This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft File: HjKemPZ2kum1dgI6L7xVfVfdVWw.mft (raw, json) Hash identifier: xs7Z8YcGC9p2CnwrGFlzNvreMzhhpVn+DqR1o4V6A4I= Subject key identifier: 10:D7:BD:45:30:25:41:F2:4A:EE:0C:F7:3B:5D:C6:0E:26:71:97:A4 Authority key identifier: 1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C Certificate issuer: /CN=A91568F6/serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Certificate serial: 0E1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft Manifest number: 0DEE Signing time: Sat 24 Jan 2026 17:32:03 +0000 Manifest this update: Sat 24 Jan 2026 17:32:02 +0000 Manifest next update: Sat 31 Jan 2026 17:32:02 +0000 Files and hashes: 1: HjKemPZ2kum1dgI6L7xVfVfdVWw.crl (hash: oK2DfySW/izWWFRS3qZpHbK3+/D8xZzbzQERmL9mY9g=) 2: 8F7DDD8889B811EE9E7ABE26C4F9AE02.roa (hash: JsvlnopzOaOKTX3AuOnQGEvn3QbobkZ0VGpy6s7Zufs=) 3: F2826A504FCF11EB88444467C4F9AE02.roa (hash: QqSGad7FxeptCh4lzX5ee03GteRq4SxJe8s+1HGe3x4=) 4: FD120CC2D94411EDA95E3613C4F9AE02.roa (hash: u8GCpF3JjtF0fC5bHONBso6P9ZKL07gluzKPfJhmpXI=) 5: D0551B50046411F09760073DC4F9AE02.roa (hash: Ml6MHIFRGUbHxsyGVzTTlekIkq7JzuhUAzoayMJcf6g=) 6: 50063EE8822A11EDB2081A49C4F9AE02.roa (hash: W9F0AxXLeTRt9akhBBWzGaKX1wJNYfdBQQ5r+SkSiyU=) 7: 79B042BAF3BD11EE961D7A7AC4F9AE02.roa (hash: 9OL0Nn9V+ede9DJf9mkaMrtLaF0tRZO3OAn8HvMuFRw=) 8: 87BB6D70822711ED94C3212CC4F9AE02.roa (hash: TgzuO7T0sgwTCl2sRbtN58HlHEFkWtWHdI30YEepdig=) 9: 4EF1DE0E822A11EDB2081A49C4F9AE02.roa (hash: ccQHTXT/JWlYkUSlrHBZlxj0fPuZnF/MXZqxQxgBSSk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 31 Jan 2026 17:32:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3612 (0xe1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91568F6, serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Validity Not Before: Jan 24 17:32:02 2026 GMT Not After : Jan 31 17:32:02 2026 GMT Subject: CN=69750213-d31f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:80:23:cd:7e:ad:6d:0f:f7:2b:f1:d8:39:33: f9:a6:d3:01:d8:bc:e6:30:50:83:c6:e1:ca:59:26: 0d:c0:9a:78:ac:39:26:8e:36:6a:20:8e:53:6d:5d: 1e:71:12:08:a9:a5:98:d9:a4:15:b5:4e:49:22:09: c1:f0:6e:a6:a4:e0:95:32:66:70:58:9b:df:35:17: 68:92:ea:da:61:7d:83:5c:27:be:5e:fb:87:22:cf: f0:39:b4:e9:cd:4f:98:7d:5c:72:92:65:49:71:e1: e2:f9:13:17:a5:81:b8:fc:1c:d1:c1:cd:19:f0:96: 91:fa:eb:9a:40:39:46:c2:0c:79:1d:f2:19:90:41: 95:62:94:a3:3c:7b:87:df:a0:b8:2c:45:72:c8:8d: ec:75:b9:25:d7:ad:e1:eb:a7:5a:22:f5:e8:3b:5c: e1:43:f6:33:08:d5:2d:e7:95:e5:60:c4:49:0d:eb: 4f:61:2f:80:37:81:68:5d:dc:af:bb:fe:ec:57:e8: 83:29:7d:d1:c0:39:b1:5a:9e:04:24:a2:c0:61:05: bd:b9:eb:88:79:a8:b5:40:6a:00:ad:1b:b4:ed:49: 27:93:99:24:73:71:63:a4:62:97:d4:2e:74:09:d4: 