This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft File: PdCVvno70d2CniomSfx-gafv40w.mft (raw, json) Hash identifier: RcDiuKhYfF3OyR0Egf4FCns8hhZfScGh62RPVo+41IY= Subject key identifier: 60:7E:26:C9:73:A0:7A:53:0C:5B:8C:C1:0D:23:E2:1A:77:1F:85:0C Authority key identifier: 3D:D0:95:BE:7A:3B:D1:DD:82:9E:2A:26:49:FC:7E:81:A7:EF:E3:4C Certificate issuer: /CN=A91C8307/serialNumber=3DD095BE7A3BD1DD829E2A2649FC7E81A7EFE34C Certificate serial: BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft Manifest number: BC Signing time: Tue 23 Dec 2025 04:55:20 +0000 Manifest this update: Tue 23 Dec 2025 04:55:20 +0000 Manifest next update: Tue 30 Dec 2025 04:55:20 +0000 Files and hashes: 1: PdCVvno70d2CniomSfx-gafv40w.crl (hash: 5DqBiGisBK39hXuOIxnYeHtdBW1PSLIJM8LUECk2sJU=) 2: DEDB3932BED411EF835BB47AC4F9AE02.roa (hash: O2sa7pTiQKdOhkw1Yh9cM+13JLJmRbo0IeSALJBybOk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.crl rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 04:55:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 189 (0xbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8307, serialNumber=3DD095BE7A3BD1DD829E2A2649FC7E81A7EFE34C Validity Not Before: Dec 23 04:55:20 2025 GMT Not After : Dec 30 04:55:20 2025 GMT Subject: CN=694a20b8-da74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:5a:45:cc:ae:6d:c8:01:5e:3c:9f:a4:e3:31: 25:72:27:6c:24:85:c2:36:af:49:35:ad:2c:2b:54: 14:3f:8a:68:a1:f2:af:e6:39:e5:9d:65:16:2c:1d: 3f:99:2f:eb:94:06:b7:a5:59:7d:9b:1e:da:f5:9d: eb:19:62:f4:26:28:93:db:73:e5:45:83:24:9f:15: ed:c7:d1:8f:0e:9e:41:9e:6a:e1:cd:ed:64:66:79: e2:08:69:e7:89:e0:55:67:23:ed:3b:0a:36:34:fb: 37:31:ee:f8:dd:bd:a5:84:3d:1a:0f:32:19:90:10: 77:49:2a:e6:f3:94:a0:88:1c:ea:46:84:cc:24:2e: 4d:18:89:ec:cf:5e:f7:fd:5f:e7:10:05:cf:2b:ef: f7:0c:94:79:29:00:bd:04:8e:43:ba:d8:0d:8b:61: f1:3a:77:e2:e7:f7:d7:1b:fe:ba:a5:98:3d:80:78: 97:f3:87:b1:ee:1b:34:a9:f2:6e:e3:d2:be:dc:9a: 44:97:cf:ee:2b:f0:7a:bd:57:d1:7f:38:36:8c:9e: 0a:57:bc:db:85:bc:13:8a:fe:ed:c8:eb:ee:c2:f6: a7:35:44:1e:d6:00:89:24:2e:42:de:60:dc:5e:a9: 3e:c8:02:fe:cc:bf:27:66:cb:8d:c0:53:14:46:ea: 49:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:7E:26:C9:73:A0:7A:53:0C:5B:8C:C1:0D:23:E2:1A:77:1F:85:0C X509v3 Authority Key Identifier: keyid:3D:D0:95:BE:7A:3B:D1:DD:82:9E:2A:26:49:FC:7E:81:A7:EF:E3:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:59:c9:83:b9:9a:02:7d:43:ea:56:e9:b7:3a:a6:04:57:5f: 