This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft File: xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft (raw, json) Hash identifier: wvbupqmhAJuXliA+OzDcpYr1jVaIwVw/wNfKAptAcdY= Subject key identifier: 3A:60:1B:14:CA:42:11:B8:2D:BB:C0:AF:55:8A:FF:25:23:9C:25:C7 Authority key identifier: C6:53:EF:77:B1:9D:10:8C:F5:C5:9A:E1:80:1F:02:00:3A:B5:5E:ED Certificate issuer: /CN=A91EBFAE/serialNumber=C653EF77B19D108CF5C59AE1801F02003AB55EED Certificate serial: 2567 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft Manifest number: 2567 Signing time: Tue 02 Dec 2025 14:30:19 +0000 Manifest this update: Tue 02 Dec 2025 14:30:18 +0000 Manifest next update: Tue 09 Dec 2025 14:30:18 +0000 Files and hashes: 1: xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl (hash: K/EyNrm1hJ1IGuC0S7tZtovnLQdUByqH8GKPYqG8Mi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 14:30:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9575 (0x2567) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBFAE, serialNumber=C653EF77B19D108CF5C59AE1801F02003AB55EED Validity Not Before: Dec 2 14:30:18 2025 GMT Not After : Dec 9 14:30:18 2025 GMT Subject: CN=692ef7fa-24f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c9:71:14:40:5a:ad:22:d6:66:21:11:2b:21: 84:48:96:6e:38:02:88:56:d2:d4:4e:d0:4d:57:21: 02:30:1e:93:6d:fb:66:c9:ed:76:70:4b:49:97:75: 96:c0:c6:a5:08:42:c8:5f:98:3f:ce:f1:20:c7:eb: 2b:c8:c3:14:9e:33:80:0d:23:20:50:15:ae:d6:aa: 35:0a:42:b6:0b:90:b8:a6:0e:63:bc:b5:f4:f2:eb: ac:72:2a:66:43:bc:47:b6:c9:b6:f7:e4:19:fd:94: f7:24:19:b0:5b:4e:b7:3c:f2:fa:ae:f6:d2:ac:7a: c1:c3:d1:67:01:ba:a9:62:ad:02:a6:28:2d:ff:72: 45:e0:af:79:7e:94:87:c6:5a:e7:06:73:37:28:bb: af:df:0c:02:13:13:63:42:c3:30:a1:0a:56:3f:d3: 86:4c:39:55:3b:78:23:15:62:84:29:53:a1:fe:8c: 97:e5:80:04:01:0d:a9:26:9e:7f:07:59:c4:31:a6: 88:b6:82:58:e1:f8:5e:fb:4b:a4:7e:8d:ec:b6:f0: 53:c2:79:42:3e:c6:2f:84:b0:b7:c9:aa:d0:7a:64: a7:4e:1f:43:df:8c:ff:95:9c:ee:f1:55:a4:a4:88: 06:39:c5:a0:19:b6:43:24:b7:37:9c:e1:3c:44:5b: 51:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:60:1B:14:CA:42:11:B8:2D:BB:C0:AF:55:8A:FF:25:23:9C:25:C7 X509v3 Authority Key Identifier: keyid:C6:53:EF:77:B1:9D:10:8C:F5:C5:9A:E1:80:1F:02:00:3A:B5:5E:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:98:eb:6c:69:eb:a9:98:a6:b5:56:81:b5:ba:b3:db:99:1f: 