This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917991B/7D0C37D0604311EC8D37510EC4F9AE02/iaGX0JdonG6zOGepzIrM1_s2Tok.mft File: iaGX0JdonG6zOGepzIrM1_s2Tok.mft (raw, json) Hash identifier: UQxPJxM1KGYBnhgUhl0aympVVFoJ2pU1NIm0N89t0RU= Subject key identifier: B8:09:C2:FB:04:A7:61:37:36:FB:A8:AB:6A:85:40:27:74:66:97:0D Authority key identifier: 89:A1:97:D0:97:68:9C:6E:B3:38:67:A9:CC:8A:CC:D7:FB:36:4E:89 Certificate issuer: /CN=A917991B/serialNumber=89A197D097689C6EB33867A9CC8ACCD7FB364E89 Certificate serial: 04AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iaGX0JdonG6zOGepzIrM1_s2Tok.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917991B/7D0C37D0604311EC8D37510EC4F9AE02/iaGX0JdonG6zOGepzIrM1_s2Tok.mft Manifest number: 04A4 Signing time: Sat 20 Dec 2025 23:16:49 +0000 Manifest this update: Sat 20 Dec 2025 23:16:49 +0000 Manifest next update: Sat 27 Dec 2025 23:16:49 +0000 Files and hashes: 1: iaGX0JdonG6zOGepzIrM1_s2Tok.crl (hash: NO1F2dq3N9y9JKU4/8zJBMHi1FcStWcxf/v/9uKhyxk=) 2: E82DE3C290AB11ECAB81252FC4F9AE02.roa (hash: M9+vY+hFN94HdKE9FI6ZDTlRjfa1IPzz7IeGhvfQshE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917991B/7D0C37D0604311EC8D37510EC4F9AE02/iaGX0JdonG6zOGepzIrM1_s2Tok.crl rsync://rpki.apnic.net/member_repository/A917991B/7D0C37D0604311EC8D37510EC4F9AE02/iaGX0JdonG6zOGepzIrM1_s2Tok.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iaGX0JdonG6zOGepzIrM1_s2Tok.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 23:16:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1198 (0x4ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917991B, serialNumber=89A197D097689C6EB33867A9CC8ACCD7FB364E89 Validity Not Before: Dec 20 23:16:49 2025 GMT Not After : Dec 27 23:16:49 2025 GMT Subject: CN=69472e61-c938 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:3e:c0:6a:52:9c:af:5a:0d:19:0d:6f:48:c1: fe:4b:78:b5:23:78:78:4d:94:bc:d2:3b:9e:ac:9b: c3:ad:7d:ab:77:f2:27:b0:86:b0:2a:12:1b:f9:17: 03:70:de:42:62:cf:f0:28:87:ad:cf:d2:bd:98:5f: 41:e5:86:9b:6f:b8:39:4b:4c:1e:45:03:5d:db:9a: f2:3a:01:b8:1b:fa:d1:8c:de:3b:2c:b2:aa:65:ab: 1b:4f:aa:00:98:64:8f:0a:9b:8d:82:0e:85:4f:ed: 28:b0:02:0d:02:85:e3:e4:c1:dd:d1:fc:a6:29:e7: 17:16:c0:f6:1f:3b:14:ac:c0:ab:7c:67:33:0d:b5: 99:b5:09:c4:e0:6a:ea:94:5e:8a:ef:62:24:81:96: 49:58:8f:40:8b:77:56:ca:91:e8:24:5d:68:52:aa: 63:8b:70:61:f9:bb:f6:18:8d:34:23:5d:ef:2a:97: c2:8b:67:89:42:57:0a:94:c5:cf:5c:4c:47:db:11: 5e:84:4e:d9:b1:1c:ac:7b:48:e9:1a:36:d6:e7:9a: eb:bf:a2:8d:27:fa:85:f2:9b:4a:62:eb:5e:76:46: f1:f6:9c:1c:bb:ba:fe:21:78:06:7e:e5:07:ea:8f: 43:f6:f2:75:02:e9:67:6c:d7:98:a1:dc:25:96:7a: 2f:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:09:C2:FB:04:A7:61:37:36:FB:A8:AB:6A:85:40:27:74:66:97:0D X509v3 Authority Key Identifier: keyid:89:A1:97:D0:97:68:9C:6E:B3:38:67:A9:CC:8A:CC:D7:FB:36:4E:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917991B/7D0C37D0604311EC8D37510EC4F9AE02/iaGX0JdonG6zOGepzIrM1_s2Tok.