This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft File: KKyX2Zh-eNvuncufA3NcKDvOGGI.mft (raw, json) Hash identifier: ukKOG6QmJNup2VAF1Pvl0h+boDr7pYwWlbLyGHWDacA= Subject key identifier: E3:AB:9C:83:18:11:C0:3C:60:CF:05:54:AD:AD:14:E5:EB:AB:60:1B Authority key identifier: 28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 Certificate issuer: /CN=A9157BC3/serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Certificate serial: 021F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft Manifest number: 021C Signing time: Fri 05 Dec 2025 00:29:37 +0000 Manifest this update: Fri 05 Dec 2025 00:29:36 +0000 Manifest next update: Fri 12 Dec 2025 00:29:36 +0000 Files and hashes: 1: KKyX2Zh-eNvuncufA3NcKDvOGGI.crl (hash: Ha1fTLG3xJzORTRddsVahhgLr4Ak2Jq69wDiqhWsKtk=) 2: 1FCD9DE2926611EDA99A9419C4F9AE02.roa (hash: RqBWzz5uXzyQ1KueU4cHYCTj7govMSTdgiL2egEdolc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 00:29:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 543 (0x21f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157BC3, serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Validity Not Before: Dec 5 00:29:36 2025 GMT Not After : Dec 12 00:29:36 2025 GMT Subject: CN=69322771-9b7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f7:dd:b9:40:c3:5f:98:79:d5:78:4f:5e:db: 16:2f:9b:77:18:4f:02:ff:27:4b:c7:59:b3:2a:4e: 55:64:cf:43:eb:52:33:61:cf:8b:15:d7:56:7a:e4: 68:74:c7:9e:a7:c1:56:e8:d8:7d:7e:a6:28:e6:d8: 78:a4:19:0e:4a:ef:a3:0a:ab:63:d1:8f:eb:c8:36: f4:cd:64:f5:9c:24:ef:6d:ab:d2:e5:c2:20:85:57: e5:b2:8f:1e:5d:37:1e:6d:e7:27:47:c5:1c:83:ff: 7e:8c:64:4e:7f:09:11:02:09:e2:38:a5:74:0e:8d: c9:72:9d:59:02:1d:7e:34:9e:e0:f6:18:3a:44:d2: 60:64:3d:f6:37:a1:4f:8b:41:95:6e:df:25:32:f0: b5:10:34:89:2d:03:65:e1:3f:22:d3:3d:b4:b7:4b: 0f:a5:55:c3:d6:f6:63:00:f6:a7:09:18:09:df:1e: 54:e1:a9:b4:4f:e3:98:c2:e2:9f:3a:9c:de:b3:f0: 41:2c:49:f9:b4:29:95:c5:cd:b5:4f:92:b9:7d:9d: f0:cb:8f:3d:c2:fa:95:2e:55:79:b5:b5:72:d9:7f: 9d:39:91:cb:c3:9f:09:fb:8a:3f:ae:8f:0c:d0:53: 85:91:33:14:65:f9:70:b4:5e:be:81:56:87:91:a1: 82:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:AB:9C:83:18:11:C0:3C:60:CF:05:54:AD:AD:14:E5:EB:AB:60:1B X509v3 Authority Key Identifier: keyid:28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:4f:36:d4:fd:e8:4d:55:50:be:6f:2a:9a:8f:0d:e4:b3:3a: cb:ba:a5:9e:a9:ab:0b:8f:4b:f4:97:8f:70:84:70:da:67:48: 71:8b:f1:28:f6:7d:fc:77:dc:39:72:e0:7d:81:66:5c:8f:e0: d7:f7:ff:44:c6:13:de:c8:81:32:4e:c0:ef:29:0c:59:8c:70: 7c:07:88:24:03:b4:bb:7d:06:53:86:68:9c:f7:2f:17:a1:b9: db:44:bf:81:cf:57:5a:11:65:72:78:2a:d2:8d:40:4b:ba:f5: 98:d8:3f:3a:dc:28:23:86:5b:88:e3:bf:1d:9f:89:58:73:ef: 6c:00:1a:8b:ed:b7:72:ad:2a:1d:d4:e7:ec:72:ba:ec:10:92: 74:cd:dc:74:bd:0b:e4:1c:d9:7d:32:3d:07:69:8c:1f:ae:13: fd:55:fb:02:07:09:df:c7:27:d4:21:44:f0:67:7a:09:b1:30: c9:a4:a0:bd:13:ec:28:85:4b:3c:7f:81:27:0b:b4:c2:35:a5: af:a7:7e:cf:9a:3b:71:c1:ac:4b:cf:21:d0:8e:7a:7b:a0:57: ae:2d:4f:48:7f:06:88:d5:1e:98:33:ad:39:57:12:87:ca:af: f7:19:12:6b:2c:f1:6a:8e:25:e1:cd:66:12:2b:3e:44:63:9e: ea:05:2e:51 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCQzMxMTAvBgNVBAUTKDI4QUM5N0Q5OTg3RTc4REJFRTlEQ0I5RjAzNzM1QzI4 M0JDRTE4NjIwHhcNMjUxMjA1MDAyOTM2WhcNMjUxMjEyMDAyOTM2WjAYMRYwFAYD VQQDEw02OTMyMjc3MS05YjdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApffduUDDX5h51XhPXtsWL5t3GE8C/ydLx1mzKk5VZM9D61IzYc+LFddWeuRo dMeep8FW6Nh9fqYo5th4pBkOSu+jCqtj0Y/ryDb0zWT1nCTvbavS5cIghVflso8e XTcebecnR8Ucg/9+jGROfwkRAgniOKV0Do3Jcp1ZAh1+NJ7g9hg6RNJgZD32N6FP i0GVbt8lMvC1EDSJLQNl4T8i0z20t0sPpVXD1vZjAPanCRgJ3x5U4am0T+OYwuKf Opzes/BBLEn5tCmVxc21T5K5fZ3wy489wvqVLlV5tbVy2X+dOZHLw58J+4o/ro8M 0FOFkTMUZflwtF6+gVaHkaGCcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOOrnIMY EcA8YM8FVK2tFOXrq2AbMB8GA1UdIwQYMBaAFCisl9mYfnjb7p3LnwNzXCg7zhhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0JDMy83MDhFNkY2ODky NjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVOdnVuY3VmQTNOY0tEdk9H R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tLeVgyWmgtZU52dW5jdWZBM05jS0R2T0dHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0JDMy83MDhFNkY2ODkyNjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVO dnVuY3VmQTNOY0tEdk9HR0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkTzbU/ehNVVC+byqajw3kszrLuqWeqasLj0v0l49whHDaZ0hxi/Eo 9n38d9w5cuB9gWZcj+DX9/9ExhPeyIEyTsDvKQxZjHB8B4gkA7S7fQZThmic9y8X obnbRL+Bz1daEWVyeCrSjUBLuvWY2D863CgjhluI478dn4lYc+9sABqL7bdyrSod 1OfscrrsEJJ0zdx0vQvkHNl9Mj0HaYwfrhP9VfsCBwnfxyfUIUTwZ3oJsTDJpKC9 E+wohUs8f4EnC7TCNaWvp37PmjtxwaxLzyHQjnp7oFeuLU9IfwaI1R6YM605VxKH yq/3GRJrLPFqjiXhzWYSKz5EY57qBS5R -----END CERTIFICATE-----Generated at Sat Dec 6 22:25:15 2025 by rpki-client