This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft File: 3COmnqHvwaN5SSwT6awUfEn1rQQ.mft (raw, json) Hash identifier: gKfHrXCpC2uShMXZO6VeI4I3LQWBelCpy4E0sx6H45c= Subject key identifier: F2:B1:ED:49:8B:2F:10:C2:90:68:F9:53:08:D8:D2:FC:E6:7F:4C:C8 Authority key identifier: DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 Certificate issuer: /CN=A91BB4C2/serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Certificate serial: 0239 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft Manifest number: 020A Signing time: Fri 05 Dec 2025 01:04:18 +0000 Manifest this update: Fri 05 Dec 2025 01:04:17 +0000 Manifest next update: Fri 12 Dec 2025 01:04:17 +0000 Files and hashes: 1: 3COmnqHvwaN5SSwT6awUfEn1rQQ.crl (hash: og13twg8weIpcBAqdsW/sEl6DfJMZK8188W8mE/37WY=) 2: CBF7E2CE2D3611EEA81A490BC4F9AE02.roa (hash: 4yj8sZR6Z/FxcvXrPscntmMUZkXTFX7XG+1HhFVkn+I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 01:04:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 569 (0x239) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB4C2, serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Validity Not Before: Dec 5 01:04:17 2025 GMT Not After : Dec 12 01:04:17 2025 GMT Subject: CN=69322f92-b315 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d2:7f:80:8f:c3:20:3e:a8:23:34:13:05:e1: 88:9b:34:bc:01:d9:ae:2d:f1:90:24:3d:4e:e8:45: df:c4:8a:d7:cf:0b:a3:05:97:61:6a:bc:bc:e2:18: 02:6a:5d:86:84:5c:f1:1c:cf:69:cd:40:34:0b:bc: b3:c7:85:79:82:8c:d4:3b:aa:d8:c1:91:de:32:a4: 47:0b:98:a6:be:85:2c:6b:9c:c7:a0:5a:ea:b8:f1: b6:c1:f7:4a:d6:fa:ef:9d:8e:10:b5:45:6f:f8:87: dc:53:62:e6:5e:0f:eb:37:cf:e7:87:a1:9d:59:a2: 36:20:ee:ee:00:fd:54:f3:ee:ea:a1:fb:7b:07:15: 6a:9c:46:8e:6d:12:30:25:c1:13:70:09:40:bc:d7: 4e:86:e6:e1:9f:24:33:d9:3b:37:9a:f9:4f:05:4e: 8e:54:f5:b3:bf:eb:99:ae:00:02:b1:b0:f1:24:e5: ad:ac:55:63:80:64:44:54:1a:2e:80:04:06:59:8e: 3e:70:dd:df:22:b8:22:77:77:f9:6b:5c:dc:c0:62: c4:e4:a9:1b:e5:34:e6:30:9e:1f:d1:f9:98:c9:8a: 27:a1:95:80:8c:6c:0e:dc:b4:cb:b9:71:5c:c8:2d: 17:b4:5f:77:ef:eb:d9:75:40:f3:ff:f2:39:83:73: 0c:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:B1:ED:49:8B:2F:10:C2:90:68:F9:53:08:D8:D2:FC:E6:7F:4C:C8 X509v3 Authority Key Identifier: keyid:DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:a2:f5:53:0c:8f:5f:8f:79:ca:2c:08:d4:ed:43:0e:d9:d5: 5d:15:a0:6c:29:8c:9f:53:88:cd:b5:62:db:50:9c:c2:b8:43: 00:7a:0e:2d:7a:eb:07:3d:3b:23:e3:d5:ec:22:57:04:02:62: 3d:e6:f5:a6:13:e7:3a:b0:1a:72:55:fd:f3:a0:13:8c:5c:e5: f5:bd:d1:00:28:ba:c2:02:50:fb:31:9d:2b:28:a4:75:f3:e3: ba:d2:71:32:f6:35:9e:7a:ab:da:8c:3d:62:3f:68:77:a4:2f: a2:af:cc:5a:5b:9e:e6:e8:d0:b1:8b:87:95:94:f8:37:82:b1: 9f:f7:57:5b:aa:ab:c7:5a:7a:d7:c6:05:0d:21:ac:06:df:68: c6:fe:5b:ca:71:c3:d6:24:b7:2c:ad:85:d9:c2:88:96:97:c1: 3f:8e:17:ab:a2:4d:27:1d:fc:02:42:34:48:6e:97:01:c5:32: 62:ef:bf:af:e5:cd:40:30:50:29:7c:25:67:f7:3d:5c:7c:e0: 37:e9:c0:fa:6e:a1:65:c1:2f:0b:fc:ba:e7:60:92:f6:52:3f: df:93:cd:1b:fb:05:cf:a8:15:80:fe:88:54:a3:32:f9:93:dd: e8:80:db:c2:0a:2a:ac:02:f8:03:49:28:f3:43:76:60:6e:00: f9:27:b9:2f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0QzIxMTAvBgNVBAUTKERDMjNBNjlFQTFFRkMxQTM3OTQ5MkMxM0U5QUMxNDdD NDlGNUFEMDQwHhcNMjUxMjA1MDEwNDE3WhcNMjUxMjEyMDEwNDE3WjAYMRYwFAYD VQQDEw02OTMyMmY5Mi1iMzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtNJ/gI/DID6oIzQTBeGImzS8AdmuLfGQJD1O6EXfxIrXzwujBZdhary84hgC al2GhFzxHM9pzUA0C7yzx4V5gozUO6rYwZHeMqRHC5imvoUsa5zHoFrquPG2wfdK 1vrvnY4QtUVv+IfcU2LmXg/rN8/nh6GdWaI2IO7uAP1U8+7qoft7BxVqnEaObRIw JcETcAlAvNdOhubhnyQz2Ts3mvlPBU6OVPWzv+uZrgACsbDxJOWtrFVjgGREVBou gAQGWY4+cN3fIrgid3f5a1zcwGLE5Kkb5TTmMJ4f0fmYyYonoZWAjGwO3LTLuXFc yC0XtF937+vZdUDz//I5g3MMXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPKx7UmL LxDCkGj5UwjY0vzmf0zIMB8GA1UdIwQYMBaAFNwjpp6h78GjeUksE+msFHxJ9a0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjRDMi9CMTdFOTVENjAz NzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndhTjVTU3dUNmF3VWZFbjFy UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNDT21ucUh2d2FONVNTd1Q2YXdVZkVuMXJRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjRDMi9CMTdFOTVENjAzNzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndh TjVTU3dUNmF3VWZFbjFyUVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBEovVTDI9fj3nKLAjU7UMO2dVdFaBsKYyfU4jNtWLbUJzCuEMAeg4t eusHPTsj49XsIlcEAmI95vWmE+c6sBpyVf3zoBOMXOX1vdEAKLrCAlD7MZ0rKKR1 8+O60nEy9jWeeqvajD1iP2h3pC+ir8xaW57m6NCxi4eVlPg3grGf91dbqqvHWnrX xgUNIawG32jG/lvKccPWJLcsrYXZwoiWl8E/jherok0nHfwCQjRIbpcBxTJi77+v 5c1AMFApfCVn9z1cfOA36cD6bqFlwS8L/LrnYJL2Uj/fk80b+wXPqBWA/ohUozL5 k93ogNvCCiqsAvgDSSjzQ3ZgbgD5J7kv -----END CERTIFICATE-----Generated at Sat Dec 6 19:37:20 2025 by rpki-client