This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91777A6/C8A799D2244711EDB1655053C4F9AE02/2kdUAUEh0yaH2X05LZBgSagU_MM.mft
File:                     2kdUAUEh0yaH2X05LZBgSagU_MM.mft (raw, json)
Hash identifier:          0KLBn6Q21Sv4OK/Hrw34Pwe28bOTG+P0lFZr7r+5O6M=
Subject key identifier:   08:35:E1:05:C5:C4:C2:1C:98:7E:5E:33:5C:3B:4E:92:6D:CD:35:CD
Authority key identifier: DA:47:54:01:41:21:D3:26:87:D9:7D:39:2D:90:60:49:A8:14:FC:C3
Certificate issuer:       /CN=A91777A6/serialNumber=DA4754014121D32687D97D392D906049A814FCC3
Certificate serial:       02A6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kdUAUEh0yaH2X05LZBgSagU_MM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91777A6/C8A799D2244711EDB1655053C4F9AE02/2kdUAUEh0yaH2X05LZBgSagU_MM.mft
Manifest number:          02A1
Signing time:             Sun 07 Dec 2025 00:03:28 +0000
Manifest this update:     Sun 07 Dec 2025 00:03:27 +0000
Manifest next update:     Sun 14 Dec 2025 00:03:27 +0000
Files and hashes:         1: 2kdUAUEh0yaH2X05LZBgSagU_MM.crl (hash: Dh/O7Q2W3SsO9DIMf1InGnVSY1aNgLs0VooLFhQh5GM=)
                          2: 930770F4244C11ED95AA5569C4F9AE02.roa (hash: ULGKwEOFyOrsmtR9RLcNHZ1T/UHrIBp7ZTGPrjal32s=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91777A6/C8A799D2244711EDB1655053C4F9AE02/2kdUAUEh0yaH2X05LZBgSagU_MM.crl
                          rsync://rpki.apnic.net/member_repository/A91777A6/C8A799D2244711EDB1655053C4F9AE02/2kdUAUEh0yaH2X05LZBgSagU_MM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kdUAUEh0yaH2X05LZBgSagU_MM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 14 Dec 2025 00:03:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 678 (0x2a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91777A6, serialNumber=DA4754014121D32687D97D392D906049A814FCC3
        Validity
            Not Before: Dec  7 00:03:27 2025 GMT
            Not After : Dec 14 00:03:27 2025 GMT
        Subject: CN=6934c450-7afc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:48:63:3b:e0:ad:5b:1d:13:c2:46:0d:d6:3f:
                    a2:87:07:d3:f4:e5:b3:c0:1a:8f:2e:a5:06:29:bb:
                    e0:08:3f:b7:b3:c3:36:94:e9:0e:51:fe:5f:e9:5c:
                    c3:e0:7f:35:d6:ad:c9:52:e6:98:f9:41:4b:7e:7e:
                    52:ac:b9:e9:18:98:4b:0a:66:2e:cb:c6:92:60:dc:
                    c3:8d:44:aa:32:2e:d5:02:09:5a:82:93:d6:bb:fd:
                    3e:c4:a2:08:cb:80:ff:50:6e:38:cb:f4:c5:d3:fd:
                    51:6d:8b:4b:59:63:ec:59:6d:0e:34:cd:28:fa:c2:
                    63:3f:9e:50:cb:3b:2d:9c:d3:ff:0d:f1:d9:91:36:
                    2f:ed:bf:58:72:1c:5c:f1:d4:b3:90:60:b9:3e:35:
                    15:e9:77:a7:c1:78:1e:ea:f0:b3:7c:c3:93:18:79:
                    aa:ab:c7:76:37:54:46:69:f0:f6:a6:28:f4:8f:4d:
                    dc:07:49:8a:ac:bc:7b:be:f9:f2:8a:40:52:e9:17:
                    69:25:7f:3d:21:a0:b9:13:87:e2:ab:74:80:9b:d6:
                    a0:d1:84:9d:52:32:8b:58:12:15:9b:8b:d7:3a:bc:
                    fa:c4:7f:b7:48:cb:cf:c8:57:c1:3d:87:8b:cb:d5:
                    40:de:9c:c6:40:af:02:f6:fb:1e:58:df:19:b7:96:
