This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.mft File: BKm4kZsiD18-q9D03YXi9b28VQA.mft (raw, json) Hash identifier: OCQcvqof6YWMYGgzd4zZqCoE3fjnNzzGIA2B3ni3Alk= Subject key identifier: B1:8A:23:E5:44:B3:2B:EF:46:3C:1F:48:C6:F7:71:B4:15:A0:42:DC Authority key identifier: 04:A9:B8:91:9B:22:0F:5F:3E:AB:D0:F4:DD:85:E2:F5:BD:BC:55:00 Certificate issuer: /CN=A913837F/serialNumber=04A9B8919B220F5F3EABD0F4DD85E2F5BDBC5500 Certificate serial: 01B6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BKm4kZsiD18-q9D03YXi9b28VQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.mft Manifest number: 01B2 Signing time: Sun 21 Dec 2025 02:23:30 +0000 Manifest this update: Sun 21 Dec 2025 02:23:30 +0000 Manifest next update: Sun 28 Dec 2025 02:23:30 +0000 Files and hashes: 1: BKm4kZsiD18-q9D03YXi9b28VQA.crl (hash: GR5tT45aPyhCCjXrMbRijqj11Z+uXIezDljwFMLcBN8=) 2: 3D83357646E411EE82ED8843C4F9AE02.roa (hash: 34LR4muDkvBv1o97MuicPyBMy45vufYYnTs0rk2DkdE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.crl rsync://rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BKm4kZsiD18-q9D03YXi9b28VQA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 02:23:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 438 (0x1b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913837F, serialNumber=04A9B8919B220F5F3EABD0F4DD85E2F5BDBC5500 Validity Not Before: Dec 21 02:23:30 2025 GMT Not After : Dec 28 02:23:30 2025 GMT Subject: CN=69475a22-2a30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:b0:5e:08:5c:02:00:0a:f1:6f:00:a3:43:46: 6c:f0:86:4a:e6:f7:aa:18:86:c7:54:ba:88:0d:3e: 2e:d0:d7:00:d9:1f:35:7a:2e:4d:67:3d:64:bf:fc: b3:02:95:96:c3:89:a7:88:04:27:dd:3e:21:83:e6: f4:d3:19:2e:fe:eb:fe:b1:14:a2:42:9e:24:e6:08: e4:e0:f2:45:06:2b:5f:94:f5:bc:c8:12:16:50:6e: 6a:21:8a:d6:1b:2d:57:e6:bc:54:0d:33:a0:45:78: cf:0e:5d:ee:7c:4a:87:8a:58:bc:6f:8c:a0:d1:3c: e7:6d:35:d9:a0:46:04:0b:19:5e:c5:5d:28:4c:82: c3:0a:e0:eb:aa:5e:a5:0e:26:4d:b1:a5:be:61:06: 43:c0:04:f2:96:f9:4b:d3:39:dd:12:f3:6b:8a:9b: df:d2:7e:95:41:0f:2d:a5:b6:a2:df:1e:e6:13:2f: 29:d3:29:e2:38:f1:8d:4a:b2:23:26:3b:9a:90:7a: 85:ee:16:a6:29:7a:d3:bd:a7:b7:60:ac:99:10:e9: a7:19:7f:b6:f9:6f:c8:6a:69:dc:96:a0:d5:a5:93: fa:c0:b3:3f:73:55:4f:2d:89:cc:fa:99:7c:ce:5b: 0c:1f:8e:00:0b:e3:69:41:de:55:96:37:64:06:f7: 74:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:8A:23:E5:44:B3:2B:EF:46:3C:1F:48:C6:F7:71:B4:15:A0:42:DC X509v3 Authority Key Identifier: