This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft File: XYnzqvmxOgelsmTy3rpk1cUAZRw.mft (raw, json) Hash identifier: T8PpO1VKVMG4OvyVy1C9t68jxC6zlkFlnRqSgfFmV78= Subject key identifier: 67:9F:02:CF:7E:DB:3F:05:D9:C4:A0:F1:97:B8:ED:87:EB:8B:DD:62 Authority key identifier: 5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C Certificate issuer: /CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Certificate serial: 0228 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft Manifest number: 021D Signing time: Sun 07 Dec 2025 00:43:16 +0000 Manifest this update: Sun 07 Dec 2025 00:43:15 +0000 Manifest next update: Sun 14 Dec 2025 00:43:15 +0000 Files and hashes: 1: XYnzqvmxOgelsmTy3rpk1cUAZRw.crl (hash: oicgsxn1jZej4Z3lcLjWCCyHiwXvMw6rYn3H8oqGesY=) 2: 9EA7B7D8A63911ED874E6630C4F9AE02.roa (hash: 6o0EUZvJBerht1y6bzh1g89SRPPeQ5cLEU5AQhJzOAU=) 3: 5DCE1A1AA63C11ED9306165AC4F9AE02.roa (hash: QPGj0eJqXgnGukiRaT/QHSiAaiIAXjZCnZKqvteNQAI=) 4: 9FBA5FCCA63911ED874E6630C4F9AE02.roa (hash: lCV4Wc/C2vG49K6yvqo7KO+pzcjtBqjnxvlmY9cM+oI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Dec 2025 00:43:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 552 (0x228) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5240, serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Validity Not Before: Dec 7 00:43:15 2025 GMT Not After : Dec 14 00:43:15 2025 GMT Subject: CN=6934cda3-027c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:bb:2d:97:00:c5:34:25:cd:7d:33:e9:ac:40: 28:b3:58:6e:ff:df:66:d5:95:99:0a:51:c6:30:a5: 30:1d:64:08:9c:68:7a:07:0a:77:e3:6b:bb:e0:2e: 4e:54:2b:48:b7:eb:23:0e:dd:1b:4f:11:d2:ea:1b: 0c:14:fb:f2:40:cf:0b:d2:9c:b0:bc:06:1f:4d:d2: 5c:e6:e8:c1:f5:09:ea:5f:49:fe:86:0b:da:c4:1d: 07:83:03:57:cd:d6:36:2b:71:b1:8a:25:84:2a:94: 67:65:eb:50:2d:c8:83:92:0e:f0:b5:ac:cd:0f:4e: 80:6d:0b:95:bf:c8:1b:62:42:68:5a:df:fb:b2:1b: 25:b7:24:5a:0d:da:17:1d:ef:32:f1:25:cf:a3:54: 19:15:dd:03:5a:b0:d8:cb:4b:33:e6:99:1f:88:da: b3:62:cc:ec:ee:93:e6:ba:75:5b:1f:39:03:a5:50: 24:a7:90:b1:82:b3:f3:ba:e6:2e:ba:de:53:9d:87: 7c:1f:c2:50:9a:62:63:f9:99:48:e9:28:e3:06:4c: cf:31:40:c2:5b:2b:70:5a:39:25:9c:92:da:25:fc: e6:46:72:25:86:df:31:fe:66:eb:1e:61:2a:83:4c: 58:70:99:23:0b:28:56:a9:73:3f:ef:f0:09:8a:c6: a6:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:9F:02:CF:7E:DB:3F:05:D9:C4:A0:F1:97:B8:ED:87:EB:8B:DD:62 X509v3 Authority Key Identifier: keyid:5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:7b:98:43:2d:ed:09:f2:ec:19:da:16:30:0a:11:e3:51:80: 4b:d6:42:69:6b:2c:c7:6a:98:a5:81:0f:37:29:60:6e:41:fe: ce:f3:78:55:0c:f4:5b:1a:e1:ff:63:b5:9e:5e:ab:a3:fe:54: 78:19:65:5f:2b:50:9a:15:0c:88:9b:c6:34:1a:71:a5:6c:bd: 7d:81:5b:da:57:ae:ca:18:47:af:99:ca:2f:d4:f0:b1:d7:80: 0c:4f:48:65:25:f2:ab:a4:02:76:83:89:76:92:79:2b:46:50: b5:b9:80:3a:79:2d:aa:a3:76:0d:6d:7c:ca:2c:d3:38:10:0d: f7:b1:73:d4:e0:1f:c4:b3:a9:b6:06:47:7f:97:01:7b:19:d6: 7f:f5:60:66:f6:94:e3:45:82:30:a2:a9:0f:b3:1f:0a:e6:de: 99:76:5d:f5:e4:d7:79:b2:96:3d:61:53:20:02:b2:96:c3:c4: ba:ee:1a:86:7a:de:6b:1f:b7:24:08:ce:9e:6f:66:78:ec:1c: 39:54:c0:1e:50:b1:af:4f:e9:1b:6f:00:d4:b3:32:64:5b:a4: 2f:8a:ce:78:2d:db:1e:60:0f:9b:41:d8:3a:00:68:0b:00:e0: cf:cc:f6:75:1c:8d:a1:cf:28:53:90:c7:64:6a:0b:96:74:6d: 82:1e:65:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDUyNDAxMTAvBgNVBAUTKDVEODlGM0FBRjlCMTNBMDdBNUIyNjRGMkRFQkE2NEQ1 QzUwMDY1MUMwHhcNMjUxMjA3MDA0MzE1WhcNMjUxMjE0MDA0MzE1WjAYMRYwFAYD VQQDEw02OTM0Y2RhMy0wMjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA07stlwDFNCXNfTPprEAos1hu/99m1ZWZClHGMKUwHWQInGh6Bwp342u74C5O VCtIt+sjDt0bTxHS6hsMFPvyQM8L0pywvAYfTdJc5ujB9QnqX0n+hgvaxB0HgwNX zdY2K3GxiiWEKpRnZetQLciDkg7wtazND06AbQuVv8gbYkJoWt/7shsltyRaDdoX He8y8SXPo1QZFd0DWrDYy0sz5pkfiNqzYszs7pPmunVbHzkDpVAkp5CxgrPzuuYu ut5TnYd8H8JQmmJj+ZlI6SjjBkzPMUDCWytwWjklnJLaJfzmRnIlht8x/mbrHmEq g0xYcJkjCyhWqXM/7/AJisam2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGefAs9+ 2z8F2cSg8Ze47Yfri91iMB8GA1UdIwQYMBaAFF2J86r5sToHpbJk8t66ZNXFAGUc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTI0MC8yN0RERTdEODlC N0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9nZWxzbVR5M3JwazFjVUFa UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hZbnpxdm14T2dlbHNtVHkzcnBrMWNVQVpSdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NTI0MC8yN0RERTdEODlCN0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9n ZWxzbVR5M3JwazFjVUFaUncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDFe5hDLe0J8uwZ2hYwChHjUYBL1kJpayzHapilgQ83KWBuQf7O83hV DPRbGuH/Y7WeXquj/lR4GWVfK1CaFQyIm8Y0GnGlbL19gVvaV67KGEevmcov1PCx 14AMT0hlJfKrpAJ2g4l2knkrRlC1uYA6eS2qo3YNbXzKLNM4EA33sXPU4B/Es6m2 Bkd/lwF7GdZ/9WBm9pTjRYIwoqkPsx8K5t6Zdl315Nd5spY9YVMgArKWw8S67hqG et5rH7ckCM6eb2Z47Bw5VMAeULGvT+kbbwDUszJkW6Qvis54LdseYA+bQdg6AGgL AODPzPZ1HI2hzyhTkMdkaguWdG2CHmXP -----END CERTIFICATE-----Generated at Sun Dec 7 04:56:54 2025 by rpki-client