This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft File: g3GOntShsiknnjylVdRNbh_KjMU.mft (raw, json) Hash identifier: xCJhkmD+3xg+8iEggbEECuNMn//ERk6/w17x95jysZE= Subject key identifier: D5:7A:9F:5F:BB:3E:4E:B0:A7:EB:44:40:B3:0E:05:32:9C:2C:99:66 Authority key identifier: 83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5 Certificate issuer: /CN=A917A17B/serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5 Certificate serial: 0CB9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft Manifest number: 0CAE Signing time: Mon 22 Dec 2025 17:57:50 +0000 Manifest this update: Mon 22 Dec 2025 17:57:49 +0000 Manifest next update: Mon 29 Dec 2025 17:57:49 +0000 Files and hashes: 1: g3GOntShsiknnjylVdRNbh_KjMU.crl (hash: mxB5L7XKZB0ZtY9jICRCjXfhLfQoxBW+b6C7nevPDvo=) 2: A473C9A008F311EE98719810C4F9AE02.roa (hash: I+dyDrUC3DvMgCPW4jStqejUHX8a7vo0aXHEIsgKIwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 17:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3257 (0xcb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A17B, serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5 Validity Not Before: Dec 22 17:57:49 2025 GMT Not After : Dec 29 17:57:49 2025 GMT Subject: CN=6949869d-43c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:be:d2:94:09:a3:a2:91:63:34:68:70:e0:7c: 18:50:9c:69:4c:6f:30:6c:ee:f7:54:c6:65:24:d8: 8d:45:47:9d:3c:7d:a0:d8:cd:79:6b:08:c4:10:d3: 91:78:13:c9:0b:0e:57:4f:64:8b:c8:48:b5:79:4e: 53:a8:aa:5a:ca:57:af:1e:9d:3d:00:d8:be:2b:b6: 5a:28:a1:70:34:e8:08:7f:3a:b7:9e:cb:74:b5:4d: 6c:5f:55:eb:c2:91:5e:70:da:83:d4:51:a3:22:26: 2c:2c:9b:e3:0c:a7:dc:64:3e:49:3c:77:70:3b:b3: 46:cd:02:60:0b:f4:e1:fc:0a:f9:59:8e:ac:8a:10: e8:36:f1:e9:d4:c3:68:14:5c:80:b0:92:82:66:87: 00:d4:9a:ee:69:b2:51:8a:ee:86:f5:0e:19:0c:f9: 19:a4:09:1e:5e:cf:2a:d9:12:b8:67:b0:db:11:0c: 06:5f:d0:60:2d:28:f7:f4:fd:5a:ca:17:93:b2:33: 88:b0:c1:f6:62:6b:25:37:6f:f0:d0:b1:f7:b2:5f: fb:68:44:55:4a:71:ed:6c:e1:b9:28:29:f5:72:b0: f3:f2:c3:fb:4d:01:f9:30:29:3b:1c:f1:78:3f:d9: 14:c3:bd:4b:5c:57:f3:21:c0:0d:d9:78:c9:ea:b9: a3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:7A:9F:5F:BB:3E:4E:B0:A7:EB:44:40:B3:0E:05:32:9C:2C:99:66 X509v3 Authority Key Identifier: keyid:83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:67:77:95:33:c4:95:89:62:ab:45:12:f0:85:6f:98:ec:ff: bd:e2:01:65:61:86:57:ab:80:d1:7c:f4:d2:38:9f:fa:fb:0e: 7a:b4:d7:55:50:00:23:39:e8:8d:ae:2a:7a:2e:7c:fc:76:4b: e5:ee:bb:bf:fa:35:9e:41:b0:fe:66:33:29:4f:67:5f:10:c3: bf:4d:a8:09:a4:59:39:3c:94:c1:f4:61:7e:a4:b5:b0:cf:9c: 3b:66:e1:2c:12:bb:09:9b:34:6f:48:52:24:bc:8f:cb:58:ca: 92:25:65:d5:ac:3a:f7:f3:24:f1:62:f3:e4:4d:c0:63:b3:ea: 23:6d:e4:5d:2b:57:e1:b9:c0:3c:3c:51:ed:8f:1a:88:6b:95: 71:3d:27:a8:d8:eb:c7:fb:c3:47:9a:26:45:a2:b4:64:fc:e5: 9b:a0:7a:53:90:dc:43:6d:da:93:60:23:75:51:23:1b:fd:c5: 56:2f:5a:c3:05:c0:62:4f:cd:4c:ba:9c:97:aa:2a:10:17:f7: 92:77:c3:11:ef:27:54:1c:4b:9c:96:e1:62:fe:8a:f3:a9:c3: cd:85:b8:4b:fc:b9:fc:1f:ae:51:ab:a9:0d:42:3a:62:2c:cc: 55:56:51:3c:ba:9f:36:0a:7e:f0:ad:0b:c2:3a:c5:af:b4:33: e9:0d:91:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDLkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0ExN0IxMTAvBgNVBAUTKDgzNzE4RTlFRDRBMUIyMjkyNzlFM0NBNTU1RDQ0RDZF MUZDQThDQzUwHhcNMjUxMjIyMTc1NzQ5WhcNMjUxMjI5MTc1NzQ5WjAYMRYwFAYD VQQDDA02OTQ5ODY5ZC00M2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApb7SlAmjopFjNGhw4HwYUJxpTG8wbO73VMZlJNiNRUedPH2g2M15awjEENOR eBPJCw5XT2SLyEi1eU5TqKpaylevHp09ANi+K7ZaKKFwNOgIfzq3nst0tU1sX1Xr wpFecNqD1FGjIiYsLJvjDKfcZD5JPHdwO7NGzQJgC/Th/Ar5WY6sihDoNvHp1MNo FFyAsJKCZocA1JruabJRiu6G9Q4ZDPkZpAkeXs8q2RK4Z7DbEQwGX9BgLSj39P1a yheTsjOIsMH2YmslN2/w0LH3sl/7aERVSnHtbOG5KCn1crDz8sP7TQH5MCk7HPF4 P9kUw71LXFfzIcAN2XjJ6rmjtQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNV6n1+7 Pk6wp+tEQLMOBTKcLJlmMB8GA1UdIwQYMBaAFINxjp7UobIpJ548pVXUTW4fyozF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTE3Qi84NTM5NUQ2RTA2 RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNpa25uanlsVmRSTmJoX0tq TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2czR09udFNoc2lrbm5qeWxWZFJOYmhfS2pNVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTE3Qi84NTM5NUQ2RTA2RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNp a25uanlsVmRSTmJoX0tqTVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApZ3eVM8SViWKrRRLwhW+Y7P+94gFlYYZXq4DRfPTSOJ/6+w56tNdV UAAjOeiNrip6Lnz8dkvl7ru/+jWeQbD+ZjMpT2dfEMO/TagJpFk5PJTB9GF+pLWw z5w7ZuEsErsJmzRvSFIkvI/LWMqSJWXVrDr38yTxYvPkTcBjs+ojbeRdK1fhucA8 PFHtjxqIa5VxPSeo2OvH+8NHmiZForRk/OWboHpTkNxDbdqTYCN1USMb/cVWL1rD BcBiT81MupyXqioQF/eSd8MR7ydUHEucluFi/orzqcPNhbhL/Ln8H65Rq6kNQjpi LMxVVlE8up82Cn7wrQvCOsWvtDPpDZEQ -----END CERTIFICATE-----Generated at Wed Dec 24 14:12:38 2025 by rpki-client