This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: iFXBP0aa7lchJRsqNCnOVz8XNXWR9G/NxAbKHSVt7s8= Subject key identifier: CE:EE:DF:E3:1A:A4:23:DC:8C:A4:D7:B8:40:ED:C9:CA:18:07:88:6D Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 74 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 71 Signing time: Tue 23 Dec 2025 05:47:52 +0000 Manifest this update: Tue 23 Dec 2025 05:47:51 +0000 Manifest next update: Tue 30 Dec 2025 05:47:51 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: 4QHFeRTE5SfsTj8fh7hiCkE95tGDT3+dV+SkB9gJMjU=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: GbT2Xq8LMseiodZFptbEkKwR2JJrCaZJBMK5VYRS9TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 05:47:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 116 (0x74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Dec 23 05:47:51 2025 GMT Not After : Dec 30 05:47:51 2025 GMT Subject: CN=694a2d07-280b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:69:e2:43:56:84:d8:7c:ab:e6:25:bf:aa:b7: 11:da:ce:0e:2c:1b:73:5f:17:75:b8:e7:7e:ec:f7: b0:71:60:08:a5:35:38:74:b1:7a:8d:a5:9e:95:75: af:8f:2a:9c:10:d2:81:93:37:f4:84:68:d8:c0:b9: 35:bc:c6:73:92:94:6a:f4:72:04:62:c6:0a:91:8e: b9:8a:2b:3a:a1:6c:c1:ce:ca:e4:7c:71:18:31:0f: 85:1d:6b:0e:28:54:e6:47:21:36:17:09:a5:f3:f2: 96:f2:11:2e:bb:d4:98:12:40:ed:dd:b2:97:a8:40: e5:f0:94:d0:77:72:fa:c5:39:2a:62:40:18:32:fc: 0b:f1:03:20:8c:6e:a8:b5:f8:13:f6:6d:b9:71:a1: 64:67:43:18:47:31:df:f2:ae:f7:61:38:ed:94:92: 2f:51:a3:e2:41:35:a2:4e:b7:2d:16:7b:0d:dd:2b: 92:fc:e4:12:bc:ca:fc:96:b7:f3:05:b6:3a:09:49: f0:d0:be:1c:4b:a0:f3:68:5c:93:9f:d5:47:2a:39: a1:8c:4b:f1:75:f1:b1:eb:b2:fc:c8:16:d4:80:6f: e7:d1:a5:d3:2a:b5:00:a3:98:c8:a5:0c:ed:3c:bd: af:5b:a3:97:c5:35:e6:a6:9c:19:3d:0e:50:9f:5e: 19:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:EE:DF:E3:1A:A4:23:DC:8C:A4:D7:B8:40:ED:C9:CA:18:07:88:6D X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:93:e7:6f:13:2f:3e:09:d7:d9:93:54:ff:26:98:58:46:5c: 40:c0:22:01:cc:de:31:ff:20:5c:5b:e2:68:3b:17:a6:f3:94: dd:4b:e9:7b:ea:3b:ba:51:bb:2d:16:d7:f3:99:ef:c1:68:df: ea:d5:d4:26:15:35:8d:69:4e:4b:83:4f:d3:6d:b0:f9:18:2b: db:7d:48:2a:88:09:5d:4b:fe:e7:ea:ca:b4:2e:16:5e:62:b5: 6c:c3:9f:05:c3:7e:42:6e:b6:7d:86:9f:82:3b:33:d4:2b:c2: 8c:fa:4f:05:ff:da:10:9a:e2:f5:0e:d9:79:1d:bf:8f:8c:db: c0:b4:91:28:1f:49:47:8d:44:13:8c:c7:f8:81:a5:79:26:83: e4:63:ce:a1:a4:1f:69:73:1c:1d:26:eb:37:df:d9:62:0a:50: e3:9d:17:7d:a6:6f:89:32:cb:43:7c:c1:2a:2d:47:5c:81:9a: 35:00:c6:6c:59:59:c7:5c:13:41:0c:b8:f0:5e:3f:be:a0:2d: 0b:6d:4a:e9:48:99:92:4c:12:43:6c:5f:95:6a:6e:c3:12:4e: 85:ad:b3:92:86:2e:ee:57:07:b0:1c:43:63:62:f1:8d:50:0d: d6:d9:5b:45:d8:04:9b:02:f0:1c:83:f7:fc:d6:31:79:f2:1f: c2:70:05:67 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTEyMjMwNTQ3NTFaFw0yNTEyMzAwNTQ3NTFaMBgxFjAUBgNV BAMMDTY5NGEyZDA3LTI4MGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCnaeJDVoTYfKvmJb+qtxHazg4sG3NfF3W4537s97BxYAilNTh0sXqNpZ6Vda+P KpwQ0oGTN/SEaNjAuTW8xnOSlGr0cgRixgqRjrmKKzqhbMHOyuR8cRgxD4Udaw4o VOZHITYXCaXz8pbyES671JgSQO3dspeoQOXwlNB3cvrFOSpiQBgy/AvxAyCMbqi1 +BP2bblxoWRnQxhHMd/yrvdhOO2Uki9Ro+JBNaJOty0Wew3dK5L85BK8yvyWt/MF tjoJSfDQvhxLoPNoXJOf1UcqOaGMS/F18bHrsvzIFtSAb+fRpdMqtQCjmMilDO08 va9bo5fFNeamnBk9DlCfXhn3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUzu7f4xqk I9yMpNe4QO3JyhgHiG0wHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIiT528TLz4J19mTVP8mmFhGXEDAIgHM3jH/IFxb4mg7F6bzlN1L6Xvq O7pRuy0W1/OZ78Fo3+rV1CYVNY1pTkuDT9NtsPkYK9t9SCqICV1L/ufqyrQuFl5i tWzDnwXDfkJutn2Gn4I7M9Qrwoz6TwX/2hCa4vUO2Xkdv4+M28C0kSgfSUeNRBOM x/iBpXkmg+RjzqGkH2lzHB0m6zff2WIKUOOdF32mb4kyy0N8wSotR1yBmjUAxmxZ WcdcE0EMuPBeP76gLQttSulImZJMEkNsX5VqbsMSToWts5KGLu5XB7AcQ2Ni8Y1Q DdbZW0XYBJsC8ByD9/zWMXnyH8JwBWc= -----END CERTIFICATE-----Generated at Wed Dec 24 19:33:10 2025 by rpki-client