This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft File: NXR5DY34KztVHjtwJXG69VqemWE.mft (raw, json) Hash identifier: TZcAiB3sEc7FJBpWLm15LoZpxeTe+s2yGPlcGvuVSck= Subject key identifier: D5:58:37:FF:5B:A7:0F:9D:40:42:BA:81:82:BF:4D:26:56:8D:8A:49 Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 Certificate issuer: /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Certificate serial: F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft Manifest number: ED Signing time: Wed 03 Dec 2025 03:57:59 +0000 Manifest this update: Wed 03 Dec 2025 03:57:59 +0000 Manifest next update: Wed 10 Dec 2025 03:57:59 +0000 Files and hashes: 1: NXR5DY34KztVHjtwJXG69VqemWE.crl (hash: eaH+TlurcQHY5QmRU28Uqs7Kj03mk3x8ma0ox8Kk7+Q=) 2: DA8D1C7EA72311EFBCEB047EC4F9AE02.roa (hash: v8ohmUSHk0fnin1T0AiYUETFghcnt5SEXbq5Yrmd+XU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 03:57:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 249 (0xf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD40B, serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Validity Not Before: Dec 3 03:57:59 2025 GMT Not After : Dec 10 03:57:59 2025 GMT Subject: CN=692fb547-3739 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:86:41:74:35:ee:a8:6e:87:40:0d:16:b3:b7: 12:18:39:6b:7c:4d:45:97:b3:e3:3e:41:a8:3e:f5: 66:f5:3d:b2:ed:bc:5e:0e:9c:27:7a:5f:09:f2:94: c9:c5:31:66:16:76:3c:7e:b9:68:a6:7e:97:f6:7d: ea:b7:67:73:36:a4:12:bc:e9:e2:31:a7:5d:03:c7: 79:8b:bc:5b:94:d2:e2:17:30:6b:00:2d:b7:52:40: d8:f1:1e:dc:13:b0:5a:03:0f:38:95:d4:60:d3:ad: a8:9b:6d:e5:a2:b3:d4:9e:79:2a:a7:be:6d:e9:71: 6c:35:3e:71:9b:e4:9c:14:14:c6:cf:ba:8c:d4:f9: 7d:87:4b:91:13:d9:d2:69:7f:49:a4:57:73:7a:d9: f0:77:d6:39:fd:44:0b:71:53:c8:21:a2:65:7b:37: 67:81:b9:38:08:58:61:34:cc:66:a4:80:2d:2d:bb: 59:9c:00:23:43:55:d1:ab:7a:a5:e1:81:9d:55:74: 8b:83:bd:fb:24:6d:20:7e:82:21:e7:e9:de:60:54: 09:66:05:91:6c:0a:d7:54:bc:0a:1f:fc:4b:81:d3: b4:e3:6c:2c:19:49:b2:ef:58:e3:fe:76:ae:b8:46: 89:ce:c0:90:35:58:e6:dd:38:7f:9e:1a:ae:88:76: 8c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:58:37:FF:5B:A7:0F:9D:40:42:BA:81:82:BF:4D:26:56:8D:8A:49 X509v3 Authority Key Identifier: keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:4c:fe:af:2d:3d:28:54:8a:62:58:7d:9c:72:5b:45:9b:9c: 65:88:6d:9a:93:23:a7:d8:37:f3:2f:42:3a:3b:a2:f4:bb:99: be:88:de:9d:31:c1:f7:90:3e:3d:60:5e:4b:fa:87:cb:9d:02: b0:b8:c6:85:57:28:64:ff:5d:3e:17:b4:69:d0:a8:61:e9:59: ca:97:eb:a4:99:66:e4:e3:ce:5a:5e:c5:8b:4f:26:06:6d:44: c3:f1:20:ec:5c:b3:a0:bf:f2:70:c5:b6:3f:15:ef:d1:7e:1c: 08:17:7d:67:de:ee:31:93:0d:0a:f3:c1:70:95:b0:a6:1f:13: fe:18:91:f2:ce:04:28:b7:15:d3:c9:55:a3:e2:e9:76:2f:cd: 81:46:c9:d1:99:4b:ff:db:3e:75:2b:3d:2f:1f:29:8b:ad:66: 9e:f5:2d:26:a9:34:b8:ce:fa:a3:22:2a:d0:6f:77:c2:d1:c8: 42:bb:b2:57:35:7d:08:b1:1e:1c:07:7c:d5:cf:da:ca:f3:03: 86:a5:8c:95:1f:f2:fb:04:a9:15:3c:c3:42:89:44:08:37:3c: b2:80:e2:b9:fb:29:cd:76:b6:9e:fb:e9:c3:bc:3e:22:a1:a1: 79:91:20:97:53:bb:d2:ea:1c:24:e0:94:53:c3:7e:13:7c:d3: fb:4a:1a:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Q0MEIxMTAvBgNVBAUTKDM1NzQ3OTBEOERGODJCM0I1NTFFM0I3MDI1NzFCQUY1 NUE5RTk5NjEwHhcNMjUxMjAzMDM1NzU5WhcNMjUxMjEwMDM1NzU5WjAYMRYwFAYD VQQDEw02OTJmYjU0Ny0zNzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA14ZBdDXuqG6HQA0Ws7cSGDlrfE1Fl7PjPkGoPvVm9T2y7bxeDpwnel8J8pTJ xTFmFnY8frlopn6X9n3qt2dzNqQSvOniMaddA8d5i7xblNLiFzBrAC23UkDY8R7c E7BaAw84ldRg062om23lorPUnnkqp75t6XFsNT5xm+ScFBTGz7qM1Pl9h0uRE9nS aX9JpFdzetnwd9Y5/UQLcVPIIaJlezdngbk4CFhhNMxmpIAtLbtZnAAjQ1XRq3ql 4YGdVXSLg737JG0gfoIh5+neYFQJZgWRbArXVLwKH/xLgdO042wsGUmy71jj/nau uEaJzsCQNVjm3Th/nhquiHaMoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNVYN/9b pw+dQEK6gYK/TSZWjYpJMB8GA1UdIwQYMBaAFDV0eQ2N+Cs7VR47cCVxuvVanplh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDQwQi82QjVEMkE3Qzg1 NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6dFZIanR3SlhHNjlWcWVt V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1XRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6 dFZIanR3SlhHNjlWcWVtV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqTP6vLT0oVIpiWH2ccltFm5xliG2akyOn2DfzL0I6O6L0u5m+iN6d McH3kD49YF5L+ofLnQKwuMaFVyhk/10+F7Rp0Khh6VnKl+ukmWbk485aXsWLTyYG bUTD8SDsXLOgv/JwxbY/Fe/RfhwIF31n3u4xkw0K88FwlbCmHxP+GJHyzgQotxXT yVWj4ul2L82BRsnRmUv/2z51Kz0vHymLrWae9S0mqTS4zvqjIirQb3fC0chCu7JX NX0IsR4cB3zVz9rK8wOGpYyVH/L7BKkVPMNCiUQINzyygOK5+ynNdrae++nDvD4i oaF5kSCXU7vS6hwk4JRTw34TfNP7Shrl -----END CERTIFICATE-----Generated at Wed Dec 3 14:45:43 2025 by rpki-client