This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE85E/1A16EB86F3EA11EBB258BA7BC4F9AE02/kKozD4l2v2xASeZzwoIf0pHUO8E.mft File: kKozD4l2v2xASeZzwoIf0pHUO8E.mft (raw, json) Hash identifier: ybNeTOHU9qRdKMkMVTu2VOuHMQLEQ85Hp7PfxcBxO/w= Subject key identifier: 00:00:B0:69:BC:B2:96:A4:AD:08:02:C8:78:40:6C:AE:B9:39:D3:F7 Authority key identifier: 90:AA:33:0F:89:76:BF:6C:40:49:E6:73:C2:82:1F:D2:91:D4:3B:C1 Certificate issuer: /CN=A91AE85E/serialNumber=90AA330F8976BF6C4049E673C2821FD291D43BC1 Certificate serial: 05B5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kKozD4l2v2xASeZzwoIf0pHUO8E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE85E/1A16EB86F3EA11EBB258BA7BC4F9AE02/kKozD4l2v2xASeZzwoIf0pHUO8E.mft Manifest number: 05B5 Signing time: Tue 02 Dec 2025 14:17:45 +0000 Manifest this update: Tue 02 Dec 2025 14:17:44 +0000 Manifest next update: Tue 09 Dec 2025 14:17:44 +0000 Files and hashes: 1: kKozD4l2v2xASeZzwoIf0pHUO8E.crl (hash: p58Qt7ZdQnVGd0bVAdWc7DhV80LLaRA3t7VPlg7BsYA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE85E/1A16EB86F3EA11EBB258BA7BC4F9AE02/kKozD4l2v2xASeZzwoIf0pHUO8E.crl rsync://rpki.apnic.net/member_repository/A91AE85E/1A16EB86F3EA11EBB258BA7BC4F9AE02/kKozD4l2v2xASeZzwoIf0pHUO8E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kKozD4l2v2xASeZzwoIf0pHUO8E.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 14:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1461 (0x5b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE85E, serialNumber=90AA330F8976BF6C4049E673C2821FD291D43BC1 Validity Not Before: Dec 2 14:17:44 2025 GMT Not After : Dec 9 14:17:44 2025 GMT Subject: CN=692ef509-d5db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:69:9c:ca:7b:60:7c:f3:a1:28:02:46:7d:5b: ff:d1:69:39:9c:2d:62:13:c1:b9:8d:90:62:a1:94: fa:c3:c2:2d:8a:de:b0:49:3e:2c:fe:84:72:f5:30: eb:57:bd:5d:6f:93:77:03:06:8a:0a:0d:61:fa:50: d3:fb:90:40:77:dd:d6:5f:fd:e6:b3:96:d6:1e:0a: 43:2f:34:8c:9f:7c:4b:ad:ff:13:19:05:97:8b:24: b3:af:17:d5:53:5a:8e:e9:e2:1d:31:3b:3b:dd:82: 5d:f9:f0:70:36:dc:31:db:2b:05:88:10:d4:bf:5d: d9:78:4a:ce:32:65:bd:71:cd:7d:31:07:0b:41:c8: a2:91:96:53:90:94:14:dc:5d:9c:4b:52:86:75:7c: cc:cc:5e:0d:3c:07:4a:61:72:4e:2e:d9:5c:58:b3: ee:a6:f6:cf:2d:82:aa:3d:98:78:93:e0:3b:44:b6: 59:9f:a4:d2:4e:2b:c8:de:08:e0:01:21:c9:fe:9b: d3:c6:ab:8a:7a:8d:e7:d7:71:54:77:73:a9:ba:34: 3c:48:83:c5:14:1c:38:47:53:98:84:ba:a5:51:79: 90:50:8a:a2:22:f5:37:71:39:87:e2:61:37:53:31: 09:5c:60:8a:89:4a:2f:0f:9f:17:ad:a0:31:38:ac: 47:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:00:B0:69:BC:B2:96:A4:AD:08:02:C8:78:40:6C:AE:B9:39:D3:F7 X509v3 Authority Key Identifier: keyid:90:AA:33:0F:89:76:BF:6C:40:49:E6:73:C2:82:1F:D2:91:D4:3B:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE85E/1A16EB86F3EA11EBB258BA7BC4F9AE02/kKozD4l2v2xASeZzwoIf0pHUO8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kKozD4l2v2xASeZzwoIf0pHUO8E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE85E/1A16EB86F3EA11EBB258BA7BC4F9AE02/kKozD4l2v2xASeZzwoIf0pHUO8E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:95:e4:1c:d6:25:da:8a:d3:fe:c2:cb:dc:99:57:f9:44:cc: d6:ec:0f:20:55:1f:64:d3:61:1a:98:3d:78:e8:e5:e7:7a:bc: 3a:c5:2a:81:c0:9c:93:f8:9d:fb:da:9c:9c:44:f2:32:97:14: 57:27:ba:a7:1b:d0:b3:ea:d5:12:0b:49:25:41:6d:e5:61:9f: 0e:33:ff:d3:6a:b2:ca:fa:21:61:07:77:1e:eb:60:24:c9:3a: b1:eb:e2:7a:ea:76:5d:77:b6:3b:a2:27:e7:3c:cd:82:af:df: 80:fc:7c:77:45:7b:85:63:60:58:16:06:ef:13:38:2c:a8:74: fe:4c:aa:ff:a3:aa:66:fe:a5:92:71:b1:37:d7:52:3f:d9:22: 9c:78:20:c2:bf:bb:8c:55:d9:ec:1c:3d:21:11:ec:b0:60:25: c5:fa:42:09:71:4f:54:73:7b:74:b7:7c:3f:e7:d8:66:c8:1b: de:d0:4c:57:5a:67:d3:6b:a1:b9:56:7c:79:49:f2:4a:44:ca: 3e:3f:ef:60:5c:f4:b4:35:f8:a4:96:09:58:79:40:46:c5:e5: fe:36:a9:e1:71:28:4e:76:81:4f:3c:75:49:8e:29:0a:ca:8a: 53:87:28:27:42:a4:a6:c4:6c:42:03:1b:c1:fc:58:c5:c0:74: cd:15:be:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU4NUUxMTAvBgNVBAUTKDkwQUEzMzBGODk3NkJGNkM0MDQ5RTY3M0MyODIxRkQy OTFENDNCQzEwHhcNMjUxMjAyMTQxNzQ0WhcNMjUxMjA5MTQxNzQ0WjAYMRYwFAYD VQQDEw02OTJlZjUwOS1kNWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAommcyntgfPOhKAJGfVv/0Wk5nC1iE8G5jZBioZT6w8Itit6wST4s/oRy9TDr V71db5N3AwaKCg1h+lDT+5BAd93WX/3ms5bWHgpDLzSMn3xLrf8TGQWXiySzrxfV U1qO6eIdMTs73YJd+fBwNtwx2ysFiBDUv13ZeErOMmW9cc19MQcLQciikZZTkJQU 3F2cS1KGdXzMzF4NPAdKYXJOLtlcWLPupvbPLYKqPZh4k+A7RLZZn6TSTivI3gjg ASHJ/pvTxquKeo3n13FUd3OpujQ8SIPFFBw4R1OYhLqlUXmQUIqiIvU3cTmH4mE3 UzEJXGCKiUovD58XraAxOKxHuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAAAsGm8 spakrQgCyHhAbK65OdP3MB8GA1UdIwQYMBaAFJCqMw+Jdr9sQEnmc8KCH9KR1DvB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTg1RS8xQTE2RUI4NkYz RUExMUVCQjI1OEJBN0JDNEY5QUUwMi9rS296RDRsMnYyeEFTZVp6d29JZjBwSFVP OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tLb3pENGwydjJ4QVNlWnp3b0lmMHBIVU84RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTg1RS8xQTE2RUI4NkYzRUExMUVCQjI1OEJBN0JDNEY5QUUwMi9rS296RDRsMnYy eEFTZVp6d29JZjBwSFVPOEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQleQc1iXaitP+wsvcmVf5RMzW7A8gVR9k02EamD146OXnerw6xSqB wJyT+J372pycRPIylxRXJ7qnG9Cz6tUSC0klQW3lYZ8OM//TarLK+iFhB3ce62Ak yTqx6+J66nZdd7Y7oifnPM2Cr9+A/Hx3RXuFY2BYFgbvEzgsqHT+TKr/o6pm/qWS cbE311I/2SKceCDCv7uMVdnsHD0hEeywYCXF+kIJcU9Uc3t0t3w/59hmyBve0ExX WmfTa6G5Vnx5SfJKRMo+P+9gXPS0NfiklglYeUBGxeX+NqnhcShOdoFPPHVJjikK yopThygnQqSmxGxCAxvB/FjFwHTNFb6T -----END CERTIFICATE-----Generated at Wed Dec 3 14:56:27 2025 by rpki-client