This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft File: 3dzECt5nfyP4p5ukFo729r7wZcc.mft (raw, json) Hash identifier: SwSAqzY14mWl2P26yW635Xdh+mThQ32q9Bwr3X8WO90= Subject key identifier: 43:80:20:A3:5C:03:61:B1:B1:10:6A:FD:EE:81:71:D7:59:CD:56:9F Authority key identifier: DD:DC:C4:0A:DE:67:7F:23:F8:A7:9B:A4:16:8E:F6:F6:BE:F0:65:C7 Certificate issuer: /CN=A91CB2E2/serialNumber=DDDCC40ADE677F23F8A79BA4168EF6F6BEF065C7 Certificate serial: 39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft Manifest number: 38 Signing time: Tue 23 Dec 2025 06:20:52 +0000 Manifest this update: Tue 23 Dec 2025 06:20:51 +0000 Manifest next update: Tue 30 Dec 2025 06:20:51 +0000 Files and hashes: 1: 3dzECt5nfyP4p5ukFo729r7wZcc.crl (hash: 91RfDRuzv21aFGHHG78KH6WSKJsh6m0kV3cpV/0xfLY=) 2: 240EF95E896311F0B911053BC4F9AE02.roa (hash: l/wARrq1lISnaNIca31Ucy5U5vcCEK4kZC3D4iFHaJ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.crl rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 06:20:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57 (0x39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB2E2, serialNumber=DDDCC40ADE677F23F8A79BA4168EF6F6BEF065C7 Validity Not Before: Dec 23 06:20:51 2025 GMT Not After : Dec 30 06:20:51 2025 GMT Subject: CN=694a34c4-ec69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:fd:a5:98:a6:6e:e6:37:c0:a1:e6:a8:97:9d: 13:6f:db:1d:a6:aa:0b:72:a2:cb:23:28:cc:0b:d2: bd:cf:30:19:1f:c3:08:db:02:0a:a0:a0:d5:54:26: fe:f4:8a:02:c1:c0:bb:3e:89:ee:9a:af:ea:a3:6c: 12:e6:a1:b3:07:87:23:9a:25:68:b2:19:c4:ae:91: e3:6c:05:eb:b2:df:79:ef:6d:af:b0:c8:63:b2:1c: 62:94:37:58:7f:18:c4:d0:06:8c:20:9b:ea:a6:b7: ea:00:1e:f7:d1:7a:15:46:16:91:21:1c:91:aa:20: d6:0c:55:05:01:f8:f6:37:d9:08:20:fe:83:41:58: 9a:af:82:ab:e5:1c:db:64:f5:f5:c6:cc:24:1c:7b: 6d:3f:4a:fc:4f:51:cd:cf:5c:60:0f:d3:7f:8b:c7: 74:b8:3c:22:95:79:e2:67:67:e3:78:a7:e7:f9:e8: b2:0a:0f:96:85:55:d5:f7:71:e6:63:52:24:8b:4f: e4:51:38:af:3d:86:ea:9d:48:e2:1d:a2:44:a4:1c: 5f:d1:cc:36:9c:a0:5b:20:43:d5:f4:d2:d0:62:b7: 63:1f:63:d4:a8:c2:13:6a:ec:be:17:91:88:b2:e8: e1:d3:10:b7:aa:db:19:e1:ab:2c:70:f9:1d:d4:a7: 13:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:80:20:A3:5C:03:61:B1:B1:10:6A:FD:EE:81:71:D7:59:CD:56:9F X509v3 Authority Key Identifier: keyid:DD:DC:C4:0A:DE:67:7F:23:F8:A7:9B:A4:16:8E:F6:F6:BE:F0:65:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:b4:1a:45:14:1c:99:b7:c5:ac:d7:32:1b:1e:0a:23:03:2d: 