This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91790C3/855305E282C011EBBACE2A7BC4F9AE02/VIe2P0TWkdQ1aIr-PIrCe_2REq0.mft File: VIe2P0TWkdQ1aIr-PIrCe_2REq0.mft (raw, json) Hash identifier: BJFIiAb+jaIX65ljHUjofmoVBZlklQfwwX3lBaEfONk= Subject key identifier: 3C:AC:4F:AC:64:4A:31:B5:26:CB:FF:F8:50:D4:58:0B:82:36:7B:7E Authority key identifier: 54:87:B6:3F:44:D6:91:D4:35:68:8A:FE:3C:8A:C2:7B:FD:91:12:AD Certificate issuer: /CN=A91790C3/serialNumber=5487B63F44D691D435688AFE3C8AC27BFD9112AD Certificate serial: 06E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIe2P0TWkdQ1aIr-PIrCe_2REq0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91790C3/855305E282C011EBBACE2A7BC4F9AE02/VIe2P0TWkdQ1aIr-PIrCe_2REq0.mft Manifest number: 06D0 Signing time: Sat 20 Dec 2025 21:28:58 +0000 Manifest this update: Sat 20 Dec 2025 21:28:58 +0000 Manifest next update: Sat 27 Dec 2025 21:28:58 +0000 Files and hashes: 1: VIe2P0TWkdQ1aIr-PIrCe_2REq0.crl (hash: +CfoipreB6qPonCTstuocbTHA9lQ3y1QLo1uZt/xGaY=) 2: 9EA2D73236D311EF89295180C4F9AE02.roa (hash: +9/yAjbYtByxr02PsszdU6WoEOBanUxI3XJ58Y32rUg=) 3: C3AD861C82C211EBBB08B280C4F9AE02.roa (hash: ppuSVqb5ak+lKAoy3v74h5n7285gGl/XWCpfoBLQk4c=) 4: C437B01282C211EBBB08B280C4F9AE02.roa (hash: LDI+BxI6yWXikOHlYdiFwqiUYfCU5mn6/crB9AgbNkw=) 5: C310545082C211EBBB08B280C4F9AE02.roa (hash: 0laeAZbe0gy37miOPDx6Hc3w0hPowOHvIhox87nHsFA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91790C3/855305E282C011EBBACE2A7BC4F9AE02/VIe2P0TWkdQ1aIr-PIrCe_2REq0.crl rsync://rpki.apnic.net/member_repository/A91790C3/855305E282C011EBBACE2A7BC4F9AE02/VIe2P0TWkdQ1aIr-PIrCe_2REq0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIe2P0TWkdQ1aIr-PIrCe_2REq0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 21:28:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1767 (0x6e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91790C3, serialNumber=5487B63F44D691D435688AFE3C8AC27BFD9112AD Validity Not Before: Dec 20 21:28:58 2025 GMT Not After : Dec 27 21:28:58 2025 GMT Subject: CN=6947151a-bb6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f4:d8:9a:51:68:20:01:bc:20:d8:ad:c0:8a: a9:8f:20:89:d1:24:16:d2:df:42:74:1b:f7:b3:06: cd:83:55:bb:ec:7e:73:62:0c:85:25:47:17:56:6c: 03:95:d9:8d:5f:2c:b4:02:18:0d:f7:46:9b:dc:0f: df:60:41:13:fd:dc:c8:bc:24:86:b6:86:22:f3:67: fc:0e:13:61:ca:6b:0a:3a:bc:b3:af:4f:2f:53:c7: fe:77:9a:5f:98:3d:4d:b5:f4:fb:ed:e3:c9:d2:08: d7:66:48:b5:f3:a2:8e:1c:6a:7b:33:a8:7d:23:44: 94:79:63:ea:8c:76:63:87:4a:57:1f:bd:ec:11:80: c5:7e:a8:7d:29:9d:71:1f:f7:d5:4d:9d:a6:7b:43: 4c:5d:0e:c6:aa:a9:5f:24:53:47:39:3a:46:b8:16: 40:7e:e5:ac:d5:b5:9c:89:8a:26:95:82:d4:de:fe: db:2a:47:e6:c8:41:93:9f:c6:31:7c:57:9a:cd:1c: d0:d8:d0:d8:77:58:2d:70:b6:a4:15:f3:74:4e:21: ae:97:82:ae:6d:b5:83:1e:65:49:12:32:6e:39:b3: b5:19:aa:75:6e:c6:7d:b6:9e:8f:ff:03:22:c8:03: 97:a0:33:26:2b:ab:a9:99:7d:f5:db:77:35:fa:d8: c4:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:AC:4F:AC:64:4A:31:B5:26:CB:FF:F8:50:D4:58:0B:82:36:7B:7E