This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft File: 1CVu3CvBHIRdtQe3wKiTVEYutj0.mft (raw, json) Hash identifier: lVValtSq+qiT0kIsTE2TZQ3lvZpPtPJSI8aleoM5LII= Subject key identifier: 5A:A9:CB:DA:2C:56:54:B2:1E:0A:5D:13:3A:D8:C0:55:23:C8:3F:D7 Authority key identifier: D4:25:6E:DC:2B:C1:1C:84:5D:B5:07:B7:C0:A8:93:54:46:2E:B6:3D Certificate issuer: /CN=A9170DA5/serialNumber=D4256EDC2BC11C845DB507B7C0A89354462EB63D Certificate serial: 53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft Manifest number: 52 Signing time: Fri 05 Dec 2025 05:06:05 +0000 Manifest this update: Fri 05 Dec 2025 05:06:05 +0000 Manifest next update: Fri 12 Dec 2025 05:06:05 +0000 Files and hashes: 1: 1CVu3CvBHIRdtQe3wKiTVEYutj0.crl (hash: YEXb1v4LcA+/y3EOXxQB+EufxVt2zyvyQ+nPxxiyAWA=) 2: F91ECAD6571B11F093AD0C10C4F9AE02.roa (hash: YCsx3bwrgpHgvu8ysYuX5SuZfquoTIQRzefkEGq5/wA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.crl rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 05:06:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 83 (0x53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DA5, serialNumber=D4256EDC2BC11C845DB507B7C0A89354462EB63D Validity Not Before: Dec 5 05:06:05 2025 GMT Not After : Dec 12 05:06:05 2025 GMT Subject: CN=6932683d-d029 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:78:e7:d6:5d:2e:58:a0:44:12:f8:1b:c0:83: cf:50:6d:4c:bf:ae:7f:48:2e:ad:3c:38:15:1d:27: 93:aa:9e:f1:05:d4:f6:07:40:4b:70:59:4a:a0:8b: b0:cd:4d:f5:82:b0:1e:25:1d:22:e1:5a:bc:71:33: 1a:8a:88:25:6d:68:1e:e0:77:b8:98:33:e1:bc:9e: a2:f7:dc:e7:36:7a:64:fe:fd:a8:5d:b4:b7:dd:71: 14:68:72:85:6e:dc:93:ff:88:31:5a:2f:e2:20:4f: c7:51:1f:1e:31:d5:95:ca:01:d6:bb:20:f1:a9:dc: 8a:65:fa:d7:6c:83:a5:0a:64:9b:c8:47:5a:89:cf: 7e:34:74:2f:ae:99:ab:4c:31:02:2f:5f:e3:ae:a0: 53:fa:89:90:91:64:2c:2c:52:57:9d:00:67:33:fd: 91:19:09:2f:02:a6:19:11:a2:62:43:c6:15:de:d5: 44:d9:2e:89:60:f1:c5:cd:6b:43:d8:c3:df:dd:3a: 31:43:2a:3f:c8:44:e4:d5:4d:29:6d:ce:33:d5:e6: 05:b2:93:91:27:30:e6:a0:42:b3:dc:26:d9:f3:ac: 86:62:02:45:83:b1:53:fd:1f:b3:7b:f1:79:23:13: 93:2a:03:5f:d5:a2:17:8e:19:f7:db:64:4b:14:00: d4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:A9:CB:DA:2C:56:54:B2:1E:0A:5D:13:3A:D8:C0:55:23:C8:3F:D7 X509v3 Authority Key Identifier: keyid:D4:25:6E:DC:2B:C1:1C:84:5D:B5:07:B7:C0:A8:93:54:46:2E:B6:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:57:d6:e4:e3:06:a5:03:c6:b2:3b:e6:c1:52:9d:2c:f2:ce: 