This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: kWU6bSjSCQfs/d6vqjpHfMQBWopjqUtJ2ivUqMIHCmI= Subject key identifier: 7D:64:4A:57:D2:AC:D5:92:0E:ED:E8:85:DC:6A:E4:58:62:BD:AB:F4 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 0865 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 0828 Signing time: Sat 24 Jan 2026 20:28:26 +0000 Manifest this update: Sat 24 Jan 2026 20:28:25 +0000 Manifest next update: Sat 31 Jan 2026 20:28:25 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: I9Od5SsVbXASIMz7bZt8lsN5fgk0UYzO0KlaKgNP62U=) 2: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: 4+YaEU8/WKlhoShMZ2jQANGth6P34fJaow29AZ/vK1g=) 3: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HBup3egCFQ+j4w8tn/YgKXDolvmk1GZOCKm/FjBELHI=) 4: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: TVq9O75Mk8dBtHdZIdf95FNbNlO+Xgr7jZqSFhUdSlc=) 5: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: xo4YbqiE7X/F67UsXOYb5uFnpLPpFvm6ZJLr7VXM8NU=) 6: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: KydrQv3Yet/a3HLO3h2lsIOeUoieRU/2J4jW34hxmG0=) 7: B512A570109211ECA693D74EC4F9AE02.roa (hash: x6M8DR+ao43yWMJcYfflaCD3HANg4LUaSOgGurV26Rc=) 8: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: WVXeC6AWS7dfqRcacJcoXn1KRTzKsuhGFEjOvtdw4gQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 31 Jan 2026 20:28:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2149 (0x865) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Jan 24 20:28:25 2026 GMT Not After : Jan 31 20:28:25 2026 GMT Subject: CN=69752b6a-4d79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b3:c8:7b:a2:4b:2d:a4:03:ab:d8:4f:cd:60: 76:1e:cd:3d:dd:ff:f6:29:a9:83:b7:f2:3a:26:85: b2:c1:c8:0a:7e:34:9e:dc:71:32:1e:4f:6f:14:a9: 60:ab:b4:75:5e:09:e1:13:b8:45:4f:4e:f4:ff:3f: c1:3b:4b:f6:34:a3:8d:17:18:3e:26:29:ea:7b:33: 38:0d:2c:25:82:cf:40:5e:77:98:5b:86:5b:84:8c: 98:d7:3b:c5:ef:d4:2b:9d:0c:4b:41:6a:1f:d4:c0: d5:e1:93:3b:26:54:f2:e9:c8:36:bc:16:1e:b1:f2: 0d:c7:f0:71:cd:af:e4:0a:7e:90:d3:bf:1d:cf:f0: ed:0c:5f:77:34:87:51:8c:34:aa:2f:3e:93:d4:d0: 0d:36:b8:08:aa:f3:47:b7:b9:e9:84:b8:ae:6b:6b: 5b:0d:5f:37:7b:bd:91:fd:74:aa:d9:7a:e4:e3:bc: 06:83:b7:d6:9f:d7:04:fb:0d:68:51:e5:62:7e:f8: ef:f2:fc:86:37:b5:dc:44:b3:9b:7a:6f:36:50:dc: 1c:d4:66:c8:f5:33:ee:0e:99:ff:58:ac:bc:de:76: f7:a4:69:99:b1:04:c9:8b:32:f6:97:39:39:a6:20: fa:d9:48:a0:b6:3b:45:14:5b:1f:8a:b6:49:8c:14: 1d:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:64:4A:57:D2:AC:D5:92:0E:ED:E8:85:DC:6A:E4:58:62:BD:AB:F4 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:95:e3:ab:cf:1c:f3:5a:1c:0b:cd:45:ee:de:25:66:9b:26: 86:69:bf:54:de:01:eb:07:8f:a7:e3:81:85:47:ed:bb:a3:be: d5:a5:f5:f7:8d:bf:9e:f7:48:67:2c:77:23:8c:76:2f:a2:be: bd:a3:0b:89:d0:03:dc:54:b0:2d:92:72:a5:ae:bf:2b:94:49: 5f:37:78:ff:78:84:70:83:4e:7e:fc:6b:e1:6e:d3:46:b0:e1: 84:3e:60:99:6b:4d:14:cb:82:4c:47:99:8c:be:7f:c7:7c:8f: 97:5d:21:e7:2b:e2:d3:a3:fc:25:5c:05:46:bd:79:3f:da:cb: 06:7c:22:21:86:37:61:62:a0:d3:93:f0:41:f8:68:06:99:8a: 03:35:ea:84:2c:be:c4:b5:d2:0f:45:06:44:fd:f3:f9:03:53: c1:16:8e:48:92:bd:f7:f0:3e:30:6a:b6:f8:34:bf:9f:a5:7b: e7:7b:40:d8:10:26:6e:e3:6e:50:b5:62:88:56:86:63:82:60: 6f:21:f4:16:f6:05:21:4c:d3:ee:e1:5a:ff:e1:85:c8:41:42: b8:26:71:ca:32:48:67:c6:3d:1e:86:17:98:18:1d:bc:1d:bc: c8:ab:58:aa:36:4a:84:20:17:d0:02:7b:c6:0f:29:c4:98:a4: f6:55:0a:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjYwMTI0MjAyODI1WhcNMjYwMTMxMjAyODI1WjAYMRYwFAYD VQQDDA02OTc1MmI2YS00ZDc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs7PIe6JLLaQDq9hPzWB2Hs093f/2KamDt/I6JoWywcgKfjSe3HEyHk9vFKlg q7R1XgnhE7hFT070/z/BO0v2NKONFxg+JinqezM4DSwlgs9AXneYW4ZbhIyY1zvF 79QrnQxLQWof1MDV4ZM7JlTy6cg2vBYesfINx/Bxza/kCn6Q078dz/DtDF93NIdR jDSqLz6T1NANNrgIqvNHt7nphLiua2tbDV83e72R/XSq2Xrk47wGg7fWn9cE+w1o UeVifvjv8vyGN7XcRLObem82UNwc1GbI9TPuDpn/WKy83nb3pGmZsQTJizL2lzk5 piD62UigtjtFFFsfirZJjBQdeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH1kSlfS rNWSDu3ohdxq5Fhivav0MB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdleOrzxzzWhwLzUXu3iVmmyaGab9U3gHrB4+n44GFR+27o77VpfX3 jb+e90hnLHcjjHYvor69owuJ0APcVLAtknKlrr8rlElfN3j/eIRwg05+/GvhbtNG sOGEPmCZa00Uy4JMR5mMvn/HfI+XXSHnK+LTo/wlXAVGvXk/2ssGfCIhhjdhYqDT k/BB+GgGmYoDNeqELL7EtdIPRQZE/fP5A1PBFo5Ikr338D4warb4NL+fpXvne0DY ECZu425QtWKIVoZjgmBvIfQW9gUhTNPu4Vr/4YXIQUK4JnHKMkhnxj0ehheYGB28 HbzIq1iqNkqEIBfQAnvGDynEmKT2VQqV -----END CERTIFICATE-----Generated at Sun Jan 25 14:12:51 2026 by rpki-client