This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft File: htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft (raw, json) Hash identifier: KmBGCNHmpgV68P7AvgQ1wQDDY3vnWpHtFjeVu2XWkaI= Subject key identifier: D2:04:B5:21:21:B4:A2:93:A5:99:3B:7B:30:75:88:2D:69:94:B1:70 Authority key identifier: 86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D Certificate issuer: /CN=A91A99C5/serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Certificate serial: 55 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft Manifest number: 55 Signing time: Tue 23 Dec 2025 06:03:52 +0000 Manifest this update: Tue 23 Dec 2025 06:03:51 +0000 Manifest next update: Tue 30 Dec 2025 06:03:51 +0000 Files and hashes: 1: htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl (hash: 2Wc+OrJXwb8WgxRzgD1bDfla8jertO9p8BLd9z1tqZA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 06:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 85 (0x55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A99C5, serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Validity Not Before: Dec 23 06:03:51 2025 GMT Not After : Dec 30 06:03:51 2025 GMT Subject: CN=694a30c7-daca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:3d:1d:b8:48:a9:94:63:dc:0f:34:79:68:93: d7:79:05:3d:c6:68:62:02:a5:49:8b:fb:d1:d5:9f: 14:fc:e4:2d:d7:a5:ad:5e:d8:41:53:80:39:8c:13: 91:dc:62:fd:99:25:80:be:0d:13:74:48:cc:bf:2a: 9a:2b:2f:35:38:9e:42:88:a1:5c:96:63:9b:bf:d2: 07:33:f8:fa:38:8f:68:78:93:c5:6b:29:9b:83:ee: f2:af:aa:0b:be:1b:98:80:74:7d:43:45:82:4b:e0: 69:a9:59:f4:0f:5f:a9:63:45:bc:9a:ed:d1:27:c7: 27:dc:1c:e1:96:26:4c:e2:27:ba:d2:f2:ef:dc:5f: 65:20:e6:92:e3:fd:da:45:4f:42:e4:4d:54:99:c7: 5b:38:4e:c3:06:16:90:cf:79:bb:65:9f:9b:34:9a: c0:8c:77:61:f0:47:6c:c8:20:97:78:b4:ee:61:63: 1b:8b:db:e0:24:55:7c:93:f6:54:36:7a:26:5c:9c: 2e:c4:25:b9:25:c5:ee:52:d6:3a:64:cf:3f:0f:9c: 55:c0:23:98:c5:66:c5:4d:5b:ad:76:1a:33:39:03: af:0f:e7:a1:da:d4:9d:fd:68:80:db:9c:a2:df:95: 16:2b:ed:a0:e4:69:29:e4:e7:e1:cf:74:20:70:54: 05:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:04:B5:21:21:B4:A2:93:A5:99:3B:7B:30:75:88:2D:69:94:B1:70 X509v3 Authority Key Identifier: keyid:86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:ba:a5:ca:da:f4:73:3e:d3:e6:01:80:15:3f:0e:fb:27:f5: e9:d5:98:5d:41:d9:48:65:ea:f3:ac:b5:2c:e2:fd:0a:f9:89: e6:71:3e:c9:43:e4:44:30:a3:36:2c:2d:0c:18:89:ed:a4:77: b0:d8:6e:44:18:6d:37:2e:0c:69:d6:4d:5c:0c:8a:6e:b7:0c: c2:42:eb:e7:72:0a:2e:3c:11:1a:37:ec:65:a4:0a:16:b1:87: 62:23:8a:85:d6:75:60:a9:6f:ff:f1:30:01:51:3b:fe:09:2a: d5:5b:46:91:48:fb:6c:32:92:d7:24:6d:cb:51:82:3a:33:b9: 10:cc:38:fc:4a:b8:17:95:bb:52:98:2a:95:4e:c2:21:2f:0a: 71:b7:02:56:fe:a2:ef:0c:04:a4:ac:ff:6d:af:e2:e9:fd:a9: 8d:06:02:0b:e2:3a:16:3f:0d:52:17:f0:a6:2f:75:08:4c:f9: 93:ad:b6:c6:e5:9e:9e:83:fd:fa:81:34:8e:8e:28:84:39:2e: 93:96:76:63:a8:ed:b7:d2:68:ba:f1:f0:74:9a:28:2e:d7:6a: 2a:cd:d7:0b:05:ba:dc:df:5b:66:2c:c9:09:b8:b5:bd:8c:93: 93:de:28:c3:50:e7:67:71:08:55:39:fc:5c:ba:05:b9:f6:60: 9d:45:0b:1e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB OTlDNTExMC8GA1UEBRMoODZEOTVGNDFFRDE5ODFGQThEMEI1OTA4RDY0NDQ2NTEw RTZFQUM3RDAeFw0yNTEyMjMwNjAzNTFaFw0yNTEyMzAwNjAzNTFaMBgxFjAUBgNV BAMMDTY5NGEzMGM3LWRhY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDhPR24SKmUY9wPNHlok9d5BT3GaGICpUmL+9HVnxT85C3Xpa1e2EFTgDmME5Hc Yv2ZJYC+DRN0SMy/KporLzU4nkKIoVyWY5u/0gcz+Po4j2h4k8VrKZuD7vKvqgu+ G5iAdH1DRYJL4GmpWfQPX6ljRbya7dEnxyfcHOGWJkziJ7rS8u/cX2Ug5pLj/dpF T0LkTVSZx1s4TsMGFpDPebtln5s0msCMd2HwR2zIIJd4tO5hYxuL2+AkVXyT9lQ2 eiZcnC7EJbklxe5S1jpkzz8PnFXAI5jFZsVNW612GjM5A68P56Ha1J39aIDbnKLf lRYr7aDkaSnk5+HPdCBwVAXLAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0gS1ISG0 opOlmTt7MHWILWmUsXAwHwYDVR0jBBgwFoAUhtlfQe0ZgfqNC1kI1kRGUQ5urH0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OUM1LzA2MDNFNUJFNURC QzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2ZxTkMxa0kxa1JHVVE1dXJI MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaHRsZlFlMFpnZnFOQzFrSTFrUkdVUTV1ckgwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5 OUM1LzA2MDNFNUJFNURCQzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2Zx TkMxa0kxa1JHVVE1dXJIMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAu6pcra9HM+0+YBgBU/Dvsn9enVmF1B2Uhl6vOstSzi/Qr5ieZxPslD 5EQwozYsLQwYie2kd7DYbkQYbTcuDGnWTVwMim63DMJC6+dyCi48ERo37GWkChax h2IjioXWdWCpb//xMAFRO/4JKtVbRpFI+2wyktckbctRgjozuRDMOPxKuBeVu1KY KpVOwiEvCnG3Alb+ou8MBKSs/22v4un9qY0GAgviOhY/DVIX8KYvdQhM+ZOttsbl np6D/fqBNI6OKIQ5LpOWdmOo7bfSaLrx8HSaKC7XairN1wsFutzfW2YsyQm4tb2M k5PeKMNQ52dxCFU5/Fy6Bbn2YJ1FCx4= -----END CERTIFICATE-----Generated at Wed Dec 24 14:12:28 2025 by rpki-client