This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft File: 2H4ClpVGrcVaesygjK2yh5vGmck.mft (raw, json) Hash identifier: 1O4T6Wc807IAzxFZHsGkq7bSyehR/3642tdLfHyNuRc= Subject key identifier: 8B:B2:4A:E0:D7:0B:D4:28:DE:66:C6:00:47:0F:3F:42:D0:F5:B2:B7 Authority key identifier: D8:7E:02:96:95:46:AD:C5:5A:7A:CC:A0:8C:AD:B2:87:9B:C6:99:C9 Certificate issuer: /CN=A9185B5F/serialNumber=D87E02969546ADC55A7ACCA08CADB2879BC699C9 Certificate serial: 01EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2H4ClpVGrcVaesygjK2yh5vGmck.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft Manifest number: 01EB Signing time: Tue 23 Dec 2025 01:38:03 +0000 Manifest this update: Tue 23 Dec 2025 01:38:02 +0000 Manifest next update: Tue 30 Dec 2025 01:38:02 +0000 Files and hashes: 1: 2H4ClpVGrcVaesygjK2yh5vGmck.crl (hash: YsD5YPBUXAYQTLy3iBdITPYBlnMf67HrT73VTjbBzPI=) 2: A4B0D326F0A311ED99A1471CC4F9AE02.roa (hash: 0/Ic5iho+pqF4si9nqRdEW+r600hwTvuyP9trzSoxtE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.crl rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2H4ClpVGrcVaesygjK2yh5vGmck.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 01:38:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 495 (0x1ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185B5F, serialNumber=D87E02969546ADC55A7ACCA08CADB2879BC699C9 Validity Not Before: Dec 23 01:38:02 2025 GMT Not After : Dec 30 01:38:02 2025 GMT Subject: CN=6949f27b-c0bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:4c:86:91:5a:f7:2d:14:ef:b3:91:a5:74:81: ba:ca:14:e9:58:6a:8e:40:35:94:cc:c1:52:0e:f4: 4a:54:6c:b0:88:50:42:3c:a4:39:4e:72:32:68:26: e7:c0:de:48:a0:41:f3:b5:20:e5:8a:ec:91:04:8c: 29:98:57:bc:fa:ab:3b:7a:c1:f7:69:c1:e3:63:fe: 10:13:ee:2c:4d:14:e8:8b:c8:e7:57:f2:97:73:8b: 3c:f9:09:06:16:ce:88:a2:97:97:6b:dc:10:6e:5b: 2b:ec:7a:30:59:20:84:43:a1:e8:76:92:19:b9:6f: 3b:22:ca:a0:d9:f4:6f:67:97:60:fd:61:d7:09:2d: c7:7a:74:93:3d:9b:31:4d:99:16:ab:1d:6e:86:ec: 22:14:e1:b0:25:e8:29:08:34:16:33:66:b3:c8:e4: c6:6f:73:26:60:2a:55:11:d7:15:b1:4e:2f:37:7d: 4a:25:9d:98:35:99:45:37:00:22:73:e4:b4:83:25: 4f:4b:43:25:bd:c4:53:b2:4c:d1:f9:41:b2:10:9f: f8:dc:b6:20:54:ec:5e:da:7d:b7:b2:57:e2:79:21: 09:ce:21:cd:d6:2f:04:a5:36:2e:8c:29:ae:14:3c: 94:ea:20:4d:89:7d:0e:d7:2e:02:ea:0b:bd:48:a6: 36:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:B2:4A:E0:D7:0B:D4:28:DE:66:C6:00:47:0F:3F:42:D0:F5:B2:B7 X509v3 Authority Key Identifier: keyid:D8:7E:02:96:95:46:AD:C5:5A:7A:CC:A0:8C:AD:B2:87:9B:C6:99:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2H4ClpVGrcVaesygjK2yh5vGmck.