This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
File:                     iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft (raw, json)
Hash identifier:          RI8bd/S9QH7ee2FCM4w4VROFG4GsXDpHWqVwWm0RPEo=
Subject key identifier:   EE:92:2A:67:E1:0A:BD:53:3B:56:95:67:58:B9:D9:7A:05:CF:34:1E
Authority key identifier: 89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
Certificate issuer:       /CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Certificate serial:       0179
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
Manifest number:          016A
Signing time:             Fri 05 Dec 2025 02:14:00 +0000
Manifest this update:     Fri 05 Dec 2025 02:13:59 +0000
Manifest next update:     Fri 12 Dec 2025 02:13:59 +0000
Files and hashes:         1: iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl (hash: sHorRgVIA2ZEehzw9/XKrC3go3WLvicmgSiHkXZyQHI=)
                          2: 87662556555511EF88D9F680C4F9AE02.roa (hash: k8ciaOJiovKzhjLhsMW8Olbo59H12ftecdkV4UavoKg=)
                          3: F406C3F26AE311EF82D7860FC4F9AE02.roa (hash: BGxl2SOPQW6C/i2r2VN80go3aEYSETpmK67AkebR/E4=)
                          4: D7FEF354562111EFA7B3F00AC4F9AE02.roa (hash: Z74c44o/GimXrdeWvw94wRAl3MPTrcV7W0A3AuI0ILk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl
                          rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 12 Dec 2025 02:13:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 377 (0x179)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9195F7B, serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
        Validity
            Not Before: Dec  5 02:13:59 2025 GMT
            Not After : Dec 12 02:13:59 2025 GMT
        Subject: CN=69323fe8-a3f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:85:b4:3f:86:64:67:01:a2:66:c1:fd:fb:44:
                    00:29:c2:43:d0:bd:20:cc:68:74:c6:30:8c:81:84:
                    ec:c1:98:97:cb:29:af:60:f2:89:58:56:9a:12:fc:
                    7f:47:7e:c5:27:85:3e:56:c1:61:e1:9e:28:46:29:
                    3e:c8:04:a4:59:d0:85:8a:2a:d3:20:33:db:48:3f:
                    c2:8d:e8:67:85:5c:95:1b:08:f3:3d:c9:ec:82:cb:
                    4e:ec:93:02:43:0b:97:eb:ed:b4:3b:b0:8b:c3:09:
                    08:d9:c0:26:06:8f:e5:ed:09:a4:73:ff:6e:d3:c1:
                    6b:04:7f:28:ca:bc:4d:af:af:13:a5:56:72:91:19:
                    df:d3:77:1e:1b:92:c3:13:33:fc:06:85:53:ec:d9:
                    81:17:66:85:07:b0:15:50:df:01:c2:d6:e4:1d:d1:
                    0c:e7:b0:4f:fa:42:34:e7:37:f7:37:ea:05:63:b2:
                    b4:9e:82:cf:77:09:64:82:a8:1b:e4:76:c9:00:00:
                    d1:9e:44:fe:3b:3a:80:71:a5:a0:29:34:f3:3a:a8:
                    6e:d4:91:51:cd:f4:62:3d:fe:29:00:a6:b0:36:9a:
                    53:b9:88:bc:17:43:d0:ef:3b:8f:af:8a:17:fd:25:
