This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft File: GxesPclsojRSUCPv02J-ks2IR0g.mft (raw, json) Hash identifier: QAmJNn55qRBQZ8IOsXet6Xv3ucv8/biCbyYvK7b7X2o= Subject key identifier: 3F:CF:0C:FE:18:AC:AF:94:C2:1A:AF:3C:FB:C1:3F:4C:F8:34:25:1A Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Certificate serial: 1DB2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft Manifest number: 1D73 Signing time: Mon 26 Jan 2026 15:55:58 +0000 Manifest this update: Mon 26 Jan 2026 15:55:57 +0000 Manifest next update: Mon 02 Feb 2026 15:55:57 +0000 Files and hashes: 1: GxesPclsojRSUCPv02J-ks2IR0g.crl (hash: sNtkelhnBg06wtrcCc7SltPG2zIajPrqKX5QOK+hCl4=) 2: 8A1AF86E94BC11EC9E49DB41C4F9AE02.roa (hash: n6ab3BTwAcpH4LegBC83qaXuTY61rSuzXQeixKGRCQ8=) 3: 4E2669F4FF3B11EB910E8847C4F9AE02.roa (hash: RxEjxFNvI0DOGeP3888S1tn030BuNHUdNfLt3di15l4=) 4: C2EECBA0E85C11EBA2171A25C4F9AE02.roa (hash: i8SkLvPy/XtXc4ZuxfbQ0jMccOT4jPJgyB/aqJ2e6A0=) 5: C154DA14E85C11EBA2171A25C4F9AE02.roa (hash: ZoYRtsKN6J+JTMHnmtPtNWovLxxrXzjOLNI6FTTDrJk=) 6: 4D609E86FF3B11EB910E8847C4F9AE02.roa (hash: IlNlaUUrIO5psWG9zVe/2cJLa9A72orRKr8ki0wRJ+c=) 7: 907B9B20E8AD11EBAA895D0AC4F9AE02.roa (hash: Yy12wxP/cM0LLNtHiB2aLkhSaVEMx94WCa7jMCYf9WM=) 8: 89654CDAB83B11EFAA80DD09C4F9AE02.roa (hash: wZqrfI6axJ6OhiwV+iuxvLbJgC05OEzm0nCXJ1L7s34=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Feb 2026 15:55:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7602 (0x1db2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DBF2, serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Validity Not Before: Jan 26 15:55:57 2026 GMT Not After : Feb 2 15:55:57 2026 GMT Subject: CN=69778e8d-76a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:0c:02:c0:6b:90:13:6f:73:54:eb:93:7d:34: f4:c0:23:fd:60:e9:f2:a2:d8:c7:1a:f2:d8:30:1e: 34:42:4c:7f:b1:cc:20:03:c2:83:0b:fd:a3:35:b0: c8:92:30:01:b1:6b:a7:28:dd:8e:9e:a8:f0:2e:13: bb:de:63:b7:cf:90:1a:c8:b9:4e:e5:43:1c:59:45: 11:fc:46:9e:ed:e2:f9:56:85:cd:d1:11:e2:5f:b7: b7:31:f4:c9:f8:37:c4:d3:4f:31:d5:32:f1:59:52: 19:f4:a1:75:58:a2:6b:c4:b9:a5:bf:80:a1:0c:97: f9:9d:62:39:21:8f:fb:1a:9b:f7:54:e6:dc:63:6c: f5:ae:b8:16:21:31:b2:69:e2:29:11:2c:3e:7b:2b: 43:b0:5f:df:a3:20:16:36:20:66:b7:08:b8:c4:6b: 40:49:3f:df:d5:41:6e:0a:9f:66:38:33:af:8b:32: a0:c4:ea:89:73:49:ce:ee:e7:f0:2b:6a:28:51:d7: 4c:3f:0a:01:91:e9:bc:b4:9e:41:ab:fa:be:6c:68: 37:36:b4:54:fa:cf:93:22:7a:b7:f2:37:5f:04:5d: 