This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.mft File: xCIPUDVWR7fICyzovHEmqsLiLTc.mft (raw, json) Hash identifier: csyDUiVncxaTTbLkDsKJvsjStuCIOyaQWlyQ1Q1zKuA= Subject key identifier: EC:87:44:28:D4:D4:D6:70:DD:59:30:97:B8:2F:C6:C1:41:03:52:07 Authority key identifier: C4:22:0F:50:35:56:47:B7:C8:0B:2C:E8:BC:71:26:AA:C2:E2:2D:37 Certificate issuer: /CN=A919D64D/serialNumber=C4220F50355647B7C80B2CE8BC7126AAC2E22D37 Certificate serial: 351B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xCIPUDVWR7fICyzovHEmqsLiLTc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.mft Manifest number: 3500 Signing time: Sat 06 Dec 2025 14:17:49 +0000 Manifest this update: Sat 06 Dec 2025 14:17:48 +0000 Manifest next update: Sat 13 Dec 2025 14:17:48 +0000 Files and hashes: 1: xCIPUDVWR7fICyzovHEmqsLiLTc.crl (hash: 5Q7LdCs3+eebXjuOpJw12OwRDMOWirBXyK9ozCBw1PU=) 2: 2C5F8752A10D11EFB9BE8476C4F9AE02.roa (hash: jPj9bTXq8/V0TwHLgDmyYaPhRw7As2Sxl+kCUunMcow=) 3: 8C2774CA0F3511EF93020023C4F9AE02.roa (hash: ks6ZHeQSlWbDyKZP3PDWWDRvxvqWjlQTJpFGHN+LCL4=) 4: D7ABA864DFE611ED8872DE0EC4F9AE02.roa (hash: dgki84RnKxfDFSXW7buISP/w97pblO+d10cyHqDLr80=) 5: 24C4305A7CD911EEB0B4C962C4F9AE02.roa (hash: e5E6IXPuP1rU/JKfEU2JqffZsvpnjnyYycraO2Bit8Q=) 6: F8E58782A10C11EFA3C0F375C4F9AE02.roa (hash: YmetKHnU5ANrgA6cs+nuZb/Ddq+jw2xRjEtksMKjh6c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.crl rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xCIPUDVWR7fICyzovHEmqsLiLTc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 14:17:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13595 (0x351b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919D64D, serialNumber=C4220F50355647B7C80B2CE8BC7126AAC2E22D37 Validity Not Before: Dec 6 14:17:48 2025 GMT Not After : Dec 13 14:17:48 2025 GMT Subject: CN=69343b0d-30a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:de:64:d6:7e:ff:1b:ef:f3:b1:b4:d5:9d:6c: fc:65:64:44:57:9e:26:11:74:77:1a:01:a6:64:7d: 93:92:e6:fe:5b:a4:9f:9a:b5:95:a7:bd:24:0a:f9: bf:94:b9:80:5b:a3:df:6e:ff:f2:0c:d2:93:71:64: 5d:8a:10:3d:63:87:6e:87:66:8f:0b:c3:4f:34:bf: 2d:35:07:11:c4:37:36:71:64:f8:34:37:b3:51:07: 4a:a6:0d:79:24:9c:ce:86:15:5b:08:97:57:2d:04: 87:24:e2:cc:93:02:c9:94:62:dc:21:1a:18:c2:ac: 3d:8f:9b:76:bc:36:86:a2:80:19:4a:ec:a2:31:5b: b6:49:1a:0b:d8:59:0e:5a:7f:b3:3e:32:e8:b3:4a: 01:fa:7d:89:bf:47:72:bf:6b:d2:cc:0b:c3:66:46: 1b:dc:32:e1:c9:a7:3e:1b:d2:97:90:9a:cd:bb:47: 4d:d9:3d:e3:d3:8b:07:7d:94:00:0c:04:c3:19:cb: 69:2f:37:3c:c3:d7:13:a9:6a:9e:56:81:3b:4e:35: 84:e7:22:8b:a4:c3:a3:2b:d2:94:64:48:96:92:51: 75:43:10:e8:ea:72:85:e0:32:5b:a9:a4:12:f5:91: b3:df:ce:d9:9b:35:fb:63:1e:6f:2f:73:85:0e:69: 72:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:87:44:28:D4:D4:D6:70:DD:59:30:97:B8:2F:C6:C1:41:03:52:07 X509v3 Authority Key Identifier: keyid:C4:22:0F:50:35:56:47:B7:C8:0B:2C:E8:BC:71:26:AA:C2:E2:2D:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xCIPUDVWR7fICyzovHEmqsLiLTc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:42:1f:91:1c:5d:1c:92:a4:b9:ba:65:fc:84:8e:e7:ac:d7: ba:52:0e:0f:b1:bb:52:30:1c:a8:e7:c8:db:55:f2:93:a5:b0: 29:f7:9e:7a:0f:50:44:87:50:5a:5f:9c:8d:b9:aa:2c:cb:77: 8a:4e:2f:a3:0b:d6:ad:b6:85:86:03:d2:1e:aa:3f:ca:32:2c: a1:07:60:6e:43:2f:af:86:73:d3:f5:f3:37:24:bc:87:f7:e4: 76:7c:af:fd:bc:f6:d9:6a:ae:d0:1b:c8:2d:87:10:f4:e4:ab: 08:c0:09:88:52:08:5b:07:1c:c1:04:15:5a:f0:30:bf:06:dc: 93:c3:32:86:38:14:8f:22:82:1d:ad:ce:6e:2e:75:54:70:e5: 82:02:c3:80:13:fc:6e:57:5e:8d:93:08:c6:cb:64:87:d2:21: 6e:83:2d:b9:60:47:c4:87:77:f4:c9:0f:61:33:53:27:78:94: 9c:ca:9e:47:2c:32:ab:a4:dc:ae:13:a6:21:77:42:54:6d:be: e7:01:5d:b1:a3:78:51:08:9b:f0:71:56:e0:bd:62:46:69:65: 16:08:b3:71:fd:f2:f1:18:e0:b9:61:fa:a7:96:70:e9:95:d3: 21:0b:54:08:74:fb:ab:13:71:b3:7c:a4:ad:ed:08:07:bb:f4: 24:0f:53:6f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNRswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUQ2NEQxMTAvBgNVBAUTKEM0MjIwRjUwMzU1NjQ3QjdDODBCMkNFOEJDNzEyNkFB QzJFMjJEMzcwHhcNMjUxMjA2MTQxNzQ4WhcNMjUxMjEzMTQxNzQ4WjAYMRYwFAYD VQQDEw02OTM0M2IwZC0zMGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7d5k1n7/G+/zsbTVnWz8ZWREV54mEXR3GgGmZH2Tkub+W6SfmrWVp70kCvm/ lLmAW6Pfbv/yDNKTcWRdihA9Y4duh2aPC8NPNL8tNQcRxDc2cWT4NDezUQdKpg15 JJzOhhVbCJdXLQSHJOLMkwLJlGLcIRoYwqw9j5t2vDaGooAZSuyiMVu2SRoL2FkO Wn+zPjLos0oB+n2Jv0dyv2vSzAvDZkYb3DLhyac+G9KXkJrNu0dN2T3j04sHfZQA DATDGctpLzc8w9cTqWqeVoE7TjWE5yKLpMOjK9KUZEiWklF1QxDo6nKF4DJbqaQS 9ZGz387ZmzX7Yx5vL3OFDmlydQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOyHRCjU 1NZw3Vkwl7gvxsFBA1IHMB8GA1UdIwQYMBaAFMQiD1A1Vke3yAss6LxxJqrC4i03 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDY0RC9EOTMzM0ZFNDFE NkUxMUUyQTg1MDgwQjAwOEIwMkNEMi94Q0lQVURWV1I3ZklDeXpvdkhFbXFzTGlM VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hDSVBVRFZXUjdmSUN5em92SEVtcXNMaUxUYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RDY0RC9EOTMzM0ZFNDFENkUxMUUyQTg1MDgwQjAwOEIwMkNEMi94Q0lQVURWV1I3 ZklDeXpvdkhFbXFzTGlMVGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3Qh+RHF0ckqS5umX8hI7nrNe6Ug4PsbtSMByo58jbVfKTpbAp9556 D1BEh1BaX5yNuaosy3eKTi+jC9attoWGA9Ieqj/KMiyhB2BuQy+vhnPT9fM3JLyH 9+R2fK/9vPbZaq7QG8gthxD05KsIwAmIUghbBxzBBBVa8DC/BtyTwzKGOBSPIoId rc5uLnVUcOWCAsOAE/xuV16NkwjGy2SH0iFugy25YEfEh3f0yQ9hM1MneJScyp5H LDKrpNyuE6Yhd0JUbb7nAV2xo3hRCJvwcVbgvWJGaWUWCLNx/fLxGOC5YfqnlnDp ldMhC1QIdPurE3GzfKSt7QgHu/QkD1Nv -----END CERTIFICATE-----Generated at Mon Dec 8 06:56:58 2025 by rpki-client