This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft File: _thOn-AVmpk3ohk6C326I7bCZbg.mft (raw, json) Hash identifier: 1M2cURc4BmQCcDwco5wAcBc/eLKxotKdYuoJJ6XqzC0= Subject key identifier: 39:AC:54:1A:DC:BB:02:57:14:17:00:54:09:91:3E:11:AE:0E:B4:D5 Authority key identifier: FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 Certificate issuer: /CN=A91EDBB0/serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Certificate serial: 8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft Manifest number: 8E Signing time: Tue 23 Dec 2025 05:29:05 +0000 Manifest this update: Tue 23 Dec 2025 05:29:04 +0000 Manifest next update: Tue 30 Dec 2025 05:29:04 +0000 Files and hashes: 1: _thOn-AVmpk3ohk6C326I7bCZbg.crl (hash: /FJxYi7kQ4+cwII0tVj36siUBT4C21J8SI5aO1JsrEI=) 2: 18317928083911F0A2909A72C4F9AE02.roa (hash: fPnd9TCItmXimGuCENGl/4MsqPzHHL+sjFkQjjF93Kg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 05:29:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 143 (0x8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDBB0, serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Validity Not Before: Dec 23 05:29:04 2025 GMT Not After : Dec 30 05:29:04 2025 GMT Subject: CN=694a28a1-b247 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:04:f6:21:8c:54:3a:fd:b5:58:26:c3:6a:f0: 52:07:b3:4e:b3:9b:c5:74:91:50:99:2c:f9:53:b6: 1c:f3:c3:5f:c5:30:ea:2b:c8:dd:82:da:3a:67:a0: f9:52:a2:67:9e:15:51:ab:07:5e:a2:89:b0:8b:f2: 6d:b5:c3:8c:11:f1:fa:4c:7e:38:ce:04:dc:60:cb: a7:3e:bc:44:04:95:9f:86:b1:02:b6:fc:6c:72:28: 84:c3:d5:29:95:72:fd:3e:2d:dd:17:67:e3:13:43: 5f:b1:04:2a:4b:9d:9c:cb:e0:2e:f5:21:1c:7c:4c: 02:8c:11:b7:be:37:eb:4e:1c:c5:77:9f:65:d8:c5: 57:57:c4:79:52:12:47:ae:ff:af:2c:d9:e2:94:a7: a1:ab:1f:ae:6b:14:72:73:e5:38:8e:42:d5:5d:49: 32:c0:32:0b:73:94:2c:7d:1f:30:ac:45:8b:9f:bc: 6f:90:ca:37:de:4d:bd:79:a9:3c:12:4d:5f:1b:46: 80:7b:6e:82:02:46:a8:bc:6c:7f:9f:bc:0e:48:0e: e8:ef:02:68:9d:36:61:27:bd:57:58:ac:10:4c:f6: 5f:dd:0b:14:19:04:28:13:fc:19:7b:a0:90:06:5b: 4b:c0:d3:9d:bc:08:5f:06:74:8f:70:12:d2:50:16: 03:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:AC:54:1A:DC:BB:02:57:14:17:00:54:09:91:3E:11:AE:0E:B4:D5 X509v3 Authority Key Identifier: keyid:FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:48:3d:91:e7:f9:9e:1e:a6:1d:f1:4f:0b:fa:1a:55:a2:1e: 97:8f:9b:da:9e:a7:59:ae:a3:07:d6:84:e0:be:fa:33:de:18: 10:29:0a:4b:3c:1f:47:d9:e3:40:24:ee:81:e8:c0:ed:14:88: f3:10:a7:08:72:84:d6:5c:14:c9:e4:72:31:88:bb:88:6b:a0: 13:d2:05:c8:fa:2c:8b:82:d5:7b:4e:a2:dd:13:9d:37:98:c4: 15:4c:63:cc:1a:6b:fa:85:4d:f1:1c:40:f8:1a:d9:55:25:c5: 64:4a:4e:fd:84:de:73:42:0f:02:e3:a0:19:a8:03:2b:d0:f5: da:31:a4:28:0d:fa:87:c7:05:48:f3:03:97:08:56:79:ba:cc: 91:15:ae:af:33:c4:be:ae:71:c8:0c:98:cb:cb:f1:9d:5f:d1: 42:85:62:ba:a3:97:7f:b3:e2:31:67:5c:ab:cc:3a:ae:04:49: ba:0f:06:f3:3c:fc:38:9e:cf:3c:f0:3d:34:75:f9:40:e9:32: 14:31:af:05:a5:55:90:21:b0:11:35:95:cf:e5:6f:b2:ca:94: 20:b0:3c:86:aa:f3:69:5b:52:62:1a:80:4f:6d:ff:b0:84:0b: fc:77:9a:ae:0b:1a:01:24:e2:92:e8:3b:a7:08:4f:51:91:72: 4c:cb:68:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RURCQjAxMTAvBgNVBAUTKEZFRDg0RTlGRTAxNTlBOTkzN0EyMTkzQTBCN0RCQTIz QjZDMjY1QjgwHhcNMjUxMjIzMDUyOTA0WhcNMjUxMjMwMDUyOTA0WjAYMRYwFAYD VQQDDA02OTRhMjhhMS1iMjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArwT2IYxUOv21WCbDavBSB7NOs5vFdJFQmSz5U7Yc88NfxTDqK8jdgto6Z6D5 UqJnnhVRqwdeoomwi/JttcOMEfH6TH44zgTcYMunPrxEBJWfhrECtvxsciiEw9Up lXL9Pi3dF2fjE0NfsQQqS52cy+Au9SEcfEwCjBG3vjfrThzFd59l2MVXV8R5UhJH rv+vLNnilKehqx+uaxRyc+U4jkLVXUkywDILc5QsfR8wrEWLn7xvkMo33k29eak8 Ek1fG0aAe26CAkaovGx/n7wOSA7o7wJonTZhJ71XWKwQTPZf3QsUGQQoE/wZe6CQ BltLwNOdvAhfBnSPcBLSUBYDPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDmsVBrc uwJXFBcAVAmRPhGuDrTVMB8GA1UdIwQYMBaAFP7YTp/gFZqZN6IZOgt9uiO2wmW4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREJCMC9FNjUzRTUxMjA3 RUQxMUYwQjBBNjg3NjRDNEY5QUUwMi9fdGhPbi1BVm1wazNvaGs2QzMyNkk3YkNa YmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL190aE9uLUFWbXBrM29oazZDMzI2STdiQ1piZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF REJCMC9FNjUzRTUxMjA3RUQxMUYwQjBBNjg3NjRDNEY5QUUwMi9fdGhPbi1BVm1w azNvaGs2QzMyNkk3YkNaYmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjSD2R5/meHqYd8U8L+hpVoh6Xj5vanqdZrqMH1oTgvvoz3hgQKQpL PB9H2eNAJO6B6MDtFIjzEKcIcoTWXBTJ5HIxiLuIa6AT0gXI+iyLgtV7TqLdE503 mMQVTGPMGmv6hU3xHED4GtlVJcVkSk79hN5zQg8C46AZqAMr0PXaMaQoDfqHxwVI 8wOXCFZ5usyRFa6vM8S+rnHIDJjLy/GdX9FChWK6o5d/s+IxZ1yrzDquBEm6Dwbz PPw4ns888D00dflA6TIUMa8FpVWQIbARNZXP5W+yypQgsDyGqvNpW1JiGoBPbf+w hAv8d5quCxoBJOKS6DunCE9RkXJMy2i5 -----END CERTIFICATE-----Generated at Wed Dec 24 14:09:31 2025 by rpki-client