0d:8e:91:b4:0f:63:e8:bf:bf:70:49:b2:d0:e3:8d: ee:23:58:d4:3d:42:28:58:7a:0b:90:c7:05:45:ed: 20:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:CF:0C:FE:18:AC:AF:94:C2:1A:AF:3C:FB:C1:3F:4C:F8:34:25:1A X509v3 Authority Key Identifier: keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c8:70:fb:6a:3f:6d:8d:b8:34:44:0c:63:1b:98:d2:30:ac:b2: 3d:f5:cb:04:ab:b3:ad:13:8e:91:d0:d1:34:f1:d7:ca:0f:ee: b5:69:be:2e:28:60:1b:40:32:ee:e4:c5:c0:6f:30:16:5c:8b: d7:1d:18:a7:d0:6a:e8:90:f9:53:71:72:44:67:dc:0e:5f:b6: ca:2d:0d:77:96:43:80:15:9d:c6:59:af:7c:1f:9a:0e:4f:33: e0:3b:75:94:03:3d:92:1a:63:64:8e:94:20:62:86:61:cc:a7: 4a:8b:e3:f9:ec:2f:d2:4a:96:f3:b9:4a:7b:7a:c6:34:18:e0: 04:19:26:29:e3:98:78:ca:67:98:59:c7:04:de:54:21:17:c4: 61:2c:5e:d6:bc:60:5d:8a:96:3e:c6:e7:74:75:39:94:00:71: 48:c5:9d:36:ee:2a:56:0f:27:5f:c2:4e:c7:b3:2d:53:cc:a4: f6:38:c6:2a:1c:65:4e:fc:65:f4:ea:68:35:ed:a0:d6:44:66: d6:e4:c1:3d:fb:5a:90:42:f3:e2:0d:4d:f7:a0:04:e2:1a:d7: 90:7d:ed:f8:f3:d0:1f:1b:a4:28:64:97:a1:76:06:b1:6a:5c: b2:ed:93:dd:f5:e0:32:bf:55:4d:19:d0:e6:cc:27:d2:1c:84: 80:cc:ad:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHbIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky Q0Q4ODQ3NDgwHhcNMjYwMTI2MTU1NTU3WhcNMjYwMjAyMTU1NTU3WjAYMRYwFAYD VQQDDA02OTc3OGU4ZC03NmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6gwCwGuQE29zVOuTfTT0wCP9YOnyotjHGvLYMB40Qkx/scwgA8KDC/2jNbDI kjABsWunKN2OnqjwLhO73mO3z5AayLlO5UMcWUUR/Eae7eL5VoXN0RHiX7e3MfTJ +DfE008x1TLxWVIZ9KF1WKJrxLmlv4ChDJf5nWI5IY/7Gpv3VObcY2z1rrgWITGy aeIpESw+eytDsF/foyAWNiBmtwi4xGtAST/f1UFuCp9mODOvizKgxOqJc0nO7ufw K2ooUddMPwoBkem8tJ5Bq/q+bGg3NrRU+s+TInq38jdfBF0NjpG0D2Pov79wSbLQ 443uI1jUPUIoWHoLkMcFRe0ghwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD/PDP4Y rK+UwhqvPPvBP0z4NCUaMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REJGMi9FMzQ0NTAxNkMyRjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29q UlNVQ1B2MDJKLWtzMklSMGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDIcPtqP22NuDREDGMbmNIwrLI99csEq7OtE46R0NE08dfKD+61ab4u KGAbQDLu5MXAbzAWXIvXHRin0GrokPlTcXJEZ9wOX7bKLQ13lkOAFZ3GWa98H5oO TzPgO3WUAz2SGmNkjpQgYoZhzKdKi+P57C/SSpbzuUp7esY0GOAEGSYp45h4ymeY WccE3lQhF8RhLF7WvGBdipY+xud0dTmUAHFIxZ027ipWDydfwk7Hsy1TzKT2OMYq HGVO/GX06mg17aDWRGbW5ME9+1qQQvPiDU33oATiGteQfe3489AfG6QoZJehdgax alyy7ZPd9eAyv1VNGdDmzCfSHISAzK1j -----END CERTIFICATE-----Generated at Tue Jan 27 01:45:37 2026 by rpki-client