This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.mft File: nB5FqAhMMR3VAEShc2BejuPEzJU.mft (raw, json) Hash identifier: 5VjUkkRNq4S9FaK/9UJHcUuPW+1mJY+u3Tw16tOPVzQ= Subject key identifier: 88:F5:AB:16:8A:CB:2D:0E:00:70:39:53:3B:A3:E2:27:C9:65:C5:A5 Authority key identifier: 9C:1E:45:A8:08:4C:31:1D:D5:00:44:A1:73:60:5E:8E:E3:C4:CC:95 Certificate issuer: /CN=A91491CC/serialNumber=9C1E45A8084C311DD50044A173605E8EE3C4CC95 Certificate serial: 27 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nB5FqAhMMR3VAEShc2BejuPEzJU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.mft Manifest number: 26 Signing time: Fri 05 Dec 2025 05:32:52 +0000 Manifest this update: Fri 05 Dec 2025 05:32:51 +0000 Manifest next update: Fri 12 Dec 2025 05:32:51 +0000 Files and hashes: 1: nB5FqAhMMR3VAEShc2BejuPEzJU.crl (hash: T/FSoBLmNAqHbFwIBcdJTxw1lZAw2vbtx7Czn4BTCB4=) 2: 31E9004E9A0F11F0BC057E7DC4F9AE02.roa (hash: lVwKB14i6OpwyRz8FsA7PbQdrXdHjD1P3S/SDqyzydg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.crl rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nB5FqAhMMR3VAEShc2BejuPEzJU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 05:32:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91491CC, serialNumber=9C1E45A8084C311DD50044A173605E8EE3C4CC95 Validity Not Before: Dec 5 05:32:51 2025 GMT Not After : Dec 12 05:32:51 2025 GMT Subject: CN=69326e84-cfd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:45:e8:1c:90:21:49:bf:22:af:ad:18:cb:d8: c2:7b:49:82:ba:3f:2e:3f:57:f8:3f:a8:ec:d5:4b: db:e0:7c:1b:8e:83:21:f8:51:a1:63:fc:0b:b6:72: 1b:5f:55:73:ce:a4:71:be:46:50:78:47:58:c6:24: 11:a0:97:da:78:7e:74:ea:da:3f:11:48:46:8e:3b: 21:42:50:69:3e:9b:b2:5b:e7:85:58:37:9e:d0:ce: aa:ea:20:0e:b1:1a:4b:84:36:65:66:52:e9:65:14: de:67:39:4e:88:86:56:3e:db:41:35:bc:aa:d3:4a: e4:7d:bd:6b:09:83:ca:a8:c3:4d:c2:21:26:4a:a8: 72:96:0a:7d:14:6b:8c:85:4f:40:4f:34:6a:ac:34: 88:80:cc:00:6c:6b:13:03:7c:3a:26:73:02:90:1f: 94:e6:f1:f5:0f:b5:87:1e:d7:20:f4:ab:13:47:d9: 23:cc:92:af:72:a0:ff:75:11:1b:43:9a:69:5c:6d: 6e:8f:1d:e3:3d:b2:f6:a3:85:74:c3:57:8d:33:5c: 44:eb:56:2f:81:08:a9:f2:1a:82:68:47:f2:0c:35: 89:f8:44:38:d5:04:e0:64:30:56:1e:3e:a6:b4:93: 25:d1:58:58:0d:4b:18:16:3b:2f:7e:ea:ca:51:85: 37:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:F5:AB:16:8A:CB:2D:0E:00:70:39:53:3B:A3:E2:27:C9:65:C5:A5 X509v3 Authority Key Identifier: