This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft File: xOTw2gEK9YY3zFlihHHpmLckPFI.mft (raw, json) Hash identifier: 2KAT2UY3kFVI5G1Q+D6dA09Kk9cZhexXTuCcZAIHWgs= Subject key identifier: 41:8C:63:C2:8D:A3:EF:30:E1:B3:BD:82:73:1B:65:20:FD:55:77:22 Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 0967 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft Manifest number: 094D Signing time: Sun 14 Dec 2025 19:38:43 +0000 Manifest this update: Sun 14 Dec 2025 19:38:43 +0000 Manifest next update: Sun 21 Dec 2025 19:38:43 +0000 Files and hashes: 1: xOTw2gEK9YY3zFlihHHpmLckPFI.crl (hash: EL9s2YQUHNIQTZqpsLCt+sHkqo9TWfX3w1fZ5Y/trDY=) 2: 863670328FD011EEB6FFC636C4F9AE02.roa (hash: PnqDvM4vjQdsVy80UhznbWoKhp/dlqh33E+GG+RU+dk=) 3: 5353EA28781F11EEBA05B17FC4F9AE02.roa (hash: Del+9YrkACA6yrhYJeSPVVuh01l/16gJ82iy69S9BRo=) 4: F4E74AA8B99911EF9A0C3B63C4F9AE02.roa (hash: Ci305f1V47fRIRqmqjLy+EIi8DLnLoGCGpVVZ48v10E=) 5: 03706138786411EC8624EB12C4F9AE02.roa (hash: qKXv165pzdK/WBxXfxqKy/V+953i+G1rFbe37yvanHk=) 6: 6A6E4770A10F11EF840C2548C4F9AE02.roa (hash: lvX9qWs0U9FJpaiKhdFBFudNcs3mWD37dbOmEs33Njk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 19:38:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2407 (0x967) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: Dec 14 19:38:43 2025 GMT Not After : Dec 21 19:38:43 2025 GMT Subject: CN=693f1243-ad5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:19:98:1e:ad:b0:07:00:ef:ce:07:2e:bd:93: 8c:d3:37:f4:70:3d:44:55:92:dc:0c:0a:37:3f:38: 3f:a6:20:de:81:76:74:df:05:91:17:85:3d:0a:ce: 8f:46:e8:19:2a:25:ba:72:3d:c3:d6:32:94:51:91: 6c:93:9a:4c:16:95:ac:12:3a:9a:ce:e5:d0:b1:8b: 86:29:a0:01:80:fd:1a:73:06:09:f7:22:3e:b5:bf: 02:3f:21:9d:3c:5c:b0:16:97:8c:63:0e:69:31:79: 1f:58:61:8d:39:4b:7f:0d:25:6d:b3:90:f2:8f:2f: 27:6b:8d:0e:a0:36:d1:9a:d6:bd:8b:7a:3d:dd:72: fe:3c:1a:d8:f3:85:55:2c:55:2b:ff:f9:49:68:9e: 73:1f:1b:8e:fc:15:d9:71:8f:3c:35:d2:1d:da:a0: 59:c3:eb:0c:1c:3b:95:b1:7f:9c:1a:9f:45:28:6b: bd:8f:1b:94:6b:5f:1c:04:af:98:98:45:20:c8:ff: b6:fb:f5:8b:63:c9:a6:ab:12:7d:76:0d:c8:6a:db: e2:de:d6:ca:13:cc:08:62:4e:70:19:6c:24:3c:21: 7b:f8:08:25:b4:30:44:7d:fc:c2:6e:fa:dd:1d:f3: e1:9d:22:64:4b:03:b8:d9:ba:fb:d4:01:5b:d1:25: 86:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:8C:63:C2:8D:A3:EF:30:E1:B3:BD:82:73:1B:65:20:FD:55:77:22 X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:9a:d0:db:21:ef:ee:02:a2:65:f8:a6:8c:4e:12:f6:80:78: 11:29:26:58:96:63:7c:37:df:5e:8d:50:9a:c4:c4:52:62:70: 89:4f:0a:08:30:20:2a:48:f0:71:3a:84:05:dd:de:54:f0:15: 37:d8:c3:84:05:f0:d9:6c:cc:7e:c2:c7:8f:c9:68:2a:53:5b: b0:41:06:1e:10:76:11:e6:06:69:29:6d:fd:ba:a3:e2:ba:59: 21:47:34:d2:f2:a6:2a:91:85:20:f7:bf:38:81:3a:bb:27:a0: 97:ba:3b:d2:6c:6f:23:a2:71:d3:c2:f1:1a:8a:33:be:95:3c: be:c4:e7:25:c3:92:0d:c2:67:f9:1e:0d:a5:d8:41:ea:66:a7: a0:60:61:e4:ae:b9:c9:76:92:71:ee:36:ea:a5:7b:b0:d5:40: d8:60:ca:86:e7:c9:37:d8:ed:57:8e:5c:69:eb:3f:bc:fa:ba: 0d:ea:5d:c5:13:48:46:4f:eb:e2:2c:1c:d1:1c:67:92:fd:13: 0d:94:36:95:e4:d9:be:76:b5:ac:ed:5d:97:2e:b3:36:53:8f: 56:9f:95:c5:bd:96:d3:e4:09:fe:6f:a7:ff:fd:0a:50:83:d0: be:fd:d4:7f:9c:48:12:75:7c:e9:9d:02:05:2c:f0:31:55:21: 4e:6b:a4:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjUxMjE0MTkzODQzWhcNMjUxMjIxMTkzODQzWjAYMRYwFAYD VQQDDA02OTNmMTI0My1hZDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsxmYHq2wBwDvzgcuvZOM0zf0cD1EVZLcDAo3Pzg/piDegXZ03wWRF4U9Cs6P RugZKiW6cj3D1jKUUZFsk5pMFpWsEjqazuXQsYuGKaABgP0acwYJ9yI+tb8CPyGd PFywFpeMYw5pMXkfWGGNOUt/DSVts5Dyjy8na40OoDbRmta9i3o93XL+PBrY84VV LFUr//lJaJ5zHxuO/BXZcY88NdId2qBZw+sMHDuVsX+cGp9FKGu9jxuUa18cBK+Y mEUgyP+2+/WLY8mmqxJ9dg3Iatvi3tbKE8wIYk5wGWwkPCF7+AgltDBEffzCbvrd HfPhnSJkSwO42br71AFb0SWGgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEGMY8KN o+8w4bO9gnMbZSD9VXciMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZ WTN6RmxpaEhIcG1MY2tQRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/mtDbIe/uAqJl+KaMThL2gHgRKSZYlmN8N99ejVCaxMRSYnCJTwoI MCAqSPBxOoQF3d5U8BU32MOEBfDZbMx+wsePyWgqU1uwQQYeEHYR5gZpKW39uqPi ulkhRzTS8qYqkYUg9784gTq7J6CXujvSbG8jonHTwvEaijO+lTy+xOclw5INwmf5 Hg2l2EHqZqegYGHkrrnJdpJx7jbqpXuw1UDYYMqG58k32O1Xjlxp6z+8+roN6l3F E0hGT+viLBzRHGeS/RMNlDaV5Nm+drWs7V2XLrM2U49Wn5XFvZbT5An+b6f//QpQ g9C+/dR/nEgSdXzpnQIFLPAxVSFOa6TK -----END CERTIFICATE-----Generated at Tue Dec 16 10:57:10 2025 by rpki-client