This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft File: Ikchh2oR4tOkuYshvIT3jmT-yEY.mft (raw, json) Hash identifier: ih6uEnMUfE1hWLniA2TzwGxd6rFQSOS9peygKNocxUE= Subject key identifier: 89:CD:35:3F:38:50:86:34:1B:9C:AA:56:90:EE:52:8C:34:4A:58:67 Authority key identifier: 22:47:21:87:6A:11:E2:D3:A4:B9:8B:21:BC:84:F7:8E:64:FE:C8:46 Certificate issuer: /CN=A91CEE6D/serialNumber=224721876A11E2D3A4B98B21BC84F78E64FEC846 Certificate serial: 28 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft Manifest number: 27 Signing time: Fri 05 Dec 2025 05:31:09 +0000 Manifest this update: Fri 05 Dec 2025 05:31:08 +0000 Manifest next update: Fri 12 Dec 2025 05:31:08 +0000 Files and hashes: 1: Ikchh2oR4tOkuYshvIT3jmT-yEY.crl (hash: rNmUc/yIOIl9+D/dm4HAvFEJ0U7kfn1qOqt+fxOZMqc=) 2: 09F2A296A02E11F08BC71221C4F9AE02.roa (hash: 6x2cZtG1O8RYzD8OGoXsH+NShNfzIbk96k46lysq5xU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.crl rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 05:31:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEE6D, serialNumber=224721876A11E2D3A4B98B21BC84F78E64FEC846 Validity Not Before: Dec 5 05:31:08 2025 GMT Not After : Dec 12 05:31:08 2025 GMT Subject: CN=69326e1c-c319 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e9:85:62:0e:9b:a3:ab:14:79:26:ca:ad:90: fd:bc:7e:db:f1:ac:f3:f6:f2:38:85:11:83:8d:b7: 95:d9:e0:f0:ba:f4:a8:36:8e:8c:e7:60:06:26:7e: 91:6f:ba:4f:d1:81:b4:7e:35:9d:f3:77:05:6b:b8: 5e:b9:7c:19:af:3f:36:79:03:5f:e3:05:6a:c7:a9: ed:18:52:22:fb:81:c5:6f:a0:3b:9e:f3:c5:26:bc: 0d:7b:5e:9c:fa:74:50:d7:06:3d:c3:15:35:ad:0a: 14:1e:7e:87:71:40:c6:c3:ad:c6:59:b3:dd:57:e6: 7e:7b:db:eb:81:07:aa:da:9d:81:04:31:d4:f3:b5: 9a:cb:85:d1:a0:d9:ff:6a:46:a3:34:63:39:6b:50: 13:11:75:45:ac:0c:4b:44:da:2e:d7:ca:46:3a:e3: 8c:b1:0f:21:00:ac:bc:8a:86:7d:63:ad:17:7e:ae: 22:bf:d3:47:a9:8d:fd:23:7a:df:3f:57:1b:10:08: f3:31:e4:7e:23:65:ee:b0:a1:09:27:a3:4a:d2:73: 91:6c:d5:f7:9a:e6:63:f8:0b:ee:e6:4b:e1:fb:b4: 91:0e:a6:b5:00:4e:1b:a0:d6:41:9d:dc:f8:78:e9: 5d:4c:69:f3:34:fa:25:f4:c1:55:a3:de:98:65:45: de:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:CD:35:3F:38:50:86:34:1B:9C:AA:56:90:EE:52:8C:34:4A:58:67 X509v3 Authority Key Identifier: keyid:22:47:21:87:6A:11:E2:D3:A4:B9:8B:21:BC:84:F7:8E:64:FE:C8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:ee:86:32:06:4a:64:83:56:22:fd:93:fb:58:f6:81:69:d4: 