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:c5:4a:c5:ed:6d:2f:9c:41:d3:2b:dc:76:62:9e:bf:da:4c: d3:84:56:82:1c:85:a4:c8:b7:26:9e:4a:59:51:ab:4c:52:46: f6:ee:b8:03:85:f5:67:e1:89:f8:5e:f2:e7:0f:cb:f4:f2:53: d9:86:49:1c:28:b6:a9:b2:9f:ce:a9:b1:b3:62:86:fe:68:d3: 08:d7:de:7c:62:68:0f:71:a5:31:2a:05:0b:0d:5a:40:95:d7: ce:56:3d:40:a6:dd:5f:10:f1:23:67:0c:b3:2c:9e:cc:be:91: 0f:81:4b:05:44:dc:40:c7:bb:68:0d:94:27:8a:48:ee:4b:9e: 53:8a:e7:ae:c3:19:0e:33:a7:d5:d5:6a:0b:85:fc:5f:25:6a: a8:3f:e1:a5:bc:8f:5a:92:9f:40:3f:58:13:74:3f:25:04:05: 0f:b6:a6:ce:89:b2:80:36:7d:79:15:b7:5b:f4:0c:a5:56:93: 27:00:73:32:02:f8:28:85:b7:9d:5d:98:a1:41:03:f7:09:40: 32:90:07:37:9e:c1:e8:60:77:d4:7a:f0:b6:8b:6d:a9:0e:c7: aa:ad:55:30:a4:6a:47:46:a8:41:55:71:94:8a:97:8a:85:e6: ad:2a:fd:64:3f:f7:a2:d3:da:db:8d:ea:c6:b0:86:d1:30:77: 3b:1d:dd:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVCNUYxMTAvBgNVBAUTKEQ4N0UwMjk2OTU0NkFEQzU1QTdBQ0NBMDhDQURCMjg3 OUJDNjk5QzkwHhcNMjUxMjIzMDEzODAyWhcNMjUxMjMwMDEzODAyWjAYMRYwFAYD VQQDDA02OTQ5ZjI3Yi1jMGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA20yGkVr3LRTvs5GldIG6yhTpWGqOQDWUzMFSDvRKVGywiFBCPKQ5TnIyaCbn wN5IoEHztSDliuyRBIwpmFe8+qs7esH3acHjY/4QE+4sTRToi8jnV/KXc4s8+QkG Fs6IopeXa9wQblsr7HowWSCEQ6HodpIZuW87Isqg2fRvZ5dg/WHXCS3HenSTPZsx TZkWqx1uhuwiFOGwJegpCDQWM2azyOTGb3MmYCpVEdcVsU4vN31KJZ2YNZlFNwAi c+S0gyVPS0MlvcRTskzR+UGyEJ/43LYgVOxe2n23slfieSEJziHN1i8EpTYujCmu FDyU6iBNiX0O1y4C6gu9SKY2ZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIuySuDX C9Qo3mbGAEcPP0LQ9bK3MB8GA1UdIwQYMBaAFNh+ApaVRq3FWnrMoIytsoebxpnJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI1Ri84RTQxODAyMEYw OUIxMUVEQTYwNkJENjJDNEY5QUUwMi8ySDRDbHBWR3JjVmFlc3lnaksyeWg1dkdt Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJINENscFZHcmNWYWVzeWdqSzJ5aDV2R21jay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUI1Ri84RTQxODAyMEYwOUIxMUVEQTYwNkJENjJDNEY5QUUwMi8ySDRDbHBWR3Jj VmFlc3lnaksyeWg1dkdtY2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGxUrF7W0vnEHTK9x2Yp6/2kzThFaCHIWkyLcmnkpZUatMUkb27rgD hfVn4Yn4XvLnD8v08lPZhkkcKLapsp/OqbGzYob+aNMI1958YmgPcaUxKgULDVpA ldfOVj1Apt1fEPEjZwyzLJ7MvpEPgUsFRNxAx7toDZQnikjuS55TiueuwxkOM6fV 1WoLhfxfJWqoP+GlvI9akp9AP1gTdD8lBAUPtqbOibKANn15Fbdb9AylVpMnAHMy AvgohbedXZihQQP3CUAykAc3nsHoYHfUevC2i22pDseqrVUwpGpHRqhBVXGUipeK heatKv1kP/ei09rbjerGsIbRMHc7Hd0y -----END CERTIFICATE-----Generated at Wed Dec 24 15:46:47 2025 by rpki-client