This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft File: XDZbFzHKfOfbgd1XEwvU1kMBm14.mft (raw, json) Hash identifier: pG0XBDFixU/u2VXNgBk4JLAcIOr7w96614AIlbwcLxU= Subject key identifier: C1:F1:0A:21:36:6D:44:A3:10:60:2A:7B:F0:A2:40:AA:93:00:52:A5 Authority key identifier: 5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E Certificate issuer: /CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Certificate serial: 05C3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft Manifest number: 05BB Signing time: Thu 04 Dec 2025 21:46:57 +0000 Manifest this update: Thu 04 Dec 2025 21:46:56 +0000 Manifest next update: Thu 11 Dec 2025 21:46:56 +0000 Files and hashes: 1: XDZbFzHKfOfbgd1XEwvU1kMBm14.crl (hash: RX5t2unOB541SUeQgkgr7lfv9P9lvMclmBY9R/71fyU=) 2: 8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa (hash: WoeJPfBlNid7RydzbYK1jVf1zbozvuQMQ+6wRuDKrQE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 21:46:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1475 (0x5c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28EB, serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Validity Not Before: Dec 4 21:46:56 2025 GMT Not After : Dec 11 21:46:56 2025 GMT Subject: CN=69320151-228a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f8:90:40:43:26:af:f8:b9:b3:5e:ac:4c:2a: 8d:a4:e5:5c:15:3e:d7:f8:3b:f6:b8:69:59:de:d9: e8:75:6e:96:a9:f6:83:77:a4:4b:11:9c:f6:41:a1: 19:45:d4:4c:09:b1:c1:ac:3b:be:e5:76:e0:d8:d6: be:a2:e1:64:18:11:26:c0:7b:6b:42:f4:cc:4f:53: 1c:41:f8:33:50:6f:30:1c:6f:62:23:99:4c:ca:c1: cb:33:6c:68:d9:bd:7d:98:f7:39:19:2e:d7:fa:a2: 8f:dd:cb:f7:90:ad:e9:b3:65:a6:8c:9a:35:8c:38: b3:d7:2d:75:99:2d:65:64:82:7b:ab:2f:83:87:85: a3:66:1d:ad:1f:56:53:a6:99:73:d3:90:d5:34:7e: 5e:1e:7b:07:ec:9b:f3:c2:62:02:5e:df:b5:0a:85: 6d:64:2d:20:42:b8:58:ff:55:8e:62:b5:c0:b2:59: ce:53:8d:3f:51:ab:dd:0f:0c:35:d6:9f:d4:de:4e: 63:2c:3f:bf:3a:e7:e6:b1:2b:26:e5:58:23:d5:94: f6:b5:fa:0c:c1:19:cc:44:4b:36:e9:26:96:e1:3d: fa:b8:2c:dd:78:e5:19:2b:31:0e:53:f8:da:0b:d9: 16:f6:d5:a0:ef:ed:bf:5b:64:2d:2a:4f:af:7c:ee: 96:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:F1:0A:21:36:6D:44:A3:10:60:2A:7B:F0:A2:40:AA:93:00:52:A5 X509v3 Authority Key Identifier: keyid:5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:00:6d:92:86:cd:ea:e6:39:90:07:af:76:d1:d6:ed:6a:eb: 61:49:af:53:21:00:a7:7c:32:a2:95:4c:d1:f9:b8:8e:c0:f1: ee:16:fd:fd:dd:12:83:fa:75:4c:96:41:72:60:fe:0f:37:60: 6b:7a:4b:81:ad:7c:81:04:62:10:c7:01:50:8b:44:6f:33:70: 99:12:2f:07:5b:16:02:f9:33:e4:07:e3:05:46:cd:b8:6b:47: 23:9d:ff:68:2c:41:6c:bd:ae:b8:96:a0:b9:d8:2e:6f:20:21: 1e:a2:d7:cb:cf:89:14:ce:d9:aa:ae:fd:d0:80:ff:cc:c4:ef: d6:4d:a1:44:13:4a:01:c3:e5:b0:64:95:f4:c1:52:0a:7e:c9: 3c:4f:a9:d8:8d:87:0a:a0:81:ba:70:8f:b3:75:3e:35:3a:6c: 16:70:9a:56:17:82:7c:99:2c:8b:38:dd:29:18:71:c4:4a:16: 9b:9c:3d:79:c1:a6:37:f1:7c:41:f9:3a:15:eb:7b:40:57:23: 7b:6d:89:95:95:61:d9:03:04:e0:b0:f8:b3:19:9e:00:6b:b1: f4:7a:f4:4d:31:4c:38:ae:ac:76:01:a3:14:93:83:e0:c9:34: 4a:b4:75:43:5f:5c:9c:f9:8c:1f:36:cc:ce:7a:f6:fb:13:e4: 27:62:66:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4RUIxMTAvBgNVBAUTKDVDMzY1QjE3MzFDQTdDRTdEQjgxREQ1NzEzMEJENEQ2 NDMwMTlCNUUwHhcNMjUxMjA0MjE0NjU2WhcNMjUxMjExMjE0NjU2WjAYMRYwFAYD VQQDEw02OTMyMDE1MS0yMjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn/iQQEMmr/i5s16sTCqNpOVcFT7X+Dv2uGlZ3tnodW6WqfaDd6RLEZz2QaEZ RdRMCbHBrDu+5Xbg2Na+ouFkGBEmwHtrQvTMT1McQfgzUG8wHG9iI5lMysHLM2xo 2b19mPc5GS7X+qKP3cv3kK3ps2WmjJo1jDiz1y11mS1lZIJ7qy+Dh4WjZh2tH1ZT pplz05DVNH5eHnsH7JvzwmICXt+1CoVtZC0gQrhY/1WOYrXAslnOU40/UavdDww1 1p/U3k5jLD+/OufmsSsm5Vgj1ZT2tfoMwRnMREs26SaW4T36uCzdeOUZKzEOU/ja C9kW9tWg7+2/W2QtKk+vfO6W2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMHxCiE2 bUSjEGAqe/CiQKqTAFKlMB8GA1UdIwQYMBaAFFw2Wxcxynzn24HdVxML1NZDAZte MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhFQi83NzE0OEFDNkVC MDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZPZmJnZDFYRXd2VTFrTUJt MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEWmJGekhLZk9mYmdkMVhFd3ZVMWtNQm0xNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjhFQi83NzE0OEFDNkVCMDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZP ZmJnZDFYRXd2VTFrTUJtMTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTAG2Shs3q5jmQB6920dbtauthSa9TIQCnfDKilUzR+biOwPHuFv39 3RKD+nVMlkFyYP4PN2BrekuBrXyBBGIQxwFQi0RvM3CZEi8HWxYC+TPkB+MFRs24 a0cjnf9oLEFsva64lqC52C5vICEeotfLz4kUztmqrv3QgP/MxO/WTaFEE0oBw+Ww ZJX0wVIKfsk8T6nYjYcKoIG6cI+zdT41OmwWcJpWF4J8mSyLON0pGHHEShabnD15 waY38XxB+ToV63tAVyN7bYmVlWHZAwTgsPizGZ4Aa7H0evRNMUw4rqx2AaMUk4Pg yTRKtHVDX1yc+YwfNszOevb7E+QnYmZB -----END CERTIFICATE-----Generated at Sat Dec 6 20:46:37 2025 by rpki-client