This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: d9usBJ29asc4t31eLpsYCrvvQQOm7bDf2wkUT2e04e4= Subject key identifier: 2A:7E:F2:28:9C:32:EC:F0:8D:1A:99:59:92:09:4D:C5:3F:B0:E2:47 Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0AF1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2C08 Signing time: Sat 06 Dec 2025 15:39:35 +0000 Manifest this update: Sat 06 Dec 2025 15:39:34 +0000 Manifest next update: Sat 13 Dec 2025 15:39:34 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: tErB3aLNJhci9V6nwuzRicGMZw5M5a+jLjgQc268E88=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 15:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2801 (0xaf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: Dec 6 15:39:34 2025 GMT Not After : Dec 13 15:39:34 2025 GMT Subject: CN=69344e36-a88a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:5a:eb:20:f0:a0:62:12:fb:e8:28:27:1f:12: da:c6:8d:a2:10:6c:64:24:9f:ec:e2:88:14:f7:b7: f4:9f:20:62:6c:46:3a:ed:54:d3:48:08:db:88:8d: 1d:9c:b5:50:49:67:8f:ff:00:dd:1c:c3:39:30:af: f7:01:f3:6c:79:20:ad:f6:1c:28:fb:57:32:cb:a3: 63:8a:54:de:3e:6d:84:eb:fa:27:b5:87:56:58:e6: 0d:ec:46:07:c6:b5:43:d2:c6:0a:94:56:eb:ac:63: c2:bf:ef:2f:06:4b:cc:d3:6f:4a:97:05:2d:63:45: 25:af:99:e2:a8:77:10:ac:f0:05:2f:87:6c:f1:4f: 63:23:c3:b9:47:41:ad:54:ca:70:63:51:39:88:c4: 12:1d:55:89:90:aa:f9:7e:a7:97:4e:4d:03:12:dd: cf:15:2f:04:55:83:06:c5:d0:bc:9a:39:58:83:05: 82:fe:10:35:bd:3f:f9:21:9b:b3:8b:d5:c8:65:ed: 2f:64:d5:78:a2:53:71:b9:bf:c5:80:1b:0b:42:24: 88:bf:eb:6c:43:f8:f6:8a:37:e0:88:dc:68:d4:8f: 21:8c:7f:34:33:ca:bb:a3:7c:0a:63:f1:63:ce:db: b6:b8:30:fc:c2:21:b2:68:ca:01:3c:7b:a7:ea:15: e3:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:7E:F2:28:9C:32:EC:F0:8D:1A:99:59:92:09:4D:C5:3F:B0:E2:47 X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:18:e1:56:9e:c9:f1:fe:8e:40:5f:4f:82:e3:ff:0d:0b:7f: db:2e:10:b0:63:35:ca:1e:52:2a:86:23:12:80:72:c6:0a:ea: 00:4c:86:c2:6f:db:fc:d8:3c:02:36:1c:44:06:7e:8a:b3:60: 8f:82:51:1f:28:85:46:04:35:55:6a:89:55:94:9d:4e:6e:de: 86:70:4e:dc:8e:61:76:0a:d2:8e:17:1e:71:1f:58:b8:db:78: f1:ab:1c:f7:03:2e:8f:3a:9b:43:cd:85:f8:3a:c5:c2:4b:f1: a8:3a:c3:59:9a:98:67:af:9e:b8:19:91:b9:85:37:c3:09:6c: fe:a9:8a:69:3c:ba:4b:d5:4c:5c:1c:bc:81:a7:ee:ec:d9:38: 4e:f0:5c:fc:a5:b9:1a:a9:57:0c:26:3b:a2:a9:88:bb:0a:cc: b9:0f:43:60:4c:84:04:12:61:15:ee:e2:61:36:84:66:cb:bd: be:f1:f4:9c:65:ba:0a:6a:85:cc:61:76:c4:77:2e:e8:45:56: 09:c5:4c:56:18:12:1b:33:02:97:04:ae:c3:fa:c9:e6:6f:1c: 35:c7:02:93:02:89:14:4a:14:8a:20:66:b1:fa:0e:10:85:02: da:9d:83:c2:72:79:74:19:c6:0f:a1:42:5e:5a:a4:97:d6:98: 3f:7e:dc:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUxMjA2MTUzOTM0WhcNMjUxMjEzMTUzOTM0WjAYMRYwFAYD VQQDEw02OTM0NGUzNi1hODhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz1rrIPCgYhL76CgnHxLaxo2iEGxkJJ/s4ogU97f0nyBibEY67VTTSAjbiI0d nLVQSWeP/wDdHMM5MK/3AfNseSCt9hwo+1cyy6NjilTePm2E6/ontYdWWOYN7EYH xrVD0sYKlFbrrGPCv+8vBkvM029KlwUtY0Ulr5niqHcQrPAFL4ds8U9jI8O5R0Gt VMpwY1E5iMQSHVWJkKr5fqeXTk0DEt3PFS8EVYMGxdC8mjlYgwWC/hA1vT/5IZuz i9XIZe0vZNV4olNxub/FgBsLQiSIv+tsQ/j2ijfgiNxo1I8hjH80M8q7o3wKY/Fj ztu2uDD8wiGyaMoBPHun6hXj0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCp+8iic MuzwjRqZWZIJTcU/sOJHMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoGOFWnsnx/o5AX0+C4/8NC3/bLhCwYzXKHlIqhiMSgHLGCuoATIbC b9v82DwCNhxEBn6Ks2CPglEfKIVGBDVVaolVlJ1Obt6GcE7cjmF2CtKOFx5xH1i4 23jxqxz3Ay6POptDzYX4OsXCS/GoOsNZmphnr564GZG5hTfDCWz+qYppPLpL1Uxc HLyBp+7s2ThO8Fz8pbkaqVcMJjuiqYi7Csy5D0NgTIQEEmEV7uJhNoRmy72+8fSc ZboKaoXMYXbEdy7oRVYJxUxWGBIbMwKXBK7D+snmbxw1xwKTAokUShSKIGax+g4Q hQLanYPCcnl0GcYPoUJeWqSX1pg/ftzH -----END CERTIFICATE-----Generated at Sat Dec 6 19:38:40 2025 by rpki-client