLGl8ZAHFe0.mft (raw, json) Hash identifier: 1l5BnLb37+PJPoFBe204FzK+4aBoCrheXG6TPV3pzjA= Subject key identifier: 9B:67:8F:BA:DC:2C:32:E0:4B:E7:72:BF:EE:CE:CC:4C:BB:BB:4B:29 Authority key identifier: 08:03:66:2C:57:13:25:72:8F:24:FA:AD:8C:B1:A5:F1:90:07:15:ED Certificate issuer: /CN=A916CCFF/serialNumber=0803662C571325728F24FAAD8CB1A5F1900715ED Certificate serial: 04FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CANmLFcTJXKPJPqtjLGl8ZAHFe0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916CCFF/9A5EC16C46FE11EC94E3D24AC4F9AE02/CANmLFcTJXKPJPqtjLGl8ZAHFe0.mft Manifest number: 04E0 Signing time: Sat 06 Dec 2025 22:32:24 +0000 Manifest this update: Sat 06 Dec 2025 22:32:23 +0000 Manifest next update: Sat 13 Dec 2025 22:32:23 +0000 Files and hashes: 1: CANmLFcTJXKPJPqtjLGl8ZAHFe0.crl (hash: CPZdvM0T+AA28irFy38SyQDQ/trtks2h34hyP6OeMCY=) 2: 02F57BD252E711EC931DB95CC4F9AE02.roa (hash: TGHGZPpqAj2jmtX8lTQMi8kBaI8ojiWWIFj1IWycEgs=) 3: 413AD9F852E411EC9E19AA2FC4F9AE02.roa (hash: Y2Z1jehKepnssjRVP8joGvXLmK9adM98wErhHrOtaeg=) 4: 0517C4F0470311EC9E6FA71DC4F9AE02.roa (hash: o+VIx3yy8oMDW/C3RImP2D9X9JrFefZYlsNOIecQzAE=) 5: 41E32C9852E411EC9E19AA2FC4F9AE02.roa (hash: i1mD+r6XwMu6On3/bUlN+PaLdP6khHenZ0Z0HUab9AI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916CCFF/9A5EC16C46FE11EC94E3D24AC4F9AE02/CANmLFcTJXKPJPqtjLGl8ZAHFe0.crl rsync://rpki.apnic.net/member_repository/A916CCFF/9A5EC16C46FE11EC94E3D24AC4F9AE02/CANmLFcTJXKPJPqtjLGl8ZAHFe0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CANmLFcTJXKPJPqtjLGl8ZAHFe0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 22:32:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1274 (0x4fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916CCFF, serialNumber=0803662C571325728F24FAAD8CB1A5F1900715ED Validity Not Before: Dec 6 22:32:23 2025 GMT Not After : Dec 13 22:32:23 2025 GMT Subject: CN=6934aef8-856a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:51:f0:61:99:d9:e5:7b:a2:29:d6:f8:a8:04: 23:80:aa:4c:f7:ea:c8:bc:d0:88:df:41:42:8a:9f: 70:6e:ba:28:f2:1e:5b:dc:3f:20:4f:ac:17:18:2f: a3:19:d7:3f:c9:92:57:b1:f8:4e:5d:cc:0c:7c:04: 5c:d6:0c:2d:a5:f8:03:d9:e9:e0:ed:46:4a:a4:f0: 90:00:65:d4:89:d3:27:b9:d6:8f:16:a2:d0:aa:62: 91:33:3e:0f:18:de:43:22:f0:34:a3:fc:a0:40:11: 3b:97:a2:33:d3:06:09:6e:8b:9f:89:3d:dd:98:91: 0a:e6:89:dd:1c:26:92:dd:b4:17:29:50:32:21:f8: a3:03:ff:2a:70:0d:2f:07:7e:88:e0:a1:ad:d0:76: 6e:68:a7:fc:28:c0:ab:0b:75:69:26:b4:bb:6c:28: 9c:ad:e7:95:0f:71:65:f0:55:cc:d6:59:d4:15:8d: 1e:02:f5:78:77:ed:dd:4e:db:c4:a3:c9:59:07:18: a2:c3:53:b8:1b:17:99:2c:51:1a:24:9c:04:f5:6b: 05:ac:f6:0a:29:e8:04:88:db:b9:26:88:25:68:f0: 2c:b9:9c:4c:d5:23:bb:d0:97:c5:64:78:ac:4a:b8: bc:3e:8e:01:28:35:39:f1:a4:79:90:99:33:4e:c2: 9b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:67:8F:BA:DC:2C:32:E0:4B:E7:72:BF:EE:CE:CC:4C:BB:BB:4B:29 