This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft File: KQN7v5LysPTDMKHN1KdiVs16VCI.mft (raw, json) Hash identifier: 0zkew18EUiKqhBfB0PwfxN2kh6H2KTsSz5hNyKx+bFE= Subject key identifier: B1:FF:DE:A9:5D:23:39:F1:EA:3B:00:91:13:FF:4E:A0:6B:A0:0B:A0 Authority key identifier: 29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22 Certificate issuer: /CN=A91E9B89/serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422 Certificate serial: F6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft Manifest number: F4 Signing time: Tue 23 Dec 2025 04:16:24 +0000 Manifest this update: Tue 23 Dec 2025 04:16:24 +0000 Manifest next update: Tue 30 Dec 2025 04:16:24 +0000 Files and hashes: 1: KQN7v5LysPTDMKHN1KdiVs16VCI.crl (hash: Nc2cbr/X0ocUI49U8D0UJHjdt+W8yOW2jicjKq6zNcs=) 2: 2025BD6C6C3311EF99E0EF34C4F9AE02.roa (hash: EkH7NGdtLzD6VnZqtvPSOcqvmB0pZ+aCYQgXfVmLWFM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 04:16:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 246 (0xf6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9B89, serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422 Validity Not Before: Dec 23 04:16:24 2025 GMT Not After : Dec 30 04:16:24 2025 GMT Subject: CN=694a1798-36c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:89:e6:09:e9:01:25:c0:0d:d4:fb:b7:25:f8: 91:73:56:69:3b:31:bc:88:e5:0e:e3:6d:b8:5b:da: bd:0d:4c:fa:71:26:0e:7e:06:8c:38:c2:e9:71:80: 35:c6:ff:22:8a:6b:12:8a:7d:83:89:6a:9f:54:47: b7:e4:da:74:ea:b6:9e:fd:a6:41:ba:da:8d:ec:6c: 3f:68:ba:1c:98:1f:24:2f:c7:a8:da:a5:70:f1:97: 03:45:be:59:a9:e0:d1:e1:09:d2:f3:31:19:59:97: ee:40:f4:df:77:29:b7:da:60:20:8b:92:ad:73:32: fa:0a:ba:7b:24:c4:12:c1:5b:c6:71:23:ee:e3:f0: ea:da:38:33:09:ca:4a:59:e2:86:2f:d9:81:93:c3: 3b:56:e1:f1:b5:17:e0:84:ba:6e:b0:63:c1:c4:c5: 1d:76:37:5b:07:9b:e6:0d:ac:3c:da:e2:51:70:c9: e0:97:18:7e:23:01:6a:fc:15:bc:2a:99:32:92:e0: 0a:e6:97:81:4b:21:4b:c2:9e:91:3d:73:4f:3c:7c: ee:8f:7e:c6:5f:96:61:c0:3f:1c:66:77:36:2f:95: 6c:f5:80:2f:0d:2b:1c:e9:85:58:18:f8:19:74:28: db:90:13:8a:d1:3a:e9:28:fd:43:16:40:31:a8:d0: 9a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:FF:DE:A9:5D:23:39:F1:EA:3B:00:91:13:FF:4E:A0:6B:A0:0B:A0 X509v3 Authority Key Identifier: keyid:29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:b3:9a:17:26:a8:d1:e1:88:58:9f:60:8a:d7:b6:9e:68:b2: c9:35:5c:0c:b0:af:17:73:03:bb:ca:82:46:79:55:31:f8:71: e3:5c:cc:8a:b0:40:ac:af:92:75:08:07:b3:ac:8a:40:fb:47: 13:7f:ca:8b:37:03:a5:f4:c4:e9:36:22:22:1d:c5:8b:64:b6: f6:40:54:98:22:ac:e0:04:5d:fa:41:00:eb:ed:00:e2:23:d9: 2c:4d:a8:42:4c:46:39:2b:45:bc:cb:8d:62:2e:c5:c1:df:9b: 40:3b:11:b3:fb:98:8c:7d:a4:20:6a:d2:3d:4e:95:76:8e:b3: a4:73:9b:b6:31:a2:55:b4:d9:67:fd:cb:2c:4b:a2:f4:61:f8: 03:c3:73:4c:2a:f9:1e:24:07:fd:28:42:9f:a7:44:1c:70:cd: 23:8e:b9:35:d0:f5:e8:b0:a3:25:61:4a:60:1d:d5:26:9d:ce: 09:5f:54:16:aa:dd:cc:a1:66:1d:64:85:15:98:3a:50:ff:0a: c8:4f:b2:ef:e6:16:77:51:7f:99:a5:c6:13:a6:2a:fa:bf:2d: ef:5d:d2:ed:78:e6:19:16:5b:82:d8:fa:77:87:71:01:e0:a3: 48:34:47:f8:3e:5b:7d:90:a1:ae:f8:e3:76:f6:9f:c2:15:0a: e7:2f:b5:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlCODkxMTAvBgNVBAUTKDI5MDM3QkJGOTJGMkIwRjRDMzMwQTFDREQ0QTc2MjU2 Q0Q3QTU0MjIwHhcNMjUxMjIzMDQxNjI0WhcNMjUxMjMwMDQxNjI0WjAYMRYwFAYD VQQDDA02OTRhMTc5OC0zNmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1onmCekBJcAN1Pu3JfiRc1ZpOzG8iOUO4224W9q9DUz6cSYOfgaMOMLpcYA1 xv8iimsSin2DiWqfVEe35Np06rae/aZButqN7Gw/aLocmB8kL8eo2qVw8ZcDRb5Z qeDR4QnS8zEZWZfuQPTfdym32mAgi5KtczL6Crp7JMQSwVvGcSPu4/Dq2jgzCcpK WeKGL9mBk8M7VuHxtRfghLpusGPBxMUddjdbB5vmDaw82uJRcMnglxh+IwFq/BW8 KpkykuAK5peBSyFLwp6RPXNPPHzuj37GX5ZhwD8cZnc2L5Vs9YAvDSsc6YVYGPgZ dCjbkBOK0TrpKP1DFkAxqNCaKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLH/3qld Iznx6jsAkRP/TqBroAugMB8GA1UdIwQYMBaAFCkDe7+S8rD0wzChzdSnYlbNelQi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUI4OS80MzY3QzIwRTZD MTgxMUVGQUI2QjY5MENDNEY5QUUwMi9LUU43djVMeXNQVERNS0hOMUtkaVZzMTZW Q0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tRTjd2NUx5c1BURE1LSE4xS2RpVnMxNlZDSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUI4OS80MzY3QzIwRTZDMTgxMUVGQUI2QjY5MENDNEY5QUUwMi9LUU43djVMeXNQ VERNS0hOMUtkaVZzMTZWQ0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBps5oXJqjR4YhYn2CK17aeaLLJNVwMsK8XcwO7yoJGeVUx+HHjXMyK sECsr5J1CAezrIpA+0cTf8qLNwOl9MTpNiIiHcWLZLb2QFSYIqzgBF36QQDr7QDi I9ksTahCTEY5K0W8y41iLsXB35tAOxGz+5iMfaQgatI9TpV2jrOkc5u2MaJVtNln /cssS6L0YfgDw3NMKvkeJAf9KEKfp0QccM0jjrk10PXosKMlYUpgHdUmnc4JX1QW qt3MoWYdZIUVmDpQ/wrIT7Lv5hZ3UX+ZpcYTpir6vy3vXdLteOYZFluC2Pp3h3EB 4KNINEf4Plt9kKGu+ON29p/CFQrnL7WK -----END CERTIFICATE-----Generated at Wed Dec 24 14:14:19 2025 by rpki-client