This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/a-Q-axOWQ8tMGebfcyO1A8STEds.mft File: a-Q-axOWQ8tMGebfcyO1A8STEds.mft (raw, json) Hash identifier: F6ULT+61qjyz/NfVjAsEQ3qKWBRh7IYOTu81WqvF5Xc= Subject key identifier: C3:D8:5F:D6:75:F8:E3:8E:44:6C:89:90:96:7F:1E:AB:61:1D:BA:64 Authority key identifier: 6B:E4:3E:6B:13:96:43:CB:4C:19:E6:DF:73:23:B5:03:C4:93:11:DB Certificate issuer: /CN=A91E8D27/serialNumber=6BE43E6B139643CB4C19E6DF7323B503C49311DB Certificate serial: 346F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a-Q-axOWQ8tMGebfcyO1A8STEds.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/a-Q-axOWQ8tMGebfcyO1A8STEds.mft Manifest number: 3452 Signing time: Mon 22 Dec 2025 15:12:15 +0000 Manifest this update: Mon 22 Dec 2025 15:12:15 +0000 Manifest next update: Mon 29 Dec 2025 15:12:15 +0000 Files and hashes: 1: a-Q-axOWQ8tMGebfcyO1A8STEds.crl (hash: f/0PXjx4bo/9X1JqbsU/D3ioE6K/TwyMvEsl+WcHrNY=) 2: 56C3DC822B0B11EF97C4A74AC4F9AE02.roa (hash: CVWZvuJMAyjtpzrMYgtcHwOIm2n01TzT8z4GiPVYHFA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/a-Q-axOWQ8tMGebfcyO1A8STEds.crl rsync://rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/a-Q-axOWQ8tMGebfcyO1A8STEds.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a-Q-axOWQ8tMGebfcyO1A8STEds.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 15:12:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13423 (0x346f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D27, serialNumber=6BE43E6B139643CB4C19E6DF7323B503C49311DB Validity Not Before: Dec 22 15:12:15 2025 GMT Not After : Dec 29 15:12:15 2025 GMT Subject: CN=69495fcf-558a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:bc:b2:83:2e:6f:f7:b8:94:03:28:88:31:6f: d2:84:c3:e4:e2:e2:33:f3:09:3d:7e:36:5a:9b:21: e6:84:59:17:cc:36:d5:ff:c8:80:48:5b:1f:a0:03: 47:f3:de:ba:ca:0b:44:d8:5c:e4:d1:3a:fd:ab:cf: c3:93:b9:da:44:46:cc:c9:6c:11:9a:30:f9:ff:5f: 31:e3:0c:1a:c1:72:60:d9:e9:de:e5:ac:6e:2f:c2: 64:24:73:59:15:5f:f6:00:3a:8a:e3:7e:28:a8:c9: 03:10:01:aa:26:b4:53:ec:c3:9d:d0:e4:26:e8:85: 31:42:59:b4:07:1d:43:a2:23:dc:87:eb:0b:6a:2d: 82:8a:e8:82:b4:24:f6:bb:f0:73:8c:64:ab:c6:f3: 3c:f8:84:f3:cc:22:e0:5e:17:09:bf:fe:16:7f:3f: 93:34:de:bb:1c:4f:bd:f3:96:ec:96:aa:8d:69:25: 45:12:af:35:d6:17:e1:af:70:4b:35:04:59:8b:9f: 2b:37:0c:de:ec:7c:1c:e4:7f:86:f5:e5:55:e9:a2: da:db:ff:80:23:1e:6e:3a:98:5d:95:90:bf:66:14: e7:12:60:7b:c7:99:4e:98:b0:64:39:96:38:9b:38: 1e:6d:94:4c:08:75:1e:6a:a7:ef:1d:ff:d5:40:e5: cc:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:D8:5F:D6:75:F8:E3:8E:44:6C:89:90:96:7F:1E:AB:61:1D:BA:64 X509v3 Authority Key Identifier: keyid:6B:E4:3E:6B:13:96:43:CB:4C:19:E6:DF:73:23:B5:03:C4:93:11:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/a-Q-axOWQ8tMGebfcyO1A8STEds.