This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: ra4sGKJoRhZJONGDPA+iKGcAJOW7lywZoEwfUANkzBU= Subject key identifier: 37:25:AC:A2:6D:6F:3A:E0:93:EC:2A:83:48:82:09:96:01:B4:44:BE Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 02A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 029E Signing time: Tue 23 Dec 2025 00:30:21 +0000 Manifest this update: Tue 23 Dec 2025 00:30:20 +0000 Manifest next update: Tue 30 Dec 2025 00:30:20 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: Utu5zauGd7X76vjB6sotnlTTpUixj+24GbqrN1Een9A=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: EUxX4jfQlcU/1uY0IOylmxYMPcoOQVgae213RHQG1Xc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 00:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 674 (0x2a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A, serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: Dec 23 00:30:20 2025 GMT Not After : Dec 30 00:30:20 2025 GMT Subject: CN=6949e29d-d219 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:db:cd:6c:f9:4a:c8:46:ba:4b:4d:50:e2:6f: 97:63:bd:0c:5d:d2:03:f1:34:24:2d:58:f3:c4:b7: 49:b5:8c:39:f7:05:42:6a:d6:ed:b3:3d:18:58:ae: d5:a6:99:ba:8b:c0:a6:c0:6e:91:01:70:32:b9:8c: 37:40:35:c6:b3:b8:d7:98:2e:c9:1d:97:fb:bc:30: 9b:dd:5d:52:79:17:57:f8:1e:5c:d7:11:b0:9d:19: 4e:bc:7d:7f:38:65:2c:07:1e:c9:0d:38:41:a2:60: 61:98:ac:e4:c4:5c:4d:da:29:64:5c:b0:87:a9:31: db:6a:6b:98:7b:cb:44:76:4a:ba:9c:9c:bb:16:33: a4:ab:ae:77:16:d9:b1:9e:7c:39:03:9b:9b:f5:70: f6:b2:ef:38:06:c0:cb:92:69:bf:8d:8b:fc:45:63: e9:50:2b:74:98:d0:55:24:d8:b8:1b:ff:fb:f9:db: 44:98:b8:e5:b2:c0:72:e1:be:7a:21:23:55:87:c8: 6c:82:f8:35:91:d3:74:af:0a:19:ca:e4:dc:df:b5: 9d:56:fc:d1:e5:5d:74:10:61:4e:3c:53:4a:e1:55: 02:fd:0b:b2:10:9e:1d:d1:da:09:b8:87:bb:4c:be: 16:02:8d:4b:db:64:c1:dd:78:93:91:cf:0b:3b:8e: 63:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:25:AC:A2:6D:6F:3A:E0:93:EC:2A:83:48:82:09:96:01:B4:44:BE X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:c0:1b:85:b2:83:e1:7e:80:c1:83:87:68:2e:d5:cf:08:d9: 31:44:97:7e:fa:84:29:41:6c:6f:c2:3b:e6:e3:5a:68:68:33: 47:cc:69:70:45:7c:05:96:0b:e3:65:c6:12:73:f3:94:48:b0: 89:a7:5e:dc:16:85:20:ac:7d:d7:78:3c:1c:41:26:7b:74:ec: 07:af:22:08:03:7d:35:22:25:5f:3a:0e:c4:27:58:5f:a3:d5: 26:7f:31:77:4c:b7:b9:4d:98:d7:d0:a2:7a:79:ed:29:56:5e: 76:0c:a0:35:0f:b3:cb:81:55:77:eb:35:3b:e7:0f:5e:d6:a0: d3:db:8f:24:5e:92:5f:06:1e:a3:cc:16:58:5a:3a:fd:9b:3e: 66:4f:be:a7:d2:74:95:df:b4:09:88:ac:1c:ae:de:7c:91:b9: 15:c8:92:39:dc:c5:6b:c7:a2:d7:78:cd:db:45:00:95:9b:b2: b5:53:72:3c:ff:ff:c6:1e:fa:1c:cc:d3:1c:24:f8:31:af:3c: 54:22:f9:da:71:97:70:54:bb:00:de:7e:e2:96:8a:b0:a7:35: 0a:77:3a:cc:e3:70:45:e1:f4:bd:a4:97:43:a5:3d:5d:3a:8e: 1c:53:38:6d:89:8a:f5:0b:a3:92:4b:3c:83:4e:a9:42:a6:03: ac:c2:39:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjUxMjIzMDAzMDIwWhcNMjUxMjMwMDAzMDIwWjAYMRYwFAYD VQQDDA02OTQ5ZTI5ZC1kMjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxNvNbPlKyEa6S01Q4m+XY70MXdID8TQkLVjzxLdJtYw59wVCatbtsz0YWK7V ppm6i8CmwG6RAXAyuYw3QDXGs7jXmC7JHZf7vDCb3V1SeRdX+B5c1xGwnRlOvH1/ OGUsBx7JDThBomBhmKzkxFxN2ilkXLCHqTHbamuYe8tEdkq6nJy7FjOkq653Ftmx nnw5A5ub9XD2su84BsDLkmm/jYv8RWPpUCt0mNBVJNi4G//7+dtEmLjlssBy4b56 ISNVh8hsgvg1kdN0rwoZyuTc37WdVvzR5V10EGFOPFNK4VUC/QuyEJ4d0doJuIe7 TL4WAo1L22TB3XiTkc8LO45jFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDclrKJt bzrgk+wqg0iCCZYBtES+MB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6wBuFsoPhfoDBg4doLtXPCNkxRJd++oQpQWxvwjvm41poaDNHzGlw RXwFlgvjZcYSc/OUSLCJp17cFoUgrH3XeDwcQSZ7dOwHryIIA301IiVfOg7EJ1hf o9UmfzF3TLe5TZjX0KJ6ee0pVl52DKA1D7PLgVV36zU75w9e1qDT248kXpJfBh6j zBZYWjr9mz5mT76n0nSV37QJiKwcrt58kbkVyJI53MVrx6LXeM3bRQCVm7K1U3I8 ///GHvoczNMcJPgxrzxUIvnacZdwVLsA3n7iloqwpzUKdzrM43BF4fS9pJdDpT1d Oo4cUzhtiYr1C6OSSzyDTqlCpgOswjnf -----END CERTIFICATE-----Generated at Wed Dec 24 14:10:35 2025 by rpki-client