2e:cf:a2:eb:33:51:60:a6:03:f3:28:62:fd:ee:3c:1f:54:fa: cf:4d:5e:14:18:3e:0b:26:fc:d7:22:78:e0:2e:f0:c3:1e:70: 99:9b:6f:77:e2:65:d0:29:3c:83:62:ea:d8:cb:a2:a9:f0:3e: 16:b1:e0:db:58:00:5e:6f:f2:50:81:ad:6c:5e:bd:61:f7:80: 17:e5:c0:86:cb:0f:d5:2e:2a:16:c9:7e:71:61:0e:eb:58:5f: 03:e7:86:bc:79:f4:dc:d0:00:8c:80:32:d9:25:e4:0b:97:43: fc:a2:40:42:ef:c8:38:71:52:5a:f3:81:37:88:aa:48:07:6a: 27:33:85:92:21:ae:68:0d:ec:28:7f:53:40:7f:ba:fd:24:10: 6c:49:e0:e0:66:30:32:04:d6:73:65:39:0e:55:d9:d6:49:43: 84:08:3b:29:63:bc:be:c6:25:90:4b:aa:26:1e:4f:3d:c6:66: d6:cc:ba:7c:93:b3:71:cb:29:27:fd:3c:16:00:39:d4:81:f9: 1c:6d:c9:94:69:77:59:08:80:81:50:8e:55:06:bd:25:b1:ce: 91:b4:da:66:35:73:30:92:9d:ae:92:d3:7f:b3:69:ac:b5:86: f2:73:20:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzgzMDcxMTAvBgNVBAUTKDNERDA5NUJFN0EzQkQxREQ4MjlFMkEyNjQ5RkM3RTgx QTdFRkUzNEMwHhcNMjUxMjIzMDQ1NTIwWhcNMjUxMjMwMDQ1NTIwWjAYMRYwFAYD VQQDDA02OTRhMjBiOC1kYTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuFpFzK5tyAFePJ+k4zElcidsJIXCNq9JNa0sK1QUP4poofKv5jnlnWUWLB0/ mS/rlAa3pVl9mx7a9Z3rGWL0JiiT23PlRYMknxXtx9GPDp5Bnmrhze1kZnniCGnn ieBVZyPtOwo2NPs3Me743b2lhD0aDzIZkBB3SSrm85SgiBzqRoTMJC5NGInsz173 /V/nEAXPK+/3DJR5KQC9BI5DutgNi2HxOnfi5/fXG/66pZg9gHiX84ex7hs0qfJu 49K+3JpEl8/uK/B6vVfRfzg2jJ4KV7zbhbwTiv7tyOvuwvanNUQe1gCJJC5C3mDc Xqk+yAL+zL8nZsuNwFMURupJKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGB+Jslz oHpTDFuMwQ0j4hp3H4UMMB8GA1UdIwQYMBaAFD3Qlb56O9Hdgp4qJkn8foGn7+NM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODMwNy8zNDMyRjYwQ0JF Q0QxMUVGOThDNzQxMzJDNEY5QUUwMi9QZENWdm5vNzBkMkNuaW9tU2Z4LWdhZnY0 MHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BkQ1Z2bm83MGQyQ25pb21TZngtZ2FmdjQwdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD ODMwNy8zNDMyRjYwQ0JFQ0QxMUVGOThDNzQxMzJDNEY5QUUwMi9QZENWdm5vNzBk MkNuaW9tU2Z4LWdhZnY0MHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbWcmDuZoCfUPqVum3OqYEV18uz6LrM1FgpgPzKGL97jwfVPrPTV4U GD4LJvzXInjgLvDDHnCZm2934mXQKTyDYurYy6Kp8D4WseDbWABeb/JQga1sXr1h 94AX5cCGyw/VLioWyX5xYQ7rWF8D54a8efTc0ACMgDLZJeQLl0P8okBC78g4cVJa 84E3iKpIB2onM4WSIa5oDewof1NAf7r9JBBsSeDgZjAyBNZzZTkOVdnWSUOECDsp Y7y+xiWQS6omHk89xmbWzLp8k7Nxyykn/TwWADnUgfkcbcmUaXdZCICBUI5VBr0l sc6RtNpmNXMwkp2uktN/s2mstYbycyAg -----END CERTIFICATE-----Generated at Wed Dec 24 01:58:41 2025 by rpki-client