This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: MPpX8SW9Gspsbzn9eGp/F5be2z6db2SZmvwe7QsbJaU= Subject key identifier: 1F:05:D4:C3:17:C1:82:2E:9A:00:99:3A:F8:42:70:00:C9:06:DB:9D Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C7C Signing time: Mon 22 Dec 2025 18:07:00 +0000 Manifest this update: Mon 22 Dec 2025 18:06:59 +0000 Manifest next update: Mon 29 Dec 2025 18:06:59 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: Kcf//1GUP5YJBgmvRMCa7+tOGJ8r6gWorlDPVpxGSqg=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: 1qzItKWorYUUOmMK79qcFmJ05vCRXkNln617yx1hDtI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 18:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3204 (0xc84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Dec 22 18:06:59 2025 GMT Not After : Dec 29 18:06:59 2025 GMT Subject: CN=694988c4-0946 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:47:00:c3:b6:b7:06:79:fa:14:ea:19:b9:b4: cc:09:c9:cc:88:64:75:3b:7b:0e:29:ae:4f:10:c5: 29:4b:66:48:9f:15:97:6b:11:a1:ea:8a:03:a7:5a: e8:94:7f:4e:c4:c0:dd:e9:1b:aa:e3:90:22:7e:01: b6:98:08:ce:02:56:f5:e5:28:ce:09:d0:25:b9:27: 01:45:1c:de:e6:d1:ed:19:c9:3f:62:b4:fe:5d:ce: ea:e4:b4:45:4a:34:7b:d7:7f:f2:c7:ac:61:f3:5f: 93:7c:1b:15:9f:65:b3:3a:ee:44:15:70:71:2b:55: 18:cc:d4:d6:aa:68:12:a3:ce:fa:d9:50:5c:33:2b: 9e:61:78:8e:de:b5:86:cb:ac:e3:1f:97:b6:db:c1: 43:e3:b9:40:4b:aa:26:3f:49:9f:d5:28:8c:29:46: cd:64:f5:04:5d:6e:a7:b9:4b:0e:82:2b:5a:07:05: a8:61:96:45:4d:86:96:e0:cb:59:80:14:e1:fb:12: 24:33:26:05:91:c1:36:11:fc:81:11:4c:2b:da:52: 12:fe:d6:06:d5:cf:0b:a1:ff:7e:89:0e:5b:cd:d0: 20:af:ee:34:f0:6f:05:dc:1a:9a:f4:16:da:06:02: 3a:a7:4c:7a:5c:5c:aa:0d:bb:cb:dd:5b:0a:04:7c: 64:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:05:D4:C3:17:C1:82:2E:9A:00:99:3A:F8:42:70:00:C9:06:DB:9D X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:29:79:e3:3b:b8:b9:a2:ea:28:f0:b3:47:e2:a0:e9:35:fb: 92:14:68:4c:14:0e:22:4a:e7:d0:1f:77:d3:0e:b7:17:5a:41: e2:5d:9d:f2:26:3d:22:7d:c0:8b:ae:aa:f3:d9:02:c2:18:b4: 44:9c:a9:0e:cb:2c:66:99:6f:22:ec:d1:cf:df:70:8f:5d:83: 8c:71:ed:70:a5:40:d9:0a:6c:32:1e:4d:c7:b8:9a:c7:fb:fa: a4:64:f7:5b:c0:6f:11:8b:ba:a9:4c:00:e1:08:29:5f:fe:32: 29:93:f4:1a:46:73:36:03:11:e5:18:85:e0:09:3e:f8:6b:1f: 5d:36:be:c6:f1:8a:b4:4b:40:03:cd:fe:98:0b:9a:b0:a5:fe: 54:39:51:d2:02:b7:b5:e2:b3:60:15:6b:06:f6:37:71:23:cb: 27:b4:6d:39:80:c9:48:f6:b7:81:a0:3b:fd:71:22:0f:19:9e: a5:c7:73:3f:ca:bd:95:f0:3d:c1:05:18:5a:49:bb:38:c0:9d: 3a:26:2d:95:17:ad:e5:b0:cd:7f:12:e6:05:5f:e1:3a:f2:a5: 72:a2:41:0b:b8:a2:21:ac:21:9e:94:e0:88:3e:1a:f4:ef:fc: e5:34:52:d0:84:8d:80:b2:e9:45:49:ef:3d:5e:db:31:b9:d9: f2:f3:c1:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUxMjIyMTgwNjU5WhcNMjUxMjI5MTgwNjU5WjAYMRYwFAYD VQQDDA02OTQ5ODhjNC0wOTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqEcAw7a3Bnn6FOoZubTMCcnMiGR1O3sOKa5PEMUpS2ZInxWXaxGh6ooDp1ro lH9OxMDd6Ruq45AifgG2mAjOAlb15SjOCdAluScBRRze5tHtGck/YrT+Xc7q5LRF SjR713/yx6xh81+TfBsVn2WzOu5EFXBxK1UYzNTWqmgSo8762VBcMyueYXiO3rWG y6zjH5e228FD47lAS6omP0mf1SiMKUbNZPUEXW6nuUsOgitaBwWoYZZFTYaW4MtZ gBTh+xIkMyYFkcE2EfyBEUwr2lIS/tYG1c8Lof9+iQ5bzdAgr+408G8F3Bqa9Bba BgI6p0x6XFyqDbvL3VsKBHxkNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB8F1MMX wYIumgCZOvhCcADJBtudMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCeKXnjO7i5ouoo8LNH4qDpNfuSFGhMFA4iSufQH3fTDrcXWkHiXZ3y Jj0ifcCLrqrz2QLCGLREnKkOyyxmmW8i7NHP33CPXYOMce1wpUDZCmwyHk3HuJrH +/qkZPdbwG8Ri7qpTADhCClf/jIpk/QaRnM2AxHlGIXgCT74ax9dNr7G8Yq0S0AD zf6YC5qwpf5UOVHSAre14rNgFWsG9jdxI8sntG05gMlI9reBoDv9cSIPGZ6lx3M/ yr2V8D3BBRhaSbs4wJ06Ji2VF63lsM1/EuYFX+E68qVyokELuKIhrCGelOCIPhr0 7/zlNFLQhI2AsulFSe89Xtsxudny88Ep -----END CERTIFICATE-----Generated at Wed Dec 24 15:46:28 2025 by rpki-client