This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft
File: XYnzqvmxOgelsmTy3rpk1cUAZRw.mft (raw, json)
Hash identifier: T8PpO1VKVMG4OvyVy1C9t68jxC6zlkFlnRqSgfFmV78=
Subject key identifier: 67:9F:02:CF:7E:DB:3F:05:D9:C4:A0:F1:97:B8:ED:87:EB:8B:DD:62
Authority key identifier: 5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C
Certificate issuer: /CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C
Certificate serial: 0228
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft
Manifest number: 021D
Signing time: Sun 07 Dec 2025 00:43:16 +0000
Manifest this update: Sun 07 Dec 2025 00:43:15 +0000
Manifest next update: Sun 14 Dec 2025 00:43:15 +0000
Files and hashes: 1: XYnzqvmxOgelsmTy3rpk1cUAZRw.crl (hash: oicgsxn1jZej4Z3lcLjWCCyHiwXvMw6rYn3H8oqGesY=)
2: 9EA7B7D8A63911ED874E6630C4F9AE02.roa (hash: 6o0EUZvJBerht1y6bzh1g89SRPPeQ5cLEU5AQhJzOAU=)
3: 5DCE1A1AA63C11ED9306165AC4F9AE02.roa (hash: QPGj0eJqXgnGukiRaT/QHSiAaiIAXjZCnZKqvteNQAI=)
4: 9FBA5FCCA63911ED874E6630C4F9AE02.roa (hash: lCV4Wc/C2vG49K6yvqo7KO+pzcjtBqjnxvlmY9cM+oI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl
rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Dec 2025 00:43:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 552 (0x228)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5240, serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C
Validity
Not Before: Dec 7 00:43:15 2025 GMT
Not After : Dec 14 00:43:15 2025 GMT
Subject: CN=6934cda3-027c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bb:2d:97:00:c5:34:25:cd:7d:33:e9:ac:40:
28:b3:58:6e:ff:df:66:d5:95:99:0a:51:c6:30:a5:
30:1d:64:08:9c:68:7a:07:0a:77:e3:6b:bb:e0:2e:
4e:54:2b:48:b7:eb:23:0e:dd:1b:4f:11:d2:ea:1b:
0c:14:fb:f2:40:cf:0b:d2:9c:b0:bc:06:1f:4d:d2:
5c:e6:e8:c1:f5:09:ea:5f:49:fe:86:0b:da:c4:1d:
07:83:03:57:cd:d6:36:2b:71:b1:8a:25:84:2a:94:
67:65:eb:50:2d:c8:83:92:0e:f0:b5:ac:cd:0f:4e:
80:6d:0b:95:bf:c8:1b:62:42:68:5a:df:fb:b2:1b:
25:b7:24:5a:0d:da:17:1d:ef:32:f1:25:cf:a3:54:
19:15:dd:03:5a:b0:d8:cb:4b:33:e6:99:1f:88:da:
b3:62:cc:ec:ee:93:e6:ba:75:5b:1f:39:03:a5:50:
24:a7:90:b1:82:b3:f3:ba:e6:2e:ba:de:53:9d:87:
7c:1f:c2:50:9a:62:63:f9:99:48:e9:28:e3:06:4c:
cf:31:40:c2:5b:2b:70:5a:39:25:9c:92:da:25:fc:
e6:46:72:25:86:df:31:fe:66:eb:1e:61:2a:83:4c:
58:70:99:23:0b:28:56:a9:73:3f:ef:f0:09:8a:c6:
a6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9F:02:CF:7E:DB:3F:05:D9:C4:A0:F1:97:B8:ED:87:EB:8B:DD:62
X509v3 Authority Key Identifier:
