This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.mft File: 2OL6sVCi_VePZ-GbApZTmzdSyak.mft (raw, json) Hash identifier: cXjbGiVjSpOWMYSMEfruW74ziEbL3VUtK/PY9Lqby8U= Subject key identifier: 6F:A7:9C:85:33:50:95:44:B8:70:CC:10:BA:2E:0B:B3:E9:F5:6E:64 Authority key identifier: D8:E2:FA:B1:50:A2:FD:57:8F:67:E1:9B:02:96:53:9B:37:52:C9:A9 Certificate issuer: /CN=A91EC225/serialNumber=D8E2FAB150A2FD578F67E19B0296539B3752C9A9 Certificate serial: 0F17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2OL6sVCi_VePZ-GbApZTmzdSyak.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.mft Manifest number: 0F0D Signing time: Mon 22 Dec 2025 17:16:19 +0000 Manifest this update: Mon 22 Dec 2025 17:16:19 +0000 Manifest next update: Mon 29 Dec 2025 17:16:19 +0000 Files and hashes: 1: 2OL6sVCi_VePZ-GbApZTmzdSyak.crl (hash: pbrIQT4Vtc5GKxBmsG2MikhI1hBAV3wBuA2dvS5WPuw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.crl rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2OL6sVCi_VePZ-GbApZTmzdSyak.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 17:16:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3863 (0xf17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC225, serialNumber=D8E2FAB150A2FD578F67E19B0296539B3752C9A9 Validity Not Before: Dec 22 17:16:19 2025 GMT Not After : Dec 29 17:16:19 2025 GMT Subject: CN=69497ce3-a563 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:fb:5f:67:97:c4:74:57:7c:20:e0:1f:d9:65: dc:66:07:f7:c7:28:60:c7:3d:11:ae:ec:0b:57:a3: 57:52:1d:72:b5:fa:74:99:03:5a:51:b5:d9:70:7e: a5:ff:74:cb:59:dc:ff:91:46:18:ec:a7:16:f2:34: 9d:aa:d1:f3:bc:5e:df:64:1f:81:ec:0a:9e:78:d1: a3:af:c8:f6:9c:67:28:ff:da:17:fb:c9:88:16:ef: 69:60:da:29:e5:d1:5b:31:4c:3e:2f:e3:2f:a6:02: e4:a9:84:33:45:72:27:9d:21:17:19:a0:79:c6:2f: 1f:5c:fe:c4:c2:b3:b6:99:29:73:55:fe:19:84:85: 60:64:63:d1:fb:39:84:be:33:db:b9:e6:0a:b9:d9: 77:5f:5f:a0:64:07:b6:aa:63:eb:3a:2e:32:40:a5: f3:c5:04:69:cf:0d:ea:eb:bc:fc:c3:b8:00:d7:f3: 9f:05:cc:3d:f2:d0:1f:80:3f:12:0a:00:b7:da:7f: 76:e3:2a:84:4d:33:ea:e2:12:9f:c7:f6:bb:ee:d7: a9:1b:44:ea:6f:80:0e:20:08:a4:9a:e6:e6:9d:3d: 87:e4:a5:dd:ca:99:63:aa:81:08:0e:20:b8:7a:a5: 36:c0:93:47:c4:93:ca:38:88:ea:90:d9:2a:c8:ab: 7a:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:A7:9C:85:33:50:95:44:B8:70:CC:10:BA:2E:0B:B3:E9:F5:6E:64 X509v3 Authority Key Identifier: keyid:D8:E2:FA:B1:50:A2:FD:57:8F:67:E1:9B:02:96:53:9B:37:52:C9:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2OL6sVCi_VePZ-GbApZTmzdSyak.