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a-Q-axOWQ8tMGebfcyO1A8STEds.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/a-Q-axOWQ8tMGebfcyO1A8STEds.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:de:ff:62:83:c5:49:c3:82:8c:19:0b:10:84:4a:af:21:e0: 1e:d1:7c:93:2a:2d:c2:c5:cb:f1:ce:89:4f:57:7a:f8:27:82: b5:c1:a1:4b:41:f1:ff:75:3b:f5:41:24:2d:8b:c9:92:49:88: ef:75:63:50:61:56:8c:cb:f8:57:70:c8:ef:30:35:dc:1b:83: 0f:36:0d:7a:0b:d6:2c:a5:46:d9:55:36:89:21:da:ff:4a:87: ff:7d:5e:11:b3:bd:ed:b5:19:17:ad:23:1c:73:31:9b:ca:3e: fc:aa:17:e3:3a:ae:0d:21:d7:9f:77:a0:e5:23:f0:8b:3d:1b: 06:35:57:53:06:10:24:66:e4:e6:d9:b4:e6:75:d2:96:69:f6: 85:e9:85:e6:3d:1e:fc:b9:79:3e:b8:5b:b1:5a:dc:d5:72:72: 0d:07:f2:40:48:89:f0:3d:1a:61:86:d0:89:bf:b9:15:00:d9: bd:3a:0a:04:db:e5:de:ba:9b:91:73:a8:dd:07:39:96:d8:c2: c5:06:0c:ad:61:88:cb:6e:af:e0:05:8c:35:63:e5:09:0f:81: 20:5a:07:8e:10:58:d0:08:40:4e:b0:b7:e2:56:43:84:e5:e1: 67:62:6f:23:1f:6f:16:9d:81:30:24:fd:b2:eb:40:19:84:e4: 4f:c9:9b:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNG8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjcxMTAvBgNVBAUTKDZCRTQzRTZCMTM5NjQzQ0I0QzE5RTZERjczMjNCNTAz QzQ5MzExREIwHhcNMjUxMjIyMTUxMjE1WhcNMjUxMjI5MTUxMjE1WjAYMRYwFAYD VQQDDA02OTQ5NWZjZi01NThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjbyygy5v97iUAyiIMW/ShMPk4uIz8wk9fjZamyHmhFkXzDbV/8iASFsfoANH 8966ygtE2Fzk0Tr9q8/Dk7naREbMyWwRmjD5/18x4wwawXJg2ene5axuL8JkJHNZ FV/2ADqK434oqMkDEAGqJrRT7MOd0OQm6IUxQlm0Bx1DoiPch+sLai2CiuiCtCT2 u/BzjGSrxvM8+ITzzCLgXhcJv/4Wfz+TNN67HE+985bslqqNaSVFEq811hfhr3BL NQRZi58rNwze7Hwc5H+G9eVV6aLa2/+AIx5uOphdlZC/ZhTnEmB7x5lOmLBkOZY4 mzgebZRMCHUeaqfvHf/VQOXMGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMPYX9Z1 +OOORGyJkJZ/HqthHbpkMB8GA1UdIwQYMBaAFGvkPmsTlkPLTBnm33MjtQPEkxHb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyNy9DMEM1ODA3MDQy RTkxMUUyOTc1MEEzMkUyOTc5QkIyMC9hLVEtYXhPV1E4dE1HZWJmY3lPMUE4U1RF ZHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2EtUS1heE9XUTh0TUdlYmZjeU8xQThTVEVkcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyNy9DMEM1ODA3MDQyRTkxMUUyOTc1MEEzMkUyOTc5QkIyMC9hLVEtYXhPV1E4 dE1HZWJmY3lPMUE4U1RFZHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBF3v9ig8VJw4KMGQsQhEqvIeAe0XyTKi3CxcvxzolPV3r4J4K1waFL QfH/dTv1QSQti8mSSYjvdWNQYVaMy/hXcMjvMDXcG4MPNg16C9YspUbZVTaJIdr/ Sof/fV4Rs73ttRkXrSMcczGbyj78qhfjOq4NIdefd6DlI/CLPRsGNVdTBhAkZuTm 2bTmddKWafaF6YXmPR78uXk+uFuxWtzVcnINB/JASInwPRphhtCJv7kVANm9OgoE 2+XeupuRc6jdBzmW2MLFBgytYYjLbq/gBYw1Y+UJD4EgWgeOEFjQCEBOsLfiVkOE 5eFnYm8jH28WnYEwJP2y60AZhORPyZvS -----END CERTIFICATE-----Generated at Wed Dec 24 14:12:10 2025 by rpki-client