This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft File: D-jKZIcKPWORHI0tZRuinKztDso.mft (raw, json) Hash identifier: GjwNi4kMrZwqsPZfxDG8AeTr92NGvp4w0CCFNWi4p0A= Subject key identifier: 6E:B2:F7:B8:5F:D7:AC:54:A7:95:BA:DA:40:CD:0A:DE:61:FD:EB:7F Authority key identifier: 0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA Certificate issuer: /CN=A91B428B/serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Certificate serial: 0A25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft Manifest number: 0A1E Signing time: Mon 22 Dec 2025 19:12:48 +0000 Manifest this update: Mon 22 Dec 2025 19:12:48 +0000 Manifest next update: Mon 29 Dec 2025 19:12:48 +0000 Files and hashes: 1: D-jKZIcKPWORHI0tZRuinKztDso.crl (hash: XdUANUfYLERw6qXGrfqArLaN6Pvqi0qXLcy9Via4cJ4=) 2: 319DF660847811EA8EE07E81C4F9AE02.roa (hash: ZlFR2HTwg3fDW4lClQanT4TaI4rdoCBr8+QBrXHDB9w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 19:12:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2597 (0xa25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B428B, serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Validity Not Before: Dec 22 19:12:48 2025 GMT Not After : Dec 29 19:12:48 2025 GMT Subject: CN=69499830-5e6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:6a:31:2d:bf:e5:34:a5:8e:81:49:96:68:5f: 85:20:3f:6f:98:6f:7d:63:f2:5c:10:50:8c:8f:af: 92:68:9f:ad:28:26:dd:e6:57:38:a5:aa:c6:4a:e4: 8d:5b:63:67:59:46:71:8e:df:8f:5c:e3:b0:06:52: 40:fb:de:5a:5a:90:97:cd:2c:6e:6d:99:0e:24:e5: c3:24:76:e5:a9:24:95:52:c1:58:1b:43:14:57:f8: f6:99:4d:b4:d2:ac:1c:5e:8d:73:96:f6:62:92:01: 40:a4:63:7a:89:b7:1a:9b:b5:a2:9f:04:0e:e3:42: 74:fe:cc:cb:eb:ea:f5:fa:c8:d6:5e:fe:f7:bd:a1: 5b:50:b9:9f:bd:e1:4f:ee:0f:cd:89:56:06:31:cf: 1a:e0:6b:f9:74:f8:a8:66:f9:6a:94:c1:5a:c4:bc: 84:91:05:82:e7:eb:eb:44:bf:06:51:2c:82:2c:6e: 1e:51:a5:9c:02:8e:12:17:52:56:26:b4:3c:a6:8d: 6c:19:00:6e:b6:d3:56:f0:22:ab:5c:cf:57:2d:0e: 07:63:1e:47:8a:ea:62:9a:c7:f5:64:82:da:1e:be: a1:1f:1e:72:7f:12:f5:bc:bd:f1:f2:7f:ac:0a:6f: 1f:1d:d4:8c:ad:58:be:42:88:2f:b8:1e:76:ef:2b: 29:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:B2:F7:B8:5F:D7:AC:54:A7:95:BA:DA:40:CD:0A:DE:61:FD:EB:7F X509v3 Authority Key Identifier: keyid:0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:04:88:68:a9:90:85:c1:17:c1:b2:a4:c4:84:2a:6b:7a:90: 13:dd:e2:69:c6:ce:52:f5:43:a0:05:73:76:b7:16:67:b0:ee: 3e:ab:78:64:8c:55:04:64:be:6a:e8:1d:09:76:bd:01:84:4f: 99:b9:c6:a3:5e:04:db:e1:60:ca:9c:9c:65:d5:d6:ae:d4:4d: 84:56:59:aa:56:fb:98:41:d3:e8:ab:8f:51:29:20:4f:6f:bc: 48:22:37:66:96:48:04:3a:1d:df:98:31:53:9b:54:ca:69:22: dc:60:a0:19:6c:ae:de:89:b1:fd:ad:16:7c:36:74:9a:f1:da: 6f:2f:79:ce:39:5e:ad:1a:48:18:07:35:e1:d5:60:1e:d9:db: d9:f2:c3:7a:e3:40:14:72:60:00:2c:5a:e9:49:ee:8a:aa:14: 1f:ae:f1:4e:45:65:d2:05:cc:4a:90:d0:ae:9e:ac:8e:ac:82: d3:c0:b5:7c:d8:a1:f7:fc:c3:1d:f3:14:11:83:c6:b7:e9:41: c9:0c:24:13:d3:42:21:43:e3:1f:c4:3b:00:c0:e4:1b:68:4f: 98:20:f6:d6:d7:bb:a7:51:1e:c9:36:38:1e:12:24:7f:7a:35: 07:d9:9a:67:c4:28:1b:2f:5f:aa:e8:cd:90:1c:c2:49:67:1c: 88:99:a5:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQyOEIxMTAvBgNVBAUTKDBGRThDQTY0ODcwQTNENjM5MTFDOEQyRDY1MUJBMjlD QUNFRDBFQ0EwHhcNMjUxMjIyMTkxMjQ4WhcNMjUxMjI5MTkxMjQ4WjAYMRYwFAYD VQQDDA02OTQ5OTgzMC01ZTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyGoxLb/lNKWOgUmWaF+FID9vmG99Y/JcEFCMj6+SaJ+tKCbd5lc4parGSuSN W2NnWUZxjt+PXOOwBlJA+95aWpCXzSxubZkOJOXDJHblqSSVUsFYG0MUV/j2mU20 0qwcXo1zlvZikgFApGN6ibcam7WinwQO40J0/szL6+r1+sjWXv73vaFbULmfveFP 7g/NiVYGMc8a4Gv5dPioZvlqlMFaxLyEkQWC5+vrRL8GUSyCLG4eUaWcAo4SF1JW JrQ8po1sGQButtNW8CKrXM9XLQ4HYx5Hiupimsf1ZILaHr6hHx5yfxL1vL3x8n+s Cm8fHdSMrVi+QogvuB527yspUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG6y97hf 16xUp5W62kDNCt5h/et/MB8GA1UdIwQYMBaAFA/oymSHCj1jkRyNLWUbopys7Q7K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDI4Qi8zQTBCNkMwQzg0 NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BXT1JISTB0WlJ1aW5LenRE c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QtaktaSWNLUFdPUkhJMHRaUnVpbkt6dERzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDI4Qi8zQTBCNkMwQzg0NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BX T1JISTB0WlJ1aW5LenREc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhBIhoqZCFwRfBsqTEhCprepAT3eJpxs5S9UOgBXN2txZnsO4+q3hk jFUEZL5q6B0Jdr0BhE+ZucajXgTb4WDKnJxl1dau1E2EVlmqVvuYQdPoq49RKSBP b7xIIjdmlkgEOh3fmDFTm1TKaSLcYKAZbK7eibH9rRZ8NnSa8dpvL3nOOV6tGkgY BzXh1WAe2dvZ8sN640AUcmAALFrpSe6KqhQfrvFORWXSBcxKkNCunqyOrILTwLV8 2KH3/MMd8xQRg8a36UHJDCQT00IhQ+MfxDsAwOQbaE+YIPbW17unUR7JNjgeEiR/ ejUH2ZpnxCgbL1+q6M2QHMJJZxyImaWW -----END CERTIFICATE-----Generated at Wed Dec 24 19:30:40 2025 by rpki-client