This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft File: HjKemPZ2kum1dgI6L7xVfVfdVWw.mft (raw, json) Hash identifier: 25sRPyRVxgLpE/+7LGRMJTcrLyZl4vRM+f7/8C/pGD4= Subject key identifier: 12:15:55:42:63:01:05:50:53:75:12:5A:4F:07:30:65:45:E2:41:98 Authority key identifier: 1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C Certificate issuer: /CN=A91568F6/serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Certificate serial: 0E03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft Manifest number: 0DD5 Signing time: Sat 06 Dec 2025 17:19:11 +0000 Manifest this update: Sat 06 Dec 2025 17:19:10 +0000 Manifest next update: Sat 13 Dec 2025 17:19:10 +0000 Files and hashes: 1: HjKemPZ2kum1dgI6L7xVfVfdVWw.crl (hash: M/fGzkCeU52zLFtsYOoerRWZeaCg+3syZ9X0FEhPQEw=) 2: FD120CC2D94411EDA95E3613C4F9AE02.roa (hash: u8GCpF3JjtF0fC5bHONBso6P9ZKL07gluzKPfJhmpXI=) 3: 79B042BAF3BD11EE961D7A7AC4F9AE02.roa (hash: 9OL0Nn9V+ede9DJf9mkaMrtLaF0tRZO3OAn8HvMuFRw=) 4: 4EF1DE0E822A11EDB2081A49C4F9AE02.roa (hash: ccQHTXT/JWlYkUSlrHBZlxj0fPuZnF/MXZqxQxgBSSk=) 5: 8F7DDD8889B811EE9E7ABE26C4F9AE02.roa (hash: JsvlnopzOaOKTX3AuOnQGEvn3QbobkZ0VGpy6s7Zufs=) 6: 50063EE8822A11EDB2081A49C4F9AE02.roa (hash: W9F0AxXLeTRt9akhBBWzGaKX1wJNYfdBQQ5r+SkSiyU=) 7: 87BB6D70822711ED94C3212CC4F9AE02.roa (hash: TgzuO7T0sgwTCl2sRbtN58HlHEFkWtWHdI30YEepdig=) 8: D0551B50046411F09760073DC4F9AE02.roa (hash: Ml6MHIFRGUbHxsyGVzTTlekIkq7JzuhUAzoayMJcf6g=) 9: F2826A504FCF11EB88444467C4F9AE02.roa (hash: QqSGad7FxeptCh4lzX5ee03GteRq4SxJe8s+1HGe3x4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 15:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3587 (0xe03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91568F6, serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Validity Not Before: Dec 6 17:19:10 2025 GMT Not After : Dec 13 17:19:10 2025 GMT Subject: CN=6934658f-e899 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:36:99:ae:01:4a:ac:7a:da:1d:63:04:ba:56: ae:f2:de:34:74:c7:40:3c:00:e4:29:a4:c9:70:bb: 34:44:15:15:6f:8b:a9:44:eb:a7:fc:e7:81:84:24: ef:76:42:37:ed:ac:15:f8:80:1a:54:99:b7:35:d8: 4e:df:f7:6d:33:76:33:0c:98:1f:bc:6c:c1:a0:25: bb:4f:4b:e6:06:59:fb:b3:2c:29:b4:3a:6b:5e:02: 2e:fc:67:21:43:e3:87:3e:b5:37:2d:fe:4c:bd:65: b8:2b:0a:bb:0a:02:96:eb:4c:ff:35:58:f9:bf:eb: 51:6d:12:b2:24:20:06:f8:2e:94:68:24:20:1a:5a: ed:44:6e:64:07:16:bb:b3:cf:4c:db:7e:c7:1e:19: e5:92:81:71:68:9b:81:41:46:78:c7:a0:7d:b7:4e: 1d:1e:14:f5:d7:1c:ed:f9:24:2a:36:2f:da:94:43: 20:ed:d8:53:56:64:50:82:1b:be:83:09:45:6d:1e: 8d:02:8b:65:92:4e:15:c9:0a:5b:70:8a:19:80:ed: 64:bc:25:92:a0:ac:ad:9e:9a:82:fa:0c:af:d1:fe: 80:f3:4c:97:ee:41:97:ea:27:73:51:37:f2:2a:eb: 