This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft File: HaAa_AiIyqYXHgoOdBz8kE7S328.mft (raw, json) Hash identifier: NLNOzW0uAiRZvT36rRtuJmW1nMoHmUA2lAOLbGDzcTo= Subject key identifier: 20:1A:40:F8:D5:19:A2:2D:F4:4A:54:5B:76:0E:F0:A3:44:1D:9B:8B Authority key identifier: 1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F Certificate issuer: /CN=A91352C6/serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F Certificate serial: 0939 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft Manifest number: 0933 Signing time: Sat 20 Dec 2025 19:39:17 +0000 Manifest this update: Sat 20 Dec 2025 19:39:17 +0000 Manifest next update: Sat 27 Dec 2025 19:39:17 +0000 Files and hashes: 1: HaAa_AiIyqYXHgoOdBz8kE7S328.crl (hash: +7wukCCnB2OaGdjWnzRji7BMXWo/ClZub8/CBzGhBlg=) 2: 939AAE78B1D511EA8E3DAE1CC4F9AE02.roa (hash: KFIHw6tMuHLxcRTo8fAv1CEG7OYhkgzMk8UZPi5UKvY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.crl rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 19:39:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2361 (0x939) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91352C6, serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F Validity Not Before: Dec 20 19:39:17 2025 GMT Not After : Dec 27 19:39:17 2025 GMT Subject: CN=6946fb65-64c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:02:0b:36:73:cd:73:12:4e:76:4e:1c:28:14: 83:6b:8c:7d:8d:42:1d:b2:c2:02:fb:7a:d6:dd:76: 34:10:fa:86:a7:09:3a:7d:04:6e:71:85:b1:35:02: ab:84:24:4c:2a:b1:c0:46:7d:7a:c0:fa:cd:3f:fc: be:58:77:4c:eb:1f:45:1c:5c:73:f6:19:40:56:59: ca:93:83:ed:2b:60:75:b4:26:85:4d:bb:a8:9f:d5: 47:1b:48:31:59:31:c9:9c:c6:08:79:9e:df:18:af: 43:27:bb:76:42:3e:94:fe:da:a4:f9:cf:3c:0b:ee: 41:55:d8:71:28:cd:88:f5:48:b3:e7:7d:b4:f1:dc: e9:d4:0f:67:0a:7a:ac:bd:91:3b:11:fe:cc:16:25: ca:e2:72:0c:05:03:f7:5e:b6:af:a0:28:f2:12:ab: 50:10:4b:29:6b:a6:e5:7c:bb:2f:44:d4:11:1f:b6: db:92:e3:4c:d3:d2:07:82:14:87:14:8b:6b:ec:4f: 95:2e:5a:31:7a:32:7b:98:b3:da:c9:a2:1a:1f:8f: f4:ae:15:6d:c1:91:0d:29:f1:a1:4e:e1:35:b0:e5: 94:8c:44:c7:f1:06:7c:99:37:b2:86:c3:f4:a2:6e: 1b:8c:8c:17:91:0d:0f:f0:8d:82:ed:52:5b:27:35: c8:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:1A:40:F8:D5:19:A2:2D:F4:4A:54:5B:76:0E:F0:A3:44:1D:9B:8B X509v3 Authority Key Identifier: keyid:1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:d6:96:79:1c:24:aa:2f:a0:41:31:5b:4b:c8:9b:37:8d:64: f1:97:38:ea:e0:41:93:9c:ae:cb:6a:1a:f1:21:a5:d0:3c:df: 03:6a:c1:19:f9:34:a7:d6:c1:cd:47:9f:56:8b:d9:6c:26:3d: ea:ec:a8:1e:f9:ac:1c:c5:8c:bf:a2:14:49:4b:d8:e0:f3:a3: f0:5e:16:33:89:1b:69:18:c1:85:57:e2:89:50:51:66:54:99: ad:be:5a:97:fa:34:ba:55:66:c3:78:fd:9d:f9:c1:c6:79:4a: d7:69:42:56:a6:3e:04:10:87:8c:d4:3a:00:7d:32:0e:7c:57: dd:66:72:8f:d9:17:4e:59:58:43:b1:ce:a3:66:0b:00:ec:e5: d4:02:a8:0f:2c:5a:fa:04:cb:12:c4:33:ff:7a:c2:3f:16:11: 0a:cb:be:e1:7c:04:89:f0:9f:40:0f:d2:ee:01:0a:94:4a:92: 24:3a:65:5f:61:da:e7:e8:63:0e:a1:bc:16:ab:52:2a:9c:41: f0:e2:1c:21:34:e9:69:8b:98:4e:c0:ba:14:58:6d:de:23:7f: 10:71:5d:27:e6:c6:99:a6:4e:d4:87:e9:a0:4a:a8:15:f7:ca: c8:05:94:3b:fd:fa:04:38:a7:96:c9:2c:6f:d2:53:0c:0f:a5: f8:32:b3:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzUyQzYxMTAvBgNVBAUTKDFEQTAxQUZDMDg4OENBQTYxNzFFMEEwRTc0MUNGQzkw NEVEMkRGNkYwHhcNMjUxMjIwMTkzOTE3WhcNMjUxMjI3MTkzOTE3WjAYMRYwFAYD VQQDDA02OTQ2ZmI2NS02NGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4gILNnPNcxJOdk4cKBSDa4x9jUIdssIC+3rW3XY0EPqGpwk6fQRucYWxNQKr hCRMKrHARn16wPrNP/y+WHdM6x9FHFxz9hlAVlnKk4PtK2B1tCaFTbuon9VHG0gx WTHJnMYIeZ7fGK9DJ7t2Qj6U/tqk+c88C+5BVdhxKM2I9Uiz53208dzp1A9nCnqs vZE7Ef7MFiXK4nIMBQP3XravoCjyEqtQEEspa6blfLsvRNQRH7bbkuNM09IHghSH FItr7E+VLloxejJ7mLPayaIaH4/0rhVtwZENKfGhTuE1sOWUjETH8QZ8mTeyhsP0 om4bjIwXkQ0P8I2C7VJbJzXIJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCAaQPjV GaIt9EpUW3YO8KNEHZuLMB8GA1UdIwQYMBaAFB2gGvwIiMqmFx4KDnQc/JBO0t9v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTJDNi8xRURGRTQ5NkIx RDQxMUVBQTQ2RjAwMUFDNEY5QUUwMi9IYUFhX0FpSXlxWVhIZ29PZEJ6OGtFN1Mz MjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hhQWFfQWlJeXFZWEhnb09kQno4a0U3UzMyOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NTJDNi8xRURGRTQ5NkIxRDQxMUVBQTQ2RjAwMUFDNEY5QUUwMi9IYUFhX0FpSXlx WVhIZ29PZEJ6OGtFN1MzMjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBE1pZ5HCSqL6BBMVtLyJs3jWTxlzjq4EGTnK7LahrxIaXQPN8DasEZ +TSn1sHNR59Wi9lsJj3q7Kge+awcxYy/ohRJS9jg86PwXhYziRtpGMGFV+KJUFFm VJmtvlqX+jS6VWbDeP2d+cHGeUrXaUJWpj4EEIeM1DoAfTIOfFfdZnKP2RdOWVhD sc6jZgsA7OXUAqgPLFr6BMsSxDP/esI/FhEKy77hfASJ8J9AD9LuAQqUSpIkOmVf Ydrn6GMOobwWq1IqnEHw4hwhNOlpi5hOwLoUWG3eI38QcV0n5saZpk7Uh+mgSqgV 98rIBZQ7/foEOKeWySxv0lMMD6X4MrMw -----END CERTIFICATE-----Generated at Sun Dec 21 22:43:12 2025 by rpki-client