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:96:2f:03:d8:a9:98:31:9a:af:9a:b6:17:54:cc:56:71:52: ca:ee:b2:f0:33:80:09:64:d6:d1:a0:4f:38:01:fe:03:51:b7: bf:52:dc:84:a9:a9:e8:bf:fc:59:40:cc:13:14:05:76:c8:0b: 8a:19:65:15:9e:e7:97:5b:1f:df:98:f7:1d:a7:c2:3b:17:d8: d8:d2:f4:2f:42:e9:ed:bb:92:67:1a:c1:14:09:2d:5f:51:ae: 03:bb:32:f4:cc:d7:ec:c8:4d:5f:a2:09:31:c8:f6:c4:45:7f: 1b:81:25:2d:06:04:5e:f5:69:03:eb:78:65:c0:97:44:11:c8: 53:a5:29:63:1e:3a:38:c3:50:48:7a:d8:18:65:97:ba:16:a1: e9:4a:95:8a:fa:65:1e:72:0a:60:ac:5f:dd:e1:cd:49:ce:e0: 33:df:2d:7c:c4:e8:4f:26:e9:dd:f9:c2:e9:3d:c6:07:85:c0: 46:59:f1:2b:1b:8f:85:16:4a:b1:f6:33:e9:61:ab:f8:71:41: c0:92:12:39:eb:c7:75:7f:14:e3:3f:6d:40:56:1c:89:c4:5a: 85:b7:61:f8:13:a8:f3:6b:50:12:93:8c:86:67:ac:bd:65:87: 87:03:ee:3f:fe:9d:ae:4f:ee:27:6b:59:6c:a3:32:f0:1c:a6: 16:f0:74:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDxcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUMyMjUxMTAvBgNVBAUTKEQ4RTJGQUIxNTBBMkZENTc4RjY3RTE5QjAyOTY1MzlC Mzc1MkM5QTkwHhcNMjUxMjIyMTcxNjE5WhcNMjUxMjI5MTcxNjE5WjAYMRYwFAYD VQQDDA02OTQ5N2NlMy1hNTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtPtfZ5fEdFd8IOAf2WXcZgf3xyhgxz0RruwLV6NXUh1ytfp0mQNaUbXZcH6l /3TLWdz/kUYY7KcW8jSdqtHzvF7fZB+B7AqeeNGjr8j2nGco/9oX+8mIFu9pYNop 5dFbMUw+L+MvpgLkqYQzRXInnSEXGaB5xi8fXP7EwrO2mSlzVf4ZhIVgZGPR+zmE vjPbueYKudl3X1+gZAe2qmPrOi4yQKXzxQRpzw3q67z8w7gA1/OfBcw98tAfgD8S CgC32n924yqETTPq4hKfx/a77tepG0Tqb4AOIAikmubmnT2H5KXdypljqoEIDiC4 eqU2wJNHxJPKOIjqkNkqyKt63wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG+nnIUz UJVEuHDMELouC7Pp9W5kMB8GA1UdIwQYMBaAFNji+rFQov1Xj2fhmwKWU5s3Usmp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzIyNS80OTlGREY5MDhF NTUxMUU5ODBEMDlBNDJDNEY5QUUwMi8yT0w2c1ZDaV9WZVBaLUdiQXBaVG16ZFN5 YWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJPTDZzVkNpX1ZlUFotR2JBcFpUbXpkU3lhay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzIyNS80OTlGREY5MDhFNTUxMUU5ODBEMDlBNDJDNEY5QUUwMi8yT0w2c1ZDaV9W ZVBaLUdiQXBaVG16ZFN5YWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNli8D2KmYMZqvmrYXVMxWcVLK7rLwM4AJZNbRoE84Af4DUbe/UtyE qanov/xZQMwTFAV2yAuKGWUVnueXWx/fmPcdp8I7F9jY0vQvQuntu5JnGsEUCS1f Ua4DuzL0zNfsyE1fogkxyPbERX8bgSUtBgRe9WkD63hlwJdEEchTpSljHjo4w1BI etgYZZe6FqHpSpWK+mUecgpgrF/d4c1JzuAz3y18xOhPJund+cLpPcYHhcBGWfEr G4+FFkqx9jPpYav4cUHAkhI568d1fxTjP21AVhyJxFqFt2H4E6jza1ASk4yGZ6y9 ZYeHA+4//p2uT+4na1lsozLwHKYW8HQB -----END CERTIFICATE-----Generated at Wed Dec 24 14:09:00 2025 by rpki-client