This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft File: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft (raw, json) Hash identifier: 0r5cJF3zBj6sNi/m3Z+czwY9TyW1US+0OEdOSCCoXYY= Subject key identifier: 47:86:DA:DE:30:58:AF:C8:EC:B4:28:75:C6:1A:08:AF:25:DD:36:7F Authority key identifier: DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 Certificate issuer: /CN=A918F1C9/serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Certificate serial: A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft Manifest number: 0AFB Signing time: Mon 22 Dec 2025 19:08:55 +0000 Manifest this update: Mon 22 Dec 2025 19:08:54 +0000 Manifest next update: Mon 29 Dec 2025 19:08:54 +0000 Files and hashes: 1: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl (hash: hjmj4esMzRUUgzjsyEjCC9DQZ5mVjLehq9O/EpN1m6s=) 2: 93E4B52CE43E11EF91571D16C4F9AE02.roa (hash: bxEMXPw0Uf6AR6ksTo+EYnAV7IQpuoAnSjrI4XOmEWM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 19:08:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 168 (0xa8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F1C9, serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Validity Not Before: Dec 22 19:08:54 2025 GMT Not After : Dec 29 19:08:54 2025 GMT Subject: CN=69499746-fc5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:0e:09:e4:c4:ee:08:4c:1f:d1:1c:ed:ac:e2: 4e:6a:a3:41:62:06:ea:5b:ce:b3:00:54:54:09:87: f4:c2:07:84:ed:4c:4e:ca:56:a3:7a:6c:d3:8e:d5: 30:96:29:6e:b1:3b:40:70:53:96:93:4f:2b:bc:e4: 2b:67:b3:ea:85:ad:25:e0:49:d4:00:68:33:ca:56: a2:52:27:af:a6:25:e8:70:09:45:f5:7c:5f:59:b8: be:5b:96:bf:f1:6d:a6:5d:5d:e4:92:a6:0f:8c:ec: 5c:f0:3d:43:ec:b1:35:4e:b4:e2:07:0f:5e:a1:b9: 47:70:27:57:5e:0b:1d:b4:e0:d3:1b:4b:40:5a:a7: be:2b:ad:fe:e2:88:10:3c:4d:f3:e1:8e:e9:0f:59: fd:76:9b:36:64:2a:6f:d2:72:7f:f4:58:f3:86:9d: e0:af:bc:92:af:a5:41:43:ae:87:0e:0f:6e:10:74: ca:9f:3b:6a:03:b7:74:8f:d3:7e:be:4a:d3:5b:5c: 7b:2e:10:59:30:21:02:19:05:1b:c7:8e:4c:89:8b: 44:26:27:c5:fa:69:df:64:44:22:8c:a5:fe:a5:c4: 1f:fa:d6:27:17:fe:81:3d:10:a0:83:2b:d6:0f:da: d5:c0:5f:73:41:90:39:c0:9a:ef:6b:8b:cc:84:c2: 6f:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:86:DA:DE:30:58:AF:C8:EC:B4:28:75:C6:1A:08:AF:25:DD:36:7F X509v3 Authority Key Identifier: keyid:DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:3d:10:7c:e9:eb:2e:73:dd:43:05:17:c2:c7:92:0a:da:27: 39:85:76:72:ad:77:cb:d3:7f:08:df:ff:db:3d:f1:9d:fa:3f: 1a:86:61:51:d9:7b:f6:5a:98:00:1c:57:ea:ac:7b:b4:f3:1c: da:c4:98:83:b5:8d:98:27:3d:fa:7e:96:9a:f2:90:ed:e8:91: 50:3b:2f:04:17:48:cb:5a:dc:e3:2d:83:f0:23:01:d2:e5:8c: 3e:79:80:83:19:6c:1d:07:66:c0:e2:95:05:16:9c:0d:c7:c9: c9:97:aa:0c:d3:83:8c:1e:f3:d8:fc:f4:19:e4:8d:4c:d1:21: 57:4d:7f:c5:15:1e:81:6e:48:46:96:1f:5e:49:5a:ff:f1:5e: 73:28:ad:d7:01:e8:b2:99:ee:fa:ea:3f:c9:16:8d:4b:ec:e4: 2c:39:db:87:df:e9:a0:89:ef:8f:50:5d:e7:9a:6f:83:a9:c7: 6a:30:d9:23:a4:8d:61:fa:f9:79:cf:c4:e1:2f:3f:f0:9e:44: 81:8e:50:66:8c:2b:77:33:01:f7:2d:cf:b3:ca:75:98:6c:6a: f4:ad:84:1d:52:eb:3b:ea:63:1e:07:6d:e0:06:6f:86:b3:4a: 27:85:5e:0b:de:6a:cb:30:c3:b0:e0:ae:d4:56:77:8e:29:a0: ff:78:4e:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEYxQzkxMTAvBgNVBAUTKERFNENFOTYwQTM5MzBBQjRDMjI3RkNFOEY4NTdDMDg0 MTk3RjA4RDAwHhcNMjUxMjIyMTkwODU0WhcNMjUxMjI5MTkwODU0WjAYMRYwFAYD VQQDDA02OTQ5OTc0Ni1mYzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4w4J5MTuCEwf0RztrOJOaqNBYgbqW86zAFRUCYf0wgeE7UxOylajemzTjtUw lilusTtAcFOWk08rvOQrZ7Pqha0l4EnUAGgzylaiUievpiXocAlF9XxfWbi+W5a/ 8W2mXV3kkqYPjOxc8D1D7LE1TrTiBw9eoblHcCdXXgsdtODTG0tAWqe+K63+4ogQ PE3z4Y7pD1n9dps2ZCpv0nJ/9Fjzhp3gr7ySr6VBQ66HDg9uEHTKnztqA7d0j9N+ vkrTW1x7LhBZMCECGQUbx45MiYtEJifF+mnfZEQijKX+pcQf+tYnF/6BPRCggyvW D9rVwF9zQZA5wJrva4vMhMJvbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEeG2t4w WK/I7LQodcYaCK8l3TZ/MB8GA1UdIwQYMBaAFN5M6WCjkwq0wif86PhXwIQZfwjQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjFDOS82QTU3QUI4QzdG OTUxMUVBQjBFRDg1MzdDNEY5QUUwMi8za3pwWUtPVENyVENKX3pvLUZmQWhCbF9D TkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNrenBZS09UQ3JUQ0pfem8tRmZBaEJsX0NOQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjFDOS82QTU3QUI4QzdGOTUxMUVBQjBFRDg1MzdDNEY5QUUwMi8za3pwWUtPVENy VENKX3pvLUZmQWhCbF9DTkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4PRB86esuc91DBRfCx5IK2ic5hXZyrXfL038I3//bPfGd+j8ahmFR 2Xv2WpgAHFfqrHu08xzaxJiDtY2YJz36fpaa8pDt6JFQOy8EF0jLWtzjLYPwIwHS 5Yw+eYCDGWwdB2bA4pUFFpwNx8nJl6oM04OMHvPY/PQZ5I1M0SFXTX/FFR6BbkhG lh9eSVr/8V5zKK3XAeiyme766j/JFo1L7OQsOduH3+mgie+PUF3nmm+DqcdqMNkj pI1h+vl5z8ThLz/wnkSBjlBmjCt3MwH3Lc+zynWYbGr0rYQdUus76mMeB23gBm+G s0onhV4L3mrLMMOw4K7UVneOKaD/eE4H -----END CERTIFICATE-----Generated at Wed Dec 24 15:45:11 2025 by rpki-client