This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
File:                     iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft (raw, json)
Hash identifier:          CyA22tBA2N5oGaiImjJtqEy/4UIfNYn3OfUjj2pISFE=
Subject key identifier:   04:5F:3E:ED:34:A4:6D:56:48:E8:2A:E2:74:B5:C2:8C:5E:64:FF:D3
Authority key identifier: 89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
Certificate issuer:       /CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Certificate serial:       017A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
Manifest number:          016B
Signing time:             Sun 07 Dec 2025 02:27:02 +0000
Manifest this update:     Sun 07 Dec 2025 02:27:02 +0000
Manifest next update:     Sun 14 Dec 2025 02:27:02 +0000
Files and hashes:         1: iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl (hash: 267grhU7xbwUzy8kFLlmMXrNP42YGLN1GIMG7WjyGK4=)
                          2: 87662556555511EF88D9F680C4F9AE02.roa (hash: k8ciaOJiovKzhjLhsMW8Olbo59H12ftecdkV4UavoKg=)
                          3: F406C3F26AE311EF82D7860FC4F9AE02.roa (hash: BGxl2SOPQW6C/i2r2VN80go3aEYSETpmK67AkebR/E4=)
                          4: D7FEF354562111EFA7B3F00AC4F9AE02.roa (hash: Z74c44o/GimXrdeWvw94wRAl3MPTrcV7W0A3AuI0ILk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl
                          rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 14 Dec 2025 02:27:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 378 (0x17a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9195F7B, serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
        Validity
            Not Before: Dec  7 02:27:02 2025 GMT
            Not After : Dec 14 02:27:02 2025 GMT
        Subject: CN=6934e5f6-47ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a0:cc:16:c6:26:67:4b:f7:62:1e:bb:60:5b:
                    ca:e1:ed:43:58:7c:03:39:10:2f:50:17:b5:c6:b8:
                    54:ad:4b:2c:7f:24:04:d6:cb:b1:23:6f:dd:0d:89:
                    a3:cb:20:07:b7:57:c6:da:93:4b:a7:1e:fb:2a:a9:
                    e8:e2:18:fd:9f:2d:7d:08:19:39:c2:03:00:c4:70:
                    f9:5a:d2:1a:e9:d4:af:d0:62:f5:28:57:2b:75:29:
                    01:1b:5a:20:17:43:cf:5b:f2:0f:1c:43:dd:2d:df:
                    2f:58:67:c2:89:f4:2d:e0:d2:c1:01:b5:e4:82:c7:
                    1f:02:c7:cb:0d:b8:32:29:a9:8d:c1:92:1e:0e:bd:
                    f1:ed:3e:9d:f5:e6:cc:eb:a2:ac:ac:e5:f0:03:1b:
                    ce:38:6d:0e:a9:3e:3a:14:e1:93:57:3d:e9:25:7b:
                    94:20:52:b5:c3:38:ec:10:37:15:88:2d:61:36:f7:
                    fb:63:79:73:0f:26:75:d6:8e:ab:50:b2:ed:f4:0e:
                    24:fc:3b:63:05:bf:f8:d3:50:29:b8:04:3c:9f:f7:
                    76:7d:00:85:54:2a:7f:00:26:b3:1c:0e:1f:1e:a8:
                    d8:a2:1b:56:1d:8a:d9:b6:5f:a0:42:8f:48:cc:7c:
