This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft File: HAF157M3En5uwlH0Og0qxhMRv04.mft (raw, json) Hash identifier: E0M0VNZVIkwiuzSOP5L34PWcUlIxYdE30ZirrNqO45s= Subject key identifier: E2:5A:E3:49:C4:AE:AF:6C:3C:F4:EC:B9:01:9C:4A:84:E2:F3:6E:53 Authority key identifier: 1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E Certificate issuer: /CN=A91E3584/serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E Certificate serial: 34ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft Manifest number: 34EA Signing time: Thu 18 Dec 2025 14:25:32 +0000 Manifest this update: Thu 18 Dec 2025 14:25:32 +0000 Manifest next update: Thu 25 Dec 2025 14:25:32 +0000 Files and hashes: 1: HAF157M3En5uwlH0Og0qxhMRv04.crl (hash: RuxFiDDQd0pFQ9oJe2rRbixXZW57N8/oi70C6zHsgWc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.crl rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 14:25:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13549 (0x34ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3584, serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E Validity Not Before: Dec 18 14:25:32 2025 GMT Not After : Dec 25 14:25:32 2025 GMT Subject: CN=69440edc-66cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:fb:83:d7:ed:40:a7:0e:92:53:bb:e1:a0:86: 6e:11:53:5f:28:19:96:47:10:5b:1e:24:1a:33:b2: 8b:45:c6:99:69:f0:c1:2f:f6:40:7d:12:f6:1b:bf: 3f:14:8f:dc:cb:9e:99:69:a9:e7:23:49:41:fd:49: 23:00:5a:9f:32:42:b1:9a:bf:6a:35:52:0d:79:71: 91:42:ca:f0:4a:e6:97:4a:5c:1d:14:fa:fc:24:cf: 48:dd:37:0d:32:d1:6f:0a:df:a7:5a:46:81:f4:86: 07:50:aa:a0:55:80:c6:87:1b:c2:a9:9e:95:00:2c: 3d:20:bc:61:80:37:ce:f8:59:8c:69:49:f4:28:bc: 28:c0:eb:ac:11:03:3b:fa:11:d0:66:ee:63:4a:7f: 2e:f3:8a:6a:fc:0d:a6:50:40:9e:f9:c6:ec:a5:a7: de:c6:4b:64:a9:5d:e2:3a:d9:ca:62:ac:c7:40:8f: f0:44:81:d1:ba:50:fe:84:e6:33:5c:5c:a8:5a:3d: 99:ef:13:77:cc:31:e2:a6:14:90:45:ed:ad:9f:a7: e0:20:dc:6c:f0:ef:99:9e:99:c2:9f:b2:a5:41:19: ff:fa:58:bf:c6:be:b1:7b:34:f7:7c:cf:92:13:f8: 83:6e:ac:b5:f4:75:76:6a:56:b5:6b:e4:9e:41:99: 78:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:5A:E3:49:C4:AE:AF:6C:3C:F4:EC:B9:01:9C:4A:84:E2:F3:6E:53 X509v3 Authority Key Identifier: keyid:1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:f5:7d:c0:b9:08:40:dd:7f:5f:02:2e:07:c8:78:9e:66:cb: 20:f7:ef:d9:51:90:ea:30:61:09:1e:c0:9f:b1:53:e2:27:51: 4f:d7:8e:4c:9b:fb:3c:30:8e:57:0d:c7:13:44:0c:85:43:c3: bc:4a:c4:3f:04:08:33:cd:e8:e8:2f:f9:16:44:45:49:be:14: 3b:ac:14:70:ac:bc:24:ff:43:08:97:11:e4:b0:44:a5:dc:0d: 1b:28:2c:8b:29:9d:b4:10:22:4e:81:bf:06:66:e0:68:ae:8d: b4:48:80:44:0b:dc:5a:25:23:20:98:9d:b9:08:d9:70:31:ed: 10:20:db:97:53:6f:0e:6a:1d:43:d9:3a:39:ea:58:66:be:74: 8e:36:6b:ab:f9:d7:e1:8d:9d:16:f4:71:5d:48:17:ec:e7:91: fa:0f:8a:c1:f7:43:d2:63:86:80:78:04:45:a6:96:b0:eb:72: f5:25:d5:a3:8b:c5:14:14:09:96:aa:bb:10:9c:cf:a2:6c:c3: d6:94:25:89:11:8a:49:e0:75:34:02:7a:c9:10:9f:3c:1f:b7: d8:bf:79:ce:3c:09:fa:ba:1f:3c:43:19:5e:49:16:ce:8f:c7: ae:3e:5e:4c:a5:68:0d:5c:77:90:da:68:45:d5:e9:63:5d:d5: 02:fb:b4:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTM1ODQxMTAvBgNVBAUTKDFDMDE3NUU3QjMzNzEyN0U2RUMyNTFGNDNBMEQyQUM2 MTMxMUJGNEUwHhcNMjUxMjE4MTQyNTMyWhcNMjUxMjI1MTQyNTMyWjAYMRYwFAYD VQQDDA02OTQ0MGVkYy02NmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw/uD1+1Apw6SU7vhoIZuEVNfKBmWRxBbHiQaM7KLRcaZafDBL/ZAfRL2G78/ FI/cy56ZaannI0lB/UkjAFqfMkKxmr9qNVINeXGRQsrwSuaXSlwdFPr8JM9I3TcN MtFvCt+nWkaB9IYHUKqgVYDGhxvCqZ6VACw9ILxhgDfO+FmMaUn0KLwowOusEQM7 +hHQZu5jSn8u84pq/A2mUECe+cbspafexktkqV3iOtnKYqzHQI/wRIHRulD+hOYz XFyoWj2Z7xN3zDHiphSQRe2tn6fgINxs8O+ZnpnCn7KlQRn/+li/xr6xezT3fM+S E/iDbqy19HV2ala1a+SeQZl4MQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOJa40nE rq9sPPTsuQGcSoTi825TMB8GA1UdIwQYMBaAFBwBdeezNxJ+bsJR9DoNKsYTEb9O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzU4NC9EMUExMjk0NjFE ODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdNM0VuNXV3bEgwT2cwcXhoTVJ2 MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hBRjE1N00zRW41dXdsSDBPZzBxeGhNUnYwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MzU4NC9EMUExMjk0NjFEODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdNM0Vu NXV3bEgwT2cwcXhoTVJ2MDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBm9X3AuQhA3X9fAi4HyHieZssg9+/ZUZDqMGEJHsCfsVPiJ1FP145M m/s8MI5XDccTRAyFQ8O8SsQ/BAgzzejoL/kWREVJvhQ7rBRwrLwk/0MIlxHksESl 3A0bKCyLKZ20ECJOgb8GZuBoro20SIBEC9xaJSMgmJ25CNlwMe0QINuXU28Oah1D 2To56lhmvnSONmur+dfhjZ0W9HFdSBfs55H6D4rB90PSY4aAeARFppaw63L1JdWj i8UUFAmWqrsQnM+ibMPWlCWJEYpJ4HU0AnrJEJ88H7fYv3nOPAn6uh88QxleSRbO j8euPl5MpWgNXHeQ2mhF1eljXdUC+7SN -----END CERTIFICATE-----Generated at Thu Dec 18 19:06:09 2025 by rpki-client