1e:83:7d:4f:0b:a8:e0:b3:8a:2b:9f:7d:7d:13:cd:e8:eb:0e: 8f:c0:80:ad:c7:d7:f9:6a:3c:77:7b:e2:b6:d4:db:13:b9:db: 2e:94:b4:4b:55:73:5c:be:4e:e1:01:cb:8a:1e:55:07:b6:23: 46:e5:1c:5e:7a:c7:76:2f:c3:2f:ca:ae:1f:5d:0a:ee:6d:a7: ef:19:1d:6c:72:b2:5e:ad:9e:9f:ba:14:1d:6f:52:9a:3f:ca: 15:99:39:0a:e2:77:6c:8a:32:74:a6:bd:7a:97:53:73:b9:79: a9:28:1d:7f:32:87:96:3b:72:e9:00:7e:d7:55:2b:c5:b4:03: 94:7f:f4:f7:5e:a2:49:21:bb:f3:c1:4c:93:2c:3d:55:41:1e: 95:5a:c7:37:af:7c:78:16:11:16:4b:13:1d:f7:3a:54:a8:8b: cc:d0:d7:6b:eb:29:c6:41:99:7d:7e:e5:fb:62:4d:03:b7:2b: 49:5b:df:8c:b4:c1:40:b4:bd:88:d2:34:bf:7f:95:63:c2:dd: 5f:e2:02:a6:5f:d1:7e:6e:5d:56:ed:10:96:b3:c1:fc:e7:fb: fb:ec:ba:e5:aa:b3:f2:e9:07:67:b6:db:36:cd:07:d0:08:21: a3:84:af:c5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MERBNTExMC8GA1UEBRMoRDQyNTZFREMyQkMxMUM4NDVEQjUwN0I3QzBBODkzNTQ0 NjJFQjYzRDAeFw0yNTEyMDUwNTA2MDVaFw0yNTEyMTIwNTA2MDVaMBgxFjAUBgNV BAMTDTY5MzI2ODNkLWQwMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMeOfWXS5YoEQS+BvAg89QbUy/rn9ILq08OBUdJ5OqnvEF1PYHQEtwWUqgi7DN TfWCsB4lHSLhWrxxMxqKiCVtaB7gd7iYM+G8nqL33Oc2emT+/ahdtLfdcRRocoVu 3JP/iDFaL+IgT8dRHx4x1ZXKAda7IPGp3Ipl+tdsg6UKZJvIR1qJz340dC+umatM MQIvX+OuoFP6iZCRZCwsUledAGcz/ZEZCS8CphkRomJDxhXe1UTZLolg8cXNa0PY w9/dOjFDKj/IROTVTSltzjPV5gWyk5EnMOagQrPcJtnzrIZiAkWDsVP9H7N78Xkj E5MqA1/VoheOGffbZEsUANTTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUWqnL2ixW VLIeCl0TOtjAVSPIP9cwHwYDVR0jBBgwFoAU1CVu3CvBHIRdtQe3wKiTVEYutj0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwREE1L0M1NTk0MjRBNTcx QTExRjBCODUwNzM0MUM0RjlBRTAyLzFDVnUzQ3ZCSElSZHRRZTN3S2lUVkVZdXRq MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMUNWdTNDdkJISVJkdFFlM3dLaVRWRVl1dGowLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw REE1L0M1NTk0MjRBNTcxQTExRjBCODUwNzM0MUM0RjlBRTAyLzFDVnUzQ3ZCSElS ZHRRZTN3S2lUVkVZdXRqMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEFX1uTjBqUDxrI75sFSnSzyzh6DfU8LqOCziiuffX0TzejrDo/AgK3H 1/lqPHd74rbU2xO52y6UtEtVc1y+TuEBy4oeVQe2I0blHF56x3Yvwy/Krh9dCu5t p+8ZHWxysl6tnp+6FB1vUpo/yhWZOQrid2yKMnSmvXqXU3O5eakoHX8yh5Y7cukA ftdVK8W0A5R/9Pdeokkhu/PBTJMsPVVBHpVaxzevfHgWERZLEx33OlSoi8zQ12vr KcZBmX1+5ftiTQO3K0lb34y0wUC0vYjSNL9/lWPC3V/iAqZf0X5uXVbtEJazwfzn +/vsuuWqs/LpB2e22zbNB9AIIaOEr8U= -----END CERTIFICATE-----Generated at Sat Dec 6 13:28:05 2025 by rpki-client