1b:25:fc:17:ca:a0:ea:71:bf:cf:9f:fb:30:28:ec:8e:37:34: 55:c2:83:00:2c:9f:97:3a:ec:6f:7f:04:fe:ec:17:f7:44:db: 86:19:08:1b:03:d1:4b:a5:82:f1:5f:89:08:f5:d0:67:76:cd: bb:d9:87:43:13:03:21:25:e1:4b:85:2d:22:3f:74:52:33:10: 45:73:05:e6:04:71:1f:17:e2:c4:aa:5e:7b:68:44:91:67:b6: 8b:98:6a:27:3d:2b:3b:30:88:87:a4:8b:12:08:10:4a:63:6d: e7:9f:f1:fb:dd:95:6f:5f:e9:37:1d:8f:4e:1e:99:22:2d:15: b7:99:8c:4f:67:dc:f9:7f:4d:c8:21:82:bf:0b:ed:70:30:e0: 69:be:0a:17:57:ef:06:2c:3c:ee:eb:3e:67:e5:c0:c8:9d:4a: 7a:15:ce:d2:aa:17:2e:d0:50:c9:ae:12:a1:a2:de:12:b5:7e: e2:61:15:7f:6c:1b:af:14:2f:c4:34:64:ae:37:86:83:77:a5: 8d:29:a8:2f:d3:39:7e:d5:d9:62:12:6d:9a:33:99:e7:69:2d: d8:0f:cd:2a:b6:d3:7f:6a:7c:6a:13:7e:bb:f0:90:6e:3f:0a: 72:95:7c:29 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RUU2RDExMC8GA1UEBRMoMjI0NzIxODc2QTExRTJEM0E0Qjk4QjIxQkM4NEY3OEU2 NEZFQzg0NjAeFw0yNTEyMDUwNTMxMDhaFw0yNTEyMTIwNTMxMDhaMBgxFjAUBgNV BAMTDTY5MzI2ZTFjLWMzMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZ6YViDpujqxR5JsqtkP28ftvxrPP28jiFEYONt5XZ4PC69Kg2joznYAYmfpFv uk/RgbR+NZ3zdwVruF65fBmvPzZ5A1/jBWrHqe0YUiL7gcVvoDue88UmvA17Xpz6 dFDXBj3DFTWtChQefodxQMbDrcZZs91X5n572+uBB6ranYEEMdTztZrLhdGg2f9q RqM0YzlrUBMRdUWsDEtE2i7XykY644yxDyEArLyKhn1jrRd+riK/00epjf0jet8/ VxsQCPMx5H4jZe6woQkno0rSc5Fs1fea5mP4C+7mS+H7tJEOprUAThug1kGd3Ph4 6V1MafM0+iX0wVWj3phlRd4xAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUic01PzhQ hjQbnKpWkO5SjDRKWGcwHwYDVR0jBBgwFoAUIkchh2oR4tOkuYshvIT3jmT+yEYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFRTZELzUxMTEwQUZFOTc2 NTExRjA5MjNBNjcwQ0M0RjlBRTAyL0lrY2hoMm9SNHRPa3VZc2h2SVQzam1ULXlF WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWtjaGgyb1I0dE9rdVlzaHZJVDNqbVQteUVZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF RTZELzUxMTEwQUZFOTc2NTExRjA5MjNBNjcwQ0M0RjlBRTAyL0lrY2hoMm9SNHRP a3VZc2h2SVQzam1ULXlFWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKruhjIGSmSDViL9k/tY9oFp1Bsl/BfKoOpxv8+f+zAo7I43NFXCgwAs n5c67G9/BP7sF/dE24YZCBsD0UulgvFfiQj10Gd2zbvZh0MTAyEl4UuFLSI/dFIz EEVzBeYEcR8X4sSqXntoRJFntouYaic9KzswiIekixIIEEpjbeef8fvdlW9f6Tcd j04emSItFbeZjE9n3Pl/Tcghgr8L7XAw4Gm+ChdX7wYsPO7rPmflwMidSnoVztKq Fy7QUMmuEqGi3hK1fuJhFX9sG68UL8Q0ZK43hoN3pY0pqC/TOX7V2WISbZozmedp LdgPzSq2039qfGoTfrvwkG4/CnKVfCk= -----END CERTIFICATE-----Generated at Sat Dec 6 22:29:09 2025 by rpki-client