This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft File: KbaocCpK1kSocQZLZAet5JPmOo0.mft (raw, json) Hash identifier: 13qVU5jJc1xp2lGlIwR1M3d595kOnyqK5inoZSe939A= Subject key identifier: 21:70:FB:27:2B:24:43:ED:3F:5D:90:DE:04:E8:BA:46:43:6B:4D:06 Authority key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D Certificate issuer: /CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D Certificate serial: 19F8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft Manifest number: 19E9 Signing time: Mon 22 Dec 2025 16:08:18 +0000 Manifest this update: Mon 22 Dec 2025 16:08:17 +0000 Manifest next update: Mon 29 Dec 2025 16:08:17 +0000 Files and hashes: 1: KbaocCpK1kSocQZLZAet5JPmOo0.crl (hash: fAtCqIFvKn0Oh3Yr4x78QHA4NTvB6ihZk+DVW/nsOjI=) 2: E7729178378211EF822BAA6EC4F9AE02.roa (hash: 9LBAFHVyWvEKSALgxe/WVtOrUQqJ4PPcHQSe6I3XcVM=) 3: 92AEE092378211EFAEB6B36DC4F9AE02.roa (hash: vof6OG8sAX0uHAvhetFYEpdSjwUJhtpp1UkP8lk0Gm0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 16:08:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6648 (0x19f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919EAF3, serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D Validity Not Before: Dec 22 16:08:17 2025 GMT Not After : Dec 29 16:08:17 2025 GMT Subject: CN=69496cf1-a700 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:8b:0a:8e:f8:c6:3f:b9:53:8b:63:31:ce:be: 75:4b:b3:27:45:67:9e:0a:fc:28:0d:50:21:d6:79: ad:9a:c3:4f:9a:dd:d3:cf:39:29:fc:48:8c:b7:20: 8a:68:5c:35:de:cc:77:13:8d:04:c7:24:16:da:83: 13:ce:0d:84:20:76:69:94:2b:e6:53:e8:fd:55:10: 42:0d:32:c8:35:bd:45:a5:bd:34:1f:a0:2a:69:80: 69:74:2e:e8:99:e1:1d:4e:38:30:07:21:cf:4b:26: 52:a6:2f:92:cc:65:90:8f:d8:c3:91:0c:f2:6f:15: 77:39:12:59:21:61:2f:9d:61:63:f6:7a:f4:3d:f8: 47:14:7c:20:e0:8d:8e:7f:62:0b:25:cb:5f:c9:d5: cc:3a:03:37:9a:db:04:c0:db:af:25:9c:cf:87:fa: 79:79:0e:06:40:fa:0b:58:f2:43:18:0c:ff:12:d6: 9e:67:bd:2a:6e:7f:5d:01:84:9a:76:bc:ab:7a:02: a0:ce:14:0b:af:1c:d7:5b:e9:5d:23:e6:73:a9:83: fd:33:1d:8c:36:4c:b6:2e:e3:14:a6:05:e1:7d:d5: 1c:5a:c2:ae:74:01:89:00:a7:34:e9:4a:6e:53:9f: 7b:b7:ec:00:13:ac:6b:94:c4:26:1e:df:ef:75:ba: f3:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:70:FB:27:2B:24:43:ED:3F:5D:90:DE:04:E8:BA:46:43:6B:4D:06 X509v3 Authority Key Identifier: keyid:29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:76:e1:ed:e7:f8:36:d9:48:51:8e:16:d8:a3:8d:93:67:e9: d3:0d:33:06:30:8e:6b:a3:42:bd:b6:8d:a1:d6:84:58:70:a0: e4:e0:16:1b:cb:6b:02:36:dc:d8:b1:b5:65:66:34:e8:0d:4a: 22:14:38:22:06:94:1d:94:7e:f9:87:12:b0:d7:52:f0:6f:f7: 2f:e6:96:c4:55:c1:3c:9c:6c:3d:a0:e6:b9:70:c7:29:ee:e6: 67:29:f4:eb:64:31:34:43:6e:ce:2c:5a:fc:d5:54:3c:3f:bc: 19:89:05:6c:b3:20:ff:c4:2f:3c:94:da:d5:ef:ab:ca:5a:ca: 89:2f:a9:d7:cd:b2:b4:c3:49:a4:20:4d:0e:56:ca:94:17:4c: 36:91:a6:ec:63:1a:5b:80:3d:d9:c4:30:e3:11:e6:e6:f2:aa: 66:69:3b:a8:d8:53:09:92:2e:a2:d9:74:29:0b:56:91:dd:5c: cd:a3:35:d1:74:5f:7d:97:d2:2f:f2:dc:4d:13:26:8e:5a:34: 7d:2c:ae:57:cb:fd:58:7f:fc:d7:ad:3c:44:91:b0:bc:a6:04: 05:02:e1:e2:a6:2a:05:2a:7f:ef:3e:2e:e4:61:eb:50:27:70: 62:d0:ca:b7:06:c4:e1:9f:5c:b5:25:e4:ac:94:b7:17:49:9c: 52:9d:90:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUVBRjMxMTAvBgNVBAUTKDI5QjZBODcwMkE0QUQ2NDRBODcxMDY0QjY0MDdBREU0 OTNFNjNBOEQwHhcNMjUxMjIyMTYwODE3WhcNMjUxMjI5MTYwODE3WjAYMRYwFAYD VQQDDA02OTQ5NmNmMS1hNzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkYsKjvjGP7lTi2Mxzr51S7MnRWeeCvwoDVAh1nmtmsNPmt3Tzzkp/EiMtyCK aFw13sx3E40ExyQW2oMTzg2EIHZplCvmU+j9VRBCDTLINb1Fpb00H6AqaYBpdC7o meEdTjgwByHPSyZSpi+SzGWQj9jDkQzybxV3ORJZIWEvnWFj9nr0PfhHFHwg4I2O f2ILJctfydXMOgM3mtsEwNuvJZzPh/p5eQ4GQPoLWPJDGAz/EtaeZ70qbn9dAYSa dryregKgzhQLrxzXW+ldI+ZzqYP9Mx2MNky2LuMUpgXhfdUcWsKudAGJAKc06Upu U597t+wAE6xrlMQmHt/vdbrzZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFw+ycr JEPtP12Q3gToukZDa00GMB8GA1UdIwQYMBaAFCm2qHAqStZEqHEGS2QHreST5jqN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFGMy85M0JCNTAyRTZE MTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFrU29jUVpMWkFldDVKUG1P bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0tiYW9jQ3BLMWtTb2NRWkxaQWV0NUpQbU9vMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RUFGMy85M0JCNTAyRTZEMTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFr U29jUVpMWkFldDVKUG1PbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgduHt5/g22UhRjhbYo42TZ+nTDTMGMI5ro0K9to2h1oRYcKDk4BYb y2sCNtzYsbVlZjToDUoiFDgiBpQdlH75hxKw11Lwb/cv5pbEVcE8nGw9oOa5cMcp 7uZnKfTrZDE0Q27OLFr81VQ8P7wZiQVssyD/xC88lNrV76vKWsqJL6nXzbK0w0mk IE0OVsqUF0w2kabsYxpbgD3ZxDDjEebm8qpmaTuo2FMJki6i2XQpC1aR3VzNozXR dF99l9Iv8txNEyaOWjR9LK5Xy/1Yf/zXrTxEkbC8pgQFAuHipioFKn/vPi7kYetQ J3Bi0Mq3BsThn1y1JeSslLcXSZxSnZC5 -----END CERTIFICATE-----Generated at Tue Dec 23 11:04:05 2025 by rpki-client