This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json) Hash identifier: PFxPH35kgl9p8IHJcmkDZ6NMCWnoDWD4XK9YbigEMjc= Subject key identifier: 21:34:6C:A6:57:E6:A5:78:AF:AF:0F:02:A4:29:87:D2:D0:AF:E7:50 Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Certificate serial: 0199 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft Manifest number: 0195 Signing time: Tue 23 Dec 2025 02:29:38 +0000 Manifest this update: Tue 23 Dec 2025 02:29:38 +0000 Manifest next update: Tue 30 Dec 2025 02:29:38 +0000 Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: X+4Xm9cvYv0XptfrG7x3eiNHKy52dyyMNgHIHVa3vWk=) 2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: WlVbAYT9fiHzzxm704tgTYSSn+rIKNtEXDFFKehNTaE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 02:29:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 409 (0x199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB921, serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Validity Not Before: Dec 23 02:29:38 2025 GMT Not After : Dec 30 02:29:38 2025 GMT Subject: CN=6949fe92-946c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:75:4a:af:b6:10:be:4b:43:f2:8b:cf:59:c1: 47:bd:d1:4c:db:4a:9e:d8:df:eb:a6:c5:3a:a6:9d: ed:3b:1f:55:55:13:5c:14:fe:f1:28:af:5c:bb:e5: 9a:21:10:ec:ca:d3:3f:e9:86:5e:52:3a:1d:39:45: 8d:11:f4:3d:c0:d1:fd:d2:4b:78:5d:84:40:9e:9e: 6f:ff:9d:56:f3:16:f6:7f:b7:14:5d:00:5d:55:73: 8b:00:74:7d:98:d5:11:ec:8e:e4:e2:e7:27:fb:a7: 03:b9:2a:51:b9:70:d8:9e:27:56:06:59:7f:67:5d: 3c:e1:a7:3c:75:b3:2e:bb:38:45:f3:7c:f8:ec:ba: 90:91:16:32:36:82:46:ad:bd:c0:c5:d5:c0:cf:53: 35:98:2a:6e:e7:34:60:5f:0f:6c:d7:f5:ca:4f:dd: b3:01:40:88:f8:0b:ea:bc:79:7b:7f:15:83:56:00: 80:e3:84:18:91:2d:a5:48:54:c0:18:4b:7e:f7:19: 97:8a:6c:a2:70:ed:33:3b:9d:c9:a1:d7:5e:52:68: 9b:b3:59:ec:95:7e:b6:48:2c:6c:db:55:59:fa:81: 5b:a7:54:9a:5b:e7:17:04:28:04:ab:b7:ad:9f:ff: a1:41:8e:77:9c:1b:3d:77:02:7e:5c:34:79:e9:a8: 66:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:34:6C:A6:57:E6:A5:78:AF:AF:0F:02:A4:29:87:D2:D0:AF:E7:50 X509v3 Authority Key Identifier: keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:1f:39:d3:30:1a:c4:6c:82:c5:6c:2e:f9:99:5f:06:39:60: 03:2f:d4:47:c5:3b:22:68:d6:f1:94:91:3b:db:6f:dd:1c:1d: 51:b1:10:ff:fe:e9:25:e8:bb:2d:ef:ca:57:63:79:3f:ea:7d: 0d:41:e7:05:a4:02:82:34:12:b3:a8:d9:5b:8c:5f:ab:4a:a8: ee:e0:ae:b6:78:63:d0:05:cf:a7:b4:c6:3f:dd:81:39:13:18: a8:13:9f:d3:3b:ae:8e:bd:0c:2f:89:b6:10:be:09:f1:83:51: 18:5a:52:94:f0:7e:16:76:b5:3a:11:fc:a0:70:89:44:c7:9d: e6:cf:74:2f:df:8a:b9:a5:ba:26:c4:68:fa:d1:72:82:66:6b: 4d:59:86:c6:a8:f5:5e:14:ab:a4:f3:89:01:71:f0:57:e2:1f: 69:b2:bc:01:23:88:ab:29:59:5a:81:e9:bf:06:64:0a:5e:68: 40:bf:5d:3a:a9:22:c2:5b:26:d7:73:24:85:5e:5a:62:f3:b6: 2e:e4:4a:e8:fd:4e:1f:5a:55:bb:9c:3e:d7:0f:16:c3:3e:f6: 5e:b9:b3:91:19:44:62:8a:94:9d:46:08:44:e5:30:d8:de:1b: a4:b5:7d:f2:e4:1c:e2:d3:34:c8:7c:56:91:da:1a:3a:2b:d3: 56:9d:1d:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0 RTkzRTVGMkIwHhcNMjUxMjIzMDIyOTM4WhcNMjUxMjMwMDIyOTM4WjAYMRYwFAYD VQQDDA02OTQ5ZmU5Mi05NDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl3VKr7YQvktD8ovPWcFHvdFM20qe2N/rpsU6pp3tOx9VVRNcFP7xKK9cu+Wa IRDsytM/6YZeUjodOUWNEfQ9wNH90kt4XYRAnp5v/51W8xb2f7cUXQBdVXOLAHR9 mNUR7I7k4ucn+6cDuSpRuXDYnidWBll/Z1084ac8dbMuuzhF83z47LqQkRYyNoJG rb3AxdXAz1M1mCpu5zRgXw9s1/XKT92zAUCI+AvqvHl7fxWDVgCA44QYkS2lSFTA GEt+9xmXimyicO0zO53JoddeUmibs1nslX62SCxs21VZ+oFbp1SaW+cXBCgEq7et n/+hQY53nBs9dwJ+XDR56ahmJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCE0bKZX 5qV4r68PAqQph9LQr+dQMB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1 NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtHznTMBrEbILFbC75mV8GOWADL9RHxTsiaNbxlJE722/dHB1RsRD/ /ukl6Lst78pXY3k/6n0NQecFpAKCNBKzqNlbjF+rSqju4K62eGPQBc+ntMY/3YE5 ExioE5/TO66OvQwvibYQvgnxg1EYWlKU8H4WdrU6EfygcIlEx53mz3Qv34q5pbom xGj60XKCZmtNWYbGqPVeFKuk84kBcfBX4h9psrwBI4irKVlagem/BmQKXmhAv106 qSLCWybXcySFXlpi87Yu5Ero/U4fWlW7nD7XDxbDPvZeubORGURiipSdRghE5TDY 3huktX3y5Bzi0zTIfFaR2ho6K9NWnR2k -----END CERTIFICATE-----Generated at Wed Dec 24 16:00:35 2025 by rpki-client