This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft File: AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft (raw, json) Hash identifier: JqMOq+To3gE0cToC8D4dhqjof20IL5xBWC1lo48ObCA= Subject key identifier: BC:FB:2E:F9:B2:49:AB:9B:0E:23:91:CE:50:E6:6A:D8:BE:51:37:FE Authority key identifier: 00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 Certificate issuer: /CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Certificate serial: 01B7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft Manifest number: 01B4 Signing time: Sun 07 Dec 2025 01:35:07 +0000 Manifest this update: Sun 07 Dec 2025 01:35:07 +0000 Manifest next update: Sun 14 Dec 2025 01:35:07 +0000 Files and hashes: 1: AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl (hash: OmhZSiKFi2fwCL/9FTzMTsgerH1biVzG7TrWVzlDzQM=) 2: B022AC18368811EEB1BFE56AC4F9AE02.roa (hash: Zg2pOaZOOb5sHUdXJNoHkdhEmOD4YyAjMP6N4/VUVYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Dec 2025 01:35:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 439 (0x1b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DF0, serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Validity Not Before: Dec 7 01:35:07 2025 GMT Not After : Dec 14 01:35:07 2025 GMT Subject: CN=6934d9cb-1c9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:60:ce:51:1f:a7:bb:64:55:62:28:05:b0:70: bd:7d:25:e4:4c:53:70:17:2f:39:c0:05:f7:5c:84: 69:b2:f9:62:15:d8:72:14:ce:f4:2a:00:ff:a8:e4: f2:e7:18:1c:60:62:44:28:e2:7f:a9:0d:dd:80:4e: 6c:f0:e6:38:5b:65:93:ba:2d:c8:6b:98:14:ec:d3: 1f:24:04:dd:77:f6:84:c7:5e:6b:9b:d1:a2:9a:68: 92:26:be:9e:1a:ce:53:62:75:ed:75:f7:d4:66:1d: 44:af:70:d2:8d:85:9e:f9:2c:bf:0a:7c:10:0a:c3: 8f:67:b1:28:a6:6c:b9:d7:35:fa:71:dd:03:93:27: bf:5f:ce:77:31:fa:2b:6e:c4:d9:44:00:c7:68:12: 58:d0:ed:59:5c:57:f0:13:2b:6e:88:2f:44:b0:c2: ba:14:0a:46:ca:c8:a1:86:c4:22:83:75:d3:15:ea: 19:77:b4:8d:53:65:59:61:f2:54:09:cb:69:8a:3e: 7c:d5:01:79:60:dc:4c:3c:e7:62:08:0b:1e:d8:1f: ef:bb:e7:de:52:0d:0e:27:f3:a2:a1:34:05:7a:71: 58:f4:25:7a:99:43:f7:b5:c8:ed:35:b3:dd:43:13: 17:43:44:40:05:79:01:fa:3f:47:4b:f1:65:13:4d: 55:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:FB:2E:F9:B2:49:AB:9B:0E:23:91:CE:50:E6:6A:D8:BE:51:37:FE X509v3 Authority Key Identifier: keyid:00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d6:2a:46:9c:e7:d8:0c:2e:d2:28:1e:75:b3:89:06:c1:65:96: ec:be:f1:1f:19:21:7b:97:b2:fe:e0:5f:c4:74:80:d3:66:de: e6:ed:62:f6:66:5a:94:bf:53:34:49:5c:1f:5e:a6:06:6d:46: a4:f2:f8:7e:35:c8:f2:b3:12:f2:b5:70:ee:3e:b4:17:90:dc: f2:5d:cb:0c:80:b2:42:5e:c9:cb:cd:cb:02:56:70:43:ca:b8: c5:ce:b4:f6:a5:56:93:fc:47:5a:cc:ad:1d:f1:68:50:9d:2e: 62:00:59:aa:35:4f:73:0d:7e:5f:f2:08:11:38:1e:32:64:44: bd:6a:c4:79:72:b7:73:ee:66:4b:7d:97:08:a3:06:b1:1a:70: 95:01:92:96:d8:4f:eb:af:0c:a6:af:a4:a8:34:7b:3c:f0:91: bc:47:bf:d0:38:cb:b5:ac:aa:94:8a:76:8f:a4:e8:15:b5:8e: ee:6d:6d:4a:86:68:43:7b:41:e6:75:24:40:aa:99:fd:6d:b2: 66:c5:07:b5:ab:3b:64:c3:17:cd:3c:29:7a:33:d9:df:de:bf: 03:52:a5:e3:52:ed:d7:47:96:2a:54:9e:34:bf:7c:51:ac:b9: dc:cf:56:28:5d:71:f1:5b:c2:dd:46:1b:8a:37:f4:ae:c0:97: e2:91:42:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBERjAxMTAvBgNVBAUTKDAwMDhFMkVFQkU2QzU1RjI1OTQ5NDlBNDc3Rjg2NzdC RkY0QTdGRTQwHhcNMjUxMjA3MDEzNTA3WhcNMjUxMjE0MDEzNTA3WjAYMRYwFAYD VQQDEw02OTM0ZDljYi0xYzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvmDOUR+nu2RVYigFsHC9fSXkTFNwFy85wAX3XIRpsvliFdhyFM70KgD/qOTy 5xgcYGJEKOJ/qQ3dgE5s8OY4W2WTui3Ia5gU7NMfJATdd/aEx15rm9GimmiSJr6e Gs5TYnXtdffUZh1Er3DSjYWe+Sy/CnwQCsOPZ7Eopmy51zX6cd0Dkye/X853Mfor bsTZRADHaBJY0O1ZXFfwEytuiC9EsMK6FApGysihhsQig3XTFeoZd7SNU2VZYfJU Cctpij581QF5YNxMPOdiCAse2B/vu+feUg0OJ/OioTQFenFY9CV6mUP3tcjtNbPd QxMXQ0RABXkB+j9HS/FlE01VyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLz7Lvmy SaubDiORzlDmati+UTf+MB8GA1UdIwQYMBaAFAAI4u6+bFXyWUlJpHf4Z3v/Sn/k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MERGMC81REVGQUNGMDM2 NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1ZmSlpTVW1rZF9obmVfOUtm LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0FBamk3cjVzVmZKWlNVbWtkX2huZV85S2YtUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MERGMC81REVGQUNGMDM2NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1Zm SlpTVW1rZF9obmVfOUtmLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDWKkac59gMLtIoHnWziQbBZZbsvvEfGSF7l7L+4F/EdIDTZt7m7WL2 ZlqUv1M0SVwfXqYGbUak8vh+NcjysxLytXDuPrQXkNzyXcsMgLJCXsnLzcsCVnBD yrjFzrT2pVaT/EdazK0d8WhQnS5iAFmqNU9zDX5f8ggROB4yZES9asR5crdz7mZL fZcIowaxGnCVAZKW2E/rrwymr6SoNHs88JG8R7/QOMu1rKqUinaPpOgVtY7ubW1K hmhDe0HmdSRAqpn9bbJmxQe1qztkwxfNPCl6M9nf3r8DUqXjUu3XR5YqVJ40v3xR rLncz1YoXXHxW8LdRhuKN/SuwJfikUJn -----END CERTIFICATE-----Generated at Sun Dec 7 15:30:23 2025 by rpki-client