                    31:e4:16:aa:f5:56:50:86:fd:36:fe:0f:c7:85:3b:
                    3e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:5F:3E:ED:34:A4:6D:56:48:E8:2A:E2:74:B5:C2:8C:5E:64:FF:D3
            X509v3 Authority Key Identifier:
                keyid:89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:9c:f8:c9:67:dc:bb:d0:87:19:a9:2e:53:a8:f3:06:40:e6:
         99:92:45:92:81:f9:5f:e7:63:34:f7:8a:24:15:0f:56:f0:fd:
         b1:84:23:1a:43:ab:31:a1:42:cc:b0:21:83:2f:e6:e4:86:c6:
         11:8f:0e:ec:18:82:76:c2:64:f4:55:18:bc:46:7b:4f:af:2f:
         d0:da:cf:5d:84:97:40:06:73:e0:53:d6:34:5e:fb:a9:df:b8:
         a3:38:fa:a0:69:89:de:5c:2e:4f:f5:33:69:17:00:c8:18:2b:
         f5:91:76:99:2f:28:75:d1:fe:47:af:97:ac:9b:c6:ce:42:63:
         ea:ed:2a:32:3f:95:5c:89:e6:f9:52:3c:c9:98:ad:68:82:4a:
         9e:77:81:df:c6:62:ff:ac:ff:14:8e:ec:25:6a:43:a2:3a:b4:
         f0:43:47:df:0c:95:92:61:b4:98:9a:0d:56:61:25:42:b0:d3:
         01:42:47:ae:62:1d:18:8d:e7:04:48:50:53:1f:d9:dd:bd:c8:
         a4:ab:22:01:5d:3b:57:5d:81:42:96:43:9a:7f:45:3b:39:2e:
         24:c6:4a:7b:d9:b6:36:52:77:06:53:84:8b:e9:d4:04:bc:f1:
         c2:5b:d7:ea:68:be:80:fe:63:64:a8:86:be:23:ca:cf:52:12:
         de:88:5e:53
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTVGN0IxMTAvBgNVBAUTKDg5MEIxREVGRTg4RDU5MTk2QkNDN0I2NTI2OEM2MkU4
NkU1NEQ0NkQwHhcNMjUxMjA3MDIyNzAyWhcNMjUxMjE0MDIyNzAyWjAYMRYwFAYD
VQQDEw02OTM0ZTVmNi00N2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz6DMFsYmZ0v3Yh67YFvK4e1DWHwDORAvUBe1xrhUrUssfyQE1suxI2/dDYmj
yyAHt1fG2pNLpx77Kqno4hj9ny19CBk5wgMAxHD5WtIa6dSv0GL1KFcrdSkBG1og
F0PPW/IPHEPdLd8vWGfCifQt4NLBAbXkgscfAsfLDbgyKamNwZIeDr3x7T6d9ebM
66KsrOXwAxvOOG0OqT46FOGTVz3pJXuUIFK1wzjsEDcViC1hNvf7Y3lzDyZ11o6r
ULLt9A4k/DtjBb/401ApuAQ8n/d2fQCFVCp/ACazHA4fHqjYohtWHYrZtl+gQo9I
zHwx5Baq9VZQhv02/g/HhTs+oQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFARfPu00
pG1WSOgq4nS1woxeZP/TMB8GA1UdIwQYMBaAFIkLHe/ojVkZa8x7ZSaMYuhuVNRt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUY3Qi9BMTMxQjM5NEJC
MzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9pUXNkNy1pTldSbHJ6SHRsSm94aTZHNVUx
RzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lRc2Q3LWlOV1JscnpIdGxKb3hpNkc1VTFHMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NUY3Qi9BMTMxQjM5NEJCMzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9pUXNkNy1pTldS
bHJ6SHRsSm94aTZHNVUxRzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC1nPjJZ9y70IcZqS5TqPMGQOaZkkWSgflf52M094okFQ9W8P2xhCMa
Q6sxoULMsCGDL+bkhsYRjw7sGIJ2wmT0VRi8RntPry/Q2s9dhJdABnPgU9Y0Xvup
37ijOPqgaYneXC5P9TNpFwDIGCv1kXaZLyh10f5Hr5esm8bOQmPq7SoyP5Vcieb5
UjzJmK1ogkqed4HfxmL/rP8UjuwlakOiOrTwQ0ffDJWSYbSYmg1WYSVCsNMBQkeu
Yh0YjecESFBTH9ndvcikqyIBXTtXXYFClkOaf0U7OS4kxkp72bY2UncGU4SL6dQE
vPHCW9fqaL6A/mNkqIa+I8rPUhLeiF5T
-----END CERTIFICATE-----
Generated at Sun Dec 7 04:43:03 2025 by rpki-client