This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft File: KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft (raw, json) Hash identifier: +mLQhAXWLUvt0/SQDPeWlgtx6KGC+Jkl4fVnlXwTPHk= Subject key identifier: 87:9B:70:E7:18:78:9A:61:2A:E4:02:5D:84:C1:97:BC:E0:FD:61:DE Authority key identifier: 28:1D:DA:09:71:75:C0:43:29:43:FD:E5:7C:A3:3D:28:E5:07:3B:C4 Certificate issuer: /CN=A91A7F56/serialNumber=281DDA097175C0432943FDE57CA33D28E5073BC4 Certificate serial: 0163 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft Manifest number: 0163 Signing time: Fri 05 Dec 2025 02:06:43 +0000 Manifest this update: Fri 05 Dec 2025 02:06:43 +0000 Manifest next update: Fri 12 Dec 2025 02:06:43 +0000 Files and hashes: 1: KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.crl (hash: zpekWQ0tejeAa2hft780s38cMJRBQEmLwviMf4FfS5Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.crl rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 02:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 355 (0x163) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7F56, serialNumber=281DDA097175C0432943FDE57CA33D28E5073BC4 Validity Not Before: Dec 5 02:06:43 2025 GMT Not After : Dec 12 02:06:43 2025 GMT Subject: CN=69323e33-5ba1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:cf:ae:bd:59:12:c8:e2:95:43:5a:e9:f5:ce: 1d:6e:19:8e:86:93:2f:77:6e:cc:73:3a:ad:41:2a: 6f:32:0a:1d:e1:94:25:fc:8e:7b:87:96:14:ac:25: 63:1a:0b:0a:7d:44:60:c0:6b:4b:9b:1b:50:20:64: 0e:4c:34:8b:cb:a8:74:15:c8:12:3a:56:de:69:27: 4f:db:5a:59:7b:57:b4:4c:7f:f1:ec:c3:b3:5a:de: e6:e3:8e:d5:a7:fc:73:ce:ee:21:43:4e:0d:d1:38: 0f:b4:f4:c1:fe:41:15:7e:6b:6a:e0:da:44:f5:41: b8:dd:e0:a8:5d:66:14:77:d0:54:77:1d:fd:9b:57: ca:01:d9:8d:ef:bf:1d:86:91:2d:7e:d8:10:2e:4d: f2:44:02:4a:b9:91:df:8e:1e:c8:2a:e0:28:3a:ad: cc:18:5a:af:62:71:df:6b:60:55:05:64:f9:ec:4d: 50:d7:9b:17:f3:4a:d6:ae:a0:e9:0d:91:95:e5:91: a3:32:e8:46:63:62:b8:7f:66:bd:22:12:5f:07:7d: 77:1a:b9:05:64:72:b1:b4:9f:7f:39:d8:be:15:f8: 8e:a7:c5:b7:2b:c7:d7:46:77:b0:bd:f5:af:64:1b: b9:22:92:3f:ab:32:15:01:74:27:2b:8b:c7:fa:26: e4:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:9B:70:E7:18:78:9A:61:2A:E4:02:5D:84:C1:97:BC:E0:FD:61:DE X509v3 Authority Key Identifier: keyid:28:1D:DA:09:71:75:C0:43:29:43:FD:E5:7C:A3:3D:28:E5:07:3B:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7F56/9E1C89A6ACCD11EE81069050C4F9AE02/KB3aCXF1wEMpQ_3lfKM9KOUHO8Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:9b:82:29:92:e2:d3:9d:34:de:9e:f7:c3:3b:af:84:e9:47: be:0a:df:15:39:be:91:58:ef:8c:68:ab:8e:db:33:ae:da:54: 9c:5e:bc:6a:01:2a:5c:ba:b2:a1:14:77:a7:40:d3:e3:25:5c: 9b:6b:43:6c:ad:a3:7d:44:c6:b6:16:80:e2:7d:12:61:d2:70: 74:52:fd:f3:27:9d:33:ba:14:d3:24:7d:93:86:7d:71:8d:2e: 5b:6e:f1:9e:d2:a1:64:43:e2:98:01:b7:77:27:1d:58:3a:4b: d5:ed:47:c1:cd:91:85:69:7e:47:59:f5:ed:11:12:95:58:09: df:ff:6e:06:df:81:2a:0b:0e:57:ff:ec:41:98:4f:c7:81:cd: b7:99:aa:45:1e:80:d1:43:b6:f0:a3:29:73:7b:a1:9f:82:6f: d7:3a:28:b9:93:ec:e9:90:b0:54:aa:5d:79:39:2f:64:c0:b5: 65:a9:b2:97:12:7a:d5:a7:d3:40:f5:be:56:e7:8a:ec:29:16: e3:89:25:f6:07:c5:12:42:3c:54:4c:a7:d3:8b:e9:97:e3:90: 43:ac:65:5f:be:bc:50:86:8b:92:8e:55:d5:7f:d3:16:e1:8d: 0c:a5:d5:fc:b9:7e:59:56:47:ee:0a:06:a2:2d:06:33:83:9f: d1:29:3d:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTdGNTYxMTAvBgNVBAUTKDI4MUREQTA5NzE3NUMwNDMyOTQzRkRFNTdDQTMzRDI4 RTUwNzNCQzQwHhcNMjUxMjA1MDIwNjQzWhcNMjUxMjEyMDIwNjQzWjAYMRYwFAYD VQQDEw02OTMyM2UzMy01YmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp8+uvVkSyOKVQ1rp9c4dbhmOhpMvd27MczqtQSpvMgod4ZQl/I57h5YUrCVj GgsKfURgwGtLmxtQIGQOTDSLy6h0FcgSOlbeaSdP21pZe1e0TH/x7MOzWt7m447V p/xzzu4hQ04N0TgPtPTB/kEVfmtq4NpE9UG43eCoXWYUd9BUdx39m1fKAdmN778d hpEtftgQLk3yRAJKuZHfjh7IKuAoOq3MGFqvYnHfa2BVBWT57E1Q15sX80rWrqDp DZGV5ZGjMuhGY2K4f2a9IhJfB313GrkFZHKxtJ9/Odi+FfiOp8W3K8fXRnewvfWv ZBu5IpI/qzIVAXQnK4vH+ibkfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIebcOcY eJphKuQCXYTBl7zg/WHeMB8GA1UdIwQYMBaAFCgd2glxdcBDKUP95XyjPSjlBzvE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0Y1Ni85RTFDODlBNkFD Q0QxMUVFODEwNjkwNTBDNEY5QUUwMi9LQjNhQ1hGMXdFTXBRXzNsZktNOUtPVUhP OFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tCM2FDWEYxd0VNcFFfM2xmS005S09VSE84US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB N0Y1Ni85RTFDODlBNkFDQ0QxMUVFODEwNjkwNTBDNEY5QUUwMi9LQjNhQ1hGMXdF TXBRXzNsZktNOUtPVUhPOFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEm4IpkuLTnTTenvfDO6+E6Ue+Ct8VOb6RWO+MaKuO2zOu2lScXrxq ASpcurKhFHenQNPjJVyba0NsraN9RMa2FoDifRJh0nB0Uv3zJ50zuhTTJH2Thn1x jS5bbvGe0qFkQ+KYAbd3Jx1YOkvV7UfBzZGFaX5HWfXtERKVWAnf/24G34EqCw5X /+xBmE/Hgc23mapFHoDRQ7bwoylze6Gfgm/XOii5k+zpkLBUql15OS9kwLVlqbKX EnrVp9NA9b5W54rsKRbjiSX2B8USQjxUTKfTi+mX45BDrGVfvrxQhouSjlXVf9MW 4Y0MpdX8uX5ZVkfuCgaiLQYzg5/RKT2s -----END CERTIFICATE-----Generated at Sun Dec 7 00:03:42 2025 by rpki-client