This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft File: tkP-swMnQhSPOvnDU5M41VSTcig.mft (raw, json) Hash identifier: 8f3PBfmbcbfyPHTqvD5C/36P9LWSaIz4pU0oWBsXhRo= Subject key identifier: 8F:EF:2B:CA:8B:BC:0E:B6:75:8D:68:F7:04:7B:0D:11:73:D1:43:EB Authority key identifier: B6:43:FE:B3:03:27:42:14:8F:3A:F9:C3:53:93:38:D5:54:93:72:28 Certificate issuer: /CN=A91CD0DE/serialNumber=B643FEB3032742148F3AF9C3539338D554937228 Certificate serial: 1B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft Manifest number: 1A Signing time: Wed 03 Dec 2025 05:59:15 +0000 Manifest this update: Wed 03 Dec 2025 05:59:14 +0000 Manifest next update: Wed 10 Dec 2025 05:59:14 +0000 Files and hashes: 1: tkP-swMnQhSPOvnDU5M41VSTcig.crl (hash: lkCS3vI5HVqdo4aPSqC96n3HaG4MIZJU+1MDzIzrfXw=) 2: 341BBBECA99411F093BBAA15C4F9AE02.roa (hash: TNOMyUTzIQDmtZMNg4RAepXI8EHziIAFioU9/cJC+ek=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.crl rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 05:59:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27 (0x1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD0DE, serialNumber=B643FEB3032742148F3AF9C3539338D554937228 Validity Not Before: Dec 3 05:59:14 2025 GMT Not After : Dec 10 05:59:14 2025 GMT Subject: CN=692fd1b3-6606 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:3f:94:b9:c7:31:27:cd:f2:1d:0b:66:dd:8f: 12:5f:b4:f5:93:aa:a5:f1:91:cc:6b:0f:e0:cf:7e: 49:e1:9f:46:92:9f:1f:1d:9b:30:0a:83:17:ca:8c: 9f:9e:0e:a3:11:de:6f:a7:f0:a7:b9:95:36:4f:97: c6:5d:93:fc:83:fe:e5:19:69:93:3f:c3:e6:02:d2: e5:b1:ac:2a:c3:11:71:c2:25:ea:0f:b2:4f:1e:5e: 30:47:bc:db:92:a6:76:26:65:f9:3b:25:eb:28:0b: 86:d5:a7:37:6b:bc:10:cd:9f:e6:c8:68:bd:ca:3f: e1:13:42:a3:58:e8:c9:bb:af:5e:65:c3:a2:f8:3d: ae:f1:06:2d:a5:58:40:b4:eb:a2:89:a7:ca:6f:b5: d2:c8:b8:88:2f:5b:ec:e1:83:ee:b5:b2:84:2a:91: 07:a4:ac:5f:b4:ff:46:22:b5:95:74:30:3e:37:6b: 5a:6f:a2:2f:36:c8:cc:98:dd:d9:4c:9c:81:9d:c7: 66:e1:ce:66:29:b8:ab:c4:2d:80:c5:c1:2d:88:3c: 80:ee:d3:08:33:c6:98:92:9a:5a:6a:cc:0e:4b:0a: 50:19:e7:b8:0a:7a:bc:0a:63:f4:e9:c2:c5:c6:d4: 33:f9:c7:c2:78:24:8a:74:66:c1:fe:d4:a4:e4:9d: c4:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:EF:2B:CA:8B:BC:0E:B6:75:8D:68:F7:04:7B:0D:11:73:D1:43:EB X509v3 Authority Key Identifier: keyid:B6:43:FE:B3:03:27:42:14:8F:3A:F9:C3:53:93:38:D5:54:93:72:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:86:cd:a7:e2:2d:29:f8:a6:95:75:a1:19:27:ad:9a:6f:d9: fe:30:b6:af:c8:c1:55:8d:1f:22:40:55:e3:25:8c:05:62:15: 40:9c:b9:ab:9e:4d:c5:f2:3d:eb:fd:02:f2:fa:28:ad:dd:79: 07:57:f6:2f:56:11:5d:4b:6b:f0:66:3b:b8:00:40:96:bb:c5: 71:9b:dd:63:bd:b7:11:35:1f:cf:15:80:76:69:99:ee:5f:7b: 4b:3b:be:43:4c:6b:58:fb:29:0e:8e:d1:50:d8:e3:96:d9:9a: 69:89:24:15:0e:d9:c9:d7:24:ec:a8:cd:94:70:77:16:04:8f: 8a:a2:18:35:e7:2c:2b:d7:de:da:ad:4b:f3:e7:c5:07:61:4c: 7a:8f:62:5a:43:47:1d:07:96:9a:9e:09:1a:89:97:9a:87:1d: 6a:4c:0e:8b:8d:50:0a:b0:67:98:53:20:9f:24:29:72:22:17: 44:a1:3a:a6:9f:41:4b:8c:25:9c:23:01:d0:2f:09:ea:ef:ae: 2d:6a:f1:f6:4e:b6:89:ad:ad:6d:41:7d:d0:d3:ab:bb:e5:fd: d5:45:1e:6e:9e:f4:d2:29:98:1a:f1:7e:75:51:f2:cb:da:f7: 9e:e7:14:2d:7f:a5:3d:74:be:84:cd:9b:96:47:7a:f9:25:9b: d9:81:29:f5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDBERTExMC8GA1UEBRMoQjY0M0ZFQjMwMzI3NDIxNDhGM0FGOUMzNTM5MzM4RDU1 NDkzNzIyODAeFw0yNTEyMDMwNTU5MTRaFw0yNTEyMTAwNTU5MTRaMBgxFjAUBgNV BAMTDTY5MmZkMWIzLTY2MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAP5S5xzEnzfIdC2bdjxJftPWTqqXxkcxrD+DPfknhn0aSnx8dmzAKgxfKjJ+e DqMR3m+n8Ke5lTZPl8Zdk/yD/uUZaZM/w+YC0uWxrCrDEXHCJeoPsk8eXjBHvNuS pnYmZfk7JesoC4bVpzdrvBDNn+bIaL3KP+ETQqNY6Mm7r15lw6L4Pa7xBi2lWEC0 66KJp8pvtdLIuIgvW+zhg+61soQqkQekrF+0/0YitZV0MD43a1pvoi82yMyY3dlM nIGdx2bhzmYpuKvELYDFwS2IPIDu0wgzxpiSmlpqzA5LClAZ57gKerwKY/TpwsXG 1DP5x8J4JIp0ZsH+1KTkncTRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUj+8ryou8 DrZ1jWj3BHsNEXPRQ+swHwYDVR0jBBgwFoAUtkP+swMnQhSPOvnDU5M41VSTcigw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMERFLzRGNzY5RDU4QTk4 RjExRjBCMUZBNTA2NkM0RjlBRTAyL3RrUC1zd01uUWhTUE92bkRVNU00MVZTVGNp Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdGtQLXN3TW5RaFNQT3ZuRFU1TTQxVlNUY2lnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNE MERFLzRGNzY5RDU4QTk4RjExRjBCMUZBNTA2NkM0RjlBRTAyL3RrUC1zd01uUWhT UE92bkRVNU00MVZTVGNpZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIqGzafiLSn4ppV1oRknrZpv2f4wtq/IwVWNHyJAVeMljAViFUCcuaue TcXyPev9AvL6KK3deQdX9i9WEV1La/BmO7gAQJa7xXGb3WO9txE1H88VgHZpme5f e0s7vkNMa1j7KQ6O0VDY45bZmmmJJBUO2cnXJOyozZRwdxYEj4qiGDXnLCvX3tqt S/PnxQdhTHqPYlpDRx0HlpqeCRqJl5qHHWpMDouNUAqwZ5hTIJ8kKXIiF0ShOqaf QUuMJZwjAdAvCervri1q8fZOtomtrW1BfdDTq7vl/dVFHm6e9NIpmBrxfnVR8sva 957nFC1/pT10voTNm5ZHevklm9mBKfU= -----END CERTIFICATE-----Generated at Wed Dec 3 13:58:25 2025 by rpki-client