This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/2yzMqD2FMojFAM38OuHi_qBJ9RQ.mft File: 2yzMqD2FMojFAM38OuHi_qBJ9RQ.mft (raw, json) Hash identifier: Im2a5PsC6s+jxggdQl9lrSsNKiHN3/ae6Y8pSct1JIg= Subject key identifier: 0C:91:F6:9A:48:85:15:4E:E2:88:EF:AD:F3:60:C8:DE:C8:44:AE:3D Authority key identifier: DB:2C:CC:A8:3D:85:32:88:C5:00:CD:FC:3A:E1:E2:FE:A0:49:F5:14 Certificate issuer: /CN=A91CD00C/serialNumber=DB2CCCA83D853288C500CDFC3AE1E2FEA049F514 Certificate serial: 039F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2yzMqD2FMojFAM38OuHi_qBJ9RQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/2yzMqD2FMojFAM38OuHi_qBJ9RQ.mft Manifest number: 0397 Signing time: Fri 19 Dec 2025 00:01:07 +0000 Manifest this update: Fri 19 Dec 2025 00:01:07 +0000 Manifest next update: Fri 26 Dec 2025 00:01:07 +0000 Files and hashes: 1: 2yzMqD2FMojFAM38OuHi_qBJ9RQ.crl (hash: y879cdsYG3HQ7TaIUdddK41zUmfIC5mkUfuVx3o2ssw=) 2: 46654408C6CB11ECB185E43EC4F9AE02.roa (hash: 2bcV6GxsWp02/25GPOOyDI2TUUeSbqzzvJgPU+rv3Lc=) 3: 15D68F5ED55011EFA0564D54C4F9AE02.roa (hash: S/3id5/GrdHISWrodbVNvQaLLsQVLmIkD0brgywz+oo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/2yzMqD2FMojFAM38OuHi_qBJ9RQ.crl rsync://rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/2yzMqD2FMojFAM38OuHi_qBJ9RQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2yzMqD2FMojFAM38OuHi_qBJ9RQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 00:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 927 (0x39f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD00C, serialNumber=DB2CCCA83D853288C500CDFC3AE1E2FEA049F514 Validity Not Before: Dec 19 00:01:07 2025 GMT Not After : Dec 26 00:01:07 2025 GMT Subject: CN=694495c3-1645 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:64:70:e1:1b:89:a3:6a:c2:51:71:5a:c3:52: 52:5a:2b:6c:36:dd:38:85:80:13:ca:dd:91:21:5f: f9:fc:e4:34:56:cb:c4:88:85:b1:cd:4d:3c:80:99: 29:93:6f:98:e2:03:6f:b6:38:59:f5:13:01:96:cf: 7b:78:a2:10:65:61:58:b7:24:84:db:6c:28:54:fe: cb:52:0b:7f:d5:49:1a:bd:8e:21:04:51:74:02:fc: 43:a8:cc:d4:81:99:3e:e2:b7:eb:99:d8:61:e7:40: 52:7b:50:12:73:1b:aa:af:f0:53:63:1b:c4:fc:3e: 08:76:b4:10:2c:1a:72:04:c3:0c:ec:88:cd:fc:26: 7a:27:a8:14:b4:b0:68:9b:fe:45:b0:05:40:f3:e7: 40:8c:59:d2:0b:dc:b3:10:dc:3d:10:82:4a:b3:bc: e0:e6:9b:2b:b5:85:49:4e:00:01:88:00:61:39:b7: e2:55:09:22:d6:b7:3d:42:02:16:2b:49:47:a0:ba: ec:9b:ac:e6:23:e4:84:fe:5c:b1:36:5b:bd:ee:71: 79:b4:79:91:5f:ca:54:eb:87:df:33:67:09:e7:77: 14:29:ae:48:55:50:6c:ab:b4:61:4b:01:65:e5:19: 49:87:75:29:b7:fd:97:31:ae:fc:5a:c7:95:d7:b4: ad:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:91:F6:9A:48:85:15:4E:E2:88:EF:AD:F3:60:C8:DE:C8:44:AE:3D X509v3 Authority Key Identifier: keyid:DB:2C:CC:A8:3D:85:32:88:C5:00:CD:FC:3A:E1:E2:FE:A0:49:F5:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/2yzMqD2FMojFAM38OuHi_qBJ9RQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2yzMqD2FMojFAM38OuHi_qBJ9RQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/2yzMqD2FMojFAM38OuHi_qBJ9RQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:0d:dd:1b:bd:75:f8:f1:a5:50:7f:a3:13:3d:6c:d9:c9:b2: b9:a4:7f:52:52:6b:9e:54:5a:d2:1c:18:d4:16:8a:92:80:e0: 38:45:ef:2a:77:f4:58:5a:f6:bb:4a:5e:d2:cc:3c:29:ef:47: 14:bd:1f:ce:71:1d:51:9b:94:f9:02:1e:61:8a:bf:bb:46:a1: dd:6b:89:a6:fa:2f:e2:f0:d8:ff:cc:b1:4d:c9:a6:9f:bd:7f: b4:89:79:34:b7:4c:15:e5:ba:7f:52:e0:c2:ff:87:a1:2c:d8: e4:c0:e7:4e:b8:91:e2:a4:05:ef:74:28:ff:ca:c4:ec:49:b3: 5d:34:07:6c:a2:2b:e0:6b:8c:85:21:c2:58:de:85:9a:8e:87: 26:78:2d:87:49:5a:c1:45:c9:a1:e6:56:5b:ef:d5:f8:a6:f8: 92:81:e5:da:a4:03:b0:62:ee:8c:95:e1:b4:aa:f2:0f:ba:ec: 31:67:2a:22:af:c4:92:95:3f:c4:b5:4d:83:90:a3:79:4f:f9: 4e:3d:3e:05:ab:6b:b8:6f:c1:95:44:bd:11:53:df:1d:3f:5d: 89:c5:1e:56:f1:d0:70:46:66:4e:0a:2a:c9:e8:4f:5e:45:ca: 36:4d:42:67:ef:49:8e:1a:52:13:7b:4c:ec:f6:0e:ea:1c:33: f6:33:f7:fb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA58wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0QwMEMxMTAvBgNVBAUTKERCMkNDQ0E4M0Q4NTMyODhDNTAwQ0RGQzNBRTFFMkZF QTA0OUY1MTQwHhcNMjUxMjE5MDAwMTA3WhcNMjUxMjI2MDAwMTA3WjAYMRYwFAYD VQQDDA02OTQ0OTVjMy0xNjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsmRw4RuJo2rCUXFaw1JSWitsNt04hYATyt2RIV/5/OQ0VsvEiIWxzU08gJkp k2+Y4gNvtjhZ9RMBls97eKIQZWFYtySE22woVP7LUgt/1UkavY4hBFF0AvxDqMzU gZk+4rfrmdhh50BSe1AScxuqr/BTYxvE/D4IdrQQLBpyBMMM7IjN/CZ6J6gUtLBo m/5FsAVA8+dAjFnSC9yzENw9EIJKs7zg5psrtYVJTgABiABhObfiVQki1rc9QgIW K0lHoLrsm6zmI+SE/lyxNlu97nF5tHmRX8pU64ffM2cJ53cUKa5IVVBsq7RhSwFl 5RlJh3Upt/2XMa78WseV17StyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAyR9ppI hRVO4ojvrfNgyN7IRK49MB8GA1UdIwQYMBaAFNsszKg9hTKIxQDN/Drh4v6gSfUU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDAwQy9DQUE4ODYxRUM2 MDExMUVDOTVGRjFFMTFDNEY5QUUwMi8yeXpNcUQyRk1vakZBTTM4T3VIaV9xQko5 UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJ5ek1xRDJGTW9qRkFNMzhPdUhpX3FCSjlSUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDAwQy9DQUE4ODYxRUM2MDExMUVDOTVGRjFFMTFDNEY5QUUwMi8yeXpNcUQyRk1v akZBTTM4T3VIaV9xQko5UlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGDd0bvXX48aVQf6MTPWzZybK5pH9SUmueVFrSHBjUFoqSgOA4Re8q d/RYWva7Sl7SzDwp70cUvR/OcR1Rm5T5Ah5hir+7RqHda4mm+i/i8Nj/zLFNyaaf vX+0iXk0t0wV5bp/UuDC/4ehLNjkwOdOuJHipAXvdCj/ysTsSbNdNAdsoivga4yF IcJY3oWajocmeC2HSVrBRcmh5lZb79X4pviSgeXapAOwYu6MleG0qvIPuuwxZyoi r8SSlT/EtU2DkKN5T/lOPT4Fq2u4b8GVRL0RU98dP12JxR5W8dBwRmZOCirJ6E9e Rco2TUJn70mOGlITe0zs9g7qHDP2M/f7 -----END CERTIFICATE-----Generated at Fri Dec 19 18:32:07 2025 by rpki-client