This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json) Hash identifier: aAQPEE8ccg5qtFisl0VsWzIAPvnQhRVMZIt7+XORljE= Subject key identifier: 0B:6D:8A:AD:AF:E2:5A:E7:BE:C1:F4:97:06:58:59:1D:51:A0:7C:F2 Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0F0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft Manifest number: 0EBC Signing time: Mon 22 Dec 2025 17:23:02 +0000 Manifest this update: Mon 22 Dec 2025 17:23:02 +0000 Manifest next update: Mon 29 Dec 2025 17:23:02 +0000 Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: pOs2YTynShGOOoPFra+pfvkb5leC8zUtcvTXPiNwNZc=) 2: DED77BB2FA2F11EF98728875C4F9AE02.roa (hash: uul2CdaEoquPtSKMLPmrjkbQbRp1WUkF6rtkLx9zg64=) 3: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: DsQ8k2r18shy7gg+hUBL2SO8HUEFyNSKHtxB+WEbNG4=) 4: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: wbUo+m2N2pVjNOlqoJ9Ve/RDUUkR0+GFezmtrgOfh+0=) 5: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: h1piDIbFbu2D+AHr+FNeuVa8V0LAf8dUKVxZfkw96aI=) 6: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: hPUFimj9BE3+BwwQ7RyTBe4Kb4UDlyO5v1n1M99BRDE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 17:23:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3852 (0xf0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C, serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: Dec 22 17:23:02 2025 GMT Not After : Dec 29 17:23:02 2025 GMT Subject: CN=69497e76-29eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:0e:3e:5c:87:aa:64:39:d9:77:15:25:cd:4f: 62:cc:53:61:ba:90:4f:6b:ed:ce:16:b2:0a:01:c7: ca:e5:f9:44:c4:50:ed:4d:17:e7:86:59:97:3c:76: 96:66:d5:55:73:73:6a:f3:ea:ab:70:ff:d0:ae:25: f1:f9:7d:32:a9:a6:88:40:79:42:15:5a:c0:e1:c9: 86:27:5d:f4:61:30:61:1b:f2:c9:af:81:de:22:1e: 17:d7:83:1c:35:38:03:de:f2:ee:73:d9:0b:7d:a6: ea:02:f8:27:0c:69:c2:da:9c:05:40:8d:10:f3:3c: 51:ae:8a:13:63:05:55:3f:6c:66:79:8a:f6:cf:8b: 17:ef:0b:94:83:77:25:ee:29:4e:59:b2:ff:a0:4c: 74:14:c5:71:31:7b:85:6e:11:b7:37:54:b3:3d:62: f9:40:fb:5f:a4:d1:02:26:1e:a1:2e:2c:13:e4:6f: 07:f3:0c:38:8e:b9:5a:e3:13:79:7d:84:d1:84:be: 66:f4:81:7d:73:21:c9:6a:40:07:df:11:63:8f:3a: 00:a1:14:cf:0d:55:60:32:08:d7:3b:59:ca:84:e7: 21:77:ee:e6:b8:4e:4e:26:82:06:09:bd:03:85:bf: a7:d5:69:04:d2:6d:2d:3b:0f:0c:3d:54:27:0d:c8: 81:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:6D:8A:AD:AF:E2:5A:E7:BE:C1:F4:97:06:58:59:1D:51:A0:7C:F2 X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:64:a5:40:d6:85:c2:39:98:ee:17:96:a0:99:04:15:8f:31: d6:2d:46:5a:58:87:41:1c:64:3b:3e:df:7f:db:5c:46:cc:e2: 8b:38:73:4d:43:8f:94:32:19:95:c9:fb:5e:f6:52:39:79:c9: 4c:04:52:84:12:61:13:dc:a7:38:0f:36:4f:fc:5c:82:5f:57: a6:e9:ec:5d:78:d7:01:02:c1:89:fd:45:d2:dc:0a:ef:48:4b: 22:1c:78:65:a8:24:75:f1:3b:d6:26:ca:21:fa:c8:27:f0:47: 5e:b2:e4:9b:85:c0:d1:cc:7b:8d:09:25:80:fd:86:bc:9a:b0: 16:a4:f9:53:20:c0:b7:11:85:01:28:e5:7b:ed:06:e3:85:69: 81:fa:51:40:a4:f6:1d:98:80:75:53:30:6a:93:26:69:50:88: 59:92:d9:51:1c:e3:b8:10:3c:d2:0b:f0:b6:ff:b5:5b:f0:f7: bb:d4:43:28:0d:d8:7b:df:fb:3c:61:b1:44:0f:d3:6e:24:4d: b9:2c:9e:9f:83:2e:65:5d:0d:e2:b1:9d:05:16:c7:b3:54:c6: d3:61:c7:c9:3b:62:68:1c:f9:79:f8:62:3e:40:92:96:38:04: 85:1e:76:96:a2:89:38:6e:16:43:b6:98:f7:3a:2f:27:e1:3f: 9f:7c:8d:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDwwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjUxMjIyMTcyMzAyWhcNMjUxMjI5MTcyMzAyWjAYMRYwFAYD VQQDDA02OTQ5N2U3Ni0yOWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzA4+XIeqZDnZdxUlzU9izFNhupBPa+3OFrIKAcfK5flExFDtTRfnhlmXPHaW ZtVVc3Nq8+qrcP/QriXx+X0yqaaIQHlCFVrA4cmGJ130YTBhG/LJr4HeIh4X14Mc NTgD3vLuc9kLfabqAvgnDGnC2pwFQI0Q8zxRrooTYwVVP2xmeYr2z4sX7wuUg3cl 7ilOWbL/oEx0FMVxMXuFbhG3N1SzPWL5QPtfpNECJh6hLiwT5G8H8ww4jrla4xN5 fYTRhL5m9IF9cyHJakAH3xFjjzoAoRTPDVVgMgjXO1nKhOchd+7muE5OJoIGCb0D hb+n1WkE0m0tOw8MPVQnDciBFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAttiq2v 4lrnvsH0lwZYWR1RoHzyMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2 QmNZN3RXYmlBOFVkeEY0ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAeZKVA1oXCOZjuF5agmQQVjzHWLUZaWIdBHGQ7Pt9/21xGzOKLOHNN Q4+UMhmVyfte9lI5eclMBFKEEmET3Kc4DzZP/FyCX1em6exdeNcBAsGJ/UXS3Arv SEsiHHhlqCR18TvWJsoh+sgn8EdesuSbhcDRzHuNCSWA/Ya8mrAWpPlTIMC3EYUB KOV77QbjhWmB+lFApPYdmIB1UzBqkyZpUIhZktlRHOO4EDzSC/C2/7Vb8Pe71EMo Ddh73/s8YbFED9NuJE25LJ6fgy5lXQ3isZ0FFsezVMbTYcfJO2JoHPl5+GI+QJKW OASFHnaWook4bhZDtpj3Oi8n4T+ffI2s -----END CERTIFICATE-----Generated at Tue Dec 23 16:30:45 2025 by rpki-client