This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft File: OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json) Hash identifier: SEv0PSwevdB1Gjv4/eT4GxklOLUBZAMKMlTTGvPt0Y0= Subject key identifier: 81:F9:BF:1F:CD:9F:47:68:7D:A1:F6:C6:D1:B5:A8:FF:39:FC:5B:9D Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 Certificate issuer: /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Certificate serial: 038A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft Manifest number: 0382 Signing time: Sun 21 Dec 2025 00:04:03 +0000 Manifest this update: Sun 21 Dec 2025 00:04:03 +0000 Manifest next update: Sun 28 Dec 2025 00:04:03 +0000 Files and hashes: 1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: TBpqhdbe+R83qCXhNjFkjNHJiGtpvvL+TKBu5rB55h8=) 2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: HUqC6JNil8MpabByxXZUWUh1z061818LFUdkHBUaghY=) 3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: m1T9GaVF/kOA3y3lDclBiCBdGMqPbCm1SzZbjGctr8o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 00:04:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 906 (0x38a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Validity Not Before: Dec 21 00:04:03 2025 GMT Not After : Dec 28 00:04:03 2025 GMT Subject: CN=69473973-3658 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:68:53:fb:00:8d:28:5d:c8:48:a6:9b:be:0e: 3b:f5:55:f8:af:3f:09:47:ff:9b:65:15:10:20:53: 0f:b0:a1:90:c9:11:8b:bc:b5:c8:20:e0:6f:9b:75: 6c:ec:68:c6:02:fc:ab:a3:a5:d1:a4:19:35:6f:85: 44:f8:69:bc:ab:29:4d:72:1c:2d:e2:15:21:d9:d1: 90:da:41:f3:fe:ed:3a:b0:b8:26:f5:30:c3:91:b2: 01:2e:ed:71:54:aa:74:f4:df:58:7c:ac:2b:95:9f: 1c:bb:ae:0e:35:83:a1:55:4a:c2:f5:8d:e6:d0:c6: 15:91:9f:0c:41:c6:06:e3:4f:36:be:f2:f0:df:3c: 84:f0:80:2b:aa:c5:f2:d3:ed:6c:b2:3b:f2:4f:5e: 79:7a:70:d7:aa:24:5d:47:a8:8e:da:d8:00:8f:03: f6:e6:6b:07:eb:06:98:e5:9b:b9:69:0c:85:1c:42: 80:8f:e5:66:82:df:00:a8:4c:35:46:e3:42:3c:61: fd:f3:fd:dc:38:37:b0:d2:bb:93:ae:55:8f:26:ce: 5c:45:07:e2:b7:5b:3b:ee:d9:0b:24:2a:7f:4d:a2: 6b:ea:ee:8f:cd:aa:8e:ee:cd:c5:37:3a:11:8c:47: cf:10:7d:9c:b4:c7:7d:11:eb:11:39:1e:65:df:8b: ec:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:F9:BF:1F:CD:9F:47:68:7D:A1:F6:C6:D1:B5:A8:FF:39:FC:5B:9D X509v3 Authority Key Identifier: keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:96:68:4c:26:f3:c1:f2:d1:1d:9f:b2:0a:05:a8:5d:35:5d: 59:7e:72:84:90:02:a8:e5:07:30:4f:0b:49:67:6d:e0:e7:ff: eb:6d:4f:23:d9:de:c5:ae:19:8d:43:a6:32:6d:82:f3:7b:34: 5f:5c:ba:7f:7a:af:1e:3e:ad:28:e9:8e:c5:2c:91:02:df:40: 0f:de:27:a7:12:45:1d:1c:77:6f:ce:8d:29:c5:99:b1:67:ce: e4:3b:39:c4:44:b7:e3:64:2a:a9:91:f1:d3:24:e7:ac:6d:d8: 0c:ff:bb:80:93:be:bb:5c:c2:8c:57:2f:08:de:38:c3:aa:74: a1:f0:36:2c:6c:df:1e:3e:a4:22:ed:ad:99:3e:d0:63:21:5c: 57:39:12:03:08:af:79:e8:c5:fc:af:5a:11:93:dc:38:41:fc: 62:d4:57:ca:00:6a:14:e6:b7:38:f4:e7:08:2e:10:f6:cb:bf: 51:68:d3:5a:0a:5b:ce:ec:40:f5:42:1c:5f:5e:4d:38:fb:c1: 77:f4:e5:4e:f4:60:b4:dd:46:e7:62:f3:f5:6e:eb:d9:ba:da: c6:80:8b:69:7e:cf:84:88:4d:1d:68:30:a2:61:f3:a2:27:b6: 30:d4:4e:1a:6f:28:b9:13:0e:be:5b:c5:dd:50:fc:be:b2:b8: 15:aa:46:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC MkVBOEU1MjIwHhcNMjUxMjIxMDAwNDAzWhcNMjUxMjI4MDAwNDAzWjAYMRYwFAYD VQQDDA02OTQ3Mzk3My0zNjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA02hT+wCNKF3ISKabvg479VX4rz8JR/+bZRUQIFMPsKGQyRGLvLXIIOBvm3Vs 7GjGAvyro6XRpBk1b4VE+Gm8qylNchwt4hUh2dGQ2kHz/u06sLgm9TDDkbIBLu1x VKp09N9YfKwrlZ8cu64ONYOhVUrC9Y3m0MYVkZ8MQcYG4082vvLw3zyE8IArqsXy 0+1ssjvyT155enDXqiRdR6iO2tgAjwP25msH6waY5Zu5aQyFHEKAj+Vmgt8AqEw1 RuNCPGH98/3cODew0ruTrlWPJs5cRQfit1s77tkLJCp/TaJr6u6PzaqO7s3FNzoR jEfPEH2ctMd9EesROR5l34vsiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIH5vx/N n0dofaH2xtG1qP85/FudMB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL cjc1NElLTEdQWmV5Nm81U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAclmhMJvPB8tEdn7IKBahdNV1ZfnKEkAKo5QcwTwtJZ23g5//rbU8j 2d7FrhmNQ6YybYLzezRfXLp/eq8ePq0o6Y7FLJEC30AP3ienEkUdHHdvzo0pxZmx Z87kOznERLfjZCqpkfHTJOesbdgM/7uAk767XMKMVy8I3jjDqnSh8DYsbN8ePqQi 7a2ZPtBjIVxXORIDCK956MX8r1oRk9w4Qfxi1FfKAGoU5rc49OcILhD2y79RaNNa ClvO7ED1QhxfXk04+8F39OVO9GC03UbnYvP1buvZutrGgItpfs+EiE0daDCiYfOi J7Yw1E4abyi5Ew6+W8XdUPy+srgVqkaw -----END CERTIFICATE-----Generated at Mon Dec 22 05:37:52 2025 by rpki-client