keyid:5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c5:7b:98:43:2d:ed:09:f2:ec:19:da:16:30:0a:11:e3:51:80:
4b:d6:42:69:6b:2c:c7:6a:98:a5:81:0f:37:29:60:6e:41:fe:
ce:f3:78:55:0c:f4:5b:1a:e1:ff:63:b5:9e:5e:ab:a3:fe:54:
78:19:65:5f:2b:50:9a:15:0c:88:9b:c6:34:1a:71:a5:6c:bd:
7d:81:5b:da:57:ae:ca:18:47:af:99:ca:2f:d4:f0:b1:d7:80:
0c:4f:48:65:25:f2:ab:a4:02:76:83:89:76:92:79:2b:46:50:
b5:b9:80:3a:79:2d:aa:a3:76:0d:6d:7c:ca:2c:d3:38:10:0d:
f7:b1:73:d4:e0:1f:c4:b3:a9:b6:06:47:7f:97:01:7b:19:d6:
7f:f5:60:66:f6:94:e3:45:82:30:a2:a9:0f:b3:1f:0a:e6:de:
99:76:5d:f5:e4:d7:79:b2:96:3d:61:53:20:02:b2:96:c3:c4:
ba:ee:1a:86:7a:de:6b:1f:b7:24:08:ce:9e:6f:66:78:ec:1c:
39:54:c0:1e:50:b1:af:4f:e9:1b:6f:00:d4:b3:32:64:5b:a4:
2f:8a:ce:78:2d:db:1e:60:0f:9b:41:d8:3a:00:68:0b:00:e0:
cf:cc:f6:75:1c:8d:a1:cf:28:53:90:c7:64:6a:0b:96:74:6d:
82:1e:65:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUyNDAxMTAvBgNVBAUTKDVEODlGM0FBRjlCMTNBMDdBNUIyNjRGMkRFQkE2NEQ1
QzUwMDY1MUMwHhcNMjUxMjA3MDA0MzE1WhcNMjUxMjE0MDA0MzE1WjAYMRYwFAYD
VQQDEw02OTM0Y2RhMy0wMjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA07stlwDFNCXNfTPprEAos1hu/99m1ZWZClHGMKUwHWQInGh6Bwp342u74C5O
VCtIt+sjDt0bTxHS6hsMFPvyQM8L0pywvAYfTdJc5ujB9QnqX0n+hgvaxB0HgwNX
zdY2K3GxiiWEKpRnZetQLciDkg7wtazND06AbQuVv8gbYkJoWt/7shsltyRaDdoX
He8y8SXPo1QZFd0DWrDYy0sz5pkfiNqzYszs7pPmunVbHzkDpVAkp5CxgrPzuuYu
ut5TnYd8H8JQmmJj+ZlI6SjjBkzPMUDCWytwWjklnJLaJfzmRnIlht8x/mbrHmEq
g0xYcJkjCyhWqXM/7/AJisam2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGefAs9+
2z8F2cSg8Ze47Yfri91iMB8GA1UdIwQYMBaAFF2J86r5sToHpbJk8t66ZNXFAGUc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTI0MC8yN0RERTdEODlC
N0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9nZWxzbVR5M3JwazFjVUFa
UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hZbnpxdm14T2dlbHNtVHkzcnBrMWNVQVpSdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NTI0MC8yN0RERTdEODlCN0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9n
ZWxzbVR5M3JwazFjVUFaUncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDFe5hDLe0J8uwZ2hYwChHjUYBL1kJpayzHapilgQ83KWBuQf7O83hV
DPRbGuH/Y7WeXquj/lR4GWVfK1CaFQyIm8Y0GnGlbL19gVvaV67KGEevmcov1PCx
14AMT0hlJfKrpAJ2g4l2knkrRlC1uYA6eS2qo3YNbXzKLNM4EA33sXPU4B/Es6m2
Bkd/lwF7GdZ/9WBm9pTjRYIwoqkPsx8K5t6Zdl315Nd5spY9YVMgArKWw8S67hqG
et5rH7ckCM6eb2Z47Bw5VMAeULGvT+kbbwDUszJkW6Qvis54LdseYA+bQdg6AGgL
AODPzPZ1HI2hzyhTkMdkaguWdG2CHmXP
-----END CERTIFICATE-----
Generated at Sun Dec 7 04:56:54 2025 by rpki-client