This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.mft File: Ch3hjfyY5Kyz-iMzaBBac9HUGfM.mft (raw, json) Hash identifier: YYwvYJK/ce0wCT3Ko908Szl22Nnk1q+VI2Rn82dmrxs= Subject key identifier: 42:DF:D7:EE:1D:2E:72:CF:F4:A9:FD:CD:50:F7:A7:08:69:C5:6A:A2 Authority key identifier: 0A:1D:E1:8D:FC:98:E4:AC:B3:FA:23:33:68:10:5A:73:D1:D4:19:F3 Certificate issuer: /CN=A914E9C1/serialNumber=0A1DE18DFC98E4ACB3FA233368105A73D1D419F3 Certificate serial: 0472 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.mft Manifest number: 0455 Signing time: Thu 04 Dec 2025 23:37:20 +0000 Manifest this update: Thu 04 Dec 2025 23:37:19 +0000 Manifest next update: Thu 11 Dec 2025 23:37:19 +0000 Files and hashes: 1: Ch3hjfyY5Kyz-iMzaBBac9HUGfM.crl (hash: 0jkSp9vxyw7+IQooiYoE9SN9nVRSiqsDI7QGvqbLY3g=) 2: 4B167396E74111EC80E35542C4F9AE02.roa (hash: m7bVPzA+H6T0BPfqPAwWK53E3FJsQccTswfglW7TmvM=) 3: 8AEE4940EAB511ECBBDE3C50C4F9AE02.roa (hash: 0U8T0RS4mF6dClIl1xSb8fK6zofTOSe8/dMSQaDIi34=) 4: 8A4C662AEAB511ECBBDE3C50C4F9AE02.roa (hash: SaWX6hkIcJ4pgsrGygV8fgQyGHt1YhbbUvZTPYJ4JwU=) 5: EFAA6C1CD16911F08A99D95BC4F9AE02.roa (hash: cgcaSIqIOhLCa5iTVKO9pJcq6xRCHOFoE69sC8NIq7c=) 6: 91A286509F0811ECAE659F82C4F9AE02.roa (hash: qmwN8rcAR3vpucG22PWqt5m5wyg2eb8IRpdszpsFVNQ=) 7: EF33F6CCD16911F08AEFD95BC4F9AE02.roa (hash: AgsRF6p4UteSopIb7cnx5B7Juyq+ola/RIaCBtlF3KQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.crl rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 23:37:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1138 (0x472) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E9C1, serialNumber=0A1DE18DFC98E4ACB3FA233368105A73D1D419F3 Validity Not Before: Dec 4 23:37:19 2025 GMT Not After : Dec 11 23:37:19 2025 GMT Subject: CN=69321b30-71a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7b:f0:0e:35:92:50:44:5a:22:13:06:96:3d: 66:5b:ee:61:0b:a0:b5:c2:96:35:24:98:01:ba:6e: 8f:38:be:bb:63:67:6d:ed:c3:e8:fb:b8:1b:ed:7f: 85:8e:eb:74:bc:d5:59:22:0c:81:42:2b:8e:ec:f3: eb:5b:b1:c4:14:91:0c:49:c6:96:a2:16:ee:7e:27: 0e:91:77:75:ed:a8:76:ba:50:cb:6d:60:06:92:c5: c9:97:e6:16:9a:34:2a:ff:16:a9:ab:4d:ae:98:ec: 54:59:b2:83:80:22:23:7a:2c:91:4b:02:f9:89:19: 25:0b:f2:30:e0:2a:b7:ab:1f:4d:7b:27:26:51:fb: 3b:99:ed:4e:3f:72:ce:8f:a7:0c:e5:e5:c9:e9:41: ac:1d:5c:ee:43:d0:db:e0:69:3f:bd:72:8f:eb:6d: 12:ee:e1:f8:52:12:be:e2:93:79:91:a3:bb:97:e6: 1c:6f:dc:94:92:bb:1f:84:0c:c0:98:8e:ab:54:04: 69:03:b2:eb:d0:4b:fe:94:d9:76:14:1d:40:06:6a: f4:6d:28:90:7f:98:a9:71:37:50:2f:4e:12:6b:1e: be:94:22:a5:a8:43:84:de:4f:2f:28:7c:16:aa:18: 6e:e0:04:87:82:66:16:69:74:9a:4d:76:49:56:06: 94:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:DF:D7:EE:1D:2E:72:CF:F4:A9:FD:CD:50:F7:A7:08:69:C5:6A:A2 X509v3 Authority Key Identifier: keyid:0A:1D:E1:8D:FC:98:E4:AC:B3:FA:23:33:68:10:5A:73:D1:D4:19:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:a5:4b:0a:82:cb:44:0c:0d:7b:9f:18:df:29:63:42:f7:f0: dc:f2:0f:5a:6d:72:2d:15:63:80:a3:3f:be:40:5c:3d:3b:63: 71:d9:51:d6:a4:bb:39:b7:2c:df:3e:71:62:c2:70:9c:cd:cd: 2c:02:1f:28:37:38:3e:c1:8c:82:dd:f4:3c:49:77:e6:51:14: 20:32:db:e1:9d:ec:8d:1b:f4:32:fa:bd:0f:de:f4:5a:11:ac: 61:17:26:03:5d:f6:a4:69:da:16:f5:50:af:29:82:79:af:9f: e2:50:5d:d0:63:e1:82:b4:e7:e8:29:15:05:28:13:7a:d7:64: 5e:e5:78:a9:41:b5:47:62:8f:15:9e:ff:f8:45:c2:46:94:c7: 75:a4:b7:c4:17:c1:28:ff:8c:83:da:b6:3f:3f:fb:20:82:cf: a6:3d:be:38:98:f3:22:e5:8f:66:f3:0d:83:5c:c0:f9:8d:c5: db:50:7a:a5:01:c7:f7:c0:9f:59:a7:0a:0f:30:d4:01:89:d9: 06:65:36:9a:a3:22:72:46:10:87:5c:45:69:5c:13:27:3d:c7: ae:94:01:ba:f1:e9:f8:55:39:47:cb:6d:ab:a1:ba:2a:0a:8b: 7b:1d:4d:44:f3:e3:79:b3:e5:9c:00:a9:e9:01:a8:7a:42:11: 37:97:4b:ff -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEU5QzExMTAvBgNVBAUTKDBBMURFMThERkM5OEU0QUNCM0ZBMjMzMzY4MTA1QTcz RDFENDE5RjMwHhcNMjUxMjA0MjMzNzE5WhcNMjUxMjExMjMzNzE5WjAYMRYwFAYD VQQDEw02OTMyMWIzMC03MWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtXvwDjWSUERaIhMGlj1mW+5hC6C1wpY1JJgBum6POL67Y2dt7cPo+7gb7X+F jut0vNVZIgyBQiuO7PPrW7HEFJEMScaWohbuficOkXd17ah2ulDLbWAGksXJl+YW mjQq/xapq02umOxUWbKDgCIjeiyRSwL5iRklC/Iw4Cq3qx9NeycmUfs7me1OP3LO j6cM5eXJ6UGsHVzuQ9Db4Gk/vXKP620S7uH4UhK+4pN5kaO7l+Ycb9yUkrsfhAzA mI6rVARpA7Lr0Ev+lNl2FB1ABmr0bSiQf5ipcTdQL04Sax6+lCKlqEOE3k8vKHwW qhhu4ASHgmYWaXSaTXZJVgaUBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFELf1+4d LnLP9Kn9zVD3pwhpxWqiMB8GA1UdIwQYMBaAFAod4Y38mOSss/ojM2gQWnPR1Bnz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTlDMS9FRTcwMkY0NDdB QzkxMUVDOURBNTVCNDZDNEY5QUUwMi9DaDNoamZ5WTVLeXotaU16YUJCYWM5SFVH Zk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NoM2hqZnlZNUt5ei1pTXphQkJhYzlIVUdmTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTlDMS9FRTcwMkY0NDdBQzkxMUVDOURBNTVCNDZDNEY5QUUwMi9DaDNoamZ5WTVL eXotaU16YUJCYWM5SFVHZk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8pUsKgstEDA17nxjfKWNC9/Dc8g9abXItFWOAoz++QFw9O2Nx2VHW pLs5tyzfPnFiwnCczc0sAh8oNzg+wYyC3fQ8SXfmURQgMtvhneyNG/Qy+r0P3vRa EaxhFyYDXfakadoW9VCvKYJ5r5/iUF3QY+GCtOfoKRUFKBN612Re5XipQbVHYo8V nv/4RcJGlMd1pLfEF8Eo/4yD2rY/P/sggs+mPb44mPMi5Y9m8w2DXMD5jcXbUHql Acf3wJ9ZpwoPMNQBidkGZTaaoyJyRhCHXEVpXBMnPceulAG68en4VTlHy22roboq Cot7HU1E8+N5s+WcAKnpAah6QhE3l0v/ -----END CERTIFICATE-----Generated at Sat Dec 6 15:59:55 2025 by rpki-client