This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft File: PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft (raw, json) Hash identifier: Jy5Wb4URdczxPMS131wEqCpe3dPd9DcQ/rCC7z/xAkI= Subject key identifier: 51:13:FF:98:F5:EC:15:CC:69:11:8E:C7:31:03:AF:47:52:CE:A9:E8 Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC Certificate serial: 089D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft Manifest number: 0802 Signing time: Sat 06 Dec 2025 20:37:26 +0000 Manifest this update: Sat 06 Dec 2025 20:37:26 +0000 Manifest next update: Sat 13 Dec 2025 20:37:26 +0000 Files and hashes: 1: PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl (hash: LM47sSWTctpwbR5olCTTZRAmsOUUOy18384jr4vS50k=) 2: 5CDB2402FD6D11EE951DE436C4F9AE02.roa (hash: JCIJiRdjoJPwGnugBIK3v/SX30S5Hj97puNSPDnZHa0=) 3: 0112375EA05411EDB043385AC4F9AE02.roa (hash: aBs0HSQclxaDqKZvgHQYQl981j8saXju4dpMEUuQAU4=) 4: E2FEA6DA3E5411EF9B398D2DC4F9AE02.roa (hash: Rtf4SCa2SLq1aWm8pt96fKW5kPl75H0zBH9P2CmsGlU=) 5: 5B2236E6FD6D11EE951DE436C4F9AE02.roa (hash: xyRyhhQBvFg1P0171dGNRFnwuXqCBoYXwtzjvJ6IHcw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 20:37:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2205 (0x89d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB7AB, serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC Validity Not Before: Dec 6 20:37:26 2025 GMT Not After : Dec 13 20:37:26 2025 GMT Subject: CN=69349406-34c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:25:b4:bf:dc:6b:af:7e:77:9f:4d:14:37:cc: f1:7f:34:68:c5:a1:9e:ea:44:98:89:c6:9f:7c:a5: 1c:99:34:90:59:5d:16:ed:ae:c8:ae:72:ff:29:e0: 60:3a:a7:c3:77:c9:29:31:59:41:a8:0f:9e:04:58: dc:0e:44:e5:51:19:76:37:40:28:bd:fd:02:33:17: 67:76:32:13:df:62:71:c8:2f:80:46:21:93:99:36: c9:ac:19:b6:6d:85:09:75:00:ee:03:52:d5:35:cd: fa:dc:9e:27:e2:42:b2:4d:77:1a:2b:08:c3:c9:16: f6:81:b1:cd:e3:3e:05:63:77:b1:1c:a9:b5:d6:5f: 1d:0c:4b:fe:c9:61:ca:62:a7:25:28:0d:6e:d9:d6: 29:5d:39:22:94:07:27:15:59:49:43:53:65:87:df: de:35:15:59:66:c0:3e:38:31:81:38:b3:99:5a:63: b5:cf:e0:dd:5d:b3:85:45:e2:50:fe:0a:a4:e3:fa: 46:2c:55:09:77:c0:e1:f1:34:f2:c9:72:12:80:3f: f1:00:4b:35:33:28:0f:c1:e0:89:a0:25:c0:b4:33: d4:ff:bf:09:4c:25:0c:36:e9:7c:8a:7f:79:0d:84: 2a:22:27:45:5d:ec:13:58:63:81:1d:11:dc:7f:de: a9:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:13:FF:98:F5:EC:15:CC:69:11:8E:C7:31:03:AF:47:52:CE:A9:E8 X509v3 Authority Key Identifier: keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:1e:a3:54:2f:39:9e:15:88:03:da:03:95:38:4b:bf:89:df: 81:3d:58:ca:3d:64:1c:dc:ca:57:25:57:e0:e0:e7:f0:ab:71: 3b:d8:9f:de:b6:5f:6c:40:d3:f4:4f:1f:05:8f:2a:31:e2:0f: d4:44:52:61:17:56:df:0c:3d:87:49:a3:45:1c:9d:c9:a2:5b: 78:b3:9f:74:8a:de:d5:64:55:7a:d3:6c:d7:fd:05:71:6a:40: ac:74:f9:d8:68:9c:70:fd:f7:a5:fa:73:65:23:34:98:8e:3b: 16:62:15:29:8e:e8:2a:73:54:ce:41:20:17:d7:a6:7a:e1:8d: 26:ba:42:cc:94:7a:26:2c:ac:d3:77:9e:0c:2b:7c:41:32:68: 17:56:eb:22:fb:94:4d:a2:9c:3f:fa:d0:0a:d4:a3:04:fc:76: d9:1d:be:62:9a:61:82:23:33:30:a4:b3:b9:94:b9:21:b5:89: 9e:1a:f4:de:6f:e5:b2:7e:f8:99:35:fc:05:26:35:c0:e9:83: 65:42:5b:6a:88:4a:e0:2f:d9:02:6a:d9:83:34:2b:b7:e5:0d: 99:05:e4:b1:66:7a:1b:00:e3:be:ce:d5:8a:c7:3a:4b:94:f8: 8f:b7:28:ec:c3:0f:be:c7:8c:52:f2:36:56:2c:b1:72:35:86: 3e:d0:2a:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0 NTZGM0Q5QkMwHhcNMjUxMjA2MjAzNzI2WhcNMjUxMjEzMjAzNzI2WjAYMRYwFAYD VQQDEw02OTM0OTQwNi0zNGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsyW0v9xrr353n00UN8zxfzRoxaGe6kSYicaffKUcmTSQWV0W7a7IrnL/KeBg OqfDd8kpMVlBqA+eBFjcDkTlURl2N0Aovf0CMxdndjIT32JxyC+ARiGTmTbJrBm2 bYUJdQDuA1LVNc363J4n4kKyTXcaKwjDyRb2gbHN4z4FY3exHKm11l8dDEv+yWHK YqclKA1u2dYpXTkilAcnFVlJQ1Nlh9/eNRVZZsA+ODGBOLOZWmO1z+DdXbOFReJQ /gqk4/pGLFUJd8Dh8TTyyXISgD/xAEs1MygPweCJoCXAtDPU/78JTCUMNul8in95 DYQqIidFXewTWGOBHRHcf96pPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFET/5j1 7BXMaRGOxzEDr0dSzqnoMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjdBQi81Njc4NjU2ODQwMDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQ MlFnVVpRTGs4STVGYnoyYncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnHqNULzmeFYgD2gOVOEu/id+BPVjKPWQc3MpXJVfg4Ofwq3E72J/e tl9sQNP0Tx8Fjyox4g/URFJhF1bfDD2HSaNFHJ3Jolt4s590it7VZFV602zX/QVx akCsdPnYaJxw/fel+nNlIzSYjjsWYhUpjugqc1TOQSAX16Z64Y0mukLMlHomLKzT d54MK3xBMmgXVusi+5RNopw/+tAK1KME/HbZHb5immGCIzMwpLO5lLkhtYmeGvTe b+WyfviZNfwFJjXA6YNlQltqiErgL9kCatmDNCu35Q2ZBeSxZnobAOO+ztWKxzpL lPiPtyjsww++x4xS8jZWLLFyNYY+0CoK -----END CERTIFICATE-----Generated at Mon Dec 8 05:58:47 2025 by rpki-client