This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft File: TbA103TIQSzmgNnaCtvsBkKdiLg.mft (raw, json) Hash identifier: IqGpfkhRuPcpirFkwWKKB6Jcd/hJpx5eBErAt+PQemM= Subject key identifier: 44:31:A4:62:2A:AE:68:71:28:8C:34:0F:DD:C3:7C:CC:55:7F:BE:FC Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 Certificate issuer: /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Certificate serial: 1A0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft Manifest number: 17FB Signing time: Fri 28 Nov 2025 16:28:55 +0000 Manifest this update: Fri 28 Nov 2025 16:28:55 +0000 Manifest next update: Fri 05 Dec 2025 16:28:55 +0000 Files and hashes: 1: TbA103TIQSzmgNnaCtvsBkKdiLg.crl (hash: eA5i5Z3AImhmdRYP17VPRn5qsnrgiH+V0LZZ+Dbxxuc=) 2: 1F24033CDF7111EEB534147FC4F9AE02.roa (hash: 5uITBc+pZTop6KZh3NhbY8ifInIc97Y2n3CHN/qqt94=) 3: B62B9156280611ED8BEBC536C4F9AE02.roa (hash: H2LNVWI/4SBtnLIxC+HsKb0Sn6SPu235wjCIk/88N90=) 4: 70E478D0C06D11F0ABA91C6CC4F9AE02.roa (hash: Y+I6xs+Ghxp/nManyHpMLzBR6d+9ACgxr4bM9Tk/9sc=) 5: 0D08636C75D611EB920B5162C4F9AE02.roa (hash: lNqOJJYDQvLu7DRWfBEiDCTTNbz1juAgLIKu2ZnWJwo=) 6: 820BE5609CEE11EF9001717EC4F9AE02.roa (hash: dqGvsBo+O3A3ECQgQGmvroXEzldwim2Z97cn9HnwO7I=) 7: 47AAFC5A661311F09011712CC4F9AE02.roa (hash: a50VCxDM+rD8Ar8TkJi367BRkd8ietONIDl/hmG93rs=) 8: A865A1925B1611F083088661C4F9AE02.roa (hash: Rw9T99RuNwJAGQR3ACNuRpkBbGAU9I1LWh2/O8OeLqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 16:28:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6670 (0x1a0e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Validity Not Before: Nov 28 16:28:55 2025 GMT Not After : Dec 5 16:28:55 2025 GMT Subject: CN=6929cdc7-387b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:31:0f:05:14:98:ba:ab:20:ca:ac:59:bd:73: ba:e5:4f:35:4e:4e:c3:c7:0f:6c:29:f7:67:22:f6: 1d:3b:9e:67:90:57:cf:80:10:e0:b6:77:12:10:d2: 5b:23:50:93:23:b8:ed:23:b5:28:31:4e:45:0b:a3: cd:58:6b:f4:1d:2a:ac:ef:60:e5:48:2a:92:c8:2a: fb:f9:09:70:69:1f:c5:3d:5d:eb:97:43:09:d0:7d: 02:54:cd:5e:6b:6b:3b:8b:ba:bc:6a:a8:4b:97:a9: 23:5a:56:fd:cc:46:cd:8d:e0:d0:1f:22:0c:57:f9: 41:f2:02:90:01:d0:d1:12:39:c1:75:9e:2f:b3:16: de:d0:7a:ed:8e:da:08:b4:1d:70:35:db:25:9c:5b: e6:0f:58:3e:23:fb:78:8a:21:3d:ad:20:46:91:dd: 35:dc:67:b9:d6:d0:a4:f3:d5:0a:2b:4e:ec:54:61: 04:36:fa:ee:37:06:b4:1a:c3:50:02:97:ef:5e:8a: a5:9f:28:67:8a:14:98:c4:4b:6c:82:7e:99:b7:8f: 