This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft File: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft (raw, json) Hash identifier: Jqmn3C/w6MUll+WVunCF8No5zcU8B0OX6igHJebhLeY= Subject key identifier: 8B:C9:B2:71:BF:79:58:9D:E6:D2:C4:1F:EE:B7:6B:5A:E0:14:40:E8 Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4 Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4 Certificate serial: 1E7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft Manifest number: 1E69 Signing time: Mon 08 Dec 2025 15:53:33 +0000 Manifest this update: Mon 08 Dec 2025 15:53:33 +0000 Manifest next update: Mon 15 Dec 2025 15:53:33 +0000 Files and hashes: 1: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl (hash: MXtLnidMthW2uALCktHww6kaM5Ud717tng8omLp5vRc=) 2: 4A6679EC14DF11EEAB46A86DC4F9AE02.roa (hash: yY5rZMTsOpnGO6cAR5A6bi22J/lJ789z+ED1oN3orxw=) 3: 4B52A44814DF11EEAB46A86DC4F9AE02.roa (hash: 36rBW03tvoWvEp5FFhkEkP0PegguzR76VTv8hEMsFNk=) 4: 1DBC9D405DB411EEA017251AC4F9AE02.roa (hash: 2w+ZZZiHGzET+UAGMpulJr633xByME/2FAJYerduoZE=) 5: 4CE75372B9DE11EEBC5B0D21C4F9AE02.roa (hash: yps3mcP7HEC1/XDzl5d78p6GLXVPbcsPt7pEv3x1HZA=) 6: 4999305414DF11EEAB46A86DC4F9AE02.roa (hash: Bl17bhrifD1PMrI4c5ur7v5yVCt37LP+FsjpzcQgt1k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Dec 2025 15:53:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7802 (0x1e7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4B1A, serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4 Validity Not Before: Dec 8 15:53:33 2025 GMT Not After : Dec 15 15:53:33 2025 GMT Subject: CN=6936f47d-2884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7b:e0:53:53:23:bf:81:5c:4f:2c:d8:98:1d: 83:ff:4f:35:97:75:95:f5:ab:9d:78:7a:7e:3a:ec: d1:f9:57:e5:c5:ae:0b:dc:21:e0:34:f2:af:88:ca: ca:90:1d:0a:c3:cc:d0:25:7a:46:49:e9:bb:a0:c1: ca:7b:98:c0:ba:19:3c:2d:b2:f3:6c:70:e9:0a:ae: dc:5b:f5:5e:47:f1:12:7d:84:3e:af:2a:39:11:af: af:25:0d:2a:bf:18:4e:e2:74:4e:c2:7a:16:a9:a5: 89:94:22:8a:89:e3:2c:7f:ba:9a:fa:61:a9:00:28: c7:34:d7:c0:76:d0:a8:1d:f9:5f:b3:e0:90:36:a8: 17:7d:51:cf:44:47:be:5c:df:d8:f6:67:31:1e:e8: 8a:90:48:d0:fc:1e:6e:27:5a:ca:44:8a:7e:36:3e: 61:8f:ea:a0:38:2e:d5:ae:f2:11:d5:b3:d0:b7:2b: 72:fa:0d:d9:a8:31:48:2d:bf:89:2b:e4:ca:5b:39: 72:dc:9a:1c:d6:33:2e:65:f8:2c:31:ad:88:6a:d7: e5:e1:ef:15:72:f6:42:57:2b:f5:96:87:bd:04:75: e9:56:c8:09:7a:8c:a2:60:72:dc:f0:be:af:4a:e1: 7b:03:6a:69:10:49:ba:aa:2f:28:a5:32:06:9d:60: 38:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:C9:B2:71:BF:79:58:9D:E6:D2:C4:1F:EE:B7:6B:5A:E0:14:40:E8 X509v3 Authority Key Identifier: keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:70:15:cf:69:ab:11:e1:a1:fb:2e:31:79:03:26:4e:7b:20: 22:76:b1:43:de:6a:7a:43:05:7a:14:a2:a6:3d:5a:74:66:37: 9d:4b:65:5d:e3:5a:5f:2c:60:d5:0c:21:27:fe:a1:8b:37:c9: f6:b0:16:15:0b:b8:cb:56:00:35:ab:2c:ef:7c:8c:0b:16:d9: e6:e2:74:74:0b:c7:df:22:ae:47:b1:3e:0b:83:77:26:26:de: d8:6d:4f:15:a5:0b:17:c9:cf:59:93:c9:3b:f5:98:c4:19:1a: 62:c5:5b:84:dc:ab:f7:2c:2b:c5:be:b7:79:ae:fd:0d:d2:87: f5:d9:18:c4:d0:d8:58:f7:2d:2e:46:7c:25:6c:ba:8a:ac:a7: c5:ed:1f:2c:66:ff:df:27:e0:d0:ae:ce:89:5d:fe:6b:6e:00: 36:e4:82:be:6c:5d:43:4d:9a:52:8b:3d:8b:6e:2d:3c:03:94: 9a:c1:fd:8d:32:bc:fc:4a:ae:8d:d6:3d:37:46:bc:06:96:c4: 57:9d:67:bb:4d:51:17:c0:3d:d0:af:ac:7a:ff:f8:4d:7c:53: 6d:3a:ca:1f:b5:b4:b4:b3:41:54:c7:ef:a9:b7:c8:4b:28:93: c4:11:bf:9b:d0:88:33:b3:7c:46:4d:2f:84:f1:fc:70:b4:40: d3:e4:09:d8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHnowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF RUFFQkYwRDQwHhcNMjUxMjA4MTU1MzMzWhcNMjUxMjE1MTU1MzMzWjAYMRYwFAYD VQQDEw02OTM2ZjQ3ZC0yODg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvXvgU1Mjv4FcTyzYmB2D/081l3WV9audeHp+OuzR+Vflxa4L3CHgNPKviMrK kB0Kw8zQJXpGSem7oMHKe5jAuhk8LbLzbHDpCq7cW/VeR/ESfYQ+ryo5Ea+vJQ0q vxhO4nROwnoWqaWJlCKKieMsf7qa+mGpACjHNNfAdtCoHflfs+CQNqgXfVHPREe+ XN/Y9mcxHuiKkEjQ/B5uJ1rKRIp+Nj5hj+qgOC7VrvIR1bPQtyty+g3ZqDFILb+J K+TKWzly3Joc1jMuZfgsMa2Iatfl4e8VcvZCVyv1loe9BHXpVsgJeoyiYHLc8L6v SuF7A2ppEEm6qi8opTIGnWA4nQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIvJsnG/ eVid5tLEH+63a1rgFEDoMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5 RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4 TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NEIxQS81REQ0OEFCNjg5RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRa dkQ4WWdOWVExcTd1cnI4TlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAacBXPaasR4aH7LjF5AyZOeyAidrFD3mp6QwV6FKKmPVp0ZjedS2Vd 41pfLGDVDCEn/qGLN8n2sBYVC7jLVgA1qyzvfIwLFtnm4nR0C8ffIq5HsT4Lg3cm Jt7YbU8VpQsXyc9Zk8k79ZjEGRpixVuE3Kv3LCvFvrd5rv0N0of12RjE0NhY9y0u RnwlbLqKrKfF7R8sZv/fJ+DQrs6JXf5rbgA25IK+bF1DTZpSiz2Lbi08A5Sawf2N Mrz8Sq6N1j03RrwGlsRXnWe7TVEXwD3Qr6x6//hNfFNtOsoftbS0s0FUx++pt8hL KJPEEb+b0Igzs3xGTS+E8fxwtEDT5AnY -----END CERTIFICATE-----Generated at Wed Dec 10 05:19:06 2025 by rpki-client