This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft File: BUM8OuqKSXAsmoLuyV0WtVA86mA.mft (raw, json) Hash identifier: jkx+Hk8cSORkqNAjgNvtXl0dfBeYKDVMa+IbPTAVKbM= Subject key identifier: 35:E1:78:6D:71:AC:E6:53:A4:75:34:E5:6F:00:E4:E1:3A:2C:69:DB Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Certificate serial: 0DB7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft Manifest number: 0D95 Signing time: Fri 12 Dec 2025 17:41:22 +0000 Manifest this update: Fri 12 Dec 2025 17:41:21 +0000 Manifest next update: Fri 19 Dec 2025 17:41:21 +0000 Files and hashes: 1: BUM8OuqKSXAsmoLuyV0WtVA86mA.crl (hash: oOmf4C8OveOucLG2sMDWMJ+2MMVr1ZaMs1Rs+tL6ywk=) 2: E6F0F39214CE11EA9E740182C4F9AE02.roa (hash: zpETj3vTU+4JGJFNH2bJangxDJpoV//my0UXRjaLeMk=) 3: 83ECD7C40CCA11ED97820077C4F9AE02.roa (hash: tsWCAJh3hDUuF0jt3mDhnNo48pJ1cTxWnbkE+ZQXBxw=) 4: 1F4E1CC014D311EA81309110C4F9AE02.roa (hash: zPumQuSa3V5Do5kU4HAy8QEzfyGrDVZPMvaKh+jhJxk=) 5: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (hash: BThAKf2icEZsZqpXgnFl9VpqvpRKYGs7e0515Blb0yw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 17:41:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3511 (0xdb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0, serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Validity Not Before: Dec 12 17:41:21 2025 GMT Not After : Dec 19 17:41:21 2025 GMT Subject: CN=693c53c2-68a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b9:1f:4c:d7:a2:97:8e:37:ff:73:5e:e3:77: 04:4f:61:8b:c8:f1:54:f9:dc:1a:53:86:c9:b5:70: 60:13:a3:49:90:f4:0c:e0:17:b7:62:9a:f8:47:2a: ca:c3:09:fb:59:19:8a:d8:f8:a7:ae:e8:cc:c1:3d: b8:90:7c:fb:7f:e3:ba:d3:e8:7d:00:b4:87:45:49: a6:72:f6:c1:4e:48:f2:d3:f4:41:c8:f4:c8:c0:81: e5:79:a7:ab:a8:4f:f5:5a:0d:3a:e5:63:28:d2:3f: a9:ec:0e:90:9b:15:63:85:41:7b:b8:04:fd:19:95: 84:e7:09:71:42:b1:50:ed:96:57:42:37:0c:2e:7a: 26:ea:14:b6:be:90:5d:24:63:26:b0:93:5b:e3:1a: 5a:6a:f6:31:eb:f1:b4:13:5d:c0:3d:8e:ec:c3:b5: 41:fb:d3:80:a9:05:10:78:db:03:83:31:f1:ab:ed: be:68:1f:69:b0:11:1d:77:d5:00:05:19:ee:af:0a: d6:85:34:17:99:c1:e4:6c:6a:35:00:7d:23:f6:2c: 9f:6c:86:a1:35:52:ea:a1:53:af:65:9f:96:e9:cb: 7a:18:d7:fe:00:b8:f4:3a:7c:d4:42:3e:00:37:12: 0c:b1:d7:89:6c:62:62:62:2c:8f:0a:0d:fe:49:13: 8d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:E1:78:6D:71:AC:E6:53:A4:75:34:E5:6F:00:E4:E1:3A:2C:69:DB X509v3 Authority Key Identifier: keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:5b:32:eb:45:9c:49:be:74:bc:68:28:bb:5a:e0:26:fe:01: 91:01:9a:a8:6d:dc:e8:72:23:70:f7:43:8c:7c:73:dd:0f:9a: 07:da:b8:de:d7:4c:1f:b6:28:e3:74:c9:c2:08:3b:bb:8f:6f: 4a:e3:2d:5e:4f:b5:32:0e:6a:28:8c:00:02:5d:cf:10:dc:d1: 23:b5:06:da:11:5c:cb:3d:b5:29:7c:bc:37:5b:22:ab:4b:54: be:b7:5a:9c:94:e2:f2:6d:0c:ef:36:27:3c:39:d7:02:69:2f: 5a:f6:ea:46:38:48:a4:93:fe:9c:52:f2:36:15:86:7e:7a:72: 64:24:8d:70:69:59:16:ac:9b:5a:dd:fd:94:36:b7:ab:2a:67: ee:02:2e:a9:22:72:cf:6a:83:a3:a2:8f:08:2f:66:bf:10:eb: 00:1b:a9:ad:44:3f:86:6b:44:f4:30:07:71:17:f7:00:e8:82: 23:1a:bd:f7:e9:ec:8e:ed:d0:ba:4a:45:ed:e7:df:7e:c7:a9: fb:5d:23:f1:af:62:30:6d:e6:30:aa:07:06:0d:4a:df:79:d2: c9:ca:cb:10:18:21:c4:46:27:65:14:37:35:ac:bf:b3:75:6c: 90:1a:13:f3:e8:4c:3a:3c:08:17:85:33:85:b0:ba:10:04:9c: 87:68:45:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1 NTAzQ0VBNjAwHhcNMjUxMjEyMTc0MTIxWhcNMjUxMjE5MTc0MTIxWjAYMRYwFAYD VQQDDA02OTNjNTNjMi02OGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAubkfTNeil443/3Ne43cET2GLyPFU+dwaU4bJtXBgE6NJkPQM4Be3Ypr4RyrK wwn7WRmK2PinrujMwT24kHz7f+O60+h9ALSHRUmmcvbBTkjy0/RByPTIwIHleaer qE/1Wg065WMo0j+p7A6QmxVjhUF7uAT9GZWE5wlxQrFQ7ZZXQjcMLnom6hS2vpBd JGMmsJNb4xpaavYx6/G0E13APY7sw7VB+9OAqQUQeNsDgzHxq+2+aB9psBEdd9UA BRnurwrWhTQXmcHkbGo1AH0j9iyfbIahNVLqoVOvZZ+W6ct6GNf+ALj0OnzUQj4A NxIMsdeJbGJiYiyPCg3+SRONyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDXheG1x rOZTpHU05W8A5OE6LGnbMB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2 bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZBMC8xNTBCRjY5MEQ4Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NY QXNtb0x1eVYwV3RWQTg2bUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAUWzLrRZxJvnS8aCi7WuAm/gGRAZqobdzociNw90OMfHPdD5oH2rje 10wftijjdMnCCDu7j29K4y1eT7UyDmoojAACXc8Q3NEjtQbaEVzLPbUpfLw3WyKr S1S+t1qclOLybQzvNic8OdcCaS9a9upGOEikk/6cUvI2FYZ+enJkJI1waVkWrJta 3f2UNrerKmfuAi6pInLPaoOjoo8IL2a/EOsAG6mtRD+Ga0T0MAdxF/cA6IIjGr33 6eyO7dC6SkXt599+x6n7XSPxr2IwbeYwqgcGDUrfedLJyssQGCHERidlFDc1rL+z dWyQGhPz6Ew6PAgXhTOFsLoQBJyHaEVA -----END CERTIFICATE-----Generated at Sun Dec 14 12:09:56 2025 by rpki-client