This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft File: LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft (raw, json) Hash identifier: YBDSBS1RaHYg/Tc18Bj5iphBfGGX8c3R4X8qel/Vv6U= Subject key identifier: 96:4E:3B:AA:12:57:37:9D:0F:21:3A:8B:61:B8:0E:6A:7B:D5:E5:9B Authority key identifier: 2C:3A:2A:81:21:CC:F8:A9:BF:C7:CB:66:91:85:4A:F5:E4:D2:19:F9 Certificate issuer: /CN=A9147DCA/serialNumber=2C3A2A8121CCF8A9BFC7CB6691854AF5E4D219F9 Certificate serial: 06DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft Manifest number: 06CF Signing time: Thu 04 Dec 2025 20:56:14 +0000 Manifest this update: Thu 04 Dec 2025 20:56:13 +0000 Manifest next update: Thu 11 Dec 2025 20:56:13 +0000 Files and hashes: 1: LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl (hash: PQMoLl2Yl0a8MAQhJdhnTWy++ksUlJsoO1Xy80hwB3Q=) 2: F100A1207F9911EBAFB6C91BC4F9AE02.roa (hash: WC17u871QRbv9L0eEf3wRpZbTARtAM6LAemuxBHqCWE=) 3: 0463FF50526C11EC80A31615C4F9AE02.roa (hash: mMd+OVrFW5GAoQGXV5q8W888lgwtgTWX8rE/7aryuNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 20:56:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1757 (0x6dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147DCA, serialNumber=2C3A2A8121CCF8A9BFC7CB6691854AF5E4D219F9 Validity Not Before: Dec 4 20:56:13 2025 GMT Not After : Dec 11 20:56:13 2025 GMT Subject: CN=6931f56e-49e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:0a:58:68:c6:30:96:a2:05:e1:8a:c0:ed:b0: 56:2d:a9:29:4f:41:97:81:00:e1:9c:09:80:ac:85: e5:18:c2:24:5b:c4:88:01:0a:f9:d9:52:07:e4:42: eb:2c:44:95:94:1b:11:f6:2f:82:99:49:30:41:29: 79:00:86:7d:7e:09:7b:41:d3:6c:91:5f:c7:23:ab: ec:b2:35:d9:36:a9:63:e0:a8:3a:21:90:59:0e:11: 2e:78:1a:c8:4e:7c:1f:89:68:3e:d7:19:63:92:86: 2f:35:5d:66:50:20:11:e9:7c:5d:99:06:fb:ba:ea: 9e:5a:dc:55:ed:a4:28:f4:1e:39:c2:99:7c:fe:73: ad:59:ea:56:c0:c8:b0:0d:f2:da:32:1c:64:07:c8: 26:dd:b8:08:f5:a9:38:a2:39:77:c7:d9:af:9b:3f: 3d:37:93:79:21:e1:96:a0:59:02:cf:8f:28:59:8f: 74:f0:65:a5:6f:5c:aa:60:63:97:20:57:28:6e:4a: d4:a1:9d:e9:12:02:6a:27:b3:64:83:c3:3d:e4:91: f0:14:63:27:83:de:39:87:22:b1:02:2c:de:25:ea: 9b:62:45:51:c8:f7:b6:14:d2:fa:1a:58:4b:f6:2b: cd:ea:65:d6:ad:ae:b5:85:bb:3f:d1:64:61:a7:29: a0:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:4E:3B:AA:12:57:37:9D:0F:21:3A:8B:61:B8:0E:6A:7B:D5:E5:9B X509v3 Authority Key Identifier: keyid:2C:3A:2A:81:21:CC:F8:A9:BF:C7:CB:66:91:85:4A:F5:E4:D2:19:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:68:03:18:45:52:13:27:18:33:57:a0:f7:c7:89:a0:05:02: da:b6:ce:97:76:8f:67:a8:3d:e0:9e:58:05:29:53:5d:da:77: 74:43:11:ca:ba:c5:0a:df:3f:a2:aa:ee:13:31:9a:dc:3d:78: e4:e6:22:28:d5:59:2e:3b:ca:a6:b2:f7:f9:cc:ae:a3:dd:6d: 32:35:5f:d3:b6:45:eb:11:b0:b1:7f:8c:ab:8e:13:a2:21:e4: cf:f4:ba:d6:80:2a:f0:e0:3d:6c:e8:26:e9:c2:73:4d:26:5e: ed:9a:ff:4f:c9:f3:2f:c8:60:13:16:09:49:17:3c:0e:e5:a7: fe:bb:f3:f1:0f:a0:9e:26:fe:61:3f:ea:fe:5e:80:5b:d1:92: 4e:ca:63:1b:8e:51:6e:18:a8:a1:7a:1b:f0:e2:16:44:4f:46: a0:eb:be:f8:1e:05:83:26:06:f7:6f:5e:5a:01:0a:b7:21:96: ff:cc:7e:5a:da:7d:b9:78:e2:3a:74:52:0d:6e:fb:c1:74:e9: e2:58:e1:a8:c5:fd:26:7b:7e:98:cf:af:2f:f7:5a:1c:c0:47: 82:f6:31:13:c9:2e:72:8f:e9:11:f7:7f:09:ff:85:c6:af:d4: 5d:d5:56:94:bd:4e:fa:ac:e6:95:4d:01:5f:e8:8b:d1:90:d7: d0:62:6f:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBt0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDdEQ0ExMTAvBgNVBAUTKDJDM0EyQTgxMjFDQ0Y4QTlCRkM3Q0I2NjkxODU0QUY1 RTREMjE5RjkwHhcNMjUxMjA0MjA1NjEzWhcNMjUxMjExMjA1NjEzWjAYMRYwFAYD VQQDEw02OTMxZjU2ZS00OWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3gpYaMYwlqIF4YrA7bBWLakpT0GXgQDhnAmArIXlGMIkW8SIAQr52VIH5ELr LESVlBsR9i+CmUkwQSl5AIZ9fgl7QdNskV/HI6vssjXZNqlj4Kg6IZBZDhEueBrI TnwfiWg+1xljkoYvNV1mUCAR6XxdmQb7uuqeWtxV7aQo9B45wpl8/nOtWepWwMiw DfLaMhxkB8gm3bgI9ak4ojl3x9mvmz89N5N5IeGWoFkCz48oWY908GWlb1yqYGOX IFcobkrUoZ3pEgJqJ7Nkg8M95JHwFGMng945hyKxAizeJeqbYkVRyPe2FNL6GlhL 9ivN6mXWra61hbs/0WRhpymgbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJZOO6oS VzedDyE6i2G4Dmp71eWbMB8GA1UdIwQYMBaAFCw6KoEhzPipv8fLZpGFSvXk0hn5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0RDQS8xQzc1RURBNjdE NkExMUVCQTRBNTk4MENDNEY5QUUwMi9MRG9xZ1NITS1LbV94OHRta1lWSzllVFNH ZmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xEb3FnU0hNLUttX3g4dG1rWVZLOWVUU0dmay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 N0RDQS8xQzc1RURBNjdENkExMUVCQTRBNTk4MENDNEY5QUUwMi9MRG9xZ1NITS1L bV94OHRta1lWSzllVFNHZmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkaAMYRVITJxgzV6D3x4mgBQLats6Xdo9nqD3gnlgFKVNd2nd0QxHK usUK3z+iqu4TMZrcPXjk5iIo1VkuO8qmsvf5zK6j3W0yNV/TtkXrEbCxf4yrjhOi IeTP9LrWgCrw4D1s6CbpwnNNJl7tmv9PyfMvyGATFglJFzwO5af+u/PxD6CeJv5h P+r+XoBb0ZJOymMbjlFuGKihehvw4hZET0ag6774HgWDJgb3b15aAQq3IZb/zH5a 2n25eOI6dFINbvvBdOniWOGoxf0me36Yz68v91ocwEeC9jETyS5yj+kR938J/4XG r9Rd1VaUvU76rOaVTQFf6IvRkNfQYm9k -----END CERTIFICATE-----Generated at Sat Dec 6 20:06:09 2025 by rpki-client