This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: 13m/83FD1Ml7G5tpaVk6EkCIDklS5gbgolvZ+fwTcfc= Subject key identifier: EA:23:C5:BF:7D:3F:BE:0E:12:AF:A3:EC:56:1F:90:25:C5:BE:59:4E Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 35DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 3555 Signing time: Sat 06 Dec 2025 14:16:09 +0000 Manifest this update: Sat 06 Dec 2025 14:16:08 +0000 Manifest next update: Sat 13 Dec 2025 14:16:08 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: rPiRAug4AZU2rhsg+WikZ7iD2CFx4+oIibFjhlVTz7Q=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: DB3F9CA4817B11F0BDC51985C4F9AE02.roa (hash: JAIKKCo9C8qw6fr8uLdaMchlj/iGB4GqwIN2CeXneAc=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: DCD41E8E98D511F0B3824663C4F9AE02.roa (hash: EWlSDhZJpxeihw3aeM/sQAa10hdfChLc1MQCCqHexiw=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 14:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13788 (0x35dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Dec 6 14:16:08 2025 GMT Not After : Dec 13 14:16:08 2025 GMT Subject: CN=69343aa8-e86a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4e:12:04:b4:e1:72:1b:c3:70:24:e7:d9:9c: 89:a4:37:eb:08:8e:cc:07:f5:59:9d:88:9f:9b:5a: a3:d3:fe:87:cf:99:d5:65:f0:3d:4c:72:0a:14:b2: 60:d4:6e:cf:0c:d5:76:f9:30:9b:61:51:54:57:bd: 62:cc:8b:54:be:bc:cb:2e:ab:34:99:5e:c7:1c:e7: fd:fd:8f:ec:14:21:75:cd:5f:15:75:72:78:81:49: 8f:04:5e:fd:60:42:26:9b:40:76:41:55:d2:36:f1: 25:be:5c:18:33:8a:d4:cc:87:11:2e:f5:c0:91:49: 9f:d7:f9:eb:1d:ae:cb:3c:47:8d:21:96:a4:0f:83: cf:48:4f:8e:ce:e6:f3:32:a9:7b:63:9d:48:2b:f8: 22:79:11:c0:34:47:9b:04:ea:ec:72:13:ea:e3:2c: a4:d4:f3:a9:bd:e9:f7:57:dd:d1:26:8a:34:64:58: 3f:22:03:92:eb:fa:77:e0:a0:74:23:c2:58:27:e3: cd:67:6f:47:28:30:f4:ed:c1:47:68:7a:bb:d9:55: 61:e6:21:f4:e5:38:28:68:6c:9e:d7:3c:30:b9:3c: 7d:26:91:34:3f:fb:b4:a7:eb:cb:68:dc:b7:39:98: 76:e2:0a:4a:d0:4a:da:65:b8:da:08:43:38:cd:73: 11:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:23:C5:BF:7D:3F:BE:0E:12:AF:A3:EC:56:1F:90:25:C5:BE:59:4E X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:88:4f:b0:b2:de:d0:d6:6b:23:01:01:82:5b:12:a8:89:b2: 68:02:30:f4:e5:a5:d2:36:c9:82:9e:3d:03:03:32:ab:1f:85: 31:b2:50:a9:80:2c:65:86:27:e4:9f:c6:30:ce:24:7e:9a:d8: 18:fc:62:7f:8f:73:a9:19:03:88:e8:c5:8a:97:ca:36:19:7d: f6:74:72:5e:62:e9:e3:b4:0c:48:62:be:9c:fa:0e:3d:f8:88: 40:eb:37:e9:7b:36:3d:ac:2a:22:c6:f5:d7:64:aa:6f:ad:7e: e8:f5:6f:4d:f3:fc:24:eb:63:5f:97:76:a3:d1:78:db:5b:ce: d1:a1:91:01:91:62:65:1f:9b:a9:6d:d6:52:77:cd:60:7b:a8: 3d:ec:b0:bc:61:cc:f3:03:e5:61:ab:54:99:65:07:20:36:a0: 01:9f:58:0a:a1:1b:58:72:e8:da:7b:7a:78:f7:0f:23:67:33: 08:68:15:39:f6:45:88:fd:eb:dd:e1:1e:be:43:7d:c7:6a:67: a6:18:3e:e8:a1:a8:17:58:db:8b:b9:f3:06:09:e6:48:27:8b: a7:64:97:3b:b4:f6:65:e4:49:eb:58:3d:83:e1:00:79:d5:b5: 79:64:06:30:ce:1e:f4:9e:cc:1e:b7:f9:5c:d1:f8:ce:e0:8c: 8d:4d:7d:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNdwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUxMjA2MTQxNjA4WhcNMjUxMjEzMTQxNjA4WjAYMRYwFAYD VQQDEw02OTM0M2FhOC1lODZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr04SBLThchvDcCTn2ZyJpDfrCI7MB/VZnYifm1qj0/6Hz5nVZfA9THIKFLJg 1G7PDNV2+TCbYVFUV71izItUvrzLLqs0mV7HHOf9/Y/sFCF1zV8VdXJ4gUmPBF79 YEImm0B2QVXSNvElvlwYM4rUzIcRLvXAkUmf1/nrHa7LPEeNIZakD4PPSE+Ozubz Mql7Y51IK/gieRHANEebBOrschPq4yyk1POpven3V93RJoo0ZFg/IgOS6/p34KB0 I8JYJ+PNZ29HKDD07cFHaHq72VVh5iH05TgoaGye1zwwuTx9JpE0P/u0p+vLaNy3 OZh24gpK0EraZbjaCEM4zXMRCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOojxb99 P74OEq+j7FYfkCXFvllOMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkiE+wst7Q1msjAQGCWxKoibJoAjD05aXSNsmCnj0DAzKrH4UxslCp gCxlhifkn8YwziR+mtgY/GJ/j3OpGQOI6MWKl8o2GX32dHJeYunjtAxIYr6c+g49 +IhA6zfpezY9rCoixvXXZKpvrX7o9W9N8/wk62Nfl3aj0XjbW87RoZEBkWJlH5up bdZSd81ge6g97LC8YczzA+Vhq1SZZQcgNqABn1gKoRtYcujae3p49w8jZzMIaBU5 9kWI/evd4R6+Q33HamemGD7ooagXWNuLufMGCeZIJ4unZJc7tPZl5EnrWD2D4QB5 1bV5ZAYwzh70nswet/lc0fjO4IyNTX2U -----END CERTIFICATE-----Generated at Sat Dec 6 17:46:12 2025 by rpki-client