keyid:04:A9:B8:91:9B:22:0F:5F:3E:AB:D0:F4:DD:85:E2:F5:BD:BC:55:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BKm4kZsiD18-q9D03YXi9b28VQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:3c:37:05:76:8e:b2:f0:ae:46:9e:66:25:cd:2d:d4:48:b6: a6:57:ca:2c:5b:ee:23:95:90:31:24:7c:43:81:ad:97:b0:d8: 8f:09:b0:2e:70:93:c7:5f:e2:a9:40:ba:9f:9f:6b:57:bc:b1: 9d:7b:22:3a:cd:5d:ac:f4:45:82:78:b9:18:00:b0:a1:81:8c: 8f:5f:e5:2a:2f:48:2e:4f:30:aa:0c:f3:29:97:a0:d8:ec:fe: 7d:70:c7:92:2b:78:55:58:c0:03:8f:90:bb:53:3a:69:69:33: 18:87:5c:e1:1b:be:38:7e:8c:68:73:a2:e7:93:1f:f8:be:53: 99:3d:55:cd:b5:49:a1:5e:57:44:59:3b:6c:fd:70:ed:a1:5e: d1:dc:c7:2b:c5:c6:8c:fc:91:4c:99:21:6b:bc:3b:58:8c:09: 25:73:7c:35:ae:f1:f3:7c:e8:c4:e9:25:65:74:86:68:8d:3d: a3:ef:41:6e:b1:f6:19:15:17:c8:ab:b5:98:92:3e:76:27:35: be:a3:0f:16:29:3b:18:02:21:2d:2e:9c:a5:36:f3:bd:0b:e4: 0f:b8:8b:0b:d7:3f:aa:c9:cc:13:3a:e6:72:fc:62:a5:1b:f2: 54:28:71:a3:1a:0b:10:0e:cf:80:8f:d1:bf:b2:ea:33:06:35: 2d:2d:b9:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzgzN0YxMTAvBgNVBAUTKDA0QTlCODkxOUIyMjBGNUYzRUFCRDBGNEREODVFMkY1 QkRCQzU1MDAwHhcNMjUxMjIxMDIyMzMwWhcNMjUxMjI4MDIyMzMwWjAYMRYwFAYD VQQDDA02OTQ3NWEyMi0yYTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxLBeCFwCAArxbwCjQ0Zs8IZK5veqGIbHVLqIDT4u0NcA2R81ei5NZz1kv/yz ApWWw4mniAQn3T4hg+b00xku/uv+sRSiQp4k5gjk4PJFBitflPW8yBIWUG5qIYrW Gy1X5rxUDTOgRXjPDl3ufEqHili8b4yg0TznbTXZoEYECxlexV0oTILDCuDrql6l DiZNsaW+YQZDwATylvlL0zndEvNripvf0n6VQQ8tpbai3x7mEy8p0yniOPGNSrIj JjuakHqF7hamKXrTvae3YKyZEOmnGX+2+W/IamnclqDVpZP6wLM/c1VPLYnM+pl8 zlsMH44AC+NpQd5VljdkBvd0UQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLGKI+VE syvvRjwfSMb3cbQVoELcMB8GA1UdIwQYMBaAFASpuJGbIg9fPqvQ9N2F4vW9vFUA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODM3Ri82NDU5MEMxMjQ2 RTMxMUVFQjVFNDE2NDJDNEY5QUUwMi9CS200a1pzaUQxOC1xOUQwM1lYaTliMjhW UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JLbTRrWnNpRDE4LXE5RDAzWVhpOWIyOFZRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz ODM3Ri82NDU5MEMxMjQ2RTMxMUVFQjVFNDE2NDJDNEY5QUUwMi9CS200a1pzaUQx OC1xOUQwM1lYaTliMjhWUUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOPDcFdo6y8K5GnmYlzS3USLamV8osW+4jlZAxJHxDga2XsNiPCbAu cJPHX+KpQLqfn2tXvLGdeyI6zV2s9EWCeLkYALChgYyPX+UqL0guTzCqDPMpl6DY 7P59cMeSK3hVWMADj5C7UzppaTMYh1zhG744foxoc6Lnkx/4vlOZPVXNtUmhXldE WTts/XDtoV7R3McrxcaM/JFMmSFrvDtYjAklc3w1rvHzfOjE6SVldIZojT2j70Fu sfYZFRfIq7WYkj52JzW+ow8WKTsYAiEtLpylNvO9C+QPuIsL1z+qycwTOuZy/GKl G/JUKHGjGgsQDs+Aj9G/suozBjUtLbmw -----END CERTIFICATE-----Generated at Sun Dec 21 08:51:57 2025 by rpki-client