This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: sqQ22mpm/e92l1d5sBhn6+oWpu6spKkFOUwiyuqtEQQ= Subject key identifier: CC:68:04:96:95:C9:36:89:C8:2A:8C:28:8B:9C:49:B3:1D:D7:12:52 Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0C73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0C64 Signing time: Mon 22 Dec 2025 18:11:18 +0000 Manifest this update: Mon 22 Dec 2025 18:11:18 +0000 Manifest next update: Mon 29 Dec 2025 18:11:18 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: DGkVpiHsS+Pv10eIFeqaRjLyXod8wMTL6fvdu2+gPRg=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: ckq5cjCEQ/2WL7JkGpSyoM0Cdw/OAtqMQAwrig1lc1c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 18:11:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3187 (0xc73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE, serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Dec 22 18:11:18 2025 GMT Not After : Dec 29 18:11:18 2025 GMT Subject: CN=694989c6-45b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:98:43:b9:24:d6:0f:d4:37:3d:be:c8:f7:c5: 38:f4:db:98:2a:26:92:71:98:d0:92:83:66:7e:2f: b6:77:e9:5e:ee:40:26:62:47:16:00:da:1a:70:64: 9d:a5:a7:88:34:06:06:56:46:e3:bb:00:a5:47:1a: 19:2d:f4:b6:6e:3e:a8:03:b1:b7:9e:bf:f8:5a:6e: bf:c6:2a:a0:eb:af:73:62:c0:ed:63:cd:40:a2:d9: 01:90:69:40:95:e6:bb:9d:4c:06:55:21:5e:b2:9b: c5:57:af:25:7d:87:a5:fd:06:c7:23:ca:a3:8c:5a: 73:31:93:7f:84:d5:ff:94:75:1e:73:fa:45:be:06: 6e:65:37:0a:4e:be:91:63:1e:2b:4e:20:09:51:18: 7a:70:f8:88:26:e4:c2:cc:2b:e2:f0:c1:db:73:ac: d9:bc:d2:bb:fe:da:83:45:f4:37:61:77:40:1e:87: 04:7c:59:fd:22:0c:5e:bc:c4:24:37:f7:75:a9:e1: 2b:99:5d:5f:83:d4:c7:97:65:9d:00:dc:c3:01:c7: 96:0b:ae:1f:b2:c6:0c:ab:33:28:99:eb:61:20:a0: da:5b:51:4b:97:30:81:f8:9a:a4:04:90:a8:a0:d0: a0:b5:84:9c:58:02:04:28:cb:d8:1c:bc:f7:7f:79: cf:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:68:04:96:95:C9:36:89:C8:2A:8C:28:8B:9C:49:B3:1D:D7:12:52 X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:ad:28:75:d0:08:5a:27:fa:5a:5c:fd:b6:16:b9:63:f8:0e: 46:f0:2f:ee:d9:a9:a2:35:81:cf:06:71:b5:18:02:4b:37:9e: b1:1e:53:b7:76:d9:0a:84:93:1e:8a:57:1f:74:42:eb:1c:11: d6:51:ab:cd:3c:ff:06:20:7e:73:23:60:dc:01:12:8a:d8:18: a8:b1:4e:55:61:7f:82:cd:5b:14:18:cf:b3:c6:65:06:42:81: 12:75:5d:6b:f4:4b:34:4f:61:c7:ef:6f:cd:eb:ed:dc:24:e6: 9a:59:4d:df:21:1c:dc:b8:ec:45:e8:ca:ef:fd:e6:32:d6:ee: f3:1e:74:f2:f4:15:0b:3d:68:0d:81:5e:7e:71:47:f8:46:d8: f0:68:d1:5d:d9:46:69:59:d0:0b:e4:02:0b:38:71:19:7b:18: cd:2c:4a:66:ae:0d:24:c5:66:82:c8:2f:73:79:1c:ef:55:ec: e7:00:3d:62:81:9e:32:e2:16:86:1c:77:0e:a6:39:33:7b:9e: e7:49:13:0f:f9:89:00:90:1a:37:ac:19:80:75:63:3f:a2:bb: ff:cf:fd:e7:f1:08:56:fc:a2:83:b3:7a:bb:9f:08:f5:9f:2e: b7:75:f4:3d:62:b1:3a:dd:7c:72:29:81:b5:c2:6f:cc:9f:ec: bd:f2:12:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjUxMjIyMTgxMTE4WhcNMjUxMjI5MTgxMTE4WjAYMRYwFAYD VQQDDA02OTQ5ODljNi00NWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoJhDuSTWD9Q3Pb7I98U49NuYKiaScZjQkoNmfi+2d+le7kAmYkcWANoacGSd paeINAYGVkbjuwClRxoZLfS2bj6oA7G3nr/4Wm6/xiqg669zYsDtY81AotkBkGlA lea7nUwGVSFespvFV68lfYel/QbHI8qjjFpzMZN/hNX/lHUec/pFvgZuZTcKTr6R Yx4rTiAJURh6cPiIJuTCzCvi8MHbc6zZvNK7/tqDRfQ3YXdAHocEfFn9IgxevMQk N/d1qeErmV1fg9THl2WdANzDAceWC64fssYMqzMomethIKDaW1FLlzCB+JqkBJCo oNCgtYScWAIEKMvYHLz3f3nPdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMxoBJaV yTaJyCqMKIucSbMd1xJSMB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzrSh10AhaJ/paXP22Frlj+A5G8C/u2amiNYHPBnG1GAJLN56xHlO3 dtkKhJMeilcfdELrHBHWUavNPP8GIH5zI2DcARKK2BiosU5VYX+CzVsUGM+zxmUG QoESdV1r9Es0T2HH72/N6+3cJOaaWU3fIRzcuOxF6Mrv/eYy1u7zHnTy9BULPWgN gV5+cUf4RtjwaNFd2UZpWdAL5AILOHEZexjNLEpmrg0kxWaCyC9zeRzvVeznAD1i gZ4y4haGHHcOpjkze57nSRMP+YkAkBo3rBmAdWM/orv/z/3n8QhW/KKDs3q7nwj1 ny63dfQ9YrE63XxyKYG1wm/Mn+y98hKa -----END CERTIFICATE-----Generated at Tue Dec 23 11:21:08 2025 by rpki-client