This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: UiGJfijnSf7+AyGU4Kd+SXGMwZ0PwIzN/WVmz1zZ2+s= Subject key identifier: 28:2D:E2:AD:E4:30:D5:5F:CF:DF:E7:32:4C:96:24:B0:1B:2A:9E:14 Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0CC6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0CB5 Signing time: Sat 20 Dec 2025 17:59:51 +0000 Manifest this update: Sat 20 Dec 2025 17:59:51 +0000 Manifest next update: Sat 27 Dec 2025 17:59:51 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: Y40BzaJJoitnpGR/hMibKt5m1z2nC9/C4n/CkSbO1KM=) 2: 2CF214DC93A611F0B9B44571C4F9AE02.roa (hash: gDTlO8JdKBOhrYpdJ9YbTAbJbDClxcUd9QV6sNxI620=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 17:59:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3270 (0xcc6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Dec 20 17:59:51 2025 GMT Not After : Dec 27 17:59:51 2025 GMT Subject: CN=6946e417-f428 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:90:9f:a4:71:12:60:08:e3:45:9e:64:61:35: 45:71:e2:19:a8:c0:0f:a5:6a:7b:79:00:ed:35:80: 13:b7:1a:9e:e2:9f:ec:1f:9b:de:d0:0b:2b:24:59: b1:dd:39:a0:59:f3:8a:a2:48:fb:cf:39:b9:46:fd: f6:65:7b:1b:d2:a9:3f:03:59:f8:10:6f:7c:46:56: 5d:dd:df:52:20:34:22:65:4e:6c:1d:a7:33:ce:30: b1:6c:65:04:59:04:fe:d9:49:52:ec:94:91:76:52: 62:b3:64:35:c0:0b:f2:cd:f4:2c:25:f8:37:6b:e1: 87:2f:06:47:c9:1e:5d:cb:92:ad:73:74:1f:33:29: 2c:1a:25:e0:6e:94:0d:35:2e:6e:f3:ba:27:f9:43: 49:90:54:97:8e:f6:be:b4:f7:cf:d9:de:eb:9e:ab: ba:b5:15:ad:07:b6:21:05:0e:d2:af:1e:9a:bc:22: b8:22:de:68:1d:df:19:8c:b8:1d:7d:48:53:4c:24: d0:5c:65:c5:34:04:5e:ae:44:f1:bd:7a:c1:6b:8d: 4b:1f:1a:a8:94:50:1f:f4:74:40:64:62:b4:fd:ec: 0c:6d:43:d4:38:0d:32:37:49:1a:5e:f0:97:8f:af: 70:e1:5a:6f:9a:77:7b:59:7e:98:b3:85:29:3e:8b: ea:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:2D:E2:AD:E4:30:D5:5F:CF:DF:E7:32:4C:96:24:B0:1B:2A:9E:14 X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:eb:87:47:8c:f6:b1:39:52:88:7c:dd:e7:96:da:2b:47:22: 65:25:f3:b2:71:bd:69:77:c5:3f:3e:92:f2:41:1b:d4:ad:54: 7c:13:cd:b1:81:ff:68:76:0a:48:c5:c1:4b:0c:37:b1:ef:8a: 11:90:d3:cc:01:64:07:67:c8:43:43:8e:67:6f:6a:78:aa:9b: 20:1a:fd:54:42:f5:c1:b9:61:68:43:a8:cb:f4:14:6d:e7:06: 78:bf:5b:a6:fb:f5:2e:51:c8:0d:a3:66:83:f8:43:3d:b3:8d: 77:d4:0a:74:35:44:8e:89:7e:b7:a5:24:30:ea:11:8c:b5:62: e5:77:11:f2:80:97:c4:a2:44:26:28:48:40:66:ad:e3:24:77: 34:cd:96:73:78:f8:e8:f6:43:19:df:ab:a9:c7:f4:86:0e:dd: 81:53:10:52:5d:ad:62:52:9c:35:5f:1c:93:3b:7b:ac:2d:1c: 40:6f:c8:fd:c0:2c:8a:2c:14:d5:51:54:3d:b7:f5:3d:23:0d: a0:87:a0:b0:88:68:b2:52:86:d7:5f:68:9d:01:28:67:1c:c8: 90:28:aa:26:b2:49:ba:2b:38:31:4f:d7:3a:75:9a:78:59:0e: 78:e3:dd:a3:06:31:5f:59:04:57:69:63:46:10:fa:66:ff:46: a8:3a:ad:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUxMjIwMTc1OTUxWhcNMjUxMjI3MTc1OTUxWjAYMRYwFAYD VQQDDA02OTQ2ZTQxNy1mNDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnpCfpHESYAjjRZ5kYTVFceIZqMAPpWp7eQDtNYATtxqe4p/sH5ve0AsrJFmx 3TmgWfOKokj7zzm5Rv32ZXsb0qk/A1n4EG98RlZd3d9SIDQiZU5sHaczzjCxbGUE WQT+2UlS7JSRdlJis2Q1wAvyzfQsJfg3a+GHLwZHyR5dy5Ktc3QfMyksGiXgbpQN NS5u87on+UNJkFSXjva+tPfP2d7rnqu6tRWtB7YhBQ7Srx6avCK4It5oHd8ZjLgd fUhTTCTQXGXFNARerkTxvXrBa41LHxqolFAf9HRAZGK0/ewMbUPUOA0yN0kaXvCX j69w4Vpvmnd7WX6Ys4UpPovqowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCgt4q3k MNVfz9/nMkyWJLAbKp4UMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAx64dHjPaxOVKIfN3nltorRyJlJfOycb1pd8U/PpLyQRvUrVR8E82x gf9odgpIxcFLDDex74oRkNPMAWQHZ8hDQ45nb2p4qpsgGv1UQvXBuWFoQ6jL9BRt 5wZ4v1um+/UuUcgNo2aD+EM9s4131Ap0NUSOiX63pSQw6hGMtWLldxHygJfEokQm KEhAZq3jJHc0zZZzePjo9kMZ36upx/SGDt2BUxBSXa1iUpw1XxyTO3usLRxAb8j9 wCyKLBTVUVQ9t/U9Iw2gh6CwiGiyUobXX2idAShnHMiQKKomskm6KzgxT9c6dZp4 WQ54492jBjFfWQRXaWNGEPpm/0aoOq2N -----END CERTIFICATE-----Generated at Sun Dec 21 14:15:05 2025 by rpki-client