This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft File: kY5yieKMGkkiojy1Zb2CG34gphE.mft (raw, json) Hash identifier: J1ArSZkAxj4DJF8yejDQugxXJUu+H3uAIDUP5mamcKk= Subject key identifier: 8E:FE:82:FE:27:BB:8C:CF:EC:A5:BB:E7:76:80:F3:09:1C:8E:AB:11 Authority key identifier: 91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11 Certificate issuer: /CN=A9171B1A/serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611 Certificate serial: 0D08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft Manifest number: 0CFA Signing time: Sat 06 Dec 2025 17:28:41 +0000 Manifest this update: Sat 06 Dec 2025 17:28:41 +0000 Manifest next update: Sat 13 Dec 2025 17:28:41 +0000 Files and hashes: 1: kY5yieKMGkkiojy1Zb2CG34gphE.crl (hash: S/QToyfE5LWN36lttVg5hPTyWp2TjFw/3BulaO7qKkA=) 2: 6D9433B0F41211E9AAF5924EC4F9AE02.roa (hash: zsrG738sZcXZENVnoH6VOaw0rvAxdfe6+csvxONB1gM=) 3: 6E3B1338F41211E9AAF5924EC4F9AE02.roa (hash: crrlwPJBnOLvYmfJKxmn3crboPF6B78h7qVd3khCwOc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 17:28:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3336 (0xd08) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171B1A, serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611 Validity Not Before: Dec 6 17:28:41 2025 GMT Not After : Dec 13 17:28:41 2025 GMT Subject: CN=693467c9-aaea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e2:34:0f:b3:67:22:82:20:cf:ae:02:22:93: 09:c6:b6:3e:dc:7f:69:e3:b6:d7:e0:01:3a:72:53: cd:8d:a0:4a:cc:8c:da:a8:5c:40:a1:71:85:af:db: e2:a1:b4:7c:37:82:48:17:fa:c7:1c:d4:91:3e:f4: 95:c6:bb:01:55:3f:a7:97:58:e6:77:c3:36:ce:b0: 3d:9d:b3:e7:e9:4e:55:f0:dc:97:fa:9e:53:de:6c: fb:3c:56:90:cf:18:42:f6:52:48:91:34:f9:63:24: 0d:ff:dd:de:fd:f4:19:33:8e:61:c5:a4:7b:bd:88: f6:1e:90:53:f8:c5:56:d6:bd:ca:eb:fb:84:c8:aa: a1:ba:f2:d9:93:63:17:28:b6:a7:7a:27:45:30:2f: bc:9e:5b:39:9a:f0:ea:3d:ed:d5:a8:46:00:b5:d8: 57:c3:54:ee:8d:52:3d:ed:5f:27:11:ab:8d:63:5b: 61:fc:e8:cc:23:55:90:0a:08:52:9f:ea:d4:95:b4: 4c:f8:ed:cc:aa:fc:ce:18:cc:1d:18:f8:37:9e:b4: 9c:e4:e3:07:26:b1:7a:cf:d1:35:34:cd:89:a4:11: 93:b7:7f:2f:80:a8:a5:33:e6:81:cf:c2:d5:cb:cf: 5f:72:5b:df:25:13:21:2c:8d:4b:c7:8c:32:6a:dc: 3c:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:FE:82:FE:27:BB:8C:CF:EC:A5:BB:E7:76:80:F3:09:1C:8E:AB:11 X509v3 Authority Key Identifier: keyid:91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:f8:02:c7:31:07:5c:f9:06:08:24:17:3b:ff:15:7a:5e:89: