This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft File: IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft (raw, json) Hash identifier: QJ44kn1t5+EvmYpRa8hMfxAufxz+lBrtHybc/6XUZR8= Subject key identifier: BB:E6:12:4B:8A:21:36:4F:D5:E6:67:23:C9:86:15:64:D8:DE:24:20 Authority key identifier: 21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 Certificate issuer: /CN=A91C53FD/serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Certificate serial: 013C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft Manifest number: 0139 Signing time: Tue 23 Dec 2025 03:29:25 +0000 Manifest this update: Tue 23 Dec 2025 03:29:24 +0000 Manifest next update: Tue 30 Dec 2025 03:29:24 +0000 Files and hashes: 1: IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl (hash: Ggt2pIeWr2e/Vgdbqlmo/x2I3i6Vj8W5NtFa+IYVmOw=) 2: B15E8BECFF3211EEA8607454C4F9AE02.roa (hash: rdcsVeSD/0uRXsupB+gdsyd8ZZ4QY82jQKGKV8TuBBs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 03:29:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 316 (0x13c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C53FD, serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Validity Not Before: Dec 23 03:29:24 2025 GMT Not After : Dec 30 03:29:24 2025 GMT Subject: CN=694a0c95-2049 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e1:3e:e5:06:2d:63:8d:e6:14:93:ea:11:5c: 1a:76:78:cb:fd:e3:ee:38:02:c4:c1:af:00:35:f1: be:bf:fe:89:a6:02:c1:fd:86:d4:7b:27:28:76:ec: f1:24:4a:bf:d3:a8:3b:3d:d5:37:0d:71:2a:54:36: 36:2c:c5:4e:be:e4:c1:6b:a3:b2:83:3f:08:d9:02: 59:df:d1:ba:24:02:fd:46:4a:4e:0c:61:e3:b0:a9: 45:f1:52:72:6b:2e:df:f3:57:03:6b:08:af:24:91: 96:c2:48:5d:ab:41:a3:ed:8f:46:b3:8d:c0:02:9c: 1c:f1:33:e2:8e:b2:80:5f:a9:9e:09:36:9e:97:02: d8:50:03:fd:dd:96:0c:82:42:d8:8f:29:1a:34:4c: 7c:78:09:cf:4d:4f:0c:71:4d:0d:5e:77:e2:3c:78: 6f:d7:bb:a6:a8:73:fd:50:72:3c:dd:4d:72:97:72: 7a:50:47:32:4a:eb:5c:93:5e:5b:0e:c5:d0:8d:dc: 7d:19:b5:79:45:a2:41:1f:16:61:63:bb:3b:79:df: d9:e7:ab:8f:7a:1a:2a:ae:31:8b:ce:15:7d:c9:d8: c7:91:f9:57:88:06:b9:e7:74:7d:f2:a8:ba:9f:61: c2:c9:46:3b:0f:2e:d6:f0:26:0d:e0:13:f4:9b:db: d0:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:E6:12:4B:8A:21:36:4F:D5:E6:67:23:C9:86:15:64:D8:DE:24:20 X509v3 Authority Key Identifier: keyid:21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:8a:39:92:d1:6d:ce:2f:2f:1d:33:d0:a5:62:7f:79:e8:3f: aa:c4:96:09:91:c8:22:31:8d:6c:66:4e:97:af:a9:8c:6e:56: 33:ab:d8:58:d6:d6:14:92:a2:2b:b1:2c:07:04:a7:9c:26:70: 6b:bf:f3:76:4d:31:6a:ff:91:36:c1:89:17:63:17:d2:fa:31: 44:73:6c:68:d5:ca:b9:b0:b5:1b:07:26:16:9f:c3:6f:b1:cd: 01:4e:3f:ef:ae:b0:39:ba:eb:82:cf:77:b6:08:e0:71:6e:9e: 02:ec:07:9e:ad:d9:b3:d1:38:c8:d3:c4:5b:ca:0b:a6:2e:d8: 43:20:6b:9f:4d:6e:c6:59:21:33:fc:a9:05:c7:3e:cc:42:50: 73:1b:a4:d0:23:88:72:bc:f8:0c:ee:12:8f:82:32:69:26:78: 80:5a:df:fa:67:ef:05:c2:a3:52:a6:e0:f2:69:69:af:dd:00: fd:b8:bb:4d:11:16:09:58:ff:44:f1:90:78:ff:8d:8f:64:1b: b9:30:f3:53:98:81:67:8e:a8:be:d6:1e:5e:07:f8:e8:35:85: 81:a6:3f:76:85:39:6a:9e:86:78:32:7b:d6:9a:25:fe:9c:55: f2:7d:ac:9f:92:df:0b:75:39:3b:a7:87:73:14:f6:eb:b8:a9: 55:f3:14:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUzRkQxMTAvBgNVBAUTKDIxOTM0MTk4RTgzMzEwNjFEMjc1QjhDRkM3OTQ1OEQz MkZBQkQ2QzkwHhcNMjUxMjIzMDMyOTI0WhcNMjUxMjMwMDMyOTI0WjAYMRYwFAYD VQQDDA02OTRhMGM5NS0yMDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAueE+5QYtY43mFJPqEVwadnjL/ePuOALEwa8ANfG+v/6JpgLB/YbUeycoduzx JEq/06g7PdU3DXEqVDY2LMVOvuTBa6Oygz8I2QJZ39G6JAL9RkpODGHjsKlF8VJy ay7f81cDawivJJGWwkhdq0Gj7Y9Gs43AApwc8TPijrKAX6meCTaelwLYUAP93ZYM gkLYjykaNEx8eAnPTU8McU0NXnfiPHhv17umqHP9UHI83U1yl3J6UEcySutck15b DsXQjdx9GbV5RaJBHxZhY7s7ed/Z56uPehoqrjGLzhV9ydjHkflXiAa553R98qi6 n2HCyUY7Dy7W8CYN4BP0m9vQowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLvmEkuK ITZP1eZnI8mGFWTY3iQgMB8GA1UdIwQYMBaAFCGTQZjoMxBh0nW4z8eUWNMvq9bJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTNGRC82ODhFNTdFRUZG MzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVHSFNkYmpQeDVSWTB5LXIx c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laTkJtT2d6RUdIU2RialB4NVJZMHktcjFzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTNGRC82ODhFNTdFRUZGMzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVH SFNkYmpQeDVSWTB5LXIxc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCbijmS0W3OLy8dM9ClYn956D+qxJYJkcgiMY1sZk6Xr6mMblYzq9hY 1tYUkqIrsSwHBKecJnBrv/N2TTFq/5E2wYkXYxfS+jFEc2xo1cq5sLUbByYWn8Nv sc0BTj/vrrA5uuuCz3e2COBxbp4C7Aeerdmz0TjI08RbygumLthDIGufTW7GWSEz /KkFxz7MQlBzG6TQI4hyvPgM7hKPgjJpJniAWt/6Z+8FwqNSpuDyaWmv3QD9uLtN ERYJWP9E8ZB4/42PZBu5MPNTmIFnjqi+1h5eB/joNYWBpj92hTlqnoZ4MnvWmiX+ nFXyfayfkt8LdTk7p4dzFPbruKlV8xRu -----END CERTIFICATE-----Generated at Wed Dec 24 19:31:18 2025 by rpki-client