This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft
File:                     XDlbosoKv2WIhyaHTHgktpt4mZU.mft (raw, json)
Hash identifier:          ddZaXqSzUCqsi2YD8ui4i8AigqbSBTrqAufWaF2oVR0=
Subject key identifier:   AB:9C:DC:20:E0:3B:34:1E:4C:48:14:74:7E:DA:B1:46:ED:BA:AC:91
Authority key identifier: 5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95
Certificate issuer:       /CN=A91E66E5/serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995
Certificate serial:       0EA8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft
Manifest number:          0E9B
Signing time:             Sat 06 Dec 2025 17:09:03 +0000
Manifest this update:     Sat 06 Dec 2025 17:09:02 +0000
Manifest next update:     Sat 13 Dec 2025 17:09:02 +0000
Files and hashes:         1: XDlbosoKv2WIhyaHTHgktpt4mZU.crl (hash: EZnmT7K+G6MmODf1cL00SyQp/jhQbtQvMq2th34DK7E=)
                          2: AECDA1B0448F11EDACC30815C4F9AE02.roa (hash: xirIMjuaHIPZj6jpdJVKaFKfHlsVW3gI4qvEhU2Je88=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl
                          rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 13 Dec 2025 15:10:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3752 (0xea8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E66E5, serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995
        Validity
            Not Before: Dec  6 17:09:02 2025 GMT
            Not After : Dec 13 17:09:02 2025 GMT
        Subject: CN=6934632f-06a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:30:ec:1f:2d:5e:31:4d:a3:66:11:a6:28:26:
                    76:7b:ce:66:4e:d8:62:85:27:e6:1b:98:3a:81:dc:
                    f6:35:3e:08:2b:a9:7c:32:ab:09:d0:c2:fc:ef:57:
                    05:f9:c4:2f:61:35:c8:73:0b:02:76:04:64:ca:a4:
                    31:f0:20:e6:b3:86:75:60:ad:3b:15:7f:60:0c:01:
                    8f:1b:9a:12:f3:55:28:12:13:cf:8a:ec:1b:50:76:
                    f4:7f:db:e3:57:1e:5a:af:39:9f:a7:07:c2:74:c4:
                    1c:23:40:f0:ac:85:94:fd:3f:88:13:66:fd:00:15:
                    1c:c7:95:20:ce:59:71:0f:5e:0a:8f:50:c3:5e:79:
                    98:1a:dd:60:7c:3d:0c:00:21:3f:83:10:8f:63:05:
                    ef:6a:08:ec:27:f2:7e:50:42:56:62:d3:03:34:f3:
                    f8:a0:0a:02:6e:b5:0a:9c:7b:9d:4c:89:2c:42:f2:
                    d1:03:56:f8:f0:12:26:3b:84:d3:f4:71:e5:dd:2b:
                    bb:30:00:a1:f6:ff:e6:38:09:20:0d:b9:c2:3f:71:
                    c6:3c:c2:79:54:74:84:9b:c9:5d:05:ac:8f:d0:7e:
                    2b:75:94:0a:f2:33:70:d6:ea:45:b4:cf:70:44:15:
                    bb:0a:52:69:94:df:c3:f9:86:e6:bf:b7:b6:8d:99:
                    47:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:9C:DC:20:E0:3B:34:1E:4C:48:14:74:7E:DA:B1:46:ED:BA:AC:91
