This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft File: 4Y0K0YMT4gIg3qG4cW37310JzPg.mft (raw, json) Hash identifier: dnlNGCz77EqbenK9t8p4gpKeAlV/RziCgn1DLDHU6Vg= Subject key identifier: 4F:B0:02:DE:DC:84:5B:E4:21:FD:BA:6A:D5:58:87:89:B0:2E:C5:33 Authority key identifier: E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 Certificate issuer: /CN=A91DBB66/serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Certificate serial: 76 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft Manifest number: 74 Signing time: Tue 23 Dec 2025 05:44:20 +0000 Manifest this update: Tue 23 Dec 2025 05:44:20 +0000 Manifest next update: Tue 30 Dec 2025 05:44:20 +0000 Files and hashes: 1: 4Y0K0YMT4gIg3qG4cW37310JzPg.crl (hash: LaUhIalmhK03Kob57BCF2EVriabFmgVeddJgJSR0d50=) 2: 099A56FE2FB311F09E3A9373C4F9AE02.roa (hash: c58CHJdQfloT8cjooayoSNCaLkxE9yxaVBgoB9VE0Hs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 05:44:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 118 (0x76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBB66, serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Validity Not Before: Dec 23 05:44:20 2025 GMT Not After : Dec 30 05:44:20 2025 GMT Subject: CN=694a2c34-4f31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:bb:27:ff:8f:04:df:54:cb:06:8f:f0:0e:70: e1:9c:86:1e:66:26:36:39:fd:b3:c7:1e:f1:aa:02: 81:6a:8d:0e:d8:bc:88:52:65:ce:07:23:99:06:6b: e5:0c:a8:5d:f0:33:d3:45:fa:8a:ed:01:55:4a:9f: dd:01:20:d1:11:b2:3a:f7:d5:11:21:b7:8e:fb:e3: 8f:7f:7b:21:5f:0c:d7:1d:6e:f0:70:5f:04:65:34: e9:33:a3:c0:88:b8:ac:1d:10:c9:62:1b:60:eb:5d: 23:24:36:15:ff:71:64:02:1a:9f:2b:e0:d2:6a:c4: 3d:e4:22:77:ee:b4:94:63:07:8f:96:3b:22:2a:0c: 85:03:f1:34:93:59:40:35:ef:3b:7e:8f:b6:67:54: dd:d1:18:4e:c8:82:6e:48:0b:54:f7:57:f5:94:1c: eb:16:2c:53:af:67:12:6e:3e:88:03:6e:6c:a0:d5: 3d:f4:35:c9:8c:02:9e:7a:a8:1e:ea:ad:37:9c:dc: f9:65:54:c1:6b:7e:40:b5:b4:0d:de:a3:d3:6f:98: 25:ee:6e:6f:3e:89:de:70:89:9b:bd:be:e2:92:f2: e5:d9:97:3d:52:75:2c:46:88:b1:81:39:32:3e:57: 7d:fa:6c:a4:09:3f:38:7d:ef:d1:47:4e:91:67:44: f0:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:B0:02:DE:DC:84:5B:E4:21:FD:BA:6A:D5:58:87:89:B0:2E:C5:33 X509v3 Authority Key Identifier: keyid:E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:a1:6e:8e:c5:b6:ea:af:89:8a:eb:eb:42:62:9b:55:99:2e: 6c:4e:76:5e:4c:65:3f:1d:76:b2:f4:f7:36:66:79:64:ab:de: 12:b1:75:4a:22:4f:ea:78:c1:51:97:a6:f3:0a:a2:ce:07:01: 92:71:af:8e:96:3c:da:f9:c4:ac:8b:97:5b:1f:3d:3c:64:40: d5:d2:b5:a8:24:d7:e0:72:ea:69:fa:1e:97:20:1e:82:e8:b2: 53:9a:1f:e1:05:cb:9a:60:66:bb:9a:83:dd:75:34:c8:e3:23: 8d:e4:9a:d2:3f:4e:49:e7:ed:28:4c:3c:b6:a9:09:99:eb:08: c9:d2:73:32:0e:36:20:57:42:e6:13:5d:04:a9:04:89:90:68: 06:2b:56:bc:59:c8:fe:04:9c:e5:26:ec:7c:31:bd:65:26:17: 13:38:7d:5d:25:60:05:af:1d:17:32:87:37:03:91:93:2b:61: a7:a4:79:53:b2:27:ca:49:fa:c1:e7:16:09:c8:b7:c6:6e:f5: 52:ca:e1:cf:60:74:44:d3:48:58:4b:2e:5f:8e:11:38:4a:7b: 15:e9:eb:bf:19:99:c0:ab:bf:a2:5b:01:35:ae:28:a8:81:14: 62:4e:cf:b4:50:34:ac:a6:a8:eb:71:d6:f0:dd:b8:f9:9c:d8: c9:50:27:5a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkI2NjExMC8GA1UEBRMoRTE4RDBBRDE4MzEzRTIwMjIwREVBMUI4NzE2REZCREY1 RDA5Q0NGODAeFw0yNTEyMjMwNTQ0MjBaFw0yNTEyMzAwNTQ0MjBaMBgxFjAUBgNV BAMMDTY5NGEyYzM0LTRmMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCluyf/jwTfVMsGj/AOcOGchh5mJjY5/bPHHvGqAoFqjQ7YvIhSZc4HI5kGa+UM qF3wM9NF+ortAVVKn90BINERsjr31REht477449/eyFfDNcdbvBwXwRlNOkzo8CI uKwdEMliG2DrXSMkNhX/cWQCGp8r4NJqxD3kInfutJRjB4+WOyIqDIUD8TSTWUA1 7zt+j7ZnVN3RGE7Igm5IC1T3V/WUHOsWLFOvZxJuPogDbmyg1T30NcmMAp56qB7q rTec3PllVMFrfkC1tA3eo9NvmCXubm8+id5wiZu9vuKS8uXZlz1SdSxGiLGBOTI+ V336bKQJPzh979FHTpFnRPBrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUT7AC3tyE W+Qh/bpq1ViHibAuxTMwHwYDVR0jBBgwFoAU4Y0K0YMT4gIg3qG4cW37310JzPgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQjY2LzBDMEQ4MERFMkZB QzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJZzNxRzRjVzM3MzEwSnpQ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNFkwSzBZTVQ0Z0lnM3FHNGNXMzczMTBKelBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURC QjY2LzBDMEQ4MERFMkZBQzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJ ZzNxRzRjVzM3MzEwSnpQZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIqhbo7FtuqviYrr60Jim1WZLmxOdl5MZT8ddrL09zZmeWSr3hKxdUoi T+p4wVGXpvMKos4HAZJxr46WPNr5xKyLl1sfPTxkQNXStagk1+By6mn6HpcgHoLo slOaH+EFy5pgZruag911NMjjI43kmtI/Tknn7ShMPLapCZnrCMnSczIONiBXQuYT XQSpBImQaAYrVrxZyP4EnOUm7HwxvWUmFxM4fV0lYAWvHRcyhzcDkZMrYaekeVOy J8pJ+sHnFgnIt8Zu9VLK4c9gdETTSFhLLl+OEThKexXp678ZmcCrv6JbATWuKKiB FGJOz7RQNKymqOtx1vDduPmc2MlQJ1o= -----END CERTIFICATE-----Generated at Wed Dec 24 17:40:35 2025 by rpki-client