This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: J3b8OziAQXLJFhyDeAxSaeBznRO8Ywm4VafqumwhCsc= Subject key identifier: C5:7E:33:26:CB:CF:41:D0:EF:5C:4D:B1:52:AB:8E:21:04:0E:B5:07 Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0AF9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2C18 Signing time: Mon 22 Dec 2025 15:45:12 +0000 Manifest this update: Mon 22 Dec 2025 15:45:11 +0000 Manifest next update: Mon 29 Dec 2025 15:45:11 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: +zQB+n01MQYUzS4AoUgyVxpLFSvPBp++OI7t6bZjdIM=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 15:45:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2809 (0xaf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: Dec 22 15:45:11 2025 GMT Not After : Dec 29 15:45:11 2025 GMT Subject: CN=69496787-6c4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:40:05:e2:db:d3:18:bc:b0:7c:e8:5d:aa:bd: d0:e0:da:39:ff:33:44:52:fc:a1:03:de:52:3f:9a: 6a:4b:55:a2:aa:4f:2e:fb:8d:2d:31:76:3f:6b:26: bd:e1:77:69:85:9e:79:55:2c:2f:90:29:1c:96:10: af:7f:1b:6b:11:fa:16:f9:90:8e:27:b2:57:d5:37: 23:bf:c0:aa:dc:61:2d:55:47:7c:f5:76:28:43:10: 27:e7:ef:95:3f:e0:35:9e:3b:52:97:37:f9:14:21: 82:1c:cd:f2:3c:63:bc:5f:51:00:38:01:ba:7a:ab: 9f:f2:93:11:5b:23:22:92:a8:f7:46:c3:eb:b4:89: 45:30:47:de:d5:1d:4b:f0:98:1f:c8:14:d2:a8:36: 6d:ba:a2:57:1f:a0:4e:67:88:e8:37:5c:3c:f5:be: 76:ad:fb:a3:28:d2:65:ee:5a:77:6a:4f:c5:81:1b: 7f:ed:01:55:1a:41:b6:b8:4e:76:09:ae:dc:25:fe: b4:bd:9e:d4:1f:e0:b9:f4:43:f7:04:15:87:71:a8: ef:f2:e9:e1:7e:98:6a:c0:94:d7:33:64:65:7f:07: 32:55:96:03:7a:b6:c1:b5:ad:04:ec:af:5c:30:e4: a1:28:33:ac:96:95:59:96:1c:09:6e:0e:47:50:ea: b6:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:7E:33:26:CB:CF:41:D0:EF:5C:4D:B1:52:AB:8E:21:04:0E:B5:07 X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:8e:4e:1f:ef:32:ac:b2:76:29:93:96:5f:98:d9:71:41:d6: 7a:9b:b0:e8:2b:72:82:bd:24:b3:45:8b:23:71:f6:f3:e8:11: 81:1f:bb:7a:59:39:1c:05:2e:c7:48:3b:f7:ee:ac:ea:1a:a7: 29:5a:aa:77:a1:63:17:5f:e6:f7:44:e7:f0:66:e9:1c:7c:2f: bb:9b:71:2e:0d:4c:60:df:9c:3b:98:5a:91:89:73:c4:57:a3: ef:38:24:91:47:89:c3:c7:49:9a:80:4a:f4:cb:82:c6:3b:ea: 1e:b5:19:ce:74:bd:93:c1:cf:e7:29:6b:87:f2:11:33:82:f5: 5f:47:6b:d9:53:99:f2:72:49:65:c8:eb:48:2c:51:c5:dc:f0: 77:ee:ad:d0:59:66:44:d6:e9:d2:50:86:16:f7:88:9c:d3:09: 3e:6b:0d:61:c1:a0:ec:7a:74:2d:a8:64:d5:d3:2d:1d:e8:d1: a4:3f:5a:87:43:ce:2b:60:df:bd:39:f1:22:b3:28:6b:31:9c: b1:8d:9c:5b:fe:1c:7c:ab:7c:39:8c:81:92:85:d9:15:9f:95: 24:04:64:cd:16:62:a1:11:61:d2:48:b5:54:be:b5:4b:a8:72: d1:74:f9:3c:6f:67:c9:a7:ce:a3:6d:58:b9:14:d8:92:f4:06: 56:c7:cf:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUxMjIyMTU0NTExWhcNMjUxMjI5MTU0NTExWjAYMRYwFAYD VQQDDA02OTQ5Njc4Ny02YzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx0AF4tvTGLywfOhdqr3Q4No5/zNEUvyhA95SP5pqS1Wiqk8u+40tMXY/aya9 4XdphZ55VSwvkCkclhCvfxtrEfoW+ZCOJ7JX1Tcjv8Cq3GEtVUd89XYoQxAn5++V P+A1njtSlzf5FCGCHM3yPGO8X1EAOAG6equf8pMRWyMikqj3RsPrtIlFMEfe1R1L 8JgfyBTSqDZtuqJXH6BOZ4joN1w89b52rfujKNJl7lp3ak/FgRt/7QFVGkG2uE52 Ca7cJf60vZ7UH+C59EP3BBWHcajv8unhfphqwJTXM2RlfwcyVZYDerbBta0E7K9c MOShKDOslpVZlhwJbg5HUOq2YQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMV+MybL z0HQ71xNsVKrjiEEDrUHMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1jk4f7zKssnYpk5ZfmNlxQdZ6m7DoK3KCvSSzRYsjcfbz6BGBH7t6 WTkcBS7HSDv37qzqGqcpWqp3oWMXX+b3ROfwZukcfC+7m3EuDUxg35w7mFqRiXPE V6PvOCSRR4nDx0magEr0y4LGO+oetRnOdL2Twc/nKWuH8hEzgvVfR2vZU5nyckll yOtILFHF3PB37q3QWWZE1unSUIYW94ic0wk+aw1hwaDsenQtqGTV0y0d6NGkP1qH Q84rYN+9OfEisyhrMZyxjZxb/hx8q3w5jIGShdkVn5UkBGTNFmKhEWHSSLVUvrVL qHLRdPk8b2fJp86jbVi5FNiS9AZWx897 -----END CERTIFICATE-----Generated at Wed Dec 24 16:01:11 2025 by rpki-client