d8:78:7b:0a:13:ea:f2:9f:a9:47:3a:63:00:ae:b3:2d:ae:64: 8b:cd:ad:43:2e:ea:25:8c:e3:7d:87:79:45:68:b2:47:20:25: f0:a4:42:81:35:d9:e7:c8:b4:1c:bd:3f:d4:0d:19:de:ba:ee: 12:32:8a:ef:cf:3e:27:c9:4b:0c:b9:0a:b6:59:75:ce:6e:e1: aa:05:02:1c:34:c5:a7:f1:80:4a:34:ed:20:bc:11:77:fd:93: fa:71:3f:c8:83:ef:90:4e:76:4c:29:97:55:81:d9:30:a4:90: f6:c5:92:59:0b:be:c2:69:8e:6e:d6:0b:80:44:b0:a8:d1:6f: 6e:24:37:1d:b4:09:78:cd:6d:dc:4b:72:8f:18:f9:0e:c4:9a: 47:f5:7c:02:51:bd:ff:72:da:a7:4c:34:d0:e0:9a:09:bb:5a: 5f:f9:03:3e:ab:4f:ad:22:98:39:da:51:3f:a7:b1:7a:7e:8a: e3:30:8f:2c:0a:9a:4c:f1:2b:23:c1:01:8e:91:1a:b0:3f:93: fc:22:5a:17:85:15:7a:c7:7f:31:e4:91:7d:8d:0e:f3:a2:8a: 35:73:58:6c:a9:3c:ec:6f:83:a8:63:f9:ef:1f:0c:8e:b8:e1: 32:ad:4d:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFCMUExMTAvBgNVBAUTKDkxOEU3Mjg5RTI4QzFBNDkyMkEyM0NCNTY1QkQ4MjFC N0UyMEE2MTEwHhcNMjUxMjA2MTcyODQxWhcNMjUxMjEzMTcyODQxWjAYMRYwFAYD VQQDEw02OTM0NjdjOS1hYWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArOI0D7NnIoIgz64CIpMJxrY+3H9p47bX4AE6clPNjaBKzIzaqFxAoXGFr9vi obR8N4JIF/rHHNSRPvSVxrsBVT+nl1jmd8M2zrA9nbPn6U5V8NyX+p5T3mz7PFaQ zxhC9lJIkTT5YyQN/93e/fQZM45hxaR7vYj2HpBT+MVW1r3K6/uEyKqhuvLZk2MX KLaneidFMC+8nls5mvDqPe3VqEYAtdhXw1TujVI97V8nEauNY1th/OjMI1WQCghS n+rUlbRM+O3MqvzOGMwdGPg3nrSc5OMHJrF6z9E1NM2JpBGTt38vgKilM+aBz8LV y89fclvfJRMhLI1Lx4wyatw84QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI7+gv4n u4zP7KW753aA8wkcjqsRMB8GA1UdIwQYMBaAFJGOconijBpJIqI8tWW9ght+IKYR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUIxQS81MUZGQzRFNEY0 MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdra2lvankxWmIyQ0czNGdw aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tZNXlpZUtNR2traW9qeTFaYjJDRzM0Z3BoRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUIxQS81MUZGQzRFNEY0MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdr a2lvankxWmIyQ0czNGdwaEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCU+ALHMQdc+QYIJBc7/xV6XonYeHsKE+ryn6lHOmMArrMtrmSLza1D LuoljON9h3lFaLJHICXwpEKBNdnnyLQcvT/UDRneuu4SMorvzz4nyUsMuQq2WXXO buGqBQIcNMWn8YBKNO0gvBF3/ZP6cT/Ig++QTnZMKZdVgdkwpJD2xZJZC77CaY5u 1guARLCo0W9uJDcdtAl4zW3cS3KPGPkOxJpH9XwCUb3/ctqnTDTQ4JoJu1pf+QM+ q0+tIpg52lE/p7F6forjMI8sCppM8SsjwQGOkRqwP5P8IloXhRV6x38x5JF9jQ7z ooo1c1hsqTzsb4OoY/nvHwyOuOEyrU1T -----END CERTIFICATE-----Generated at Sun Dec 7 04:54:12 2025 by rpki-client