This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft File: 3COmnqHvwaN5SSwT6awUfEn1rQQ.mft (raw, json) Hash identifier: PoszqEU1PE4UuXOqUD7hWcRcOE/WGsjHe+0u7d4nXdo= Subject key identifier: 9F:19:8A:89:BB:DE:11:09:02:26:35:D8:1F:72:8C:F1:49:48:31:C1 Authority key identifier: DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 Certificate issuer: /CN=A91BB4C2/serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Certificate serial: 0241 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft Manifest number: 0212 Signing time: Sun 21 Dec 2025 01:58:10 +0000 Manifest this update: Sun 21 Dec 2025 01:58:09 +0000 Manifest next update: Sun 28 Dec 2025 01:58:09 +0000 Files and hashes: 1: 3COmnqHvwaN5SSwT6awUfEn1rQQ.crl (hash: tIQkMthaYv3eCadEsgyiGN/xjnkwnPQ4FlCeXDFSwKU=) 2: CBF7E2CE2D3611EEA81A490BC4F9AE02.roa (hash: 4yj8sZR6Z/FxcvXrPscntmMUZkXTFX7XG+1HhFVkn+I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 01:58:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 577 (0x241) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB4C2, serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Validity Not Before: Dec 21 01:58:09 2025 GMT Not After : Dec 28 01:58:09 2025 GMT Subject: CN=69475432-6296 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:1c:2f:75:61:b0:49:2e:d3:12:51:c4:54:66: 30:74:26:b8:71:7b:98:0a:52:47:f9:e5:ee:b7:7b: fc:d7:73:28:ff:62:04:e1:0b:fe:28:4e:d4:28:12: 03:a0:1e:03:0e:b2:83:04:17:e6:04:7a:c4:bf:a1: 70:f8:86:56:b5:45:fd:63:29:95:b9:19:9e:1e:4c: 61:31:94:a1:cf:38:19:95:74:20:c4:db:66:71:d1: 02:c7:c5:7e:d1:09:c8:e6:0c:39:fb:14:6d:9e:42: a8:e3:13:e0:09:77:25:b8:05:bf:f3:76:e3:f9:4c: be:d0:7d:ba:02:4b:64:4c:bb:c8:9f:10:85:38:b2: 1c:47:dd:8d:8c:51:ab:b2:8d:99:4c:2b:15:72:9c: 60:dc:1b:2e:ba:d3:f7:ec:c3:94:b9:3d:ed:71:8f: ba:d6:7f:a1:da:7e:6b:d0:5c:0a:94:89:b3:c2:a5: 13:ea:eb:07:64:fe:f8:b2:e5:9c:df:7b:3e:b3:51: c7:e3:de:66:1b:e0:d4:5d:60:fb:c1:01:c1:77:75: 90:4d:c1:24:ad:58:cb:bd:3f:cf:5e:6e:3b:bc:3d: 16:9d:0e:cd:df:3c:08:c4:bd:9a:7f:a0:2c:0a:69: 7c:c0:93:c6:59:a2:f6:a0:67:a0:56:61:14:cc:d5: b5:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:19:8A:89:BB:DE:11:09:02:26:35:D8:1F:72:8C:F1:49:48:31:C1 X509v3 Authority Key Identifier: keyid:DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:ec:eb:43:d6:5a:52:f2:78:ce:a1:5f:e9:97:5d:aa:c8:98: 0e:cc:0a:b3:37:9f:5d:17:7a:6a:37:2c:36:fa:60:c4:e7:e7: c4:5a:a9:5a:74:86:fd:7c:9e:80:9c:2a:15:db:e7:be:a1:ac: aa:d4:27:43:12:34:6e:a5:fe:07:55:38:d1:e3:98:9c:42:b0: ad:fa:cd:2b:ea:f7:2a:2e:91:d8:f5:2d:ea:ca:24:39:9d:c1: 75:26:99:6f:3e:01:ab:8b:6c:6e:8a:90:ee:85:20:2f:e3:7d: 11:08:54:7b:bf:aa:11:5f:7b:34:9d:05:d2:2c:9b:71:cd:81: 41:94:b0:4d:03:17:66:dc:33:ef:ef:d8:ed:d7:7a:9c:71:10: 78:e5:04:71:85:83:8d:55:ca:fe:5a:55:33:22:2d:a0:b2:68: fa:e9:7b:0e:53:f9:d7:58:01:19:4a:c4:86:49:5f:44:54:54: e7:95:0b:49:c1:68:8d:52:ca:24:09:cc:ad:9f:40:5b:4b:a1: 76:c0:e8:1b:ca:5d:87:3a:99:c1:58:fc:e9:e6:9a:2c:93:cb: ce:a5:ea:ed:f8:92:23:a6:db:ac:35:7f:c5:fe:44:b6:39:62: f2:3a:34:14:40:7f:36:fb:f0:b6:c1:d6:54:f8:c6:c9:b1:8a: c1:77:19:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0QzIxMTAvBgNVBAUTKERDMjNBNjlFQTFFRkMxQTM3OTQ5MkMxM0U5QUMxNDdD NDlGNUFEMDQwHhcNMjUxMjIxMDE1ODA5WhcNMjUxMjI4MDE1ODA5WjAYMRYwFAYD VQQDDA02OTQ3NTQzMi02Mjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0hwvdWGwSS7TElHEVGYwdCa4cXuYClJH+eXut3v813Mo/2IE4Qv+KE7UKBID oB4DDrKDBBfmBHrEv6Fw+IZWtUX9YymVuRmeHkxhMZShzzgZlXQgxNtmcdECx8V+ 0QnI5gw5+xRtnkKo4xPgCXcluAW/83bj+Uy+0H26AktkTLvInxCFOLIcR92NjFGr so2ZTCsVcpxg3BsuutP37MOUuT3tcY+61n+h2n5r0FwKlImzwqUT6usHZP74suWc 33s+s1HH495mG+DUXWD7wQHBd3WQTcEkrVjLvT/PXm47vD0WnQ7N3zwIxL2af6As Cml8wJPGWaL2oGegVmEUzNW1xQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ8Ziom7 3hEJAiY12B9yjPFJSDHBMB8GA1UdIwQYMBaAFNwjpp6h78GjeUksE+msFHxJ9a0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjRDMi9CMTdFOTVENjAz NzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndhTjVTU3dUNmF3VWZFbjFy UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNDT21ucUh2d2FONVNTd1Q2YXdVZkVuMXJRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjRDMi9CMTdFOTVENjAzNzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndh TjVTU3dUNmF3VWZFbjFyUVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAW7OtD1lpS8njOoV/pl12qyJgOzAqzN59dF3pqNyw2+mDE5+fEWqla dIb9fJ6AnCoV2+e+oayq1CdDEjRupf4HVTjR45icQrCt+s0r6vcqLpHY9S3qyiQ5 ncF1JplvPgGri2xuipDuhSAv430RCFR7v6oRX3s0nQXSLJtxzYFBlLBNAxdm3DPv 79jt13qccRB45QRxhYONVcr+WlUzIi2gsmj66XsOU/nXWAEZSsSGSV9EVFTnlQtJ wWiNUsokCcytn0BbS6F2wOgbyl2HOpnBWPzp5posk8vOpert+JIjptusNX/F/kS2 OWLyOjQUQH82+/C2wdZU+MbJsYrBdxm4 -----END CERTIFICATE-----Generated at Sun Dec 21 22:05:43 2025 by rpki-client