This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft File: Ok9ILhJcCNuDBRbVGkot8eCqiso.mft (raw, json) Hash identifier: hk9gBklOa8f5F4qcSyZfuK2+cj8ca+oRbn1Q2soRyLc= Subject key identifier: 61:E3:BE:5C:E1:C8:11:1E:23:D4:95:E9:12:56:10:42:DF:18:94:8F Authority key identifier: 3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA Certificate issuer: /CN=A918C158/serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Certificate serial: 0AB5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft Manifest number: 0AAF Signing time: Sat 06 Dec 2025 18:45:30 +0000 Manifest this update: Sat 06 Dec 2025 18:45:30 +0000 Manifest next update: Sat 13 Dec 2025 18:45:30 +0000 Files and hashes: 1: Ok9ILhJcCNuDBRbVGkot8eCqiso.crl (hash: MpCfOjPrBnwKPaJUk8Q33f8iUHoYYCvBFuLZEeYyj20=) 2: F25A6266796A11EB82E0EE24C4F9AE02.roa (hash: O/F4TEeQrnUUSKYZMDqIO0+JzSXznAo+/sHQLTeUsVk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 18:45:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2741 (0xab5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C158, serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Validity Not Before: Dec 6 18:45:30 2025 GMT Not After : Dec 13 18:45:30 2025 GMT Subject: CN=693479ca-add0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:47:ca:22:7d:9b:59:74:2e:23:26:94:56:f5: 0b:80:16:9b:52:6f:41:e2:70:c9:76:aa:96:98:5f: fe:1d:cf:68:5c:6d:32:eb:ad:b2:fb:14:25:45:73: cd:6b:d3:59:61:8a:96:61:e5:1c:aa:a1:e2:b1:54: 9f:68:20:89:0c:1c:35:8f:ba:90:f7:1d:f6:88:ca: 51:5d:18:cd:3c:1f:4d:f2:c2:85:5e:48:48:fb:8e: ca:a2:0c:8f:29:04:86:7b:0c:7c:80:0f:52:02:e4: 09:4c:ce:70:ad:54:c1:df:98:52:35:c4:5d:4d:6a: 9a:81:ad:2e:b5:01:8e:2a:cd:f3:34:fd:08:30:55: ee:41:2a:c1:50:d3:11:dc:ef:1c:bf:98:b3:39:a3: 17:73:c4:ca:4e:83:85:5b:ad:aa:79:5c:26:ae:9f: e1:c9:b6:32:d7:28:32:42:0e:15:08:36:b1:a5:6a: 9a:d0:92:88:30:0b:92:07:4c:d3:ea:2a:81:69:5a: 1b:38:b4:4a:73:49:cc:2e:e3:f1:a1:cf:55:c9:bb: 29:d0:75:00:71:f2:ca:0e:e2:8f:de:63:ab:15:5a: c4:ad:4e:ef:e5:8c:60:01:91:78:7f:8a:9b:ab:f8: cb:20:2d:30:a4:5b:70:f3:a1:40:03:f7:7f:23:fb: 21:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:E3:BE:5C:E1:C8:11:1E:23:D4:95:E9:12:56:10:42:DF:18:94:8F X509v3 Authority Key Identifier: keyid:3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:0b:ec:90:15:88:ee:80:17:73:98:3e:8b:ca:7c:49:40:ef: 7b:2f:f4:56:e6:e0:8a:09:94:cd:aa:f0:79:5e:05:16:4d:74: 0c:ef:39:48:be:f3:f1:db:0d:42:8a:4a:54:06:25:e0:c8:9f: e9:07:90:fc:d2:e7:d7:82:76:83:6d:4b:86:4d:40:11:3b:e6: 79:b8:1a:d4:47:85:5d:4f:c5:2a:82:6f:41:b3:d6:72:e9:10: 4b:ff:b6:c8:81:da:d8:ee:6a:dd:54:c6:a3:41:d7:20:7f:fd: 20:5c:8b:c0:bb:e1:65:9f:6b:aa:f5:84:c4:89:90:74:cf:91: ba:91:c2:d3:1c:48:da:45:6d:06:b7:8e:5e:a7:29:5e:93:02: 95:9b:f2:c4:c8:4b:d8:a5:79:07:73:29:59:c0:c9:61:a1:d8: 2d:ee:42:7f:92:d8:4f:b1:61:15:f5:18:38:a1:d1:76:38:9e: 44:a3:24:2c:25:0d:22:15:bd:5d:9f:0f:f4:c9:52:e7:6c:58: 39:a1:8a:40:c7:b1:e6:79:75:9c:6a:51:3b:4b:ba:c6:17:6f: dd:10:0f:1d:fe:6f:3c:cf:ae:9b:f6:66:95:98:16:81:b1:e2: 0d:46:a1:68:60:91:94:17:99:6e:d3:2b:67:33:a1:3f:9e:16: f2:de:ca:fb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMxNTgxMTAvBgNVBAUTKDNBNEY0ODJFMTI1QzA4REI4MzA1MTZENTFBNEEyREYx RTBBQThBQ0EwHhcNMjUxMjA2MTg0NTMwWhcNMjUxMjEzMTg0NTMwWjAYMRYwFAYD VQQDEw02OTM0NzljYS1hZGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvkfKIn2bWXQuIyaUVvULgBabUm9B4nDJdqqWmF/+Hc9oXG0y662y+xQlRXPN a9NZYYqWYeUcqqHisVSfaCCJDBw1j7qQ9x32iMpRXRjNPB9N8sKFXkhI+47KogyP KQSGewx8gA9SAuQJTM5wrVTB35hSNcRdTWqaga0utQGOKs3zNP0IMFXuQSrBUNMR 3O8cv5izOaMXc8TKToOFW62qeVwmrp/hybYy1ygyQg4VCDaxpWqa0JKIMAuSB0zT 6iqBaVobOLRKc0nMLuPxoc9Vybsp0HUAcfLKDuKP3mOrFVrErU7v5YxgAZF4f4qb q/jLIC0wpFtw86FAA/d/I/shdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGHjvlzh yBEeI9SV6RJWEELfGJSPMB8GA1UdIwQYMBaAFDpPSC4SXAjbgwUW1RpKLfHgqorK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzE1OC9BRTUxRDgwMjY3 M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NOdURCUmJWR2tvdDhlQ3Fp c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rOUlMaEpjQ051REJSYlZHa290OGVDcWlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzE1OC9BRTUxRDgwMjY3M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NO dURCUmJWR2tvdDhlQ3Fpc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUC+yQFYjugBdzmD6LynxJQO97L/RW5uCKCZTNqvB5XgUWTXQM7zlI vvPx2w1CikpUBiXgyJ/pB5D80ufXgnaDbUuGTUARO+Z5uBrUR4VdT8Uqgm9Bs9Zy 6RBL/7bIgdrY7mrdVMajQdcgf/0gXIvAu+Fln2uq9YTEiZB0z5G6kcLTHEjaRW0G t45epylekwKVm/LEyEvYpXkHcylZwMlhodgt7kJ/kthPsWEV9Rg4odF2OJ5EoyQs JQ0iFb1dnw/0yVLnbFg5oYpAx7HmeXWcalE7S7rGF2/dEA8d/m88z66b9maVmBaB seINRqFoYJGUF5lu0ytnM6E/nhby3sr7 -----END CERTIFICATE-----Generated at Sat Dec 6 23:23:07 2025 by rpki-client