This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft File: -iKAHFKuKl_EkbfL6-aO_KLI0dk.mft (raw, json) Hash identifier: Wa0sWu4NVHrcdjRLxAfGjoOGqXmb+4Gq2zx4zy2cOG4= Subject key identifier: 9C:9C:83:91:80:54:C1:AE:15:76:99:BE:AA:62:8E:64:96:82:F5:F4 Authority key identifier: FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 Certificate issuer: /CN=A91D837B/serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Certificate serial: BF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft Manifest number: BE Signing time: Fri 19 Dec 2025 05:04:36 +0000 Manifest this update: Fri 19 Dec 2025 05:04:36 +0000 Manifest next update: Fri 26 Dec 2025 05:04:36 +0000 Files and hashes: 1: -iKAHFKuKl_EkbfL6-aO_KLI0dk.crl (hash: TIdVHBgbpEwFW8HPhj88cSu4mFd/E4k5pRptFKeiXNg=) 2: 8F7DFE66C96E11EF98B64E15C4F9AE02.roa (hash: NJttL+qjjIMKQduatRuB9wCf9GQJviKk9JlU07XKUgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 05:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 191 (0xbf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D837B, serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Validity Not Before: Dec 19 05:04:36 2025 GMT Not After : Dec 26 05:04:36 2025 GMT Subject: CN=6944dce4-664d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:d4:62:2a:fb:f2:01:d9:09:f2:2d:ce:a2:7c: b4:82:4d:2c:cf:bc:6d:83:55:76:c4:8e:30:90:93: 01:13:b7:0a:e4:c3:af:c3:7d:7a:89:64:3d:12:bf: c3:1d:f5:72:ef:70:9c:d8:1c:bf:bf:cc:53:bd:fb: e9:7b:87:08:88:f1:12:e6:8f:03:92:81:4d:5c:26: 47:ca:a5:b3:19:c4:00:0a:55:b4:6d:7d:94:d7:bb: be:ed:3f:05:74:d2:cd:17:df:0e:2d:4d:52:c9:1b: 2f:fc:3c:a7:b2:38:5c:ec:52:da:9d:6c:f2:50:e3: df:21:99:6d:77:82:e0:88:b5:9f:ab:a0:c4:f2:3f: b5:a6:04:b9:d3:e0:2a:46:26:70:e1:b1:c6:7b:03: d0:6a:cf:b8:07:1e:d2:ba:04:56:a8:a1:5b:c8:ef: 68:f9:cc:03:49:19:d5:59:f5:66:56:94:a9:38:9a: 77:c2:26:97:e3:58:2d:88:af:02:6c:7d:b7:8b:93: 5a:7a:08:1e:73:2a:2e:29:ee:fa:4b:a4:84:9d:4d: 8f:e7:85:8b:ad:95:dc:d8:6c:49:a3:9b:fd:3f:bf: f0:14:e0:88:99:5a:51:d0:5d:78:80:2e:a3:32:eb: cc:21:59:e9:d9:79:a6:1e:b1:fa:ea:ef:ee:9d:7f: 9a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:9C:83:91:80:54:C1:AE:15:76:99:BE:AA:62:8E:64:96:82:F5:F4 X509v3 Authority Key Identifier: keyid:FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:df:e8:bd:ba:d1:bb:89:a4:7a:85:3a:99:4b:02:07:ac:2f: e4:b7:5c:95:dd:bc:e0:a0:30:03:9c:8d:bd:10:54:ba:08:8c: 8f:fb:19:bf:1d:80:42:72:5e:7b:e7:89:c2:1b:66:be:57:7a: 3b:fb:b8:ee:56:13:67:fd:de:e8:ce:d9:45:be:9b:b0:c3:56: 91:3b:32:95:43:78:bd:7f:07:7a:06:3b:1d:fd:1c:08:40:15: 21:68:3e:4b:fb:ff:a7:15:65:ab:6c:7a:48:77:d8:70:50:ce: d4:d9:ca:b1:d8:ed:0e:78:c4:57:0b:b9:c7:05:80:2b:76:b1: df:89:8d:10:39:c0:3f:20:2e:01:8b:4a:1e:e9:4c:4b:d5:fa: 74:94:9a:09:36:54:94:1e:8d:50:72:9b:23:48:f7:50:52:53: e5:22:5e:b1:d7:19:55:51:80:48:5e:ea:cf:06:2d:db:eb:85: 41:18:e1:e7:3c:e3:4e:1d:61:5b:72:30:0d:db:a4:7b:85:c8: 89:ca:d9:5c:54:6c:af:e5:ff:d7:2e:68:6b:19:36:b8:9b:6e: 01:a1:c5:99:c2:ee:e0:ad:87:ed:0d:47:99:16:72:0d:10:4f: 2a:dd:a6:ce:3f:47:a7:0f:f1:94:bc:e2:7a:e9:2c:ba:fd:f9: 15:74:8d:08 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzN0IxMTAvBgNVBAUTKEZBMjI4MDFDNTJBRTJBNUZDNDkxQjdDQkVCRTY4RUZD QTJDOEQxRDkwHhcNMjUxMjE5MDUwNDM2WhcNMjUxMjI2MDUwNDM2WjAYMRYwFAYD VQQDDA02OTQ0ZGNlNC02NjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAntRiKvvyAdkJ8i3Oony0gk0sz7xtg1V2xI4wkJMBE7cK5MOvw316iWQ9Er/D HfVy73Cc2By/v8xTvfvpe4cIiPES5o8DkoFNXCZHyqWzGcQAClW0bX2U17u+7T8F dNLNF98OLU1SyRsv/Dynsjhc7FLanWzyUOPfIZltd4LgiLWfq6DE8j+1pgS50+Aq RiZw4bHGewPQas+4Bx7SugRWqKFbyO9o+cwDSRnVWfVmVpSpOJp3wiaX41gtiK8C bH23i5NaeggecyouKe76S6SEnU2P54WLrZXc2GxJo5v9P7/wFOCImVpR0F14gC6j MuvMIVnp2XmmHrH66u/unX+aLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJycg5GA VMGuFXaZvqpijmSWgvX0MB8GA1UdIwQYMBaAFPoigBxSripfxJG3y+vmjvyiyNHZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODM3Qi8xNThEN0YzQ0I5 OUMxMUVGOTYzOEY3NjlDNEY5QUUwMi8taUtBSEZLdUtsX0VrYmZMNi1hT19LTEkw ZGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1pS0FIRkt1S2xfRWtiZkw2LWFPX0tMSTBkay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODM3Qi8xNThEN0YzQ0I5OUMxMUVGOTYzOEY3NjlDNEY5QUUwMi8taUtBSEZLdUts X0VrYmZMNi1hT19LTEkwZGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAX3+i9utG7iaR6hTqZSwIHrC/kt1yV3bzgoDADnI29EFS6CIyP+xm/ HYBCcl5754nCG2a+V3o7+7juVhNn/d7oztlFvpuww1aROzKVQ3i9fwd6Bjsd/RwI QBUhaD5L+/+nFWWrbHpId9hwUM7U2cqx2O0OeMRXC7nHBYArdrHfiY0QOcA/IC4B i0oe6UxL1fp0lJoJNlSUHo1QcpsjSPdQUlPlIl6x1xlVUYBIXurPBi3b64VBGOHn PONOHWFbcjAN26R7hciJytlcVGyv5f/XLmhrGTa4m24BocWZwu7grYftDUeZFnIN EE8q3abOP0enD/GUvOJ66Sy6/fkVdI0I -----END CERTIFICATE-----Generated at Sat Dec 20 14:03:21 2025 by rpki-client