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iaGX0JdonG6zOGepzIrM1_s2Tok.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917991B/7D0C37D0604311EC8D37510EC4F9AE02/iaGX0JdonG6zOGepzIrM1_s2Tok.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:e3:59:81:55:1e:e6:2a:02:04:fc:4b:7d:d0:4d:09:f5:9c: 80:d2:87:aa:6e:ed:88:ef:e9:e1:0c:3c:26:d6:e1:84:00:c4: a0:c4:4e:e7:af:a6:41:d9:fb:2f:eb:c6:88:c6:a1:16:ed:a9: 83:b1:38:0d:48:e2:72:b4:8d:38:ce:0a:3f:2d:fd:b0:d1:8a: 45:5d:31:74:66:25:22:eb:6c:b5:52:e7:e2:5a:fc:44:f6:c9: 46:64:43:52:b6:76:fa:b8:28:6e:8e:b4:86:9e:e6:bd:6f:2b: 92:08:7c:5d:db:36:66:5c:57:86:57:50:04:c3:c5:79:68:b4: 84:2b:df:3f:6f:ed:02:ed:7d:24:77:67:0a:3e:f3:74:89:00: ea:63:2f:21:3f:27:19:05:53:8b:d2:50:e0:f3:20:d1:f2:3c: b3:48:ae:8c:ed:d5:bb:7c:a0:6d:ac:2c:2b:4a:78:e7:9e:6e: c4:7a:eb:05:5e:6a:62:44:fb:3d:85:2f:f2:99:31:44:cd:4b: 6b:dd:7c:c2:7e:54:93:41:a7:e1:b4:a4:11:8b:0a:20:f8:e1: 4c:ab:cf:41:a9:4e:46:41:a6:c4:14:ab:94:37:1a:37:e1:ee: 0d:3a:a3:20:8f:72:28:32:4e:02:53:51:36:f6:f8:9f:97:92: 5f:69:09:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk5MUIxMTAvBgNVBAUTKDg5QTE5N0QwOTc2ODlDNkVCMzM4NjdBOUNDOEFDQ0Q3 RkIzNjRFODkwHhcNMjUxMjIwMjMxNjQ5WhcNMjUxMjI3MjMxNjQ5WjAYMRYwFAYD VQQDDA02OTQ3MmU2MS1jOTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnT7AalKcr1oNGQ1vSMH+S3i1I3h4TZS80juerJvDrX2rd/InsIawKhIb+RcD cN5CYs/wKIetz9K9mF9B5Yabb7g5S0weRQNd25ryOgG4G/rRjN47LLKqZasbT6oA mGSPCpuNgg6FT+0osAINAoXj5MHd0fymKecXFsD2HzsUrMCrfGczDbWZtQnE4Grq lF6K72IkgZZJWI9Ai3dWypHoJF1oUqpji3Bh+bv2GI00I13vKpfCi2eJQlcKlMXP XExH2xFehE7ZsRyse0jpGjbW55rrv6KNJ/qF8ptKYutedkbx9pwcu7r+IXgGfuUH 6o9D9vJ1AulnbNeYodwllnovhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLgJwvsE p2E3Nvuoq2qFQCd0ZpcNMB8GA1UdIwQYMBaAFImhl9CXaJxuszhnqcyKzNf7Nk6J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTkxQi83RDBDMzdEMDYw NDMxMUVDOEQzNzUxMEVDNEY5QUUwMi9pYUdYMEpkb25HNnpPR2VweklyTTFfczJU b2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lhR1gwSmRvbkc2ek9HZXB6SXJNMV9zMlRvay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTkxQi83RDBDMzdEMDYwNDMxMUVDOEQzNzUxMEVDNEY5QUUwMi9pYUdYMEpkb25H NnpPR2VweklyTTFfczJUb2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA941mBVR7mKgIE/Et90E0J9ZyA0oeqbu2I7+nhDDwm1uGEAMSgxE7n r6ZB2fsv68aIxqEW7amDsTgNSOJytI04zgo/Lf2w0YpFXTF0ZiUi62y1UufiWvxE 9slGZENStnb6uChujrSGnua9byuSCHxd2zZmXFeGV1AEw8V5aLSEK98/b+0C7X0k d2cKPvN0iQDqYy8hPycZBVOL0lDg8yDR8jyzSK6M7dW7fKBtrCwrSnjnnm7EeusF XmpiRPs9hS/ymTFEzUtr3XzCflSTQafhtKQRiwog+OFMq89BqU5GQabEFKuUNxo3 4e4NOqMgj3IoMk4CU1E29vifl5JfaQkX -----END CERTIFICATE-----Generated at Sun Dec 21 12:58:22 2025 by rpki-client