This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft (raw, json) Hash identifier: 44FWvLfQ6R2DPoKN75Ntn+NDnwpNxnTAwyu3jIf55DI= Subject key identifier: FB:D9:64:DD:29:C8:FF:FE:F1:67:03:CF:2E:9D:5E:6D:D1:A3:CB:D8 Authority key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 Certificate issuer: /CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67 Certificate serial: 01A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft Manifest number: 01A0 Signing time: Fri 05 Dec 2025 01:34:29 +0000 Manifest this update: Fri 05 Dec 2025 01:34:29 +0000 Manifest next update: Fri 12 Dec 2025 01:34:29 +0000 Files and hashes: 1: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl (hash: t2Esj742Epy5eUEtOWBEtRTY0zyPCTC2NflZ2KLBToo=) 2: 759C16DC577711EE96F5F775C4F9AE02.roa (hash: E2MEy59tbIM1Maudg/5GMAqeAqrNk3TYYaN2opqqFDU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 01:34:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 420 (0x1a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194677, serialNumber=2876825F77C24A167DC41215350F688792981A67 Validity Not Before: Dec 5 01:34:29 2025 GMT Not After : Dec 12 01:34:29 2025 GMT Subject: CN=693236a5-99e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c7:f7:fb:32:f1:cd:cb:cb:b1:1e:39:11:b1: 35:db:e0:c9:37:34:78:4b:8c:6e:a4:f6:f5:94:ef: 90:84:c9:9a:98:2c:c8:be:bb:3f:09:21:1e:ec:90: 09:e6:e0:bc:77:73:b0:ae:31:df:71:aa:7e:58:4f: a9:ce:58:d9:25:d6:ce:04:03:bc:51:f7:d7:a0:2b: e4:2c:64:9f:5e:8a:d1:0d:d4:93:f4:6c:b4:57:41: f5:1b:08:31:32:79:54:89:f1:c1:16:85:4a:42:50: b4:b7:17:8a:39:74:60:ef:93:1d:27:11:47:75:33: 02:0e:8f:7f:04:33:61:e1:97:01:aa:87:c4:19:31: 7f:e5:9f:6d:7d:ab:29:b6:47:20:f3:94:2a:d6:8c: 6a:f2:cb:dd:ea:38:20:fe:14:a1:ae:71:70:cc:8f: 47:89:22:b6:9d:59:e6:ee:7d:46:80:08:ae:97:a8: 4c:f5:e4:d8:9e:03:30:fb:ad:e9:e9:3a:aa:30:03: 68:33:5f:eb:45:1c:77:2a:cf:dc:76:1d:56:55:07: dd:36:1e:8a:5e:09:61:a1:d2:ec:12:6f:8d:07:19: ac:e3:73:de:84:ca:3e:3a:38:00:18:5a:12:55:76: 9a:fe:9c:e1:c0:05:93:8d:5c:31:c8:c7:92:95:89: 6f:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:D9:64:DD:29:C8:FF:FE:F1:67:03:CF:2E:9D:5E:6D:D1:A3:CB:D8 X509v3 Authority Key Identifier: keyid:28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:d7:99:a5:63:d4:33:33:91:d0:ce:81:35:bc:0f:01:d2:44: 73:5f:c6:2e:4d:57:fc:8f:40:55:a2:02:e4:be:f7:50:34:7f: 7b:02:0e:1c:06:77:d4:77:a4:43:c4:1d:f2:26:a3:f1:cb:3e: 93:ae:b2:ad:5c:19:fc:6b:cf:3b:a1:ea:38:2e:49:93:62:4e: ed:06:1f:0a:09:59:e7:cd:64:7f:bf:cb:50:50:bd:a9:d7:86: e0:39:dd:06:7a:b2:7a:a2:ae:42:cf:59:87:96:c7:60:30:9a: ee:86:f9:4f:61:14:b5:6b:6c:b2:91:2e:43:25:02:41:a0:73: b9:88:01:71:bf:90:32:41:0c:15:9f:3a:2e:31:7d:86:dc:50: e6:d1:8e:53:24:7c:22:6d:ff:8d:86:ce:e4:b5:a5:58:44:34: 73:3b:8c:09:cd:a4:c6:d1:f4:f2:58:76:4a:f2:a5:00:bd:26: dd:08:a4:9e:b5:d8:52:25:d6:47:aa:78:34:3e:3a:1b:77:74: 9d:99:c5:5b:43:2e:7d:22:71:64:6f:85:0f:f1:fc:8a:34:fa: c2:12:c9:9b:01:57:28:30:d8:7b:bd:5e:95:ea:7f:d2:73:c5: 98:1a:ff:89:6e:10:e1:49:ce:cc:5b:c3:59:1d:d8:89:88:bc: 93:a8:ad:dc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIxNTM1MEY2ODg3 OTI5ODFBNjcwHhcNMjUxMjA1MDEzNDI5WhcNMjUxMjEyMDEzNDI5WjAYMRYwFAYD VQQDEw02OTMyMzZhNS05OWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAscf3+zLxzcvLsR45EbE12+DJNzR4S4xupPb1lO+QhMmamCzIvrs/CSEe7JAJ 5uC8d3OwrjHfcap+WE+pzljZJdbOBAO8UffXoCvkLGSfXorRDdST9Gy0V0H1Gwgx MnlUifHBFoVKQlC0txeKOXRg75MdJxFHdTMCDo9/BDNh4ZcBqofEGTF/5Z9tfasp tkcg85Qq1oxq8svd6jgg/hShrnFwzI9HiSK2nVnm7n1GgAiul6hM9eTYngMw+63p 6TqqMANoM1/rRRx3Ks/cdh1WVQfdNh6KXglhodLsEm+NBxms43PehMo+OjgAGFoS VXaa/pzhwAWTjVwxyMeSlYlviwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPvZZN0p yP/+8WcDzy6dXm3Ro8vYMB8GA1UdIwQYMBaAFCh2gl93wkoWfcQSFTUPaIeSmBpn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY3Ny8wMjI3Rjc4NjU3 NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1NoWjl4QklWTlE5b2g1S1lH bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIYUNYM2ZDU2haOXhCSVZOUTlvaDVLWUdtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1No Wjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA415mlY9QzM5HQzoE1vA8B0kRzX8YuTVf8j0BVogLkvvdQNH97Ag4c BnfUd6RDxB3yJqPxyz6TrrKtXBn8a887oeo4LkmTYk7tBh8KCVnnzWR/v8tQUL2p 14bgOd0GerJ6oq5Cz1mHlsdgMJruhvlPYRS1a2yykS5DJQJBoHO5iAFxv5AyQQwV nzouMX2G3FDm0Y5TJHwibf+Nhs7ktaVYRDRzO4wJzaTG0fTyWHZK8qUAvSbdCKSe tdhSJdZHqng0Pjobd3SdmcVbQy59InFkb4UP8fyKNPrCEsmbAVcoMNh7vV6V6n/S c8WYGv+JbhDhSc7MW8NZHdiJiLyTqK3c -----END CERTIFICATE-----Generated at Sat Dec 6 16:14:51 2025 by rpki-client