This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: vFGKri+e7u++YbrppNwPdmGOpWLC7SoaCUSMVUUYMbQ= Subject key identifier: 23:94:B1:E5:37:59:CC:17:80:05:CC:F6:D7:C8:69:A9:25:3B:9A:88 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0CA5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C9E Signing time: Thu 04 Dec 2025 17:48:31 +0000 Manifest this update: Thu 04 Dec 2025 17:48:31 +0000 Manifest next update: Thu 11 Dec 2025 17:48:31 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: y0+vTEctfb68zdNhlIiTFnG9HTv8Tpqv2QEgQz5sKPU=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: zg4ngSvDnII0EgnGozN5wPgIbLHYCQwnbwFPTUFG8lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 17:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3237 (0xca5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Dec 4 17:48:31 2025 GMT Not After : Dec 11 17:48:31 2025 GMT Subject: CN=6931c96f-d74a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b2:3f:72:22:66:ef:e1:6b:e4:62:29:b4:ff: 40:e7:b4:2b:ce:57:a6:93:ff:ec:fa:54:de:bf:b1: 58:fe:c7:d5:e8:61:1b:9f:90:57:27:f1:56:45:89: 16:bf:d5:a8:7f:2c:9a:fe:62:82:f3:fb:5f:2e:ba: 1b:81:f1:a3:75:e0:af:7e:c9:43:ef:7c:7b:8c:94: 9c:ab:56:65:1e:d4:31:81:7d:d5:60:d7:06:0c:14: 0f:da:b1:12:4d:92:65:23:75:61:c7:95:6a:3f:8c: 0c:f7:76:69:50:55:66:00:25:ac:3c:36:91:b4:cf: 73:12:a6:4e:93:27:c9:a0:b4:76:36:2e:1e:af:b7: 6d:de:4a:8a:af:e1:db:b0:c8:6e:c3:1a:b4:eb:d9: 20:30:af:f6:fe:9a:24:fa:b5:9c:b2:64:66:b3:f9: 61:cd:28:cd:01:24:a5:24:d7:8b:f1:21:5e:de:95: 9d:b6:98:31:93:20:2c:8e:1a:04:8a:54:c9:b1:e7: 97:e5:3b:0e:8c:00:43:ed:2b:e2:1d:60:6c:24:a0: e7:5d:42:c5:21:1a:f2:3f:7c:41:09:c5:9c:a2:c0: 56:c6:55:51:63:f9:7d:bd:66:6f:d3:a0:dd:85:54: a4:54:b4:a0:fa:5e:0a:88:95:7c:8a:56:5f:17:d1: ba:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:94:B1:E5:37:59:CC:17:80:05:CC:F6:D7:C8:69:A9:25:3B:9A:88 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:25:f2:02:6e:36:dc:de:d2:a1:b7:f4:6c:95:7d:15:a2:ed: 9b:42:29:aa:8f:09:2c:5f:4e:6c:eb:34:a7:14:bd:3b:5c:e4: a2:e0:ce:28:a0:c7:e2:f5:fe:3d:9d:d8:62:1a:c0:48:15:3c: 0a:e3:9b:ca:87:d0:e6:4b:c1:0f:e8:7a:3f:fa:1b:a0:7d:6c: 7d:2b:b0:98:ef:fb:3f:c5:c8:5b:38:c7:5f:c4:e0:35:9a:bc: b7:24:8f:43:c3:11:8d:f7:c3:33:e4:b2:dd:6c:74:5f:d7:7b: 68:35:17:72:15:5b:de:b5:6b:87:2e:9e:fb:4c:92:c1:8f:8b: 37:da:b0:c4:a2:d7:3d:2e:f7:72:9d:15:61:26:f6:ea:95:4b: 1e:26:2b:81:b5:0d:31:93:ed:45:2e:bc:c2:a9:f4:7d:46:24: 81:c7:9d:9e:2c:96:35:29:68:43:0b:c7:c9:27:61:26:ad:d3: 1e:88:f9:c7:da:3a:d1:fe:3f:bc:28:b8:68:72:01:19:ed:17: b3:bc:d5:4c:73:fc:fc:bc:2f:f2:4c:a4:48:4b:09:03:80:4a: 7f:e4:23:18:ca:45:98:95:14:3a:d1:dd:97:b8:99:71:56:66: 58:06:e0:27:68:74:df:fe:42:68:e6:7c:33:c8:28:a3:f4:7e: e2:54:86:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUxMjA0MTc0ODMxWhcNMjUxMjExMTc0ODMxWjAYMRYwFAYD VQQDEw02OTMxYzk2Zi1kNzRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyrI/ciJm7+Fr5GIptP9A57Qrzlemk//s+lTev7FY/sfV6GEbn5BXJ/FWRYkW v9Wofyya/mKC8/tfLrobgfGjdeCvfslD73x7jJScq1ZlHtQxgX3VYNcGDBQP2rES TZJlI3Vhx5VqP4wM93ZpUFVmACWsPDaRtM9zEqZOkyfJoLR2Ni4er7dt3kqKr+Hb sMhuwxq069kgMK/2/pok+rWcsmRms/lhzSjNASSlJNeL8SFe3pWdtpgxkyAsjhoE ilTJseeX5TsOjABD7SviHWBsJKDnXULFIRryP3xBCcWcosBWxlVRY/l9vWZv06Dd hVSkVLSg+l4KiJV8ilZfF9G6EwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCOUseU3 WcwXgAXM9tfIaaklO5qIMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4JfICbjbc3tKht/RslX0Vou2bQimqjwksX05s6zSnFL07XOSi4M4o oMfi9f49ndhiGsBIFTwK45vKh9DmS8EP6Ho/+hugfWx9K7CY7/s/xchbOMdfxOA1 mry3JI9DwxGN98Mz5LLdbHRf13toNRdyFVvetWuHLp77TJLBj4s32rDEotc9Lvdy nRVhJvbqlUseJiuBtQ0xk+1FLrzCqfR9RiSBx52eLJY1KWhDC8fJJ2EmrdMeiPnH 2jrR/j+8KLhocgEZ7RezvNVMc/z8vC/yTKRISwkDgEp/5CMYykWYlRQ60d2XuJlx VmZYBuAnaHTf/kJo5nwzyCij9H7iVIYK -----END CERTIFICATE-----Generated at Sat Dec 6 16:10:06 2025 by rpki-client