This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft File: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft (raw, json) Hash identifier: EC5IadYOHSk3AvUMrYg1IbA830257e41ezTuSlKOifI= Subject key identifier: 31:BE:87:B8:97:E6:B8:6A:C6:1D:DD:FC:6F:28:7B:1B:6F:40:7D:3A Authority key identifier: C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 Certificate issuer: /CN=A91E3BF2/serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Certificate serial: 0315 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft Manifest number: 030F Signing time: Thu 04 Dec 2025 23:30:53 +0000 Manifest this update: Thu 04 Dec 2025 23:30:52 +0000 Manifest next update: Thu 11 Dec 2025 23:30:52 +0000 Files and hashes: 1: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl (hash: ywcfp8xNwT3CKlFba0IzcuVLHnB9Xs1E/9VPhD8Cu5c=) 2: 6B7C33C8F6C811ECBDF7DD40C4F9AE02.roa (hash: iVRqxqRDbn6K8sleGw8ykyX5wSW8dSg7Li1MPpVmJsY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 23:30:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 789 (0x315) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BF2, serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Validity Not Before: Dec 4 23:30:52 2025 GMT Not After : Dec 11 23:30:52 2025 GMT Subject: CN=693219ac-82f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:7c:d2:89:5c:e6:c0:d5:48:bc:10:3a:10:dd: 07:dc:b9:f5:f8:6d:90:cb:3a:98:31:fa:84:43:b9: 6e:7f:c8:f9:63:5f:bd:4c:ec:55:22:b9:a2:6a:29: 0c:d7:12:df:57:5d:aa:9c:8f:2e:54:14:f4:81:ec: 0f:e9:da:dc:f7:24:bc:f7:bf:e7:eb:56:21:a2:7a: 66:f5:92:d2:97:70:57:02:47:42:35:9b:3b:af:58: c2:67:d4:c7:50:23:05:ff:4e:59:a3:3a:0f:8c:d2: 97:f6:86:99:55:b3:36:2f:9b:0e:8d:34:81:0c:c4: 33:7e:e5:2b:bc:de:25:f2:93:c3:a0:e7:ee:63:38: b1:47:8e:f0:5a:ca:cd:9e:72:6e:f0:bb:5f:ab:cd: 5f:aa:30:13:7a:aa:ae:de:ac:d3:37:46:49:bd:ae: 80:a8:fd:f0:f1:4c:6f:e0:12:e9:3e:fb:d5:d4:1a: cc:7e:9c:a4:3a:9c:0f:b2:36:48:39:79:48:35:15: 6c:e1:e9:fe:f8:19:65:d0:a2:bf:4e:e0:4d:8a:0d: 79:6d:a9:79:2e:9e:a6:49:74:53:14:66:86:c1:33: 5a:51:c2:9b:43:8a:69:30:4f:89:b6:be:09:eb:3f: 65:cf:4d:e6:37:ad:84:dc:d3:de:ab:7f:4a:01:86: 52:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:BE:87:B8:97:E6:B8:6A:C6:1D:DD:FC:6F:28:7B:1B:6F:40:7D:3A X509v3 Authority Key Identifier: keyid:C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:98:a7:76:b7:4a:fc:3d:95:d6:97:30:a7:1b:6c:8b:4d:c6: 9e:4e:cf:08:00:19:05:e8:31:b4:16:c0:b1:7a:ec:1f:94:19: 49:52:cf:9f:2e:6d:1c:11:58:e0:f3:90:53:0d:a4:42:0d:6b: bc:6a:90:d3:ea:f0:8b:46:62:5a:ff:67:9d:d0:41:e4:2e:65: a4:1f:55:f8:5f:93:a2:78:24:3d:5f:c0:e8:72:1a:d8:1f:fa: ef:e9:85:f0:ad:76:ce:ca:71:c8:13:a4:6e:3c:d8:67:ea:43: 3e:5c:34:11:3d:ba:3e:ad:e8:01:04:51:10:35:a5:85:b5:5c: b5:d4:4f:9e:8f:ff:35:2c:d7:2e:04:c9:1d:aa:06:a6:f8:1d: 57:0e:b5:49:d5:8c:57:5d:ed:61:b3:e2:9b:0e:07:00:57:b2: 51:33:f7:94:83:f0:45:a1:ed:27:70:ce:0e:ec:c4:e2:b4:2a: 35:98:8a:80:47:a1:9c:ee:50:6e:80:91:c7:fa:64:94:22:c5: cd:0c:b3:1b:e9:cb:aa:17:c3:e1:4a:21:ce:ce:8e:2f:34:77: 41:5b:8a:72:4b:c3:2d:ca:cd:35:c3:a9:b7:ad:d3:52:a1:f7: 18:b1:bc:ce:d9:20:e5:bb:9a:05:9a:f9:f6:b5:a1:5a:f9:85: e7:ec:aa:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAxUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCRjIxMTAvBgNVBAUTKEM0NzFBNTZFRTk0RjA1QjQzN0MwOUVFRTBGNDQyMDNG QTQ1OTI3MzYwHhcNMjUxMjA0MjMzMDUyWhcNMjUxMjExMjMzMDUyWjAYMRYwFAYD VQQDEw02OTMyMTlhYy04MmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA23zSiVzmwNVIvBA6EN0H3Ln1+G2QyzqYMfqEQ7luf8j5Y1+9TOxVIrmiaikM 1xLfV12qnI8uVBT0gewP6drc9yS897/n61Yhonpm9ZLSl3BXAkdCNZs7r1jCZ9TH UCMF/05ZozoPjNKX9oaZVbM2L5sOjTSBDMQzfuUrvN4l8pPDoOfuYzixR47wWsrN nnJu8Ltfq81fqjATeqqu3qzTN0ZJva6AqP3w8Uxv4BLpPvvV1BrMfpykOpwPsjZI OXlINRVs4en++Bll0KK/TuBNig15bal5Lp6mSXRTFGaGwTNaUcKbQ4ppME+Jtr4J 6z9lz03mN62E3NPeq39KAYZSzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDG+h7iX 5rhqxh3d/G8oextvQH06MB8GA1UdIwQYMBaAFMRxpW7pTwW0N8Ce7g9EID+kWSc2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JGMi81MDkwOTZBOEY2 QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJiUTN3Sjd1RDBRZ1A2UlpK elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIR2xidWxQQmJRM3dKN3VEMFFnUDZSWkp6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JGMi81MDkwOTZBOEY2QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJi UTN3Sjd1RDBRZ1A2UlpKelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgmKd2t0r8PZXWlzCnG2yLTcaeTs8IABkF6DG0FsCxeuwflBlJUs+f Lm0cEVjg85BTDaRCDWu8apDT6vCLRmJa/2ed0EHkLmWkH1X4X5OieCQ9X8DochrY H/rv6YXwrXbOynHIE6RuPNhn6kM+XDQRPbo+regBBFEQNaWFtVy11E+ej/81LNcu BMkdqgam+B1XDrVJ1YxXXe1hs+KbDgcAV7JRM/eUg/BFoe0ncM4O7MTitCo1mIqA R6Gc7lBugJHH+mSUIsXNDLMb6cuqF8PhSiHOzo4vNHdBW4pyS8Mtys01w6m3rdNS ofcYsbzO2SDlu5oFmvn2taFa+YXn7KqS -----END CERTIFICATE-----Generated at Sat Dec 6 22:05:04 2025 by rpki-client