68:ef:e7:51:c2:fa:ba:92:3d:33:fa:3f:34:a0:96:8c:83:8d: 76:8c:90:4f:e9:0b:00:eb:cc:65:10:17:66:34:57:66:73:25: 10:ea:91:9c:fd:3a:bb:f9:c1:f4:a2:be:f8:2f:f6:52:cc:22: 14:18:97:30:90:42:9a:50:9b:97:66:1e:91:ef:98:17:f5:04: cd:ee:ac:2f:c0:4b:65:2b:50:06:17:ce:23:80:51:af:7e:ab: 81:7f:7b:e6:53:2f:3e:d7:6a:65:ad:05:ef:ee:3f:74:83:38: cb:37:6a:c2:e0:84:3f:f3:a6:56:40:f7:dc:ad:ef:a0:1b:7f: 32:92:ff:79:7e:2a:0b:de:a6:1a:04:c2:e6:14:a6:23:f9:89: b6:22:7a:1a:66:f9:74:87:bc:c6:8f:4a:cc:b1:a6:5c:27:87: 01:8a:fb:7d:f5:af:96:fa:92:9c:21:94:fe:a4:b1:27:a8:35: d1:a9:4e:74:58:c9:7e:0a:78:90:e0:6f:c6:b4:84:72:b5:80: 11:07:2c:87:1c:72:a6:9d:d9:05:92:99:7a:b4:9e:e2:c9:4c: d0:4c:3c:bc:ec:f9:0b:f9:6b:7e:c8:91:f3:82:b2:c2:50:a0: 00:f2:0e:54 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjJFMjExMC8GA1UEBRMoREREQ0M0MEFERTY3N0YyM0Y4QTc5QkE0MTY4RUY2RjZC RUYwNjVDNzAeFw0yNTEyMjMwNjIwNTFaFw0yNTEyMzAwNjIwNTFaMBgxFjAUBgNV BAMMDTY5NGEzNGM0LWVjNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCx/aWYpm7mN8Ch5qiXnRNv2x2mqgtyossjKMwL0r3PMBkfwwjbAgqgoNVUJv70 igLBwLs+ie6ar+qjbBLmobMHhyOaJWiyGcSukeNsBeuy33nvba+wyGOyHGKUN1h/ GMTQBowgm+qmt+oAHvfRehVGFpEhHJGqINYMVQUB+PY32Qgg/oNBWJqvgqvlHNtk 9fXGzCQce20/SvxPUc3PXGAP03+Lx3S4PCKVeeJnZ+N4p+f56LIKD5aFVdX3ceZj UiSLT+RROK89huqdSOIdokSkHF/RzDacoFsgQ9X00tBit2MfY9SowhNq7L4XkYiy 6OHTELeq2xnhqyxw+R3UpxOfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQ4Ago1wD YbGxEGr97oFx11nNVp8wHwYDVR0jBBgwFoAU3dzECt5nfyP4p5ukFo729r7wZccw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCMkUyLzQxMUM2M0IwODk1 OTExRjBCQTY1MzQ1REM0RjlBRTAyLzNkekVDdDVuZnlQNHA1dWtGbzcyOXI3d1pj Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2R6RUN0NW5meVA0cDV1a0ZvNzI5cjd3WmNjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC MkUyLzQxMUM2M0IwODk1OTExRjBCQTY1MzQ1REM0RjlBRTAyLzNkekVDdDVuZnlQ NHA1dWtGbzcyOXI3d1pjYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALO0GkUUHJm3xazXMhseCiMDLWjv51HC+rqSPTP6PzSgloyDjXaMkE/p CwDrzGUQF2Y0V2ZzJRDqkZz9Orv5wfSivvgv9lLMIhQYlzCQQppQm5dmHpHvmBf1 BM3urC/AS2UrUAYXziOAUa9+q4F/e+ZTLz7XamWtBe/uP3SDOMs3asLghD/zplZA 99yt76AbfzKS/3l+KgvephoEwuYUpiP5ibYiehpm+XSHvMaPSsyxplwnhwGK+331 r5b6kpwhlP6ksSeoNdGpTnRYyX4KeJDgb8a0hHK1gBEHLIcccqad2QWSmXq0nuLJ TNBMPLzs+Qv5a37IkfOCssJQoADyDlQ= -----END CERTIFICATE-----Generated at Wed Dec 24 15:43:20 2025 by rpki-client