This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft File: PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft (raw, json) Hash identifier: ZEyYS/v666Kk6MB0S8TqMV9LNiLJxFxn9y3bTM7EC8w= Subject key identifier: 43:F4:B9:7D:6A:89:AD:F6:02:B7:AD:0F:9E:69:61:AB:22:CC:06:C1 Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC Certificate serial: 089C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft Manifest number: 0801 Signing time: Thu 04 Dec 2025 20:33:47 +0000 Manifest this update: Thu 04 Dec 2025 20:33:46 +0000 Manifest next update: Thu 11 Dec 2025 20:33:46 +0000 Files and hashes: 1: PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl (hash: OTdDxLa3dQVW+4wJybL/HpxF3Z5fpsu6UIaxUxIg22k=) 2: 5CDB2402FD6D11EE951DE436C4F9AE02.roa (hash: JCIJiRdjoJPwGnugBIK3v/SX30S5Hj97puNSPDnZHa0=) 3: 0112375EA05411EDB043385AC4F9AE02.roa (hash: aBs0HSQclxaDqKZvgHQYQl981j8saXju4dpMEUuQAU4=) 4: E2FEA6DA3E5411EF9B398D2DC4F9AE02.roa (hash: Rtf4SCa2SLq1aWm8pt96fKW5kPl75H0zBH9P2CmsGlU=) 5: 5B2236E6FD6D11EE951DE436C4F9AE02.roa (hash: xyRyhhQBvFg1P0171dGNRFnwuXqCBoYXwtzjvJ6IHcw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 20:33:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2204 (0x89c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB7AB, serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC Validity Not Before: Dec 4 20:33:46 2025 GMT Not After : Dec 11 20:33:46 2025 GMT Subject: CN=6931f02b-2828 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6f:fd:4b:d6:4d:82:47:c2:bc:8e:b0:f1:f9: db:62:5f:aa:eb:ad:09:15:2f:0f:71:99:8d:fe:83: 36:4c:12:ec:1f:6b:43:69:a7:b3:27:c0:42:b0:da: c3:25:bf:29:40:d5:35:b5:25:cf:d6:c5:b0:d2:32: 88:a8:32:51:f9:3c:26:e4:a8:45:f7:f4:76:54:e8: 74:cd:bb:94:79:d2:7b:02:66:81:f7:1e:1e:a5:fe: b5:94:ab:5b:76:68:32:59:d7:21:10:ac:73:64:00: 45:ba:32:72:33:aa:cd:08:87:34:b0:bc:ed:67:d7: a9:b5:ad:ee:9b:ce:28:0d:ff:61:31:bf:7f:59:e0: 1d:f9:4a:d5:5a:55:e9:aa:38:52:fb:ac:65:75:bd: d2:fe:c8:17:32:7c:83:83:9f:f6:2d:8d:6d:b0:b9: 3c:39:d1:91:83:c2:d1:09:da:f1:2a:a9:8a:23:3d: 82:68:4c:ce:a8:b1:da:a6:a6:b5:32:53:f6:82:5c: 8e:44:69:28:53:af:a1:8e:d4:6b:61:6d:9e:f9:d7: 3f:eb:fd:db:3d:08:51:55:f2:dd:2d:21:14:76:3c: a8:81:38:fc:ea:87:9c:39:e9:9e:e4:d4:c5:47:59: 9c:52:06:c5:b9:ee:6e:d9:a0:ba:5a:cf:a8:3d:c4: 8f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:F4:B9:7D:6A:89:AD:F6:02:B7:AD:0F:9E:69:61:AB:22:CC:06:C1 X509v3 Authority Key Identifier: keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:fd:01:87:f4:e0:fb:bd:d4:80:0d:30:af:22:5f:9f:fe:43: 1f:4b:28:2a:b6:4c:11:c3:f3:35:4e:0e:b0:76:b9:77:48:60: 79:fe:5d:1c:a6:9f:b1:37:3c:53:e9:c5:58:dc:82:d6:08:42: 27:3f:19:b5:84:b4:85:cb:94:7e:87:b3:62:7d:c4:87:e5:a3: a2:b1:85:c1:f2:24:47:51:9a:54:7a:3c:e7:66:1b:f2:c6:ce: 9e:1c:e4:be:41:9a:1a:e6:dc:c3:12:46:cd:9f:99:c2:69:0c: 82:ae:be:aa:a0:eb:77:ae:81:6a:24:b9:b5:e9:e3:dd:2d:3b: 8f:42:5f:1a:ea:ff:c9:d8:d9:a8:0a:7b:36:3f:ce:51:ce:b3: 9e:3b:3e:8c:90:69:6d:66:61:0c:e8:d7:cf:28:95:9b:88:e0: bc:53:10:13:08:bd:c6:0b:12:f6:fe:b4:e0:95:fd:d8:1c:19: 18:51:0a:25:81:28:f7:17:5e:3b:ce:16:52:12:d9:95:a8:5a: 29:12:5b:bd:53:8a:8b:a9:af:38:ce:a1:09:b7:cd:57:01:a5: b3:58:cd:ef:6a:b9:f6:de:bd:00:1c:c8:9f:77:07:4f:c7:9a: fe:f0:81:a8:62:8a:17:8a:dd:d1:77:41:0e:2c:ce:3d:96:d0: a1:1b:8f:dc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0 NTZGM0Q5QkMwHhcNMjUxMjA0MjAzMzQ2WhcNMjUxMjExMjAzMzQ2WjAYMRYwFAYD VQQDEw02OTMxZjAyYi0yODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzm/9S9ZNgkfCvI6w8fnbYl+q660JFS8PcZmN/oM2TBLsH2tDaaezJ8BCsNrD Jb8pQNU1tSXP1sWw0jKIqDJR+Twm5KhF9/R2VOh0zbuUedJ7AmaB9x4epf61lKtb dmgyWdchEKxzZABFujJyM6rNCIc0sLztZ9epta3um84oDf9hMb9/WeAd+UrVWlXp qjhS+6xldb3S/sgXMnyDg5/2LY1tsLk8OdGRg8LRCdrxKqmKIz2CaEzOqLHapqa1 MlP2glyORGkoU6+hjtRrYW2e+dc/6/3bPQhRVfLdLSEUdjyogTj86oecOeme5NTF R1mcUgbFue5u2aC6Ws+oPcSP8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEP0uX1q ia32AretD55pYasizAbBMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjdBQi81Njc4NjU2ODQwMDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQ MlFnVVpRTGs4STVGYnoyYncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAA/QGH9OD7vdSADTCvIl+f/kMfSygqtkwRw/M1Tg6wdrl3SGB5/l0c pp+xNzxT6cVY3ILWCEInPxm1hLSFy5R+h7NifcSH5aOisYXB8iRHUZpUejznZhvy xs6eHOS+QZoa5tzDEkbNn5nCaQyCrr6qoOt3roFqJLm16ePdLTuPQl8a6v/J2Nmo Cns2P85RzrOeOz6MkGltZmEM6NfPKJWbiOC8UxATCL3GCxL2/rTglf3YHBkYUQol gSj3F147zhZSEtmVqFopElu9U4qLqa84zqEJt81XAaWzWM3varn23r0AHMifdwdP x5r+8IGoYooXit3Rd0EOLM49ltChG4/c -----END CERTIFICATE-----Generated at Sat Dec 6 16:29:54 2025 by rpki-client