This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft File: 5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft (raw, json) Hash identifier: mD+JoY90Ft1HCS8Xmv/pA7nkKM2IiaCVMjCzA1XuLkQ= Subject key identifier: FE:DD:A9:AF:A6:53:7C:53:CA:F1:01:3C:F9:06:FA:70:E7:84:8B:6B Authority key identifier: E7:3F:B8:86:8D:D3:B4:61:EA:1A:67:3C:7A:36:94:52:35:E9:CA:AE Certificate issuer: /CN=A91FCEB1/serialNumber=E73FB8868DD3B461EA1A673C7A36945235E9CAAE Certificate serial: 0762 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5z-4ho3TtGHqGmc8ejaUUjXpyq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft Manifest number: 2235 Signing time: Tue 02 Dec 2025 15:49:37 +0000 Manifest this update: Tue 02 Dec 2025 15:49:37 +0000 Manifest next update: Tue 09 Dec 2025 15:49:37 +0000 Files and hashes: 1: 5z-4ho3TtGHqGmc8ejaUUjXpyq4.crl (hash: jXhUQ7h/8DlY6NZ1OldcUQ3nCfCvCkSNiepg+l7Sgr0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.crl rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5z-4ho3TtGHqGmc8ejaUUjXpyq4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 15:49:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1890 (0x762) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FCEB1, serialNumber=E73FB8868DD3B461EA1A673C7A36945235E9CAAE Validity Not Before: Dec 2 15:49:37 2025 GMT Not After : Dec 9 15:49:37 2025 GMT Subject: CN=692f0a91-e0f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:fb:0a:25:5d:c2:67:c7:6a:36:83:29:5b:6c: ce:5b:85:f6:dc:56:e8:01:e9:21:0c:e9:01:d9:88: ea:b8:77:28:d0:18:95:dd:3c:af:22:69:b0:da:1e: 05:59:b3:87:1a:86:56:34:66:3a:c9:cd:51:96:d6: 3b:ed:b9:06:d6:43:43:69:b1:c6:32:6f:38:28:15: 2c:37:76:70:ea:8a:93:fa:87:a3:a9:0e:4f:81:d6: fa:69:96:4b:25:47:bf:7a:f2:ef:29:22:27:93:26: 35:2b:49:43:69:64:93:ea:7f:96:da:d8:21:ef:d9: 11:de:c8:71:3c:82:2c:ee:96:32:d5:6c:61:55:ad: 90:b7:c2:5a:0d:0c:40:db:18:33:3d:9a:66:24:b7: 1b:a4:fb:6a:b7:dc:4e:b1:34:46:4a:e5:4a:60:31: 83:d5:9b:b0:cc:40:22:68:bd:34:6b:70:19:2b:99: c9:87:43:68:62:fb:fb:d9:e2:3c:c3:61:a2:6c:23: c2:c6:ee:22:1a:89:17:a2:1b:cb:2d:99:23:c4:00: b3:04:11:2c:17:76:23:59:5b:23:82:dc:2b:6a:12: 3a:2b:e4:a7:6e:84:82:d9:3b:cd:b0:c5:4a:8e:75: 10:42:7b:14:fb:be:60:1b:3f:57:ee:47:9e:6a:9f: fb:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:DD:A9:AF:A6:53:7C:53:CA:F1:01:3C:F9:06:FA:70:E7:84:8B:6B X509v3 Authority Key Identifier: keyid:E7:3F:B8:86:8D:D3:B4:61:EA:1A:67:3C:7A:36:94:52:35:E9:CA:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5z-4ho3TtGHqGmc8ejaUUjXpyq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cd:b7:99:c1:ff:5b:bb:68:9b:b9:62:58:44:18:a7:1c:7f:4e: 05:a6:9b:2b:0a:3f:b5:c9:71:f9:4d:c4:57:29:94:b3:cd:90: c2:cd:4a:55:d3:4c:64:de:39:57:f4:89:e3:12:cc:1f:56:18: 9c:c2:e1:c3:78:95:1b:76:67:7a:b6:5e:c7:36:ea:49:2c:a1: 12:f0:be:d0:10:83:17:d7:f1:cf:af:79:4d:39:34:c8:ab:89: c7:34:8f:19:c9:71:7e:db:0b:84:2b:98:fd:df:ac:5b:52:f9: 21:f0:05:5b:29:b7:fb:66:ac:e1:61:51:b9:42:80:14:8e:fc: 66:55:5b:38:5b:fc:e1:00:7c:38:38:ff:16:ba:1d:16:f2:38: aa:ec:5e:06:ce:22:c5:3f:22:2c:b2:37:57:98:29:68:68:f0: 76:9f:65:3c:e8:00:de:b4:ce:fd:09:a5:11:09:bc:30:fb:09: 91:ce:a3:2e:9f:d6:22:cd:c0:ef:c8:66:11:e8:4a:93:b7:b3: a1:6b:c4:72:41:fb:ee:1c:cc:71:6d:3d:1b:b4:f2:af:21:8a: ca:58:c9:68:11:a2:5f:54:d9:33:bf:33:53:86:fd:fe:e1:7d: b8:32:3a:c8:93:d4:f8:d6:1f:e3:d4:75:53:18:e9:84:32:c1: 6a:eb:29:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkNFQjExMTAvBgNVBAUTKEU3M0ZCODg2OEREM0I0NjFFQTFBNjczQzdBMzY5NDUy MzVFOUNBQUUwHhcNMjUxMjAyMTU0OTM3WhcNMjUxMjA5MTU0OTM3WjAYMRYwFAYD VQQDEw02OTJmMGE5MS1lMGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAofsKJV3CZ8dqNoMpW2zOW4X23FboAekhDOkB2YjquHco0BiV3TyvImmw2h4F WbOHGoZWNGY6yc1RltY77bkG1kNDabHGMm84KBUsN3Zw6oqT+oejqQ5Pgdb6aZZL JUe/evLvKSInkyY1K0lDaWST6n+W2tgh79kR3shxPIIs7pYy1WxhVa2Qt8JaDQxA 2xgzPZpmJLcbpPtqt9xOsTRGSuVKYDGD1ZuwzEAiaL00a3AZK5nJh0NoYvv72eI8 w2GibCPCxu4iGokXohvLLZkjxACzBBEsF3YjWVsjgtwrahI6K+SnboSC2TvNsMVK jnUQQnsU+75gGz9X7keeap/7nwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP7dqa+m U3xTyvEBPPkG+nDnhItrMB8GA1UdIwQYMBaAFOc/uIaN07Rh6hpnPHo2lFI16cqu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0VCMS85QzE0QjQwNjNB MjExMUU3OUFBMEQ1MUNDNEY5QUUwMi81ei00aG8zVHRHSHFHbWM4ZWphVVVqWHB5 cTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzV6LTRobzNUdEdIcUdtYzhlamFVVWpYcHlxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Q0VCMS85QzE0QjQwNjNBMjExMUU3OUFBMEQ1MUNDNEY5QUUwMi81ei00aG8zVHRH SHFHbWM4ZWphVVVqWHB5cTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDNt5nB/1u7aJu5YlhEGKccf04FppsrCj+1yXH5TcRXKZSzzZDCzUpV 00xk3jlX9InjEswfVhicwuHDeJUbdmd6tl7HNupJLKES8L7QEIMX1/HPr3lNOTTI q4nHNI8ZyXF+2wuEK5j936xbUvkh8AVbKbf7ZqzhYVG5QoAUjvxmVVs4W/zhAHw4 OP8Wuh0W8jiq7F4GziLFPyIssjdXmCloaPB2n2U86ADetM79CaURCbww+wmRzqMu n9YizcDvyGYR6EqTt7Oha8RyQfvuHMxxbT0btPKvIYrKWMloEaJfVNkzvzNThv3+ 4X24MjrIk9T41h/j1HVTGOmEMsFq6ylT -----END CERTIFICATE-----Generated at Wed Dec 3 14:56:56 2025 by rpki-client