01:ab:bc:e5:8e:09:d4:78:d7:3d:cb:b3:fd:cd:98: ae:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:D7:BD:45:30:25:41:F2:4A:EE:0C:F7:3B:5D:C6:0E:26:71:97:A4 X509v3 Authority Key Identifier: keyid:1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:a8:e5:ec:1e:ff:4e:4d:a8:80:ce:4f:44:a4:c2:9f:da:1f: 6a:a2:ca:83:8a:6e:d8:d0:93:6d:fd:45:2e:e8:43:32:1a:7e: 0d:0d:f2:b2:28:2a:e7:ed:ad:5e:a2:39:98:09:22:0a:2c:ab: 6c:b7:b3:e5:a4:4c:19:44:82:0f:62:3e:fc:60:9d:7c:97:55: 0a:71:ce:db:01:dc:25:f3:3e:82:b7:e0:16:11:1c:2a:29:c2: 07:cf:3e:ff:58:93:be:a6:9c:81:e6:e6:fd:13:d9:32:e5:ac: 38:25:76:d0:69:31:6e:6d:a7:ea:c4:70:a3:9c:25:53:1d:8a: 99:e1:e3:54:c2:47:6c:1e:8d:0f:2a:67:37:97:e1:c6:29:a4: 87:b0:fc:1d:53:23:29:57:a6:07:16:a7:21:a8:2c:46:9c:8c: f9:f0:08:9c:4e:9a:60:25:d7:2d:2e:aa:74:0d:16:43:0a:8c: da:d4:b1:40:b0:55:45:2f:f3:d0:89:4f:66:75:b9:a0:cc:e9: ac:97:b5:09:b8:9e:b5:19:e1:d2:99:45:42:85:47:fe:01:8a: a2:26:c2:4a:9c:bb:b5:79:ed:d9:fd:c6:b9:b9:ef:86:87:d6: ae:9d:f0:26:5b:8d:20:64:c1:a7:0d:a7:c0:fb:58:22:e9:1d: ca:29:3a:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTY4RjYxMTAvBgNVBAUTKDFFMzI5RTk4RjY3NjkyRTlCNTc2MDIzQTJGQkM1NTdE NTdERDU1NkMwHhcNMjYwMTI0MTczMjAyWhcNMjYwMTMxMTczMjAyWjAYMRYwFAYD VQQDDA02OTc1MDIxMy1kMzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApYAjzX6tbQ/3K/HYOTP5ptMB2LzmMFCDxuHKWSYNwJp4rDkmjjZqII5TbV0e cRIIqaWY2aQVtU5JIgnB8G6mpOCVMmZwWJvfNRdokuraYX2DXCe+XvuHIs/wObTp zU+YfVxykmVJceHi+RMXpYG4/BzRwc0Z8JaR+uuaQDlGwgx5HfIZkEGVYpSjPHuH 36C4LEVyyI3sdbkl163h66daIvXoO1zhQ/YzCNUt55XlYMRJDetPYS+AN4FoXdyv u/7sV+iDKX3RwDmxWp4EJKLAYQW9ueuIeai1QGoArRu07Uknk5kkc3FjpGKX1C50 CdQBq7zljgnUeNc9y7P9zZiuvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBDXvUUw JUHySu4M9ztdxg4mcZekMB8GA1UdIwQYMBaAFB4ynpj2dpLptXYCOi+8VX1X3VVs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjhGNi8zN0QwM0RGNkNF MjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1bTFkZ0k2TDd4VmZWZmRW V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hqS2VtUFoya3VtMWRnSTZMN3hWZlZmZFZXdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NjhGNi8zN0QwM0RGNkNFMjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1 bTFkZ0k2TDd4VmZWZmRWV3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6qOXsHv9OTaiAzk9EpMKf2h9qosqDim7Y0JNt/UUu6EMyGn4NDfKy KCrn7a1eojmYCSIKLKtst7PlpEwZRIIPYj78YJ18l1UKcc7bAdwl8z6Ct+AWERwq KcIHzz7/WJO+ppyB5ub9E9ky5aw4JXbQaTFubafqxHCjnCVTHYqZ4eNUwkdsHo0P Kmc3l+HGKaSHsPwdUyMpV6YHFqchqCxGnIz58AicTppgJdctLqp0DRZDCoza1LFA sFVFL/PQiU9mdbmgzOmsl7UJuJ61GeHSmUVChUf+AYqiJsJKnLu1ee3Z/ca5ue+G h9aunfAmW40gZMGnDafA+1gi6R3KKTpX -----END CERTIFICATE-----Generated at Sun Jan 25 09:25:43 2026 by rpki-client