This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft File: htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft (raw, json) Hash identifier: H4vsoIIEGn9wFl3DScD+q3KtBmWyOZhJuaiM9JxSwuQ= Subject key identifier: 89:2A:8C:C8:20:6C:F3:0C:28:22:86:36:87:87:94:C4:C1:0B:6B:5B Authority key identifier: 86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D Certificate issuer: /CN=A91A99C5/serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Certificate serial: 4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft Manifest number: 4C Signing time: Fri 05 Dec 2025 05:09:09 +0000 Manifest this update: Fri 05 Dec 2025 05:09:09 +0000 Manifest next update: Fri 12 Dec 2025 05:09:09 +0000 Files and hashes: 1: htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl (hash: tIqtSoQvRq6QWdBjEfbXVpCYLC9O7c3OUDt9azJBARg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 05:09:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76 (0x4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A99C5, serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Validity Not Before: Dec 5 05:09:09 2025 GMT Not After : Dec 12 05:09:09 2025 GMT Subject: CN=693268f5-a7a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:19:92:45:47:c1:da:90:78:a0:b5:e3:2e:ec: 7c:ca:9a:29:44:08:28:2d:bc:77:fa:5c:be:56:17: 76:4d:47:61:34:ad:ac:56:39:cc:b9:64:d4:89:b5: 70:ff:10:25:72:59:f3:28:32:d8:09:98:b6:92:f0: 9b:9d:a7:e5:cf:64:e0:46:de:a0:84:5b:03:0d:4d: f1:da:2f:1f:cc:c8:8d:be:ef:f2:d0:88:d8:dc:16: 39:e3:92:5f:9f:24:66:1b:7f:12:56:55:81:af:c3: fc:80:a7:df:7d:fd:6e:c2:5d:62:8b:0f:bc:62:ba: e4:ee:66:52:e0:d5:49:17:5a:5a:fc:11:10:a7:19: 7e:de:aa:ee:8e:f5:f1:82:9b:d0:2b:8a:bc:36:36: 80:b4:14:34:f9:94:02:30:9b:10:1a:da:1c:ed:d4: b9:b8:8b:34:9f:10:54:d8:40:24:d7:70:fb:62:9a: 87:15:39:99:32:b4:0b:20:d1:c2:8e:39:e7:6f:d4: aa:e2:5f:35:ad:25:af:b3:ae:70:c2:82:f4:42:39: 08:95:ed:c5:8d:fe:09:64:67:5f:44:09:30:fb:ef: d3:0b:29:b8:90:e1:53:b0:07:a1:ef:e3:31:99:92: aa:7f:f2:cb:1d:35:94:6c:62:42:47:24:eb:79:94: b6:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:2A:8C:C8:20:6C:F3:0C:28:22:86:36:87:87:94:C4:C1:0B:6B:5B X509v3 Authority Key Identifier: keyid:86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:15:0a:fe:de:9c:c5:e5:89:84:ee:05:2b:eb:32:5d:f6:9c: d2:f7:38:06:14:b1:1b:09:2b:a0:d5:8b:7c:1b:c7:62:75:17: 0f:b2:bc:62:87:93:82:a3:8a:df:27:52:87:63:0a:45:7c:b3: 83:2d:fc:ed:c8:23:78:9a:4f:59:58:25:fd:36:57:8a:82:a8: b9:6c:ad:97:ec:74:78:29:fd:d1:d5:08:65:73:61:0a:20:65: 02:92:b8:53:15:07:ee:26:9a:65:cb:0b:6c:42:a5:64:c1:2e: d3:93:23:26:15:70:b4:04:b2:23:f8:9e:df:bf:45:d6:89:b6: d9:e2:8b:5e:cf:24:0d:c6:ee:c6:7d:93:cc:21:4e:9b:7d:02: 76:2b:f9:b0:82:4f:f5:c7:f1:eb:73:b8:c8:51:b4:3e:63:e9: 68:c0:5a:a0:25:8b:74:49:09:6a:01:53:74:37:a1:e2:25:02: 33:4b:4a:6f:88:0b:48:6c:ae:fa:b6:ad:65:7e:24:25:a2:bb: 6d:76:e3:52:b9:e0:08:02:06:00:04:31:1f:cf:9d:f4:29:df: 43:45:f3:84:58:45:c0:26:25:aa:1e:bf:2a:91:09:73:f5:8f: db:95:2d:b8:df:b2:68:d7:77:23:1c:43:e6:a2:68:08:ed:40: 4a:82:8e:64 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB OTlDNTExMC8GA1UEBRMoODZEOTVGNDFFRDE5ODFGQThEMEI1OTA4RDY0NDQ2NTEw RTZFQUM3RDAeFw0yNTEyMDUwNTA5MDlaFw0yNTEyMTIwNTA5MDlaMBgxFjAUBgNV BAMTDTY5MzI2OGY1LWE3YTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzGZJFR8HakHigteMu7HzKmilECCgtvHf6XL5WF3ZNR2E0raxWOcy5ZNSJtXD/ ECVyWfMoMtgJmLaS8Judp+XPZOBG3qCEWwMNTfHaLx/MyI2+7/LQiNjcFjnjkl+f JGYbfxJWVYGvw/yAp999/W7CXWKLD7xiuuTuZlLg1UkXWlr8ERCnGX7equ6O9fGC m9Arirw2NoC0FDT5lAIwmxAa2hzt1Lm4izSfEFTYQCTXcPtimocVOZkytAsg0cKO Oedv1KriXzWtJa+zrnDCgvRCOQiV7cWN/glkZ19ECTD779MLKbiQ4VOwB6Hv4zGZ kqp/8ssdNZRsYkJHJOt5lLY9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUiSqMyCBs 8wwoIoY2h4eUxMELa1swHwYDVR0jBBgwFoAUhtlfQe0ZgfqNC1kI1kRGUQ5urH0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OUM1LzA2MDNFNUJFNURC QzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2ZxTkMxa0kxa1JHVVE1dXJI MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaHRsZlFlMFpnZnFOQzFrSTFrUkdVUTV1ckgwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5 OUM1LzA2MDNFNUJFNURCQzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2Zx TkMxa0kxa1JHVVE1dXJIMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADsVCv7enMXliYTuBSvrMl32nNL3OAYUsRsJK6DVi3wbx2J1Fw+yvGKH k4Kjit8nUodjCkV8s4Mt/O3II3iaT1lYJf02V4qCqLlsrZfsdHgp/dHVCGVzYQog ZQKSuFMVB+4mmmXLC2xCpWTBLtOTIyYVcLQEsiP4nt+/RdaJttnii17PJA3G7sZ9 k8whTpt9AnYr+bCCT/XH8etzuMhRtD5j6WjAWqAli3RJCWoBU3Q3oeIlAjNLSm+I C0hsrvq2rWV+JCWiu21241K54AgCBgAEMR/PnfQp30NF84RYRcAmJaoevyqRCXP1 j9uVLbjfsmjXdyMcQ+aiaAjtQEqCjmQ= -----END CERTIFICATE-----Generated at Sat Dec 6 19:38:42 2025 by rpki-client