X509v3 Authority Key Identifier: keyid:54:87:B6:3F:44:D6:91:D4:35:68:8A:FE:3C:8A:C2:7B:FD:91:12:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91790C3/855305E282C011EBBACE2A7BC4F9AE02/VIe2P0TWkdQ1aIr-PIrCe_2REq0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIe2P0TWkdQ1aIr-PIrCe_2REq0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91790C3/855305E282C011EBBACE2A7BC4F9AE02/VIe2P0TWkdQ1aIr-PIrCe_2REq0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:77:8b:7d:29:46:2f:41:31:4d:ed:15:c5:40:f6:db:8d:d1: 75:bb:9a:27:f4:8b:48:4a:87:87:3c:f1:7b:11:2a:1d:76:c1: 19:37:88:d7:3a:f3:70:b9:31:88:f2:a4:17:19:e3:a4:6a:c6: 27:4b:7e:1d:01:c0:4d:0c:d7:e0:5a:1d:06:f5:92:85:dc:ab: f7:19:25:16:e3:05:9f:21:d3:fa:36:38:85:90:f3:3f:4d:d3: 3b:f8:ae:5c:8b:98:9f:52:2a:02:67:33:98:5e:45:aa:da:40: 19:d8:26:d2:6a:1a:a9:76:fc:29:04:ee:8b:ed:e9:25:a1:17: 73:5e:eb:33:72:b2:c9:09:4c:b7:b5:e5:d5:3a:1a:ae:06:53: e2:71:e2:d0:e5:95:07:c8:31:be:36:a1:62:84:22:3f:64:88: 44:1f:ec:72:c8:92:45:11:64:30:da:fe:27:e6:3e:a4:04:9e: 75:75:ce:17:4a:19:75:b6:c9:28:f6:79:76:10:9e:65:65:96: d8:25:e7:63:0a:9f:46:ad:72:de:d8:ee:fc:40:56:85:74:4a: be:24:de:ad:d3:35:b5:70:32:93:b4:7d:0d:93:4c:b0:1d:7b: 94:4e:2e:5d:f7:3d:86:1b:50:4e:38:86:31:b0:e1:4c:58:c0: c9:3e:4c:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBucwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzkwQzMxMTAvBgNVBAUTKDU0ODdCNjNGNDRENjkxRDQzNTY4OEFGRTNDOEFDMjdC RkQ5MTEyQUQwHhcNMjUxMjIwMjEyODU4WhcNMjUxMjI3MjEyODU4WjAYMRYwFAYD VQQDDA02OTQ3MTUxYS1iYjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxfTYmlFoIAG8INitwIqpjyCJ0SQW0t9CdBv3swbNg1W77H5zYgyFJUcXVmwD ldmNXyy0AhgN90ab3A/fYEET/dzIvCSGtoYi82f8DhNhymsKOryzr08vU8f+d5pf mD1NtfT77ePJ0gjXZki186KOHGp7M6h9I0SUeWPqjHZjh0pXH73sEYDFfqh9KZ1x H/fVTZ2me0NMXQ7GqqlfJFNHOTpGuBZAfuWs1bWciYomlYLU3v7bKkfmyEGTn8Yx fFeazRzQ2NDYd1gtcLakFfN0TiGul4KubbWDHmVJEjJuObO1Gap1bsZ9tp6P/wMi yAOXoDMmK6upmX3123c1+tjEewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDysT6xk SjG1Jsv/+FDUWAuCNnt+MB8GA1UdIwQYMBaAFFSHtj9E1pHUNWiK/jyKwnv9kRKt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTBDMy84NTUzMDVFMjgy QzAxMUVCQkFDRTJBN0JDNEY5QUUwMi9WSWUyUDBUV2tkUTFhSXItUElyQ2VfMlJF cTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZJZTJQMFRXa2RRMWFJci1QSXJDZV8yUkVxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTBDMy84NTUzMDVFMjgyQzAxMUVCQkFDRTJBN0JDNEY5QUUwMi9WSWUyUDBUV2tk UTFhSXItUElyQ2VfMlJFcTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACd4t9KUYvQTFN7RXFQPbbjdF1u5on9ItISoeHPPF7ESoddsEZN4jX OvNwuTGI8qQXGeOkasYnS34dAcBNDNfgWh0G9ZKF3Kv3GSUW4wWfIdP6NjiFkPM/ TdM7+K5ci5ifUioCZzOYXkWq2kAZ2CbSahqpdvwpBO6L7ekloRdzXuszcrLJCUy3 teXVOhquBlPiceLQ5ZUHyDG+NqFihCI/ZIhEH+xyyJJFEWQw2v4n5j6kBJ51dc4X Shl1tsko9nl2EJ5lZZbYJedjCp9GrXLe2O78QFaFdEq+JN6t0zW1cDKTtH0Nk0yw HXuUTi5d9z2GG1BOOIYxsOFMWMDJPkyf -----END CERTIFICATE-----Generated at Sun Dec 21 08:46:41 2025 by rpki-client