This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft File: cgqmbzbBRgrUvDrGkvlltxdKWOA.mft (raw, json) Hash identifier: BF/7jWIPb7aUF3ngEc2u1Ovty/RNTETuPRBXXeI0saI= Subject key identifier: 3E:22:BA:4D:9F:17:DA:DE:92:22:7C:12:50:E6:86:4E:3E:9A:DE:E1 Authority key identifier: 72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 Certificate issuer: /CN=A91B4053/serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Certificate serial: 5C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft Manifest number: 5A Signing time: Sun 07 Dec 2025 05:14:35 +0000 Manifest this update: Sun 07 Dec 2025 05:14:35 +0000 Manifest next update: Sun 14 Dec 2025 05:14:35 +0000 Files and hashes: 1: cgqmbzbBRgrUvDrGkvlltxdKWOA.crl (hash: DMu5MZxGBA20NCfaMq/wUPlQG8TFK6y/nWQGKapG+cY=) 2: AC8BCC2E50E411F0B8E7D45DC4F9AE02.roa (hash: 6vL95HASIeMq5sE95QjJyODMvxYaOtsSaHmjFpdm+bI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Dec 2025 05:14:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 92 (0x5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4053, serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Validity Not Before: Dec 7 05:14:35 2025 GMT Not After : Dec 14 05:14:35 2025 GMT Subject: CN=69350d3b-16fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d2:56:6d:cc:d5:fa:f5:36:c2:a4:2b:12:4f: 83:a9:97:ad:88:f6:9a:85:9b:0f:53:b5:95:3a:21: 8f:d8:3a:bf:84:9d:e2:45:3a:ff:59:f7:48:28:ff: a2:c9:17:19:df:b9:4a:07:a3:2d:af:7f:57:7e:01: da:f0:55:50:d4:7d:9e:ba:9f:92:e6:29:5c:16:ea: aa:07:05:f2:8c:bc:3b:e0:01:d2:2b:4e:75:99:31: a4:fe:47:a6:0e:fd:27:2e:20:ad:fa:cf:57:b3:34: cb:47:70:84:d0:59:62:f8:70:14:05:b0:47:02:50: e3:a5:84:9e:d4:4a:9c:d1:83:93:6f:e5:de:f1:b2: d5:91:df:c7:78:9f:91:e2:2e:17:53:39:c4:bc:fe: f3:fd:c5:a9:ca:10:82:46:f9:5a:6d:d8:18:b9:a6: b7:07:f6:81:62:09:52:47:f6:0d:9a:c2:9c:9b:44: 1f:e4:c3:a4:6c:a4:be:bf:8b:e2:25:0a:48:9a:e4: 9b:6e:ea:d0:0d:a2:b8:e6:a3:d0:24:bd:ef:0c:ab: 3a:6d:d2:82:cc:f1:5f:f8:7d:72:53:e6:31:e2:64: f5:6b:6d:18:64:2e:eb:27:f9:8f:29:ea:8e:c1:a3: c0:c5:67:60:04:7f:a2:27:37:c2:9c:f2:2d:17:81: 55:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:22:BA:4D:9F:17:DA:DE:92:22:7C:12:50:E6:86:4E:3E:9A:DE:E1 X509v3 Authority Key Identifier: keyid:72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:0a:71:ce:44:7d:99:11:5c:e2:0e:a7:68:90:ff:d6:c1:26: ce:e9:be:fd:7b:01:69:aa:62:eb:08:c3:6f:42:13:4d:7b:f0: d9:84:23:19:a5:0b:59:38:34:ec:bf:98:5b:74:6a:64:c1:6e: d6:17:98:78:29:65:f7:44:58:dc:9e:00:73:c6:1d:3f:04:98: 05:e0:fd:f4:2c:e0:07:f5:1c:8c:93:bc:6d:7d:77:44:66:68: 64:a1:a2:a3:b9:d8:51:1e:22:2f:2e:77:e3:87:18:11:63:44: 28:2b:09:16:1f:1b:ef:25:0f:45:15:ba:cd:19:de:bb:17:4d: 69:f4:aa:3b:d1:6c:1f:2d:24:24:ea:c1:49:ef:d1:1f:12:ee: d3:61:18:9a:58:6a:d4:40:27:5d:6d:93:fa:cd:c9:e1:a6:7f: ba:33:af:17:9a:6f:76:a0:bf:70:f3:ec:10:59:e5:be:95:dd: 6f:f4:cf:74:b6:11:7e:66:d9:90:dd:d4:3d:ba:c1:f9:43:7c: ca:4b:ba:79:10:60:0f:f8:7e:8a:63:ad:7d:80:48:f2:cd:e3: 14:ec:49:75:47:66:d8:9c:a3:b0:4d:b3:e2:6b:fa:94:ac:c5: 54:42:10:cd:11:a7:7d:43:c9:50:6d:89:00:98:97:4d:2e:20: ce:62:81:8a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NDA1MzExMC8GA1UEBRMoNzIwQUE2NkYzNkMxNDYwQUQ0QkMzQUM2OTJGOTY1Qjcx NzRBNThFMDAeFw0yNTEyMDcwNTE0MzVaFw0yNTEyMTQwNTE0MzVaMBgxFjAUBgNV BAMTDTY5MzUwZDNiLTE2ZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDD0lZtzNX69TbCpCsST4Opl62I9pqFmw9TtZU6IY/YOr+EneJFOv9Z90go/6LJ FxnfuUoHoy2vf1d+AdrwVVDUfZ66n5LmKVwW6qoHBfKMvDvgAdIrTnWZMaT+R6YO /ScuIK36z1ezNMtHcITQWWL4cBQFsEcCUOOlhJ7USpzRg5Nv5d7xstWR38d4n5Hi LhdTOcS8/vP9xanKEIJG+Vpt2Bi5prcH9oFiCVJH9g2awpybRB/kw6RspL6/i+Il Ckia5Jtu6tANorjmo9Akve8Mqzpt0oLM8V/4fXJT5jHiZPVrbRhkLusn+Y8p6o7B o8DFZ2AEf6InN8Kc8i0XgVXvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPiK6TZ8X 2t6SInwSUOaGTj6a3uEwHwYDVR0jBBgwFoAUcgqmbzbBRgrUvDrGkvlltxdKWOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0MDUzLzM2NDBDQjk0NTBF MTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdyVXZEckdrdmxsdHhkS1dP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvY2dxbWJ6YkJSZ3JVdkRyR2t2bGx0eGRLV09BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0 MDUzLzM2NDBDQjk0NTBFMTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdy VXZEckdrdmxsdHhkS1dPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHEKcc5EfZkRXOIOp2iQ/9bBJs7pvv17AWmqYusIw29CE0178NmEIxml C1k4NOy/mFt0amTBbtYXmHgpZfdEWNyeAHPGHT8EmAXg/fQs4Af1HIyTvG19d0Rm aGShoqO52FEeIi8ud+OHGBFjRCgrCRYfG+8lD0UVus0Z3rsXTWn0qjvRbB8tJCTq wUnv0R8S7tNhGJpYatRAJ11tk/rNyeGmf7ozrxeab3agv3Dz7BBZ5b6V3W/0z3S2 EX5m2ZDd1D26wflDfMpLunkQYA/4fopjrX2ASPLN4xTsSXVHZtico7BNs+Jr+pSs xVRCEM0Rp31DyVBtiQCYl00uIM5igYo= -----END CERTIFICATE-----Generated at Mon Dec 8 07:12:36 2025 by rpki-client