07:26:11:69:73:20:22:37:5f:60:81:62:e5:9f:8f:32:8c:6b: 75:f1:ff:5d:ad:bf:b3:d4:c4:b2:64:df:6a:09:31:24:ca:aa: b5:4f:47:be:49:53:4f:99:e9:14:f2:d6:ad:16:21:21:5b:2e: 9e:00:e2:f0:7c:9e:7b:cc:03:4e:86:07:9c:a4:6d:51:58:24: 94:d7:76:39:49:85:33:11:d5:8d:10:50:42:e0:ee:9e:08:a1: 46:5c:13:00:c9:66:b2:aa:7e:e9:85:33:a8:06:16:b4:62:74: 6c:d6:88:05:d0:a2:36:62:34:4a:34:2d:87:2a:d8:98:19:79: 16:23:8a:4c:68:1f:16:5f:e3:6d:58:17:75:71:36:2b:43:37: 01:c9:20:f8:14:99:6a:55:dc:5b:d1:ff:c7:1d:b0:ef:45:a8: 51:12:a7:ed:7c:46:e1:e5:12:4d:60:d4:46:d6:8f:55:6c:43: e0:a5:89:88:b7:a2:d1:c9:90:df:68:8e:5b:1a:cc:11:ef:56: 47:c8:5a:a6:5d:f6:14:08:f8:d4:de:c1:6d:ff:bd:08:52:f4: 32:99:9d:fd:af:e0:c3:d4:71:13:a8:bc:68:05:f1:ed:79:e1: 00:47:23:25 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJGQUUxMTAvBgNVBAUTKEM2NTNFRjc3QjE5RDEwOENGNUM1OUFFMTgwMUYwMjAw M0FCNTVFRUQwHhcNMjUxMjAyMTQzMDE4WhcNMjUxMjA5MTQzMDE4WjAYMRYwFAYD VQQDEw02OTJlZjdmYS0yNGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvclxFEBarSLWZiERKyGESJZuOAKIVtLUTtBNVyECMB6Tbftmye12cEtJl3WW wMalCELIX5g/zvEgx+sryMMUnjOADSMgUBWu1qo1CkK2C5C4pg5jvLX08uuscipm Q7xHtsm29+QZ/ZT3JBmwW063PPL6rvbSrHrBw9FnAbqpYq0Cpigt/3JF4K95fpSH xlrnBnM3KLuv3wwCExNjQsMwoQpWP9OGTDlVO3gjFWKEKVOh/oyX5YAEAQ2pJp5/ B1nEMaaItoJY4fhe+0ukfo3stvBTwnlCPsYvhLC3yarQemSnTh9D34z/lZzu8VWk pIgGOcWgGbZDJLc3nOE8RFtRzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDpgGxTK QhG4LbvAr1WK/yUjnCXHMB8GA1UdIwQYMBaAFMZT73exnRCM9cWa4YAfAgA6tV7t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkZBRS9FRDMyNDQwQTI5 MDkxMUU1OTNCRkM2MjZDNEY5QUUwMi94bFB2ZDdHZEVJejF4WnJoZ0I4Q0FEcTFY dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3hsUHZkN0dkRUl6MXhacmhnQjhDQURxMVh1MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkZBRS9FRDMyNDQwQTI5MDkxMUU1OTNCRkM2MjZDNEY5QUUwMi94bFB2ZDdHZEVJ ejF4WnJoZ0I4Q0FEcTFYdTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCamOtsaeupmKa1VoG1urPbmR8HJhFpcyAiN19ggWLln48yjGt18f9d rb+z1MSyZN9qCTEkyqq1T0e+SVNPmekU8tatFiEhWy6eAOLwfJ57zANOhgecpG1R WCSU13Y5SYUzEdWNEFBC4O6eCKFGXBMAyWayqn7phTOoBha0YnRs1ogF0KI2YjRK NC2HKtiYGXkWI4pMaB8WX+NtWBd1cTYrQzcBySD4FJlqVdxb0f/HHbDvRahREqft fEbh5RJNYNRG1o9VbEPgpYmIt6LRyZDfaI5bGswR71ZHyFqmXfYUCPjU3sFt/70I UvQymZ39r+DD1HETqLxoBfHteeEARyMl -----END CERTIFICATE-----Generated at Wed Dec 3 14:14:38 2025 by rpki-client