This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft File: OhbEBL_tNHJEowpa__ZuSZKqKCE.mft (raw, json) Hash identifier: U422dwWV8LS+zOsj74Tn9ZuNXblMqtTPeydgd0Z2F6A= Subject key identifier: 60:A9:8A:6C:E2:C9:E7:AE:BD:03:E5:7E:5F:A7:03:42:B1:E1:8C:1F Authority key identifier: 3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 Certificate issuer: /CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Certificate serial: 04B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft Manifest number: 04AD Signing time: Mon 22 Dec 2025 23:01:58 +0000 Manifest this update: Mon 22 Dec 2025 23:01:58 +0000 Manifest next update: Mon 29 Dec 2025 23:01:58 +0000 Files and hashes: 1: OhbEBL_tNHJEowpa__ZuSZKqKCE.crl (hash: j5OHYgCuAT5fvOal/NqjtPMwItev4p0BwjsaKBOFbjY=) 2: 9D77DCA4599A11ECA574BF52C4F9AE02.roa (hash: OULy8AteTWM2ruRqPX3BP5aZJPVwl5Zhsr9cGcGL5GI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 23:01:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1204 (0x4b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A65C4, serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Validity Not Before: Dec 22 23:01:58 2025 GMT Not After : Dec 29 23:01:58 2025 GMT Subject: CN=6949cde6-96ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:bb:fb:2c:69:22:bc:5e:3e:db:56:a5:09:62: 5e:38:15:34:d1:a5:cf:18:be:2f:ff:b6:f1:e8:d4: 7d:6a:7a:ab:9a:22:5c:95:5e:5a:db:1d:db:34:42: 67:1a:78:cb:0d:57:ab:30:4c:dd:33:11:70:83:5f: 67:53:e7:7e:5b:57:94:8d:be:73:64:b0:08:8f:f1: 8f:3a:94:a3:64:66:0d:2b:22:65:46:fd:9a:b3:7b: 4e:2a:6b:7e:64:06:00:30:08:55:26:a4:55:dc:2d: b1:53:e0:4a:7e:7e:5d:f0:d5:d8:16:2b:02:d4:03: 16:f4:b5:29:74:3d:e2:dc:db:f3:14:51:5a:fa:42: 8a:ed:c8:d1:41:49:6f:be:73:9a:70:16:f7:43:b4: 27:51:cb:8b:79:a8:39:3c:45:f9:91:a9:cf:68:ad: f3:47:b1:c4:2a:cc:b0:8e:0a:bf:27:5c:93:bb:c9: 89:75:a2:72:b1:8c:61:ce:e8:4a:6d:2e:0c:d0:f5: 12:07:09:44:43:bb:7e:67:d9:50:6b:ff:d5:f3:3b: 09:3c:ba:35:49:51:99:4c:8d:a7:8b:df:b9:35:b4: 55:87:67:ba:11:79:aa:b1:47:c4:38:4d:f5:d4:7c: ee:99:79:1a:6a:4c:14:2a:ac:91:98:07:e6:5a:c8: 38:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:A9:8A:6C:E2:C9:E7:AE:BD:03:E5:7E:5F:A7:03:42:B1:E1:8C:1F X509v3 Authority Key Identifier: keyid:3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:6e:c1:12:b1:d3:23:fa:04:2a:a4:ea:fc:57:d9:98:79:1b: b5:a2:01:7e:a9:08:52:36:5e:2d:14:6d:3d:6f:e9:27:f3:e6: 10:2b:58:71:a4:a7:ee:96:a6:6a:40:22:e7:b5:e0:a9:ff:ee: 91:69:51:5e:c1:7e:84:a1:7e:79:44:2d:85:87:8c:ae:f9:fd: 98:3a:3b:98:51:b3:58:d2:c1:ff:9b:d9:a5:17:95:1f:49:3b: 8b:b1:21:8e:8c:65:cf:41:50:26:0a:83:95:a1:94:b2:57:7d: 38:18:2e:93:3d:ee:b1:dc:55:07:2a:d0:da:92:1a:0e:59:38: 37:49:1b:c6:15:1a:eb:49:1b:9d:4e:a1:e9:33:37:63:b6:f8: 5e:8e:99:ed:f9:c3:f9:a0:51:fe:5c:98:2c:13:0c:d4:3d:20: ce:6f:15:b5:cc:3f:8e:36:86:a4:9a:32:ca:c8:cf:64:48:1d: 96:c4:a4:2c:2d:6a:87:39:06:07:e3:65:b3:a9:65:58:fb:a8: 89:66:18:f3:e7:41:60:34:a0:93:06:cd:dd:88:e5:0f:d9:17: 7f:2d:df:1b:ee:17:ed:22:32:f3:6b:19:5c:4a:79:ae:e2:77: c7:3b:91:48:fa:52:4b:13:e1:ed:e2:fd:16:3b:66:65:fe:79: d9:8f:0a:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx QTY1QzQxMTAvBgNVBAUTKDNBMTZDNDA0QkZFRDM0NzI0NEEzMEE1QUZGRjY2RTQ5 OTJBQTI4MjEwHhcNMjUxMjIyMjMwMTU4WhcNMjUxMjI5MjMwMTU4WjAYMRYwFAYD VQQDDA02OTQ5Y2RlNi05NmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv7v7LGkivF4+21alCWJeOBU00aXPGL4v/7bx6NR9anqrmiJclV5a2x3bNEJn GnjLDVerMEzdMxFwg19nU+d+W1eUjb5zZLAIj/GPOpSjZGYNKyJlRv2as3tOKmt+ ZAYAMAhVJqRV3C2xU+BKfn5d8NXYFisC1AMW9LUpdD3i3NvzFFFa+kKK7cjRQUlv vnOacBb3Q7QnUcuLeag5PEX5kanPaK3zR7HEKsywjgq/J1yTu8mJdaJysYxhzuhK bS4M0PUSBwlEQ7t+Z9lQa//V8zsJPLo1SVGZTI2ni9+5NbRVh2e6EXmqsUfEOE31 1HzumXkaakwUKqyRmAfmWsg4YwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGCpimzi yeeuvQPlfl+nA0Kx4YwfMB8GA1UdIwQYMBaAFDoWxAS/7TRyRKMKWv/2bkmSqigh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjVDNC8zRTNBNTUwMjU5 OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5ISkVvd3BhX19adVNaS3FL Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oYkVCTF90TkhKRW93cGFfX1p1U1pLcUtDRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NjVDNC8zRTNBNTUwMjU5OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5I SkVvd3BhX19adVNaS3FLQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA8bsESsdMj+gQqpOr8V9mYeRu1ogF+qQhSNl4tFG09b+kn8+YQK1hx pKfulqZqQCLnteCp/+6RaVFewX6EoX55RC2Fh4yu+f2YOjuYUbNY0sH/m9mlF5Uf STuLsSGOjGXPQVAmCoOVoZSyV304GC6TPe6x3FUHKtDakhoOWTg3SRvGFRrrSRud TqHpMzdjtvhejpnt+cP5oFH+XJgsEwzUPSDObxW1zD+ONoakmjLKyM9kSB2WxKQs LWqHOQYH42WzqWVY+6iJZhjz50FgNKCTBs3diOUP2Rd/Ld8b7hftIjLzaxlcSnmu 4nfHO5FI+lJLE+Ht4v0WO2Zl/nnZjwoL -----END CERTIFICATE-----Generated at Wed Dec 24 21:23:07 2025 by rpki-client