41:c6:40:44:71:a7:8f:59:66:12:72:82:02:b8:61: ce:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:15:55:42:63:01:05:50:53:75:12:5A:4F:07:30:65:45:E2:41:98 X509v3 Authority Key Identifier: keyid:1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:fc:16:55:9d:b5:ef:ec:c4:a6:a7:bf:1a:53:52:b2:7c:6e: 67:3e:99:b1:30:f0:d8:99:29:73:4f:c4:ba:73:89:fc:cb:33: 94:0e:2e:f3:8b:6b:f3:3f:70:4c:81:72:c7:56:a6:9d:ea:73: 86:23:bd:84:16:47:09:af:ba:ca:91:24:16:6c:3e:0e:d7:72: 63:8d:2b:fa:ee:e8:fc:62:b5:c0:a8:c9:63:8a:4d:28:8c:d2: 8c:16:74:4d:4b:11:3b:a0:c0:e7:1f:74:a8:69:ec:e3:c7:3b: f5:92:76:83:c8:31:e1:4a:5a:1c:85:03:61:79:5f:ae:71:82: c8:e5:d6:01:ee:c6:cb:d3:70:17:88:33:80:d6:f0:41:1e:33: 90:a4:88:aa:3a:d8:9c:c2:34:ae:bc:f3:64:b7:db:a8:d3:e3: 3b:6f:f1:f3:b8:21:03:a7:7e:00:a8:06:38:3a:15:4b:c1:d2: bd:ae:e0:8b:3c:80:2b:3c:4e:a4:cb:6b:99:dd:3a:fc:22:80: 78:8e:09:72:a8:54:5f:0e:de:6e:24:84:5b:4c:10:e9:d8:0a: 4d:51:93:9d:d5:96:ae:a5:30:30:c0:ea:d9:3b:de:48:10:80: 27:00:f1:c5:d8:e4:f1:78:2c:10:f9:39:24:c8:23:6c:54:98: e9:ff:0a:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTY4RjYxMTAvBgNVBAUTKDFFMzI5RTk4RjY3NjkyRTlCNTc2MDIzQTJGQkM1NTdE NTdERDU1NkMwHhcNMjUxMjA2MTcxOTEwWhcNMjUxMjEzMTcxOTEwWjAYMRYwFAYD VQQDEw02OTM0NjU4Zi1lODk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyzaZrgFKrHraHWMEulau8t40dMdAPADkKaTJcLs0RBUVb4upROun/OeBhCTv dkI37awV+IAaVJm3NdhO3/dtM3YzDJgfvGzBoCW7T0vmBln7sywptDprXgIu/Gch Q+OHPrU3Lf5MvWW4Kwq7CgKW60z/NVj5v+tRbRKyJCAG+C6UaCQgGlrtRG5kBxa7 s89M237HHhnlkoFxaJuBQUZ4x6B9t04dHhT11xzt+SQqNi/alEMg7dhTVmRQghu+ gwlFbR6NAotlkk4VyQpbcIoZgO1kvCWSoKytnpqC+gyv0f6A80yX7kGX6idzUTfy KutBxkBEcaePWWYScoICuGHOVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBIVVUJj AQVQU3USWk8HMGVF4kGYMB8GA1UdIwQYMBaAFB4ynpj2dpLptXYCOi+8VX1X3VVs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjhGNi8zN0QwM0RGNkNF MjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1bTFkZ0k2TDd4VmZWZmRW V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hqS2VtUFoya3VtMWRnSTZMN3hWZlZmZFZXdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NjhGNi8zN0QwM0RGNkNFMjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1 bTFkZ0k2TDd4VmZWZmRWV3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCC/BZVnbXv7MSmp78aU1KyfG5nPpmxMPDYmSlzT8S6c4n8yzOUDi7z i2vzP3BMgXLHVqad6nOGI72EFkcJr7rKkSQWbD4O13JjjSv67uj8YrXAqMljik0o jNKMFnRNSxE7oMDnH3Soaezjxzv1knaDyDHhSlochQNheV+ucYLI5dYB7sbL03AX iDOA1vBBHjOQpIiqOticwjSuvPNkt9uo0+M7b/HzuCEDp34AqAY4OhVLwdK9ruCL PIArPE6ky2uZ3Tr8IoB4jglyqFRfDt5uJIRbTBDp2ApNUZOd1ZaupTAwwOrZO95I EIAnAPHF2OTxeCwQ+TkkyCNsVJjp/wrG -----END CERTIFICATE-----Generated at Sat Dec 6 21:27:55 2025 by rpki-client