X509v3 Authority Key Identifier: keyid:08:03:66:2C:57:13:25:72:8F:24:FA:AD:8C:B1:A5:F1:90:07:15:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916CCFF/9A5EC16C46FE11EC94E3D24AC4F9AE02/CANmLFcTJXKPJPqtjLGl8ZAHFe0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CANmLFcTJXKPJPqtjLGl8ZAHFe0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916CCFF/9A5EC16C46FE11EC94E3D24AC4F9AE02/CANmLFcTJXKPJPqtjLGl8ZAHFe0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:2e:f1:80:fc:01:3a:00:59:38:95:a1:06:78:46:1b:f4:d4: 78:14:5c:3e:a6:e3:d0:2c:70:9f:08:57:5b:91:d3:a6:b9:94: fa:a3:1f:f6:93:fe:80:ce:7e:52:c4:bc:bd:df:a8:ee:87:d4: 6d:a4:0b:1f:28:4d:22:d6:8d:df:de:ca:6c:29:44:e4:86:8f: 82:e5:07:ca:b7:cd:50:32:64:d3:73:40:ce:f5:a6:e5:3d:c6: a9:96:c8:ed:8c:77:57:d1:d2:38:ba:02:81:53:1d:de:84:5f: 5b:ee:57:5d:02:bc:b2:98:70:eb:8e:6e:43:c6:b1:0d:6a:3f: 25:0d:a8:68:e9:ba:ae:46:3d:2f:ae:af:51:cd:b4:d7:62:97: 75:c8:d3:65:4e:6e:78:d3:45:45:91:dd:17:4a:bd:19:64:63: 51:04:25:fa:db:3f:46:00:96:fa:9c:31:9f:73:89:3e:09:4e: 1f:f8:9c:5f:9d:44:0a:13:2d:58:78:21:0c:55:ec:a1:5b:e5: f6:2c:79:95:86:46:bb:0e:15:24:38:e2:47:0b:fe:84:71:cf: 31:19:16:86:90:63:cd:7f:b5:04:66:ed:6d:11:fa:3a:68:4d: f2:17:06:58:01:94:9b:d0:75:2d:48:79:6e:0b:0c:a3:c0:d8: 21:1d:53:a2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkNDRkYxMTAvBgNVBAUTKDA4MDM2NjJDNTcxMzI1NzI4RjI0RkFBRDhDQjFBNUYx OTAwNzE1RUQwHhcNMjUxMjA2MjIzMjIzWhcNMjUxMjEzMjIzMjIzWjAYMRYwFAYD VQQDEw02OTM0YWVmOC04NTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu1HwYZnZ5XuiKdb4qAQjgKpM9+rIvNCI30FCip9wbroo8h5b3D8gT6wXGC+j Gdc/yZJXsfhOXcwMfARc1gwtpfgD2eng7UZKpPCQAGXUidMnudaPFqLQqmKRMz4P GN5DIvA0o/ygQBE7l6Iz0wYJboufiT3dmJEK5ondHCaS3bQXKVAyIfijA/8qcA0v B36I4KGt0HZuaKf8KMCrC3VpJrS7bCicreeVD3Fl8FXM1lnUFY0eAvV4d+3dTtvE o8lZBxiiw1O4GxeZLFEaJJwE9WsFrPYKKegEiNu5JoglaPAsuZxM1SO70JfFZHis Sri8Po4BKDU58aR5kJkzTsKbaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJtnj7rc LDLgS+dyv+7OzEy7u0spMB8GA1UdIwQYMBaAFAgDZixXEyVyjyT6rYyxpfGQBxXt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Q0NGRi85QTVFQzE2QzQ2 RkUxMUVDOTRFM0QyNEFDNEY5QUUwMi9DQU5tTEZjVEpYS1BKUHF0akxHbDhaQUhG ZTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NBTm1MRmNUSlhLUEpQcXRqTEdsOFpBSEZlMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Q0NGRi85QTVFQzE2QzQ2RkUxMUVDOTRFM0QyNEFDNEY5QUUwMi9DQU5tTEZjVEpY S1BKUHF0akxHbDhaQUhGZTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8LvGA/AE6AFk4laEGeEYb9NR4FFw+puPQLHCfCFdbkdOmuZT6ox/2 k/6Azn5SxLy936juh9RtpAsfKE0i1o3f3spsKUTkho+C5QfKt81QMmTTc0DO9abl PcaplsjtjHdX0dI4ugKBUx3ehF9b7lddAryymHDrjm5DxrENaj8lDaho6bquRj0v rq9RzbTXYpd1yNNlTm5400VFkd0XSr0ZZGNRBCX62z9GAJb6nDGfc4k+CU4f+Jxf nUQKEy1YeCEMVeyhW+X2LHmVhka7DhUkOOJHC/6Ecc8xGRaGkGPNf7UEZu1tEfo6 aE3yFwZYAZSb0HUtSHluCwyjwNghHVOi -----END CERTIFICATE-----Generated at Mon Dec 8 03:04:28 2025 by rpki-client