This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: BAKvd3ZOW8vYnPsrHBR2lc1QPtnH8DcKpW21CO/7nNg= Subject key identifier: 3C:96:14:52:C8:DB:D9:FD:EF:58:50:2C:99:AB:FE:6A:47:6E:B0:7D Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 35DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 3557 Signing time: Wed 10 Dec 2025 14:16:08 +0000 Manifest this update: Wed 10 Dec 2025 14:16:08 +0000 Manifest next update: Wed 17 Dec 2025 14:16:08 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: l+3V+e8fyTtmwf+koNEaZTVCWXwpBl31t9f0ISkD6m0=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: DB3F9CA4817B11F0BDC51985C4F9AE02.roa (hash: JAIKKCo9C8qw6fr8uLdaMchlj/iGB4GqwIN2CeXneAc=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: DCD41E8E98D511F0B3824663C4F9AE02.roa (hash: EWlSDhZJpxeihw3aeM/sQAa10hdfChLc1MQCCqHexiw=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Dec 2025 14:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13790 (0x35de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Dec 10 14:16:08 2025 GMT Not After : Dec 17 14:16:08 2025 GMT Subject: CN=693980a8-f6c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:b0:ab:3f:a3:aa:1d:4b:52:b6:06:66:67:af: 7b:0d:87:a7:13:e7:c3:cd:5c:89:ae:5f:b4:47:52: 29:cb:31:e0:53:f0:c3:0a:86:60:95:76:63:fe:1c: ec:c4:58:19:2e:98:59:1a:60:13:c6:6d:ce:a0:42: 13:de:90:2c:10:55:b9:21:9d:29:40:57:7d:10:a2: 8e:d6:bd:35:ec:98:1a:f2:8c:ca:0a:1c:ba:5c:c1: 58:54:70:74:c5:42:be:f3:40:77:8f:68:c3:56:b1: d5:ad:60:6f:30:40:10:15:b2:b5:de:5c:fc:eb:c7: e4:db:40:07:1a:c7:41:8f:80:35:81:45:84:db:ae: ab:48:3d:78:bc:21:ea:31:4f:f9:24:5b:d0:98:bc: 24:92:b6:95:3e:db:2d:f0:49:8a:19:ad:a0:52:fc: eb:34:e4:09:3d:ba:cc:fa:60:1d:8e:f0:c8:3c:41: 62:0e:f2:79:f4:fb:d6:1c:42:2a:bd:47:b0:35:d0: 3a:84:c3:ed:e6:f7:8a:2e:7a:f3:db:57:45:38:cd: 76:03:5b:cc:db:16:9d:a0:e1:12:37:54:89:94:6d: 0d:67:96:78:4d:6e:b9:b3:a5:93:fb:a6:b5:f4:38: bc:e6:06:0c:45:3f:89:45:76:17:44:a2:0b:22:6c: 14:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:96:14:52:C8:DB:D9:FD:EF:58:50:2C:99:AB:FE:6A:47:6E:B0:7D X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:f9:af:47:57:88:ab:39:04:11:2a:9c:d7:7f:06:1b:5b:e7: 65:6c:a3:a0:fa:90:68:60:b0:ff:9b:3f:5a:ec:80:b0:91:d1: 15:a9:15:70:cc:6e:09:f1:b4:19:ad:ab:f8:97:73:3c:e0:eb: b1:aa:9f:40:08:ac:35:59:16:b8:68:58:21:44:3e:a5:02:ad: 31:48:1a:f0:71:1a:5b:8a:15:5e:0a:5c:f7:7d:03:46:d7:2f: 17:cd:ca:75:56:f6:34:b6:42:75:ec:c2:e8:a0:d4:d2:af:0d: 05:b6:29:35:f6:67:9a:2b:df:fd:86:b1:2e:bb:ba:df:e8:a7: 22:b1:4b:ca:6e:86:af:6f:3a:a9:5a:71:35:c0:eb:e2:97:68: f2:90:3c:a2:9c:85:ac:da:d3:d9:00:27:6a:3f:b0:ea:19:c4: 21:8c:c7:b7:3d:b2:0b:e2:14:2d:83:43:57:27:e1:d3:f7:78: 4e:bc:03:7d:a4:ad:cb:09:7d:9b:0b:d6:c3:1b:19:47:a0:f2: ac:75:9c:9d:4c:26:69:b8:c3:61:85:88:90:8c:dc:97:e8:da: b9:75:dd:dc:29:dd:ff:99:67:d2:7d:0b:0f:2b:02:10:2d:05: 39:7b:9d:1e:bd:86:21:b6:d2:67:cd:cf:2c:ad:af:df:c2:81: db:77:e8:e6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUxMjEwMTQxNjA4WhcNMjUxMjE3MTQxNjA4WjAYMRYwFAYD VQQDEw02OTM5ODBhOC1mNmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvrCrP6OqHUtStgZmZ697DYenE+fDzVyJrl+0R1IpyzHgU/DDCoZglXZj/hzs xFgZLphZGmATxm3OoEIT3pAsEFW5IZ0pQFd9EKKO1r017Jga8ozKChy6XMFYVHB0 xUK+80B3j2jDVrHVrWBvMEAQFbK13lz868fk20AHGsdBj4A1gUWE266rSD14vCHq MU/5JFvQmLwkkraVPtst8EmKGa2gUvzrNOQJPbrM+mAdjvDIPEFiDvJ59PvWHEIq vUewNdA6hMPt5veKLnrz21dFOM12A1vM2xadoOESN1SJlG0NZ5Z4TW65s6WT+6a1 9Di85gYMRT+JRXYXRKILImwUxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDyWFFLI 29n971hQLJmr/mpHbrB9MB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAU+a9HV4irOQQRKpzXfwYbW+dlbKOg+pBoYLD/mz9a7ICwkdEVqRVw zG4J8bQZrav4l3M84Ouxqp9ACKw1WRa4aFghRD6lAq0xSBrwcRpbihVeClz3fQNG 1y8Xzcp1VvY0tkJ17MLooNTSrw0Ftik19meaK9/9hrEuu7rf6KcisUvKboavbzqp WnE1wOvil2jykDyinIWs2tPZACdqP7DqGcQhjMe3PbIL4hQtg0NXJ+HT93hOvAN9 pK3LCX2bC9bDGxlHoPKsdZydTCZpuMNhhYiQjNyX6Nq5dd3cKd3/mWfSfQsPKwIQ LQU5e50evYYhttJnzc8sra/fwoHbd+jm -----END CERTIFICATE-----Generated at Fri Dec 12 11:55:14 2025 by rpki-client