This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft File: zOnFYkus-dCYXj8tbjHmsthtgq4.mft (raw, json) Hash identifier: 93hSao8z57SQ5r4OVIdbk8sqBKjr5pvh7WGFFcqGixk= Subject key identifier: 02:FB:58:9E:C2:85:7C:20:C2:9F:B8:C8:9F:E6:59:CB:1C:26:D6:D7 Authority key identifier: CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE Certificate issuer: /CN=A9157B07/serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft Manifest number: 2B Signing time: Fri 05 Dec 2025 05:29:10 +0000 Manifest this update: Fri 05 Dec 2025 05:29:10 +0000 Manifest next update: Fri 12 Dec 2025 05:29:10 +0000 Files and hashes: 1: zOnFYkus-dCYXj8tbjHmsthtgq4.crl (hash: EQT5CmG5PBAcf2zLyS8HMiEWvrdn9Q5tbQY/ZrYZl7s=) 2: 8CA88A568FD611F09FFCA92CC4F9AE02.roa (hash: X1O7W3t2SP7SDbQ67NRf7y+vow5VXeN/HZMH9HZxaRQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 05:29:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B07, serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Validity Not Before: Dec 5 05:29:10 2025 GMT Not After : Dec 12 05:29:10 2025 GMT Subject: CN=69326da6-baea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ed:20:fc:ed:1d:81:27:9d:77:02:19:c1:63: e5:82:c2:2c:4a:52:c9:55:e1:47:60:fd:11:64:a4: 03:4b:c8:ac:31:dc:f4:95:e7:a2:98:9b:b6:06:21: 01:3a:05:99:d0:6d:6b:cf:4e:e2:45:9b:a9:f8:2b: 88:91:6c:1f:7c:be:ea:d4:f4:42:a3:8b:e6:87:ae: ea:07:c6:8d:e0:4e:13:04:89:d5:3e:f5:ff:a4:56: 01:2f:e1:58:0a:07:5b:75:9e:8a:c7:d9:34:09:c1: 90:fc:59:0d:8b:9c:60:e6:b4:55:53:c9:70:d5:c3: be:ee:90:cb:bd:0c:d1:a2:d4:d6:14:b5:af:d3:7f: f8:a5:77:72:d8:d6:f2:23:1d:63:ee:bf:41:c9:7f: 6d:bf:8d:00:c4:2c:95:58:98:bd:d8:fb:4f:3c:82: 1f:f9:dc:90:74:5d:e0:f2:d1:96:58:06:c9:49:12: 3f:dd:40:24:cb:02:25:89:58:c2:90:5a:ca:6b:58: ad:ee:3d:15:4b:93:7f:5c:eb:42:5a:d9:21:f0:86: 32:28:4b:d7:06:6a:17:56:be:0b:41:91:95:b2:4e: a0:e0:7f:80:6e:d4:9b:0e:f5:9e:f7:90:70:06:8f: 08:fe:b9:27:90:29:ab:2a:2d:c7:b5:7b:5f:3f:a7: cb:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:FB:58:9E:C2:85:7C:20:C2:9F:B8:C8:9F:E6:59:CB:1C:26:D6:D7 X509v3 Authority Key Identifier: keyid:CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:d0:59:11:90:9c:6e:ab:fc:d4:28:d2:d1:57:e3:7e:9a:08: 9b:b6:75:7b:64:0a:25:91:33:9c:ec:9e:0a:75:c6:58:a9:42: c2:1c:1f:7f:0f:6c:41:87:9b:31:26:b6:df:ab:62:3c:33:c0: 4a:aa:78:f5:05:f7:38:e3:a9:91:3f:57:a6:a5:61:61:fc:b7: ae:67:55:16:b1:06:24:db:0e:db:d3:dd:51:64:79:04:13:c8: 78:2d:b2:d7:5a:d1:ce:80:7d:c4:17:33:36:ac:58:23:4b:b7: 76:7b:dc:f4:f3:f7:b1:2c:c3:64:f3:81:65:b3:d3:ef:92:e8: 51:13:07:61:00:23:21:b6:da:21:66:6b:89:34:07:61:54:92: 64:d5:20:ad:22:4e:66:8f:bf:43:4f:6a:16:2b:49:73:8e:0c: 3e:0c:6f:ac:85:a8:e8:3d:da:b9:3a:51:41:86:96:bd:cb:11: ac:a4:78:a5:8b:70:00:30:6c:3a:bb:41:21:f6:34:08:8e:de: 7d:57:84:e3:8b:be:f3:55:ab:54:01:9c:5c:82:57:ad:17:2d: dd:ca:71:d5:ab:60:88:46:03:f7:27:f8:e1:50:7f:2a:0d:fd: 61:8a:0f:99:86:d1:d3:24:28:c0:d6:c5:eb:3b:94:33:07:7f: 53:fd:3f:c7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 N0IwNzExMC8GA1UEBRMoQ0NFOUM1NjI0QkFDRjlEMDk4NUUzRjJENkUzMUU2QjJE ODZEODJBRTAeFw0yNTEyMDUwNTI5MTBaFw0yNTEyMTIwNTI5MTBaMBgxFjAUBgNV BAMTDTY5MzI2ZGE2LWJhZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDH7SD87R2BJ513AhnBY+WCwixKUslV4Udg/RFkpANLyKwx3PSV56KYm7YGIQE6 BZnQbWvPTuJFm6n4K4iRbB98vurU9EKji+aHruoHxo3gThMEidU+9f+kVgEv4VgK B1t1norH2TQJwZD8WQ2LnGDmtFVTyXDVw77ukMu9DNGi1NYUta/Tf/ild3LY1vIj HWPuv0HJf22/jQDELJVYmL3Y+088gh/53JB0XeDy0ZZYBslJEj/dQCTLAiWJWMKQ WsprWK3uPRVLk39c60Ja2SHwhjIoS9cGahdWvgtBkZWyTqDgf4Bu1JsO9Z73kHAG jwj+uSeQKasqLce1e18/p8uBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAvtYnsKF fCDCn7jIn+ZZyxwm1tcwHwYDVR0jBBgwFoAUzOnFYkus+dCYXj8tbjHmsthtgq4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3QjA3L0Q4ODU0NDkyOEZE NTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRDWVhqOHRiakhtc3RodGdx NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvek9uRllrdXMtZENZWGo4dGJqSG1zdGh0Z3E0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3 QjA3L0Q4ODU0NDkyOEZENTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRD WVhqOHRiakhtc3RodGdxNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMHQWRGQnG6r/NQo0tFX436aCJu2dXtkCiWRM5zsngp1xlipQsIcH38P bEGHmzEmtt+rYjwzwEqqePUF9zjjqZE/V6alYWH8t65nVRaxBiTbDtvT3VFkeQQT yHgtstda0c6AfcQXMzasWCNLt3Z73PTz97Esw2TzgWWz0++S6FETB2EAIyG22iFm a4k0B2FUkmTVIK0iTmaPv0NPahYrSXOODD4Mb6yFqOg92rk6UUGGlr3LEaykeKWL cAAwbDq7QSH2NAiO3n1XhOOLvvNVq1QBnFyCV60XLd3KcdWrYIhGA/cn+OFQfyoN /WGKD5mG0dMkKMDWxes7lDMHf1P9P8c= -----END CERTIFICATE-----Generated at Sat Dec 6 16:12:04 2025 by rpki-client