This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: OzwygQJbf1yuqTuWW3+dL112hKlfJHzxq3XVYTI2g30= Subject key identifier: CE:9E:DD:24:43:EA:17:4F:98:9F:94:51:6B:96:5D:44:38:CD:BD:CD Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 68 Signing time: Fri 05 Dec 2025 04:53:53 +0000 Manifest this update: Fri 05 Dec 2025 04:53:52 +0000 Manifest next update: Fri 12 Dec 2025 04:53:52 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: n5piNLYBP4PgoWvJallLbt9DpHq6VwabZ9b3LJMJZPk=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: GbT2Xq8LMseiodZFptbEkKwR2JJrCaZJBMK5VYRS9TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 04:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 107 (0x6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Dec 5 04:53:52 2025 GMT Not After : Dec 12 04:53:52 2025 GMT Subject: CN=69326560-e0eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:02:a9:07:fb:55:04:d5:9e:c2:b2:6b:cf:73: 04:75:0d:1d:7e:20:9e:aa:17:2c:6b:02:55:10:79: 71:9c:93:2b:b9:53:25:30:d8:f8:b4:8e:d6:2f:29: 73:73:dc:01:fc:55:60:33:22:14:7b:d5:22:23:e5: 50:bf:35:26:e1:3c:82:1c:d9:86:aa:b7:92:f9:7a: b2:36:c5:b3:55:3b:2d:0b:04:b8:ad:52:4f:45:2c: 6b:a5:b4:ad:83:a4:7d:61:d0:6e:0e:8d:eb:db:f5: 12:45:0c:3f:6d:20:82:97:0c:e5:a1:c8:8c:20:26: ba:19:fc:28:c2:74:07:4e:dd:1a:56:14:c5:a6:48: 03:38:0e:94:d7:48:5f:92:46:a6:c7:ff:66:8e:e8: f9:f4:2a:07:70:7f:3c:fe:ea:da:89:03:5e:42:a0: 7a:aa:c3:65:b7:e3:ba:de:48:87:18:b0:7e:04:a8: 10:60:c2:00:7b:59:b1:1e:42:3d:60:07:32:bc:07: 8b:9c:0b:f4:bd:b5:85:27:81:39:8d:b8:40:58:72: 08:48:d0:2e:ba:da:ae:d1:8b:24:6a:88:ac:51:50: 34:c1:00:7d:19:5b:16:1c:eb:fa:40:44:e9:ad:83: 53:a1:c8:26:96:77:0d:09:bf:75:03:14:d1:e8:52: 20:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:9E:DD:24:43:EA:17:4F:98:9F:94:51:6B:96:5D:44:38:CD:BD:CD X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:be:26:df:85:13:11:59:89:14:f2:38:60:7a:95:f4:6c:19: e3:16:6f:9b:49:54:0e:40:27:36:ea:a0:20:ff:d3:90:c4:fa: fd:6d:9f:76:33:31:9c:1a:5f:f5:94:a2:0a:d4:42:bc:7a:26: 23:16:0c:44:86:09:49:9c:ef:f5:c3:08:cc:2c:9a:37:3e:44: 44:b6:e7:a9:36:75:98:11:fd:33:db:df:54:30:33:ed:43:c3: 7f:e0:aa:34:9b:53:89:9a:14:33:34:4f:45:2a:71:57:cb:d5: 97:fe:d7:97:0a:3d:26:72:ff:c9:6d:e5:aa:03:ae:c8:5b:0c: f9:3e:1d:88:86:38:00:be:19:63:83:db:33:0b:db:78:54:db: 1b:0c:6e:2f:6a:cb:b8:1c:6c:6c:8f:b6:d5:d4:12:cb:d0:00: c0:f6:23:5c:1b:05:b5:33:90:35:98:a0:c1:05:a7:37:9e:59: ee:56:3c:9c:9e:0f:57:ae:63:c9:84:52:cb:b1:be:d2:2d:a5: ff:12:57:f6:94:71:37:01:ae:59:16:85:a6:5d:85:a0:31:bb: d5:e2:0e:5c:dc:55:5e:83:b2:aa:36:5b:b6:9c:ff:1e:f9:cc: 29:d7:b4:d0:aa:b3:76:7c:07:9b:18:71:ae:4f:b5:95:75:52: 73:73:09:80 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBazANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTEyMDUwNDUzNTJaFw0yNTEyMTIwNDUzNTJaMBgxFjAUBgNV BAMTDTY5MzI2NTYwLWUwZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCiAqkH+1UE1Z7CsmvPcwR1DR1+IJ6qFyxrAlUQeXGckyu5UyUw2Pi0jtYvKXNz 3AH8VWAzIhR71SIj5VC/NSbhPIIc2Yaqt5L5erI2xbNVOy0LBLitUk9FLGultK2D pH1h0G4Ojevb9RJFDD9tIIKXDOWhyIwgJroZ/CjCdAdO3RpWFMWmSAM4DpTXSF+S RqbH/2aO6Pn0Kgdwfzz+6tqJA15CoHqqw2W347reSIcYsH4EqBBgwgB7WbEeQj1g BzK8B4ucC/S9tYUngTmNuEBYcghI0C662q7RiyRqiKxRUDTBAH0ZWxYc6/pAROmt g1OhyCaWdw0Jv3UDFNHoUiCnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUzp7dJEPq F0+Yn5RRa5ZdRDjNvc0wHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABO+Jt+FExFZiRTyOGB6lfRsGeMWb5tJVA5AJzbqoCD/05DE+v1tn3Yz MZwaX/WUogrUQrx6JiMWDESGCUmc7/XDCMwsmjc+RES256k2dZgR/TPb31QwM+1D w3/gqjSbU4maFDM0T0UqcVfL1Zf+15cKPSZy/8lt5aoDrshbDPk+HYiGOAC+GWOD 2zML23hU2xsMbi9qy7gcbGyPttXUEsvQAMD2I1wbBbUzkDWYoMEFpzeeWe5WPJye D1euY8mEUsuxvtItpf8SV/aUcTcBrlkWhaZdhaAxu9XiDlzcVV6Dsqo2W7ac/x75 zCnXtNCqs3Z8B5sYca5PtZV1UnNzCYA= -----END CERTIFICATE-----Generated at Sat Dec 6 19:16:59 2025 by rpki-client