This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft File: dd3NDNRiWKwZGsOQoskl2MA1qFc.mft (raw, json) Hash identifier: +1mOzjMkNLjpbirdDQH4BdBuY1b0T53kultohs/zSLs= Subject key identifier: 24:C8:EF:3B:BF:3D:4A:8F:87:E1:E1:87:9B:06:4C:63:C4:E7:F4:C2 Authority key identifier: 75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 Certificate issuer: /CN=A917E04F/serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Certificate serial: 0EE6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft Manifest number: 0EDE Signing time: Mon 22 Dec 2025 17:17:25 +0000 Manifest this update: Mon 22 Dec 2025 17:17:25 +0000 Manifest next update: Mon 29 Dec 2025 17:17:25 +0000 Files and hashes: 1: dd3NDNRiWKwZGsOQoskl2MA1qFc.crl (hash: AiKWtOMTjwj+PurjEZULiEcWPbMG98E+x28Vt6tUo5w=) 2: 9C9389D4970311E9B7D3DE5AC4F9AE02.roa (hash: 0msFIFHq8Bi6Dy0orrBJDRYbRJioucs5FAZf2jEryJs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 17:17:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3814 (0xee6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E04F, serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Validity Not Before: Dec 22 17:17:25 2025 GMT Not After : Dec 29 17:17:25 2025 GMT Subject: CN=69497d25-af47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e6:1d:2c:bf:01:f9:86:ef:7e:a8:68:51:27: 32:f6:7f:d5:97:38:c6:5a:8a:22:d7:4b:58:12:67: 63:a0:11:a4:ed:fa:67:f9:09:3a:9c:96:1f:90:d4: 6e:7b:4d:60:2d:a2:f7:17:fe:e9:40:03:e2:ea:d2: 6e:3e:59:89:a9:f1:86:fb:ff:f6:36:54:1c:df:e5: 83:4f:6c:f7:1a:60:18:0a:5f:db:a5:7a:e0:32:75: 14:12:6c:52:2a:f4:f1:1a:47:2b:b3:66:41:9c:a3: 81:7f:83:4c:1f:47:f1:0c:ac:d6:e8:59:15:30:72: da:17:93:53:f5:90:3a:25:38:15:15:f4:32:b0:c6: 7c:d2:14:63:4f:20:68:e2:84:a1:91:2b:09:6c:1f: 44:ec:1e:34:0d:3f:07:9d:98:4c:54:c1:20:d7:9b: 04:e4:32:39:2c:a2:e2:37:cc:40:85:48:fb:93:e0: 07:60:9e:87:7f:1e:bd:82:63:59:7b:fc:b9:2e:da: 12:21:19:7c:f7:56:cb:02:b1:0f:dc:b5:f3:9a:5d: 1b:dc:32:ad:ba:29:91:23:8a:89:aa:c4:c2:1b:c5: 22:db:a6:42:43:67:2f:91:15:60:8b:f2:83:49:49: b2:57:5e:97:b3:3b:ee:07:fb:d7:4c:75:81:f9:53: a3:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:C8:EF:3B:BF:3D:4A:8F:87:E1:E1:87:9B:06:4C:63:C4:E7:F4:C2 X509v3 Authority Key Identifier: keyid:75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:ce:db:7e:d7:9d:f6:d5:bf:52:d7:17:8d:d4:80:71:66:54: 45:25:0a:3c:57:aa:b1:52:c0:05:4d:83:87:b6:e8:12:87:12: a0:ca:4f:8c:fa:8d:a3:37:66:ad:2b:35:0e:2b:81:50:80:a0: 8e:95:c0:03:0b:28:75:6f:29:a2:c2:13:cf:9f:cc:c4:52:4e: ea:81:77:ac:47:78:16:9f:45:b4:04:fa:e1:0b:43:a7:8e:9f: 6d:52:8d:07:f8:93:68:cc:79:f2:fe:51:c7:e0:85:a1:f1:c9: d1:e3:39:e9:de:d7:eb:9d:5b:e2:4f:b6:ec:ac:d2:b8:a7:fe: 56:4e:77:8b:2f:51:c6:f0:92:fe:6d:23:a5:40:84:19:33:3f: f1:e6:37:4a:43:03:72:1b:36:0e:1b:43:3c:f9:14:2a:b8:5b: 42:76:2a:5e:9a:7e:6f:43:f3:a2:80:50:fa:9c:3f:d3:f1:04: f2:54:66:33:15:6f:2a:1d:af:8e:e8:c3:bd:40:4c:95:4a:71: 3b:41:32:6d:7d:b0:34:91:c8:5f:40:61:48:4a:81:0f:bb:62: 9b:ca:9d:7e:01:e0:51:cd:7f:b0:7b:33:d2:2d:c7:3e:1b:a9: 75:84:c9:3d:72:68:7c:c9:96:78:a0:99:92:22:49:e2:7b:39: 97:45:5f:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDuYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwNEYxMTAvBgNVBAUTKDc1RERDRDBDRDQ2MjU4QUMxOTFBQzM5MEEyQzkyNUQ4 QzAzNUE4NTcwHhcNMjUxMjIyMTcxNzI1WhcNMjUxMjI5MTcxNzI1WjAYMRYwFAYD VQQDDA02OTQ5N2QyNS1hZjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAteYdLL8B+YbvfqhoUScy9n/VlzjGWooi10tYEmdjoBGk7fpn+Qk6nJYfkNRu e01gLaL3F/7pQAPi6tJuPlmJqfGG+//2NlQc3+WDT2z3GmAYCl/bpXrgMnUUEmxS KvTxGkcrs2ZBnKOBf4NMH0fxDKzW6FkVMHLaF5NT9ZA6JTgVFfQysMZ80hRjTyBo 4oShkSsJbB9E7B40DT8HnZhMVMEg15sE5DI5LKLiN8xAhUj7k+AHYJ6Hfx69gmNZ e/y5LtoSIRl891bLArEP3LXzml0b3DKtuimRI4qJqsTCG8Ui26ZCQ2cvkRVgi/KD SUmyV16XszvuB/vXTHWB+VOj9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCTI7zu/ PUqPh+Hhh5sGTGPE5/TCMB8GA1UdIwQYMBaAFHXdzQzUYlisGRrDkKLJJdjANahX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTA0Ri80MTg1MzdGNDk3 MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdLd1pHc09Rb3NrbDJNQTFx RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RkM05ETlJpV0t3WkdzT1Fvc2tsMk1BMXFGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTA0Ri80MTg1MzdGNDk3MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdL d1pHc09Rb3NrbDJNQTFxRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALztt+15321b9S1xeN1IBxZlRFJQo8V6qxUsAFTYOHtugShxKgyk+M +o2jN2atKzUOK4FQgKCOlcADCyh1bymiwhPPn8zEUk7qgXesR3gWn0W0BPrhC0On jp9tUo0H+JNozHny/lHH4IWh8cnR4znp3tfrnVviT7bsrNK4p/5WTneLL1HG8JL+ bSOlQIQZMz/x5jdKQwNyGzYOG0M8+RQquFtCdipemn5vQ/OigFD6nD/T8QTyVGYz FW8qHa+O6MO9QEyVSnE7QTJtfbA0kchfQGFISoEPu2Kbyp1+AeBRzX+wezPSLcc+ G6l1hMk9cmh8yZZ4oJmSIkniezmXRV8r -----END CERTIFICATE-----Generated at Wed Dec 24 15:46:46 2025 by rpki-client