This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft File: lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft (raw, json) Hash identifier: KGpVWclmHQvsexccEQXNbigXGBMB7f2ac5cVoohOc2c= Subject key identifier: 6F:56:F8:28:77:34:86:4A:20:F2:42:D8:EB:61:00:1E:C0:06:34:E0 Authority key identifier: 96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2 Certificate issuer: /CN=A91A58AA/serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2 Certificate serial: 71 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft Manifest number: 71 Signing time: Fri 05 Dec 2025 04:46:26 +0000 Manifest this update: Fri 05 Dec 2025 04:46:26 +0000 Manifest next update: Fri 12 Dec 2025 04:46:26 +0000 Files and hashes: 1: lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl (hash: tsVP5L/Bbs80ZuU6uETCBVStz5AY8hrrYhjjqZq1d6s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 04:46:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A58AA, serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2 Validity Not Before: Dec 5 04:46:26 2025 GMT Not After : Dec 12 04:46:26 2025 GMT Subject: CN=693263a2-88d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a0:aa:1f:04:34:96:90:b2:7d:fa:d0:a7:c5: 4e:9d:d1:d6:31:e1:40:7e:e0:ad:a8:8b:2f:25:69: 5a:4b:2e:cf:b9:57:f2:c0:b6:6d:40:d6:a1:18:4c: cd:76:63:0b:0b:df:90:eb:69:03:a1:b2:f0:66:27: 1b:b0:ad:52:5e:86:74:50:c3:f3:96:a9:01:17:c9: d1:1f:fb:09:5e:a0:5a:e5:87:30:2c:4a:d2:79:e5: 29:18:6c:f5:38:da:b4:ce:01:86:12:95:12:4f:f1: fe:47:ca:09:87:b0:46:e1:d1:10:c8:f2:9c:e8:b3: 22:7e:79:20:ae:c7:7f:2a:19:59:f3:e6:18:3f:35: 90:b6:e3:8c:46:80:bb:02:ea:0f:35:07:e7:1c:23: f5:57:74:10:d1:86:4a:35:2c:40:84:ae:c8:1a:13: a2:26:41:cb:23:2b:11:61:c4:c4:9f:07:4d:f4:65: 08:7f:b3:c3:9e:9f:47:9e:c9:51:d8:a7:76:55:86: bd:8e:c3:eb:90:65:7b:6b:35:d2:32:af:bd:10:87: 21:cb:b9:15:ec:cc:df:31:4e:1d:be:bf:1e:20:4e: 99:7e:dd:97:f8:a3:2f:ec:b3:95:80:c8:0d:08:8f: 73:56:75:58:69:53:66:65:17:1f:40:f4:0c:8e:72: 09:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:56:F8:28:77:34:86:4A:20:F2:42:D8:EB:61:00:1E:C0:06:34:E0 X509v3 Authority Key Identifier: keyid:96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:31:f4:58:bb:41:1e:43:0a:6c:ce:84:fe:fc:2e:e9:d5:fc: 1b:14:31:f2:6f:c1:6a:25:e4:2f:98:42:c3:f3:9c:c0:bb:b6: 86:a9:75:9b:8e:42:27:56:64:bc:0c:de:70:8c:46:c6:be:8e: a9:65:c6:2d:ac:44:63:10:b6:ef:cb:0e:fd:c4:0d:6c:69:3d: 6c:2a:c7:6a:fa:db:06:7a:c9:b6:d0:45:d9:4f:c1:48:bd:b5: 55:5f:b3:40:95:5b:51:61:de:c2:d3:c0:e0:ab:97:7f:c3:03: 97:1c:de:c9:d0:db:20:5f:bc:eb:54:02:5f:f0:ce:25:88:de: 4d:67:58:b0:14:72:70:80:49:81:d1:63:df:c4:bb:a2:cb:23: f5:41:d4:b0:e0:99:09:e6:48:4a:a1:10:04:1e:c9:7d:1b:76: c5:f7:90:ca:55:d6:7a:26:f6:df:25:28:e2:c8:8c:d8:78:9a: 70:bd:5c:d6:84:da:d0:17:ca:75:62:12:b3:83:aa:e9:6b:6a: 37:f5:ae:8f:8e:3f:f0:2f:97:da:f0:8a:4d:00:fa:be:b9:ad: e7:30:86:1b:21:a3:94:67:a4:52:df:f8:b1:50:31:93:58:c5: 31:4c:26:c9:59:77:c3:44:19:1e:a2:94:71:7b:3f:dc:70:00: 13:6f:b8:66 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NThBQTExMC8GA1UEBRMoOTY3M0I1Q0NGMEE4RUE1Q0U0MUEyRTQ3NjMxMUYzNzVD RDgzQzBEMjAeFw0yNTEyMDUwNDQ2MjZaFw0yNTEyMTIwNDQ2MjZaMBgxFjAUBgNV BAMTDTY5MzI2M2EyLTg4ZDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCroKofBDSWkLJ9+tCnxU6d0dYx4UB+4K2oiy8laVpLLs+5V/LAtm1A1qEYTM12 YwsL35DraQOhsvBmJxuwrVJehnRQw/OWqQEXydEf+wleoFrlhzAsStJ55SkYbPU4 2rTOAYYSlRJP8f5HygmHsEbh0RDI8pzosyJ+eSCux38qGVnz5hg/NZC244xGgLsC 6g81B+ccI/VXdBDRhko1LECErsgaE6ImQcsjKxFhxMSfB030ZQh/s8Oen0eeyVHY p3ZVhr2Ow+uQZXtrNdIyr70QhyHLuRXszN8xTh2+vx4gTpl+3Zf4oy/ss5WAyA0I j3NWdVhpU2ZlFx9A9AyOcgntAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUb1b4KHc0 hkog8kLY62EAHsAGNOAwHwYDVR0jBBgwFoAUlnO1zPCo6lzkGi5HYxHzdc2DwNIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1OEFBL0MxOTM5Q0U2MjQw MjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENvNmx6a0dpNUhZeEh6ZGMyRHdO SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbG5PMXpQQ282bHprR2k1SFl4SHpkYzJEd05JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1 OEFBL0MxOTM5Q0U2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENvNmx6 a0dpNUhZeEh6ZGMyRHdOSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJ0x9Fi7QR5DCmzOhP78LunV/BsUMfJvwWol5C+YQsPznMC7toapdZuO QidWZLwM3nCMRsa+jqllxi2sRGMQtu/LDv3EDWxpPWwqx2r62wZ6ybbQRdlPwUi9 tVVfs0CVW1Fh3sLTwOCrl3/DA5cc3snQ2yBfvOtUAl/wziWI3k1nWLAUcnCASYHR Y9/Eu6LLI/VB1LDgmQnmSEqhEAQeyX0bdsX3kMpV1nom9t8lKOLIjNh4mnC9XNaE 2tAXynViErODqulrajf1ro+OP/Avl9rwik0A+r65recwhhsho5RnpFLf+LFQMZNY xTFMJslZd8NEGR6ilHF7P9xwABNvuGY= -----END CERTIFICATE-----Generated at Sat Dec 6 23:01:05 2025 by rpki-client