This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.mft File: KZYjJd4LreTcndvFdq4ncBK8N1g.mft (raw, json) Hash identifier: x0X3ayKmjMpOGKgacOQfsFw0CBQ4SsmuIG3CiU8De1w= Subject key identifier: A0:3F:CA:E4:BC:F5:FF:BE:B3:1F:A1:F5:47:A5:4D:0A:E3:97:61:89 Authority key identifier: 29:96:23:25:DE:0B:AD:E4:DC:9D:DB:C5:76:AE:27:70:12:BC:37:58 Certificate issuer: /CN=A914DA2D/serialNumber=29962325DE0BADE4DC9DDBC576AE277012BC3758 Certificate serial: 1AC6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.mft Manifest number: 1AA4 Signing time: Sat 06 Dec 2025 15:59:22 +0000 Manifest this update: Sat 06 Dec 2025 15:59:21 +0000 Manifest next update: Sat 13 Dec 2025 15:59:21 +0000 Files and hashes: 1: KZYjJd4LreTcndvFdq4ncBK8N1g.crl (hash: sqc3JMpIR4Qc2GVOjY3UVhP4yuR5Dlueck0tO1/N/zc=) 2: B201496EF3A311EC8804FE09C4F9AE02.roa (hash: 1W3bZjmYo4y/faIyWLiaDn4cNEWTqd/xhoIAZdOleqM=) 3: 442A935E2F1F11F0A35F5757C4F9AE02.roa (hash: D4FdDOMn9kYOe8wUYl/7g0SwBt2d9VcBYOrZDNcFK0M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.crl rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 15:59:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6854 (0x1ac6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914DA2D, serialNumber=29962325DE0BADE4DC9DDBC576AE277012BC3758 Validity Not Before: Dec 6 15:59:21 2025 GMT Not After : Dec 13 15:59:21 2025 GMT Subject: CN=693452d9-1388 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:9c:14:1f:59:9e:bd:01:e0:d7:9a:93:64:42: 3d:d5:b6:b7:39:08:04:e0:62:b4:d7:c8:77:c6:b1: 7f:34:f1:43:98:bd:35:fd:c6:8f:0e:1a:6b:b9:87: 2b:1c:b9:3e:4e:89:f2:a9:1d:62:07:23:79:ed:82: fc:34:2e:a7:bd:00:74:d4:d6:8a:f4:c3:e2:fc:c9: 53:11:07:c1:a0:22:08:89:0b:4a:25:3c:05:28:45: a8:92:22:0e:5c:3b:53:e3:ce:c6:1b:1d:df:60:df: 93:2e:2a:f0:e2:18:fe:db:8f:c3:ed:dc:7d:1a:4e: da:4c:a7:fc:9a:8c:78:91:80:7f:76:61:fe:9b:0c: b8:18:7e:e8:9b:53:d5:f5:a8:15:85:c1:6e:9e:b1: 7f:43:c9:4b:85:45:29:f4:6d:b0:4a:33:87:f0:1d: 41:93:94:b1:a1:a8:54:e4:b6:8b:74:4b:cd:b7:16: 3b:91:c5:d2:b9:2b:3c:4d:85:c5:b7:91:d0:e3:58: 79:8c:a7:99:ac:1f:23:cb:ed:06:9d:2c:0e:53:91: 85:18:8b:5a:fe:dd:e4:42:b7:1b:f3:ec:96:09:56: 91:e4:f6:bb:b9:9c:97:41:6c:69:90:e5:61:7f:12: 83:a4:9e:06:4b:60:f7:5f:3a:77:d1:bd:7a:c3:43: 40:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:3F:CA:E4:BC:F5:FF:BE:B3:1F:A1:F5:47:A5:4D:0A:E3:97:61:89 X509v3 Authority Key Identifier: keyid:29:96:23:25:DE:0B:AD:E4:DC:9D:DB:C5:76:AE:27:70:12:BC:37:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:6c:ae:7b:df:fe:d5:83:09:25:8d:0b:4b:94:6e:23:6d:91: 85:90:f0:93:cd:6c:0d:dd:51:db:52:a4:93:71:b7:16:dc:63: ab:1c:05:93:74:3b:ec:7f:a1:50:0d:38:fd:07:d3:38:61:67: e2:03:3c:1f:b0:5a:51:41:47:fa:54:b7:32:07:af:30:01:9c: 33:e8:40:94:05:58:1e:8f:8a:0c:fa:4c:a7:5b:8d:30:e4:df: 61:e4:99:c9:ca:8a:d2:65:ce:6a:e4:5a:1e:d7:06:ba:9a:f4: d3:72:55:88:19:37:b6:0a:1c:be:b5:45:f7:c4:3a:16:51:3f: 83:5e:b6:6a:2b:7e:81:73:ea:c5:d6:95:86:fb:29:3b:48:e4: b4:94:f5:f4:d9:b7:a2:58:f0:1c:bf:34:c2:8d:b8:86:fe:05: 94:7e:7c:90:dc:86:d3:48:ef:cb:f1:02:be:80:db:7c:64:98: 80:45:92:12:35:b5:3f:e2:5c:fc:80:de:05:e4:6c:cc:5b:07: df:ae:b4:fe:ba:bd:85:c3:b6:19:3a:bf:4b:64:4c:33:0f:92: ea:83:5a:54:c7:51:83:7e:8f:a6:62:b0:8a:f3:fb:89:ae:c4: ad:6e:23:b8:be:5d:6f:83:92:ca:ea:db:4f:15:98:08:fd:55: 48:ce:d9:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NERBMkQxMTAvBgNVBAUTKDI5OTYyMzI1REUwQkFERTREQzlEREJDNTc2QUUyNzcw MTJCQzM3NTgwHhcNMjUxMjA2MTU1OTIxWhcNMjUxMjEzMTU1OTIxWjAYMRYwFAYD VQQDEw02OTM0NTJkOS0xMzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl5wUH1mevQHg15qTZEI91ba3OQgE4GK018h3xrF/NPFDmL01/caPDhpruYcr HLk+TonyqR1iByN57YL8NC6nvQB01NaK9MPi/MlTEQfBoCIIiQtKJTwFKEWokiIO XDtT487GGx3fYN+TLirw4hj+24/D7dx9Gk7aTKf8mox4kYB/dmH+mwy4GH7om1PV 9agVhcFunrF/Q8lLhUUp9G2wSjOH8B1Bk5SxoahU5LaLdEvNtxY7kcXSuSs8TYXF t5HQ41h5jKeZrB8jy+0GnSwOU5GFGIta/t3kQrcb8+yWCVaR5Pa7uZyXQWxpkOVh fxKDpJ4GS2D3Xzp30b16w0NA3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKA/yuS8 9f++sx+h9UelTQrjl2GJMB8GA1UdIwQYMBaAFCmWIyXeC63k3J3bxXauJ3ASvDdY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REEyRC84MzgzNjIwQTUw RDUxMUU3OUVDRTQwMTNDNEY5QUUwMi9LWllqSmQ0THJlVGNuZHZGZHE0bmNCSzhO MWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0taWWpKZDRMcmVUY25kdkZkcTRuY0JLOE4xZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 REEyRC84MzgzNjIwQTUwRDUxMUU3OUVDRTQwMTNDNEY5QUUwMi9LWllqSmQ0THJl VGNuZHZGZHE0bmNCSzhOMWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMbK573/7VgwkljQtLlG4jbZGFkPCTzWwN3VHbUqSTcbcW3GOrHAWT dDvsf6FQDTj9B9M4YWfiAzwfsFpRQUf6VLcyB68wAZwz6ECUBVgej4oM+kynW40w 5N9h5JnJyorSZc5q5Foe1wa6mvTTclWIGTe2Chy+tUX3xDoWUT+DXrZqK36Bc+rF 1pWG+yk7SOS0lPX02beiWPAcvzTCjbiG/gWUfnyQ3IbTSO/L8QK+gNt8ZJiARZIS NbU/4lz8gN4F5GzMWwffrrT+ur2Fw7YZOr9LZEwzD5Lqg1pUx1GDfo+mYrCK8/uJ rsStbiO4vl1vg5LK6ttPFZgI/VVIztkW -----END CERTIFICATE-----Generated at Sun Dec 7 10:06:32 2025 by rpki-client