keyid:9C:1E:45:A8:08:4C:31:1D:D5:00:44:A1:73:60:5E:8E:E3:C4:CC:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nB5FqAhMMR3VAEShc2BejuPEzJU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:5c:9a:35:cc:03:2a:ba:20:b0:01:56:c4:81:08:d4:35:6e: 30:2b:3f:14:b2:81:ad:8c:23:f2:8f:4e:57:bf:2f:3d:45:39: 37:f5:fe:6c:3b:2e:22:04:f3:4f:18:7a:68:2e:c6:8a:9a:48: 2e:ad:f4:9f:43:62:40:08:80:35:0e:56:43:69:9c:c3:ab:9b: a8:58:99:11:42:61:19:78:2f:b3:09:2f:14:d5:09:cd:1c:2f: 8f:df:1c:5d:78:9d:bf:d7:46:46:c8:b9:02:a2:ce:c2:ba:f7: c5:7c:b4:06:65:09:55:fe:8e:be:1b:14:4b:b6:4b:22:c4:75: eb:dc:a6:61:63:7b:e6:0d:ae:01:da:7c:2c:e3:62:ed:ab:4d: 93:96:f6:91:6e:2c:a3:2c:45:89:cb:4c:3b:0d:1a:7c:c3:bd: 9f:1b:16:2d:4f:b7:ee:f9:e8:e2:5a:8c:72:7c:7c:d2:49:17: cb:0b:5d:33:6b:fa:36:92:b7:62:47:bf:23:5f:7e:82:da:79: 0b:9c:f7:4a:82:29:f1:b9:5e:0b:72:62:75:34:0d:71:8c:7b: bc:59:d3:a4:d0:87:23:27:d9:fc:99:7b:69:df:68:4c:b3:21: 32:76:ee:44:e2:d8:0e:ba:8e:c6:9a:de:e3:6c:8f:cb:1a:63: 43:64:9d:c0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 OTFDQzExMC8GA1UEBRMoOUMxRTQ1QTgwODRDMzExREQ1MDA0NEExNzM2MDVFOEVF M0M0Q0M5NTAeFw0yNTEyMDUwNTMyNTFaFw0yNTEyMTIwNTMyNTFaMBgxFjAUBgNV BAMTDTY5MzI2ZTg0LWNmZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBRegckCFJvyKvrRjL2MJ7SYK6Py4/V/g/qOzVS9vgfBuOgyH4UaFj/Au2chtf VXPOpHG+RlB4R1jGJBGgl9p4fnTq2j8RSEaOOyFCUGk+m7Jb54VYN57QzqrqIA6x GkuENmVmUullFN5nOU6IhlY+20E1vKrTSuR9vWsJg8qow03CISZKqHKWCn0Ua4yF T0BPNGqsNIiAzABsaxMDfDomcwKQH5Tm8fUPtYce1yD0qxNH2SPMkq9yoP91ERtD mmlcbW6PHeM9svajhXTDV40zXETrVi+BCKnyGoJoR/IMNYn4RDjVBOBkMFYePqa0 kyXRWFgNSxgWOy9+6spRhTcDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUiPWrForL LQ4AcDlTO6PiJ8llxaUwHwYDVR0jBBgwFoAUnB5FqAhMMR3VAEShc2BejuPEzJUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ5MUNDLzlERjA3RTQ0OUEw RTExRjA4OUM4OEI3Q0M0RjlBRTAyL25CNUZxQWhNTVIzVkFFU2hjMkJlanVQRXpK VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbkI1RnFBaE1NUjNWQUVTaGMyQmVqdVBFekpVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ5 MUNDLzlERjA3RTQ0OUEwRTExRjA4OUM4OEI3Q0M0RjlBRTAyL25CNUZxQWhNTVIz VkFFU2hjMkJlanVQRXpKVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADhcmjXMAyq6ILABVsSBCNQ1bjArPxSyga2MI/KPTle/Lz1FOTf1/mw7 LiIE808YemguxoqaSC6t9J9DYkAIgDUOVkNpnMOrm6hYmRFCYRl4L7MJLxTVCc0c L4/fHF14nb/XRkbIuQKizsK698V8tAZlCVX+jr4bFEu2SyLEdevcpmFje+YNrgHa fCzjYu2rTZOW9pFuLKMsRYnLTDsNGnzDvZ8bFi1Pt+756OJajHJ8fNJJF8sLXTNr +jaSt2JHvyNffoLaeQuc90qCKfG5XgtyYnU0DXGMe7xZ06TQhyMn2fyZe2nfaEyz ITJ27kTi2A66jsaa3uNsj8saY0NkncA= -----END CERTIFICATE-----Generated at Sat Dec 6 12:11:38 2025 by rpki-client