4b:92:7c:86:d2:93:7c:e7:7e:11:5b:a8:0a:52:c1: 3b:9d:32:cf:fc:93:2c:2f:ea:5a:81:7e:6a:15:37: 77:3a:ad:2a:a6:4a:b8:a5:49:23:8e:9a:13:ec:85: 8c:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:31:A4:62:2A:AE:68:71:28:8C:34:0F:DD:C3:7C:CC:55:7F:BE:FC X509v3 Authority Key Identifier: keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d4:64:36:e8:19:e2:57:52:72:10:c9:dc:0a:45:d3:2d:48:5b: 89:9e:9f:ee:7f:cd:8e:46:70:84:81:88:fd:dc:ec:4a:97:c2: af:dd:9a:bc:6d:c8:1b:aa:5a:db:95:a1:f1:37:3c:8b:7a:64: ac:53:77:e6:ff:24:5e:17:43:4b:b7:c7:a4:0b:34:c3:5f:8d: 67:de:00:b9:4b:dd:29:ad:f6:c2:9a:8c:bf:85:6e:04:51:48: 78:e0:55:f2:1b:19:fb:ec:86:f8:bf:a9:b1:15:63:8c:d5:a9: b9:12:52:45:45:3e:95:64:8d:34:27:ae:5c:45:2c:2a:82:0c: b9:e7:be:9a:06:e6:c2:f4:25:a0:ad:80:4d:55:b4:58:a8:bc: 3f:d6:c5:bd:6e:2e:eb:23:ab:db:2f:32:74:dc:6e:ac:29:66: f4:ed:a4:95:c6:48:24:86:6a:45:3b:f1:4a:38:32:eb:e8:37: 6e:f8:40:e6:d0:99:01:aa:f9:92:3e:51:f7:0f:ac:f4:fe:65: bf:fd:44:05:ae:d2:61:f9:26:27:2a:a4:06:77:ee:11:23:8b: 50:0c:06:ea:1d:8b:7b:17:b1:58:95:b0:47:56:99:2d:56:d1: 3b:48:3e:87:24:4d:0c:e2:2b:68:d5:9c:73:d1:96:3c:6b:fc: 29:61:f1:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGg4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2 NDI5RDg4QjgwHhcNMjUxMTI4MTYyODU1WhcNMjUxMjA1MTYyODU1WjAYMRYwFAYD VQQDEw02OTI5Y2RjNy0zODdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApDEPBRSYuqsgyqxZvXO65U81Tk7Dxw9sKfdnIvYdO55nkFfPgBDgtncSENJb I1CTI7jtI7UoMU5FC6PNWGv0HSqs72DlSCqSyCr7+QlwaR/FPV3rl0MJ0H0CVM1e a2s7i7q8aqhLl6kjWlb9zEbNjeDQHyIMV/lB8gKQAdDREjnBdZ4vsxbe0HrtjtoI tB1wNdslnFvmD1g+I/t4iiE9rSBGkd013Ge51tCk89UKK07sVGEENvruNwa0GsNQ ApfvXoqlnyhnihSYxEtsgn6Zt49LknyG0pN8534RW6gKUsE7nTLP/JMsL+pagX5q FTd3Oq0qpkq4pUkjjpoT7IWM9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEQxpGIq rmhxKIw0D93DfMxVf778MB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFT em1nTm5hQ3R2c0JrS2RpTGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDUZDboGeJXUnIQydwKRdMtSFuJnp/uf82ORnCEgYj93OxKl8Kv3Zq8 bcgbqlrblaHxNzyLemSsU3fm/yReF0NLt8ekCzTDX41n3gC5S90prfbCmoy/hW4E UUh44FXyGxn77Ib4v6mxFWOM1am5ElJFRT6VZI00J65cRSwqggy5576aBubC9CWg rYBNVbRYqLw/1sW9bi7rI6vbLzJ03G6sKWb07aSVxkgkhmpFO/FKODLr6Ddu+EDm 0JkBqvmSPlH3D6z0/mW//UQFrtJh+SYnKqQGd+4RI4tQDAbqHYt7F7FYlbBHVpkt VtE7SD6HJE0M4ito1Zxz0ZY8a/wpYfE5 -----END CERTIFICATE-----Generated at Sat Nov 29 13:01:41 2025 by rpki-client