This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: VK4NUasOX0wjmOWanQFYRy5XLynXGVACF9KNSwD8AHs= Subject key identifier: D5:7B:F1:A1:77:A7:19:DF:53:22:C3:6D:6C:99:34:BD:E5:66:FC:2F Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 0863 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 0826 Signing time: Tue 20 Jan 2026 20:30:21 +0000 Manifest this update: Tue 20 Jan 2026 20:30:21 +0000 Manifest next update: Tue 27 Jan 2026 20:30:21 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: OR/k6L7efhldbjXknHjoav66Jj6Qtv1KL74pRSr3r9U=) 2: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: 4+YaEU8/WKlhoShMZ2jQANGth6P34fJaow29AZ/vK1g=) 3: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: xo4YbqiE7X/F67UsXOYb5uFnpLPpFvm6ZJLr7VXM8NU=) 4: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HBup3egCFQ+j4w8tn/YgKXDolvmk1GZOCKm/FjBELHI=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: TVq9O75Mk8dBtHdZIdf95FNbNlO+Xgr7jZqSFhUdSlc=) 6: B512A570109211ECA693D74EC4F9AE02.roa (hash: x6M8DR+ao43yWMJcYfflaCD3HANg4LUaSOgGurV26Rc=) 7: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: WVXeC6AWS7dfqRcacJcoXn1KRTzKsuhGFEjOvtdw4gQ=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: KydrQv3Yet/a3HLO3h2lsIOeUoieRU/2J4jW34hxmG0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 20:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2147 (0x863) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Jan 20 20:30:21 2026 GMT Not After : Jan 27 20:30:21 2026 GMT Subject: CN=696fe5dd-8b5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:54:05:60:56:f3:4f:2c:45:b4:d0:48:06:c8: 68:c9:6d:cd:12:86:87:3e:7c:43:f7:e5:a4:e2:81: b1:c4:3c:a2:45:09:25:07:c0:f9:a8:22:80:e3:e4: c4:f4:43:15:29:67:a9:20:7b:10:1b:8d:9d:e6:87: 2a:33:b6:6f:a6:02:24:db:5d:ef:44:8f:b0:de:b6: f6:a0:0f:ac:8c:40:bf:46:cd:e8:d3:af:eb:0b:7b: d8:0c:c3:a0:4c:50:7b:7c:b4:d8:5e:57:50:2e:58: 60:86:0b:ca:41:32:e9:4b:1e:43:ca:07:c2:ab:a6: 04:61:c4:b4:11:43:7f:2f:06:23:7e:46:a9:25:4d: fb:31:7c:9f:3a:fb:00:cc:08:9b:49:1b:ff:18:21: d5:76:c3:d1:69:76:d7:33:73:79:29:64:e0:b6:4e: fa:42:e7:94:de:56:56:b3:39:b4:85:47:88:5f:26: c9:ef:b2:bf:10:4a:5d:81:ed:13:67:f6:27:07:45: 0d:d7:17:f3:c3:4e:b6:7f:97:2b:6a:a4:f5:89:62: cd:34:90:13:e0:f3:a9:14:bc:44:69:ce:78:34:dd: 89:0c:23:98:6e:b1:eb:ff:3d:79:ff:d9:b3:0d:5f: 0a:2c:dc:0a:ba:bf:b2:5b:5a:de:bd:51:2d:1e:f7: 81:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:7B:F1:A1:77:A7:19:DF:53:22:C3:6D:6C:99:34:BD:E5:66:FC:2F X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:11:19:d5:eb:f6:11:3c:50:07:1f:a5:a0:d6:5f:49:69:b5: 89:f5:dd:71:aa:0c:11:8b:b5:50:a6:78:02:0a:7f:dc:39:c7: 74:98:68:1c:b2:56:ee:93:d6:d2:da:f2:78:8c:16:66:b4:f6: f1:4e:f8:4f:ec:08:e6:bb:e3:81:ce:3b:8f:4f:9d:88:52:41: 5a:20:cd:6a:0f:f0:d4:14:fa:7e:21:78:70:b1:71:51:3f:fc: c8:36:62:99:32:d2:8b:fa:de:ae:c4:46:71:ac:d2:5e:fd:18: 9e:d4:e2:d7:52:1d:70:8a:3d:91:b5:17:83:39:d8:fd:29:8e: 38:3d:27:6c:4b:63:fd:e1:18:f5:ec:f3:45:1d:9e:b2:a9:02: a1:1b:5a:f7:0b:c8:34:72:da:e7:3a:55:e6:29:01:66:1c:a9: 2b:6a:ca:fd:9f:0c:28:19:bc:8b:d9:99:26:57:7c:d9:f1:61: 10:38:c3:ed:60:dd:7a:7e:ce:d2:6a:4f:2d:80:ad:1c:05:5a: 1f:ed:73:75:35:24:c6:f2:23:41:24:e6:02:be:b7:6b:f2:de: 84:65:3c:cc:66:7a:53:c1:c2:b1:22:80:1d:a5:4a:df:fd:93: e4:eb:da:f1:98:d9:f1:9a:83:9f:c3:0c:6a:8e:4a:58:45:38: bb:ae:83:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjYwMTIwMjAzMDIxWhcNMjYwMTI3MjAzMDIxWjAYMRYwFAYD VQQDDA02OTZmZTVkZC04YjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzVQFYFbzTyxFtNBIBshoyW3NEoaHPnxD9+Wk4oGxxDyiRQklB8D5qCKA4+TE 9EMVKWepIHsQG42d5ocqM7ZvpgIk213vRI+w3rb2oA+sjEC/Rs3o06/rC3vYDMOg TFB7fLTYXldQLlhghgvKQTLpSx5DygfCq6YEYcS0EUN/LwYjfkapJU37MXyfOvsA zAibSRv/GCHVdsPRaXbXM3N5KWTgtk76QueU3lZWszm0hUeIXybJ77K/EEpdge0T Z/YnB0UN1xfzw062f5craqT1iWLNNJAT4POpFLxEac54NN2JDCOYbrHr/z15/9mz DV8KLNwKur+yW1revVEtHveBNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNV78aF3 pxnfUyLDbWyZNL3lZvwvMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATERnV6/YRPFAHH6Wg1l9JabWJ9d1xqgwRi7VQpngCCn/cOcd0mGgc slbuk9bS2vJ4jBZmtPbxTvhP7Ajmu+OBzjuPT52IUkFaIM1qD/DUFPp+IXhwsXFR P/zINmKZMtKL+t6uxEZxrNJe/Rie1OLXUh1wij2RtReDOdj9KY44PSdsS2P94Rj1 7PNFHZ6yqQKhG1r3C8g0ctrnOlXmKQFmHKkrasr9nwwoGbyL2ZkmV3zZ8WEQOMPt YN16fs7Sak8tgK0cBVof7XN1NSTG8iNBJOYCvrdr8t6EZTzMZnpTwcKxIoAdpUrf /ZPk69rxmNnxmoOfwwxqjkpYRTi7roO1 -----END CERTIFICATE-----Generated at Thu Jan 22 02:20:12 2026 by rpki-client