                    50:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:35:E1:05:C5:C4:C2:1C:98:7E:5E:33:5C:3B:4E:92:6D:CD:35:CD
            X509v3 Authority Key Identifier:
                keyid:DA:47:54:01:41:21:D3:26:87:D9:7D:39:2D:90:60:49:A8:14:FC:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91777A6/C8A799D2244711EDB1655053C4F9AE02/2kdUAUEh0yaH2X05LZBgSagU_MM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kdUAUEh0yaH2X05LZBgSagU_MM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91777A6/C8A799D2244711EDB1655053C4F9AE02/2kdUAUEh0yaH2X05LZBgSagU_MM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:1e:88:6c:c3:57:29:12:8b:34:c4:d8:7c:16:6d:4e:9f:f6:
         3a:b7:98:96:aa:c8:98:81:44:7b:bf:1e:3f:a3:98:6c:da:97:
         ca:24:e8:2d:2c:77:1d:7f:aa:2b:00:04:73:f7:f5:6d:99:fa:
         2e:d7:b0:53:c3:00:ed:b7:c2:94:68:1c:b5:7f:ce:ca:92:25:
         66:f9:76:06:94:06:5b:e4:6d:bd:85:8b:4e:26:a0:e0:03:de:
         27:7a:f1:6a:10:c2:7e:b4:95:12:aa:5d:81:d4:05:95:bf:8b:
         ed:2b:23:13:1d:c8:90:da:b0:80:cc:fd:d5:13:cf:76:72:71:
         ce:66:5f:48:8b:f1:a9:14:3d:2f:23:5a:39:ee:48:ea:1e:43:
         f0:88:b0:59:c2:5f:b5:d0:c6:8c:37:f3:3f:ca:6b:1d:6a:06:
         99:67:2f:4c:9a:51:1e:d8:77:83:43:db:42:77:9b:be:00:4e:
         b4:2d:07:65:93:24:57:7d:ae:25:57:9b:22:d8:26:67:85:4c:
         42:bc:39:b8:a2:9e:61:c8:d5:62:11:37:23:98:ad:e1:4a:14:
         bf:d7:15:d4:d9:0e:11:d2:9f:54:55:d1:80:d5:b1:3d:c3:fe:
         70:f5:4b:42:49:c2:93:85:a6:a4:aa:58:01:2d:d5:cd:04:21:
         25:7d:67:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc3QTYxMTAvBgNVBAUTKERBNDc1NDAxNDEyMUQzMjY4N0Q5N0QzOTJEOTA2MDQ5
QTgxNEZDQzMwHhcNMjUxMjA3MDAwMzI3WhcNMjUxMjE0MDAwMzI3WjAYMRYwFAYD
VQQDEw02OTM0YzQ1MC03YWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4UhjO+CtWx0TwkYN1j+ihwfT9OWzwBqPLqUGKbvgCD+3s8M2lOkOUf5f6VzD
4H811q3JUuaY+UFLfn5SrLnpGJhLCmYuy8aSYNzDjUSqMi7VAglagpPWu/0+xKII
y4D/UG44y/TF0/1RbYtLWWPsWW0ONM0o+sJjP55QyzstnNP/DfHZkTYv7b9Ychxc
8dSzkGC5PjUV6XenwXge6vCzfMOTGHmqq8d2N1RGafD2pij0j03cB0mKrLx7vvny
ikBS6RdpJX89IaC5E4fiq3SAm9ag0YSdUjKLWBIVm4vXOrz6xH+3SMvPyFfBPYeL
y9VA3pzGQK8C9vseWN8Zt5ZQ9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAg14QXF
xMIcmH5eM1w7TpJtzTXNMB8GA1UdIwQYMBaAFNpHVAFBIdMmh9l9OS2QYEmoFPzD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzdBNi9DOEE3OTlEMjI0
NDcxMUVEQjE2NTUwNTNDNEY5QUUwMi8ya2RVQVVFaDB5YUgyWDA1TFpCZ1NhZ1Vf
TU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJrZFVBVUVoMHlhSDJYMDVMWkJnU2FnVV9NTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NzdBNi9DOEE3OTlEMjI0NDcxMUVEQjE2NTUwNTNDNEY5QUUwMi8ya2RVQVVFaDB5
YUgyWDA1TFpCZ1NhZ1VfTU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMHohsw1cpEos0xNh8Fm1On/Y6t5iWqsiYgUR7vx4/o5hs2pfKJOgt
LHcdf6orAARz9/Vtmfou17BTwwDtt8KUaBy1f87KkiVm+XYGlAZb5G29hYtOJqDg
A94nevFqEMJ+tJUSql2B1AWVv4vtKyMTHciQ2rCAzP3VE892cnHOZl9Ii/GpFD0v
I1o57kjqHkPwiLBZwl+10MaMN/M/ymsdagaZZy9MmlEe2HeDQ9tCd5u+AE60LQdl
kyRXfa4lV5si2CZnhUxCvDm4op5hyNViETcjmK3hShS/1xXU2Q4R0p9UVdGA1bE9
w/5w9UtCScKThaakqlgBLdXNBCElfWfu
-----END CERTIFICATE-----
Generated at Sun Dec 7 03:18:23 2025 by rpki-client