This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: urPCSbuEb1M/M+gtEg1DpxV507F4+GmhX5MyfaHiaVk= Subject key identifier: 4E:C8:87:0E:FC:45:D6:2A:06:01:9E:44:6C:EB:32:B4:12:EC:58:E0 Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 01E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 01E2 Signing time: Tue 23 Dec 2025 01:42:56 +0000 Manifest this update: Tue 23 Dec 2025 01:42:56 +0000 Manifest next update: Tue 30 Dec 2025 01:42:56 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: kpARVKTuaKfXXXn2htgmGD0VWx8Har9inC50OA/7lNs=) 2: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=) 3: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 01:42:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 487 (0x1e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Dec 23 01:42:56 2025 GMT Not After : Dec 30 01:42:56 2025 GMT Subject: CN=6949f3a0-45ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:6e:e2:ac:1c:4b:02:f6:6b:57:52:a1:f8:c7: fb:b0:dd:7f:85:b9:85:08:86:82:d5:5f:7a:04:45: 22:7a:66:5b:bf:14:f3:16:7e:15:ad:9e:c6:ca:53: 66:62:ac:ad:8f:0c:b4:d4:88:93:af:43:75:52:4e: 2d:2e:d3:f0:f1:61:23:41:fa:c3:97:75:50:c1:70: 55:31:8a:11:fb:2d:8a:58:93:e2:fe:4f:6e:26:fe: 37:41:db:e7:bb:a0:04:82:5e:35:0c:45:3e:f5:65: 83:2c:82:8d:21:5f:d4:be:dc:6d:28:93:9f:66:d1: 08:c8:47:33:a6:af:5a:4f:bc:4b:c4:11:49:e1:6a: ac:89:b0:e1:80:f5:c1:5f:c1:eb:38:28:87:db:c6: 81:e8:02:71:11:3d:02:6c:38:d0:eb:d2:b5:b8:4b: d1:40:a5:c1:22:c6:dd:73:d1:aa:c9:42:ab:02:49: e5:00:78:43:d3:a6:92:ef:52:f1:a3:f4:d0:47:a2: aa:89:2f:9d:e5:78:cb:c9:32:f2:ae:63:e4:d7:b5: da:85:b5:2d:ee:42:a4:9e:2b:7b:e1:ef:b5:9f:5e: 72:7f:a6:15:e2:8e:a8:b5:65:2c:37:21:22:a9:88: 12:5f:46:bb:e2:6b:53:4f:b0:06:5f:35:75:2a:6b: 59:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:C8:87:0E:FC:45:D6:2A:06:01:9E:44:6C:EB:32:B4:12:EC:58:E0 X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:df:36:31:af:50:58:12:03:95:ae:32:20:cc:f2:b8:1e:a9: a6:46:48:25:d1:69:26:26:df:82:29:ed:69:b2:08:c8:5b:8b: 9a:ed:f9:d5:c0:af:79:e2:eb:b8:85:a5:fd:7c:4d:65:1f:ee: 28:1a:48:e0:3e:af:25:c8:86:1d:cf:2a:5e:f5:fb:ee:a9:7b: 49:13:69:f1:da:97:05:fb:43:3d:9a:05:7a:a4:59:63:f6:fe: 5f:2b:23:20:6f:35:9d:70:5b:7c:7f:2d:50:8c:b0:f6:8c:48: 24:18:45:0d:a7:15:c1:53:de:44:52:b6:7f:d7:cf:64:89:15: f9:59:b2:47:45:99:80:cf:06:e7:4f:28:bb:b2:d1:a0:a1:f2: 34:f4:87:18:b3:c9:6f:9c:bd:cb:35:e5:08:d3:01:b5:6a:1b: fe:08:ad:10:47:b8:d1:40:92:c1:07:f2:e6:25:a0:87:9e:e2: 7d:27:e2:a0:75:65:ed:df:c5:7d:71:ba:47:e5:8e:80:0c:ae: 34:6b:13:a5:a8:d6:81:6c:69:b5:97:95:f3:9c:c4:12:79:bd: 0a:6d:1e:c5:f5:83:e6:75:55:a3:ee:0b:1d:c4:2c:4e:dd:ce: 47:02:2e:a2:20:f6:66:09:5a:ac:81:e1:07:99:e3:27:60:9f: 62:4c:06:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjUxMjIzMDE0MjU2WhcNMjUxMjMwMDE0MjU2WjAYMRYwFAYD VQQDDA02OTQ5ZjNhMC00NWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAym7irBxLAvZrV1Kh+Mf7sN1/hbmFCIaC1V96BEUiemZbvxTzFn4VrZ7GylNm Yqytjwy01IiTr0N1Uk4tLtPw8WEjQfrDl3VQwXBVMYoR+y2KWJPi/k9uJv43Qdvn u6AEgl41DEU+9WWDLIKNIV/UvtxtKJOfZtEIyEczpq9aT7xLxBFJ4WqsibDhgPXB X8HrOCiH28aB6AJxET0CbDjQ69K1uEvRQKXBIsbdc9GqyUKrAknlAHhD06aS71Lx o/TQR6KqiS+d5XjLyTLyrmPk17XahbUt7kKknit74e+1n15yf6YV4o6otWUsNyEi qYgSX0a74mtTT7AGXzV1KmtZiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE7Ihw78 RdYqBgGeRGzrMrQS7FjgMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAt3zYxr1BYEgOVrjIgzPK4HqmmRkgl0WkmJt+CKe1psgjIW4ua7fnV wK954uu4haX9fE1lH+4oGkjgPq8lyIYdzype9fvuqXtJE2nx2pcF+0M9mgV6pFlj 9v5fKyMgbzWdcFt8fy1QjLD2jEgkGEUNpxXBU95EUrZ/189kiRX5WbJHRZmAzwbn Tyi7stGgofI09IcYs8lvnL3LNeUI0wG1ahv+CK0QR7jRQJLBB/LmJaCHnuJ9J+Kg dWXt38V9cbpH5Y6ADK40axOlqNaBbGm1l5XznMQSeb0KbR7F9YPmdVWj7gsdxCxO 3c5HAi6iIPZmCVqsgeEHmeMnYJ9iTAbh -----END CERTIFICATE-----Generated at Wed Dec 24 14:11:10 2025 by rpki-client