This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAF73/D5FF1F405E7211EEBC2C4926C4F9AE02/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.mft File: xAXwYeM7BxfJBPwd8-ebzXlSD6Y.mft (raw, json) Hash identifier: EXLquvMUQyEkj6Qd4EXXWaAPi71YH8JZLKLEfv++oZs= Subject key identifier: C8:80:58:29:5C:75:6E:CF:8A:74:51:A2:9F:FF:58:AD:C1:80:4C:D6 Authority key identifier: C4:05:F0:61:E3:3B:07:17:C9:04:FC:1D:F3:E7:9B:CD:79:52:0F:A6 Certificate issuer: /CN=A91AAF73/serialNumber=C405F061E33B0717C904FC1DF3E79BCD79520FA6 Certificate serial: 01A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAF73/D5FF1F405E7211EEBC2C4926C4F9AE02/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.mft Manifest number: 01A1 Signing time: Tue 23 Dec 2025 02:19:35 +0000 Manifest this update: Tue 23 Dec 2025 02:19:35 +0000 Manifest next update: Tue 30 Dec 2025 02:19:35 +0000 Files and hashes: 1: xAXwYeM7BxfJBPwd8-ebzXlSD6Y.crl (hash: zyJbk3aOaj7qHObbOlIdNmL94BB8uKM6It3XDMe5wWw=) 2: 4B2F1F725E7811EE9307D234C4F9AE02.roa (hash: 3yvbzjuUuh9G6qcJ8V8xglcFed2rUg7lvlhKdI7EHEk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAF73/D5FF1F405E7211EEBC2C4926C4F9AE02/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.crl rsync://rpki.apnic.net/member_repository/A91AAF73/D5FF1F405E7211EEBC2C4926C4F9AE02/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 02:19:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 420 (0x1a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAF73, serialNumber=C405F061E33B0717C904FC1DF3E79BCD79520FA6 Validity Not Before: Dec 23 02:19:35 2025 GMT Not After : Dec 30 02:19:35 2025 GMT Subject: CN=6949fc37-b00c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2d:21:7c:3f:f6:7d:7c:69:c2:c7:a9:f6:88: 00:24:6a:8a:d8:8f:7b:39:c4:f9:bd:57:a9:f7:fd: 0f:d3:ef:ac:8e:64:0a:c6:ef:52:94:33:96:7e:36: ec:40:bc:06:fc:03:fa:ea:f5:42:44:54:48:b2:eb: 92:1a:b5:4d:0a:30:6d:db:0d:61:b9:19:aa:31:25: 17:ca:5a:0a:b3:42:ba:a4:e6:a0:b4:47:9f:6d:49: 2a:a6:46:56:a7:f8:80:16:4c:be:ca:02:b2:b0:9b: 41:93:df:41:26:5f:6a:42:36:6e:99:11:da:c1:a2: 1d:17:e9:f3:90:3f:23:0f:d1:96:53:55:14:56:5d: 2f:b6:c2:ed:83:73:bf:42:7a:4f:19:9a:7f:c7:0f: 98:4b:79:fc:ee:98:99:94:0e:f2:4e:61:62:2f:ec: 68:01:2d:27:9c:f8:4c:3e:6a:b8:6f:14:e8:0c:a3: 5b:3f:79:21:7c:d8:44:da:ba:9a:77:fc:7a:72:3b: 0a:dd:eb:58:3c:ce:7b:f5:66:ee:b9:56:15:74:ca: a4:cd:1d:b6:b7:56:37:e6:c7:a7:60:8d:ff:f4:41: 0e:9a:c3:d5:bd:30:cf:96:75:1f:c4:b1:c3:47:12: a3:6d:39:89:9f:23:e9:dc:47:75:24:6a:55:ad:48: 6a:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:80:58:29:5C:75:6E:CF:8A:74:51:A2:9F:FF:58:AD:C1:80:4C:D6 X509v3 Authority Key Identifier: keyid:C4:05:F0:61:E3:3B:07:17:C9:04:FC:1D:F3:E7:9B:CD:79:52:0F:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAF73/D5FF1F405E7211EEBC2C4926C4F9AE02/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAF73/D5FF1F405E7211EEBC2C4926C4F9AE02/xAXwYeM7BxfJBPwd8-ebzXlSD6Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:3a:bf:22:46:d7:83:36:65:96:03:73:3c:8f:27:63:eb:da: a6:cc:27:a1:49:3b:ee:2c:f2:f0:16:75:67:56:e7:7c:75:de: ef:89:0f:2f:66:3c:5c:dc:de:e6:c8:e4:ee:7e:81:56:28:08: 16:38:f2:e1:61:8c:58:ec:be:f8:51:ce:56:bd:1a:c9:54:59: a7:53:d1:f6:88:73:ac:c6:37:a8:b1:43:67:7d:fc:ba:6e:f4: 66:be:27:a8:94:32:3b:9e:10:e8:c8:99:59:93:c0:38:39:f4: ab:22:d5:2c:5a:61:92:62:86:4c:95:ef:d9:9a:80:e3:57:69: 17:cb:31:47:97:4b:71:50:ac:a7:06:ac:4d:17:f1:4b:1c:a1: d7:c9:03:fc:83:96:50:a3:2e:e2:f1:a9:a4:dc:41:76:0d:9e: 1c:dc:f2:e4:05:1d:c4:a1:70:6d:5c:62:64:c0:81:1e:2e:a9: 60:a1:0a:99:5b:d5:73:0e:ae:62:38:aa:4f:21:17:81:aa:19: d7:26:58:6a:3f:51:bc:4c:18:4b:cf:c9:c3:ea:67:5f:12:97: 49:90:b4:f0:f6:6a:3b:29:66:38:60:c8:93:9a:1a:f6:36:e1: b7:5a:1a:82:27:9b:6d:2c:90:79:15:9e:02:14:93:c2:3e:8d: 96:91:c3:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFGNzMxMTAvBgNVBAUTKEM0MDVGMDYxRTMzQjA3MTdDOTA0RkMxREYzRTc5QkNE Nzk1MjBGQTYwHhcNMjUxMjIzMDIxOTM1WhcNMjUxMjMwMDIxOTM1WjAYMRYwFAYD VQQDDA02OTQ5ZmMzNy1iMDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvy0hfD/2fXxpwsep9ogAJGqK2I97OcT5vVep9/0P0++sjmQKxu9SlDOWfjbs QLwG/AP66vVCRFRIsuuSGrVNCjBt2w1huRmqMSUXyloKs0K6pOagtEefbUkqpkZW p/iAFky+ygKysJtBk99BJl9qQjZumRHawaIdF+nzkD8jD9GWU1UUVl0vtsLtg3O/ QnpPGZp/xw+YS3n87piZlA7yTmFiL+xoAS0nnPhMPmq4bxToDKNbP3khfNhE2rqa d/x6cjsK3etYPM579WbuuVYVdMqkzR22t1Y35senYI3/9EEOmsPVvTDPlnUfxLHD RxKjbTmJnyPp3Ed1JGpVrUhqdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMiAWClc dW7PinRRop//WK3BgEzWMB8GA1UdIwQYMBaAFMQF8GHjOwcXyQT8HfPnm815Ug+m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUY3My9ENUZGMUY0MDVF NzIxMUVFQkMyQzQ5MjZDNEY5QUUwMi94QVh3WWVNN0J4ZkpCUHdkOC1lYnpYbFNE NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hBWHdZZU03QnhmSkJQd2Q4LWVielhsU0Q2WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUY3My9ENUZGMUY0MDVFNzIxMUVFQkMyQzQ5MjZDNEY5QUUwMi94QVh3WWVNN0J4 ZkpCUHdkOC1lYnpYbFNENlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmOr8iRteDNmWWA3M8jydj69qmzCehSTvuLPLwFnVnVud8dd7viQ8v Zjxc3N7myOTufoFWKAgWOPLhYYxY7L74Uc5WvRrJVFmnU9H2iHOsxjeosUNnffy6 bvRmvieolDI7nhDoyJlZk8A4OfSrItUsWmGSYoZMle/ZmoDjV2kXyzFHl0txUKyn BqxNF/FLHKHXyQP8g5ZQoy7i8amk3EF2DZ4c3PLkBR3EoXBtXGJkwIEeLqlgoQqZ W9VzDq5iOKpPIReBqhnXJlhqP1G8TBhLz8nD6mdfEpdJkLTw9mo7KWY4YMiTmhr2 NuG3WhqCJ5ttLJB5FZ4CFJPCPo2WkcMJ -----END CERTIFICATE-----Generated at Wed Dec 24 19:31:25 2025 by rpki-client