This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft File: KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft (raw, json) Hash identifier: PNsOYWXlC+nmsVpmHWOdSZNxDJhpN0k64k7Qry2aeRk= Subject key identifier: C8:C4:0C:12:FB:ED:4B:AD:9D:B4:E9:CE:D0:E8:BA:28:56:44:D6:D7 Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Certificate serial: 02CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft Manifest number: 02C1 Signing time: Sun 21 Dec 2025 00:40:23 +0000 Manifest this update: Sun 21 Dec 2025 00:40:22 +0000 Manifest next update: Sun 28 Dec 2025 00:40:22 +0000 Files and hashes: 1: KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl (hash: xhdPyZV2Xt7dskABehbDP2DI6uE8yirF/iwdgxtP1Jk=) 2: 6C83604E1E2711EDAA33DF76C4F9AE02.roa (hash: wYfrxBgpnREsPiR0qsIaHokVToTMzCIKH0+74g0LVvA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 22:14:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 718 (0x2ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7897, serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Validity Not Before: Dec 21 00:40:22 2025 GMT Not After : Dec 28 00:40:22 2025 GMT Subject: CN=694741f7-14f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:42:58:b6:98:b8:a6:75:9a:21:b8:27:03:62: 54:36:66:91:ef:04:ea:25:f0:aa:dc:d6:96:1a:b4: 2d:74:22:d3:8b:df:63:35:91:c6:f4:9a:df:77:34: 3c:f3:62:a5:e8:23:bb:9f:ac:2e:3a:8c:4a:26:fd: fc:27:f6:09:6f:3d:8e:0a:8d:1c:a7:86:a0:a6:71: b2:1a:9a:48:75:52:35:30:a0:88:97:97:8b:6e:59: 2f:9a:e6:34:a5:8c:8c:4c:33:08:31:58:b0:d4:cc: 93:e5:9a:21:6f:3d:5b:a0:fb:6d:31:fb:08:fc:f9: 03:41:2f:08:2f:30:65:cb:c6:12:8e:7c:34:37:9f: 79:68:c6:6d:e4:65:ee:ae:a6:aa:d4:a0:a7:c9:1f: cc:cb:85:0e:2a:74:b9:00:35:1c:ab:b6:a0:87:73: 2e:af:c7:2f:97:56:49:c7:10:eb:47:2e:9f:60:c0: 55:ec:a3:99:40:64:f9:58:f1:81:5d:d1:19:ae:9a: a1:66:92:c6:b4:aa:16:a2:08:03:b5:2b:cc:df:96: 2a:29:3f:d0:ac:a2:c3:7e:57:00:7b:df:dc:77:5f: 8b:07:49:4c:fd:d9:a3:51:a3:22:a3:f3:ba:f1:49: f6:56:e2:59:fe:c7:06:01:c5:25:87:55:75:05:3b: 4b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:C4:0C:12:FB:ED:4B:AD:9D:B4:E9:CE:D0:E8:BA:28:56:44:D6:D7 X509v3 Authority Key Identifier: keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:ff:b0:32:46:1d:31:b5:5c:1e:a8:78:79:da:fd:0a:e1:47: d3:2a:ce:f5:8a:22:a3:12:2d:1e:e8:9a:34:aa:59:01:4a:5e: 31:c0:67:0b:a8:ee:76:27:ae:69:b6:d6:70:6c:a5:aa:3b:4f: 82:0d:ad:6c:ff:80:09:b3:ba:0d:f3:db:c3:6e:f1:09:83:a9: 78:ff:17:cf:db:af:4c:8d:ca:70:43:28:c2:fa:f3:a6:e7:7d: 9c:08:91:3c:aa:41:d7:73:1e:4f:62:50:6f:71:cf:f9:1a:ab: 69:b6:a7:a7:4c:54:2c:7d:40:70:97:78:7f:2f:40:ae:aa:b5: 0b:57:a8:43:a6:71:4b:e9:09:62:e6:b5:0a:a9:3f:6a:2b:ea: 67:da:79:d3:e4:c4:18:20:c5:b7:cf:54:74:9c:fe:3f:5f:b3: 30:a8:60:74:9c:3c:6d:c0:25:ba:d2:b7:c3:6c:27:8f:fe:2a: e7:c5:70:c5:57:f2:76:09:ff:38:d3:1f:b4:85:39:2f:83:e2: a6:c2:ae:74:46:4a:9f:ad:ac:46:b9:71:fb:d8:8a:e8:cc:22: 13:bb:a2:6a:ff:1e:99:9d:c0:ea:ee:3b:df:12:c3:8c:f7:e3: 56:95:2f:6e:46:8e:cc:49:8f:eb:4f:85:db:5c:bb:e9:2e:b8: 48:aa:58:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc4OTcxMTAvBgNVBAUTKDJBQTI3ODk0NEI0MTBGQTJDODNCN0MyQUYzMkM2NkFG QTIwQzEyN0IwHhcNMjUxMjIxMDA0MDIyWhcNMjUxMjI4MDA0MDIyWjAYMRYwFAYD VQQDDA02OTQ3NDFmNy0xNGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqUJYtpi4pnWaIbgnA2JUNmaR7wTqJfCq3NaWGrQtdCLTi99jNZHG9JrfdzQ8 82Kl6CO7n6wuOoxKJv38J/YJbz2OCo0cp4agpnGyGppIdVI1MKCIl5eLblkvmuY0 pYyMTDMIMViw1MyT5Zohbz1boPttMfsI/PkDQS8ILzBly8YSjnw0N595aMZt5GXu rqaq1KCnyR/My4UOKnS5ADUcq7agh3Mur8cvl1ZJxxDrRy6fYMBV7KOZQGT5WPGB XdEZrpqhZpLGtKoWoggDtSvM35YqKT/QrKLDflcAe9/cd1+LB0lM/dmjUaMio/O6 8Un2VuJZ/scGAcUlh1V1BTtLJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMjEDBL7 7UutnbTpztDouihWRNbXMB8GA1UdIwQYMBaAFCqieJRLQQ+iyDt8KvMsZq+iDBJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzg5Ny9CNkM1OTQxQzFE MzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2TElPM3dxOHl4bXI2SU1F bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2 TElPM3dxOHl4bXI2SU1FbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCa/7AyRh0xtVweqHh52v0K4UfTKs71iiKjEi0e6Jo0qlkBSl4xwGcL qO52J65pttZwbKWqO0+CDa1s/4AJs7oN89vDbvEJg6l4/xfP269MjcpwQyjC+vOm 532cCJE8qkHXcx5PYlBvcc/5GqtptqenTFQsfUBwl3h/L0CuqrULV6hDpnFL6Qli 5rUKqT9qK+pn2nnT5MQYIMW3z1R0nP4/X7MwqGB0nDxtwCW60rfDbCeP/irnxXDF V/J2Cf840x+0hTkvg+Kmwq50RkqfraxGuXH72IrozCITu6Jq/x6ZncDq7jvfEsOM 9+NWlS9uRo7MSY/rT4XbXLvpLrhIqli2 -----END CERTIFICATE-----Generated at Sun Dec 21 03:56:17 2025 by rpki-client