            X509v3 Authority Key Identifier:
                keyid:5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:e6:e2:ba:90:e6:4a:ea:16:68:35:dd:8c:63:d9:bc:46:8b:
         98:5e:7f:90:56:73:16:a6:19:68:99:6d:1d:18:e9:23:80:9b:
         93:8c:8a:3c:16:f3:f2:c9:f4:23:f0:9a:c2:64:64:d4:5a:c5:
         56:f3:b0:60:c0:3d:3f:97:25:27:87:3b:73:18:cb:f0:f4:ce:
         cd:45:e9:16:b8:33:94:50:1d:ce:50:0a:27:43:dc:fc:60:21:
         72:52:6d:be:21:c9:fd:2b:9a:b6:12:df:ee:bb:aa:a8:29:a6:
         ac:fb:eb:47:2a:1f:15:52:13:17:ee:72:d3:38:f3:8e:32:9d:
         81:60:0b:eb:88:cf:11:fc:5a:9f:b4:00:2a:cd:26:85:b8:9a:
         2a:1c:c6:31:ea:0f:2e:b8:de:bb:97:c6:8e:64:98:a4:b3:4c:
         e5:98:20:72:7a:66:ee:a6:9a:01:cb:53:c2:a6:3f:a5:21:12:
         8a:35:2f:c8:f8:09:c2:b6:ae:22:63:60:c5:67:21:12:9d:e6:
         fd:51:55:a8:03:02:99:cc:5e:53:48:60:c9:f2:08:f4:6d:53:
         dc:50:1f:bd:47:2a:60:08:c5:af:5e:a0:19:e5:19:4a:d2:e5:
         fc:c9:35:e8:8a:2a:fc:3c:5c:6e:d1:a0:37:c9:e0:11:23:bc:
         01:b5:12:8d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTY2RTUxMTAvBgNVBAUTKDVDMzk1QkEyQ0EwQUJGNjU4ODg3MjY4NzRDNzgyNEI2
OUI3ODk5OTUwHhcNMjUxMjA2MTcwOTAyWhcNMjUxMjEzMTcwOTAyWjAYMRYwFAYD
VQQDEw02OTM0NjMyZi0wNmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1TDsHy1eMU2jZhGmKCZ2e85mTthihSfmG5g6gdz2NT4IK6l8MqsJ0ML871cF
+cQvYTXIcwsCdgRkyqQx8CDms4Z1YK07FX9gDAGPG5oS81UoEhPPiuwbUHb0f9vj
Vx5arzmfpwfCdMQcI0DwrIWU/T+IE2b9ABUcx5UgzllxD14Kj1DDXnmYGt1gfD0M
ACE/gxCPYwXvagjsJ/J+UEJWYtMDNPP4oAoCbrUKnHudTIksQvLRA1b48BImO4TT
9HHl3Su7MACh9v/mOAkgDbnCP3HGPMJ5VHSEm8ldBayP0H4rdZQK8jNw1upFtM9w
RBW7ClJplN/D+Ybmv7e2jZlHZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKuc3CDg
OzQeTEgUdH7asUbtuqyRMB8GA1UdIwQYMBaAFFw5W6LKCr9liIcmh0x4JLabeJmV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjZFNS81NjQzMDU4NkEy
NzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3YyV0loeWFIVEhna3RwdDRt
WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hEbGJvc29LdjJXSWh5YUhUSGdrdHB0NG1aVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NjZFNS81NjQzMDU4NkEyNzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3Yy
V0loeWFIVEhna3RwdDRtWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDJ5uK6kOZK6hZoNd2MY9m8RouYXn+QVnMWphlomW0dGOkjgJuTjIo8
FvPyyfQj8JrCZGTUWsVW87BgwD0/lyUnhztzGMvw9M7NRekWuDOUUB3OUAonQ9z8
YCFyUm2+Icn9K5q2Et/uu6qoKaas++tHKh8VUhMX7nLTOPOOMp2BYAvriM8R/Fqf
tAAqzSaFuJoqHMYx6g8uuN67l8aOZJiks0zlmCByembuppoBy1PCpj+lIRKKNS/I
+AnCtq4iY2DFZyESneb9UVWoAwKZzF5TSGDJ8gj0bVPcUB+9RypgCMWvXqAZ5RlK
0uX8yTXoiir8PFxu0aA3yeARI7wBtRKN
-----END CERTIFICATE-----
Generated at Sat Dec 6 20:21:49 2025 by rpki-client