                    f5:25:06:d0:38:51:c3:c2:23:3e:ec:c5:31:df:ef:
                    70:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:92:2A:67:E1:0A:BD:53:3B:56:95:67:58:B9:D9:7A:05:CF:34:1E
            X509v3 Authority Key Identifier:
                keyid:89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:f2:6e:bf:8c:76:4b:d3:a1:5e:30:66:29:d1:2c:81:71:fd:
         0a:69:1c:0f:61:6b:bb:ec:68:9c:08:e0:93:da:25:bc:e1:3c:
         d3:90:51:1d:ca:c6:a3:79:7f:37:7f:ed:c5:ac:59:a9:5e:8f:
         80:f1:37:33:e4:ca:73:2f:ae:53:04:27:ed:04:46:f2:9a:a3:
         da:11:a3:44:31:0c:ea:f4:e4:0c:c7:91:19:91:fa:9b:48:37:
         b1:ea:5c:4b:e7:09:84:d5:53:94:d0:3f:0f:e2:fb:c0:87:f4:
         f1:91:ff:54:77:fa:32:4c:c1:7d:de:74:c4:dc:6d:cf:39:40:
         b8:3a:b6:7b:ba:2d:ca:62:36:f4:d2:a7:37:65:70:23:28:0d:
         de:a3:4c:cd:f1:6a:61:b1:d9:25:b3:c5:f7:6a:55:af:ed:cb:
         a5:8d:c7:86:26:6f:17:4d:bb:b6:31:64:f7:1e:a7:85:2e:76:
         22:64:3c:cd:4e:69:a4:48:d5:44:d0:24:9c:1b:7d:e1:63:c4:
         d2:6d:f4:eb:52:32:9b:92:51:b7:9d:1f:63:77:05:a8:a1:fd:
         18:ba:74:10:a3:4b:f0:32:d3:40:74:c6:48:30:5f:9f:de:58:
         c8:25:d8:15:ce:65:a2:7f:90:ef:81:39:05:9e:c7:5e:bf:a2:
         7c:e9:3f:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTVGN0IxMTAvBgNVBAUTKDg5MEIxREVGRTg4RDU5MTk2QkNDN0I2NTI2OEM2MkU4
NkU1NEQ0NkQwHhcNMjUxMjA1MDIxMzU5WhcNMjUxMjEyMDIxMzU5WjAYMRYwFAYD
VQQDEw02OTMyM2ZlOC1hM2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8oW0P4ZkZwGiZsH9+0QAKcJD0L0gzGh0xjCMgYTswZiXyymvYPKJWFaaEvx/
R37FJ4U+VsFh4Z4oRik+yASkWdCFiirTIDPbSD/CjehnhVyVGwjzPcnsgstO7JMC
QwuX6+20O7CLwwkI2cAmBo/l7Qmkc/9u08FrBH8oyrxNr68TpVZykRnf03ceG5LD
EzP8BoVT7NmBF2aFB7AVUN8BwtbkHdEM57BP+kI05zf3N+oFY7K0noLPdwlkgqgb
5HbJAADRnkT+OzqAcaWgKTTzOqhu1JFRzfRiPf4pAKawNppTuYi8F0PQ7zuPr4oX
/SX1JQbQOFHDwiM+7MUx3+9w0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO6SKmfh
Cr1TO1aVZ1i52XoFzzQeMB8GA1UdIwQYMBaAFIkLHe/ojVkZa8x7ZSaMYuhuVNRt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUY3Qi9BMTMxQjM5NEJC
MzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9pUXNkNy1pTldSbHJ6SHRsSm94aTZHNVUx
RzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lRc2Q3LWlOV1JscnpIdGxKb3hpNkc1VTFHMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NUY3Qi9BMTMxQjM5NEJCMzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9pUXNkNy1pTldS
bHJ6SHRsSm94aTZHNVUxRzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB/8m6/jHZL06FeMGYp0SyBcf0KaRwPYWu77GicCOCT2iW84TzTkFEd
ysajeX83f+3FrFmpXo+A8Tcz5MpzL65TBCftBEbymqPaEaNEMQzq9OQMx5EZkfqb
SDex6lxL5wmE1VOU0D8P4vvAh/Txkf9Ud/oyTMF93nTE3G3POUC4OrZ7ui3KYjb0
0qc3ZXAjKA3eo0zN8Wphsdkls8X3alWv7culjceGJm8XTbu2MWT3HqeFLnYiZDzN
TmmkSNVE0CScG33hY8TSbfTrUjKbklG3nR9jdwWoof0YunQQo0vwMtNAdMZIMF+f
3ljIJdgVzmWif5DvgTkFnsdev6J86T+g
-----END CERTIFICATE-----
Generated at Sun Dec 7 02:45:45 2025 by rpki-client