This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft File: CeskiT_4OKrchy_8N1hCf2rsIXI.mft (raw, json) Hash identifier: mG6ezPGxryeqWhv2uVNaE+VdpFh3zc0wlmjukKwEDns= Subject key identifier: 67:5C:D9:0C:0B:99:EA:69:D0:BE:E6:8F:87:4E:21:6A:D2:56:1C:9A Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 Certificate issuer: /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Certificate serial: 05A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft Manifest number: 07B6 Signing time: Thu 04 Dec 2025 21:49:23 +0000 Manifest this update: Thu 04 Dec 2025 21:49:22 +0000 Manifest next update: Thu 11 Dec 2025 21:49:22 +0000 Files and hashes: 1: CeskiT_4OKrchy_8N1hCf2rsIXI.crl (hash: VI31sGupwMPa1HRrFqDwa38f+dciS10J8pL6psxpCUs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 21:49:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1440 (0x5a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F7A1, serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Validity Not Before: Dec 4 21:49:22 2025 GMT Not After : Dec 11 21:49:22 2025 GMT Subject: CN=693201e3-0326 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c3:c5:32:c7:b5:5f:ca:2b:e8:ea:a4:52:42: 13:6e:59:9b:7e:d3:a2:e7:3c:d9:2d:f1:b8:45:0e: 9a:92:8d:7d:d1:3f:3f:9e:fe:78:76:97:bf:59:e6: 0c:18:37:e1:a9:00:78:ac:f9:66:1b:61:28:5d:ef: 9d:aa:4b:9b:b3:a9:10:54:25:f4:0b:7e:dd:05:d4: d0:47:06:af:9f:ad:69:ac:bd:07:b8:c4:3e:d7:90: cd:91:6b:e2:2e:50:1f:e1:e3:61:98:0a:a3:2f:a5: 1f:19:3d:74:0c:65:06:d0:3d:51:2d:22:92:f5:85: 97:45:19:6a:74:a3:6b:c6:80:81:36:0d:15:94:e1: 91:aa:cb:4b:e5:8f:6f:da:6b:3e:a1:0f:e4:04:cd: 8e:47:69:53:44:be:b2:e9:a1:60:8d:56:82:ce:08: ac:75:93:44:35:eb:bf:1a:d3:1b:a4:ee:ec:6f:93: 4b:ae:c7:c6:53:29:64:03:9a:45:90:97:1b:c6:65: ab:da:b2:e9:65:72:0d:c4:83:4d:d8:c6:b8:56:47: 32:cf:db:99:b0:8a:27:0d:24:70:d2:ae:a1:ed:5a: e6:b9:40:14:cb:b8:52:68:82:f4:b6:28:69:c8:bc: 8d:0c:47:29:60:41:99:6d:b0:a5:be:a8:20:91:10: cd:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:5C:D9:0C:0B:99:EA:69:D0:BE:E6:8F:87:4E:21:6A:D2:56:1C:9A X509v3 Authority Key Identifier: keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:95:13:c9:1f:5a:32:29:a0:58:51:88:1d:cc:7e:d7:a1:3a: a1:e9:17:a6:53:df:ac:3d:6d:df:e9:1c:49:c8:b5:3a:1c:99: 72:66:3c:b6:c4:45:0f:ee:f7:fd:43:88:71:48:33:b6:ad:82: 35:d0:3f:01:57:a9:4f:6b:7c:fa:9a:25:b4:5d:19:f3:e7:38: 90:9d:f5:9c:d8:72:08:cf:4b:9a:e1:e2:54:12:aa:d2:2d:3b: db:d0:5b:c6:65:8a:ee:9c:1c:0e:e9:e5:91:f1:d1:43:3c:12: b7:0a:42:a4:65:88:76:7a:2e:cf:42:9f:92:f2:df:96:ee:ba: 78:3c:08:7a:b0:e9:cb:67:e4:63:3d:9e:56:fd:22:75:64:7e: 79:84:b1:5b:76:43:94:a8:af:78:3c:a5:57:fc:c8:bb:ad:1b: 2f:45:6c:bf:51:a8:52:ae:21:85:ef:77:e9:57:db:18:03:47: 7f:0c:ea:50:52:82:39:13:06:6e:f6:3e:c1:1f:fe:66:93:7b: d2:88:3c:ef:19:07:c7:a6:de:f0:5c:c3:cb:65:46:e1:d3:89: 59:c4:ca:79:2e:03:4e:76:de:f7:e2:a5:72:57:93:79:92:0b: 7f:03:0c:1f:b5:49:31:68:55:25:46:18:f9:b4:56:fb:84:c5: 96:5f:3e:3a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG NkFFQzIxNzIwHhcNMjUxMjA0MjE0OTIyWhcNMjUxMjExMjE0OTIyWjAYMRYwFAYD VQQDEw02OTMyMDFlMy0wMzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0MPFMse1X8or6OqkUkITblmbftOi5zzZLfG4RQ6ako190T8/nv54dpe/WeYM GDfhqQB4rPlmG2EoXe+dqkubs6kQVCX0C37dBdTQRwavn61prL0HuMQ+15DNkWvi LlAf4eNhmAqjL6UfGT10DGUG0D1RLSKS9YWXRRlqdKNrxoCBNg0VlOGRqstL5Y9v 2ms+oQ/kBM2OR2lTRL6y6aFgjVaCzgisdZNENeu/GtMbpO7sb5NLrsfGUylkA5pF kJcbxmWr2rLpZXINxINN2Ma4Vkcyz9uZsIonDSRw0q6h7VrmuUAUy7hSaIL0tihp yLyNDEcpYEGZbbClvqggkRDNbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGdc2QwL mepp0L7mj4dOIWrSVhyaMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0 MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9L cmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3lRPJH1oyKaBYUYgdzH7XoTqh6RemU9+sPW3f6RxJyLU6HJlyZjy2 xEUP7vf9Q4hxSDO2rYI10D8BV6lPa3z6miW0XRnz5ziQnfWc2HIIz0ua4eJUEqrS LTvb0FvGZYrunBwO6eWR8dFDPBK3CkKkZYh2ei7PQp+S8t+W7rp4PAh6sOnLZ+Rj PZ5W/SJ1ZH55hLFbdkOUqK94PKVX/Mi7rRsvRWy/UahSriGF73fpV9sYA0d/DOpQ UoI5EwZu9j7BH/5mk3vSiDzvGQfHpt7wXMPLZUbh04lZxMp5LgNOdt734qVyV5N5 kgt/AwwftUkxaFUlRhj5tFb7hMWWXz46 -----END CERTIFICATE-----Generated at Sat Dec 6 13:34:07 2025 by rpki-client