This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json) Hash identifier: S9b+VY20hqh0mhLhM8pNAf8QYXABwDsIAYRqsfCLDA8= Subject key identifier: 27:74:F3:88:50:9E:6E:2B:F8:07:8C:0F:29:CB:A9:9E:42:5E:AA:DD Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0F04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft Manifest number: 0EB4 Signing time: Sat 06 Dec 2025 17:11:02 +0000 Manifest this update: Sat 06 Dec 2025 17:11:02 +0000 Manifest next update: Sat 13 Dec 2025 17:11:02 +0000 Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: 2DI/7pKdOavuXbZkOtIrbWjy9rTxCPlsCg9mOHMSLB4=) 2: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: h1piDIbFbu2D+AHr+FNeuVa8V0LAf8dUKVxZfkw96aI=) 3: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: wbUo+m2N2pVjNOlqoJ9Ve/RDUUkR0+GFezmtrgOfh+0=) 4: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: DsQ8k2r18shy7gg+hUBL2SO8HUEFyNSKHtxB+WEbNG4=) 5: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: hPUFimj9BE3+BwwQ7RyTBe4Kb4UDlyO5v1n1M99BRDE=) 6: DED77BB2FA2F11EF98728875C4F9AE02.roa (hash: uul2CdaEoquPtSKMLPmrjkbQbRp1WUkF6rtkLx9zg64=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 17:11:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3844 (0xf04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C, serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: Dec 6 17:11:02 2025 GMT Not After : Dec 13 17:11:02 2025 GMT Subject: CN=693463a6-0a2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fd:22:a0:34:f3:f5:0f:54:5d:c9:9d:40:c5: 5f:86:b4:68:04:84:72:ca:73:67:3e:9f:66:0b:6b: 53:1c:8d:6b:ef:66:47:5e:2c:63:00:52:5d:f1:f9: d1:fb:ea:6f:ee:7b:fe:7f:97:70:0a:5a:24:75:af: 5a:fa:3d:b1:17:93:0f:14:e7:d9:08:7b:6a:c5:03: ba:60:4e:0b:1a:7e:7b:0f:d1:0a:62:55:c3:f0:01: 65:1b:2a:17:73:a5:21:84:46:c4:c2:3b:20:b4:06: 0f:ba:19:30:42:a5:3b:ba:de:2f:a7:4a:af:e6:1b: ec:bd:37:18:99:d1:ac:00:42:90:3b:88:77:b0:49: f4:c7:82:06:ef:60:01:4b:fe:16:be:8d:69:0b:1a: c8:41:70:d4:e2:f0:1f:ca:5f:63:80:51:df:4d:e0: 5f:a2:f5:05:15:58:78:1d:e7:e1:02:73:62:fa:4d: 26:0f:7a:53:a0:f2:7b:a5:2b:35:ee:74:a9:f6:ed: b5:57:41:e1:7d:50:c6:a1:52:05:f1:76:35:c0:fc: 8b:fb:b1:d6:e1:77:bc:05:50:48:dd:7b:0d:b2:43: ce:e8:5c:02:80:e1:35:46:40:c0:30:0d:47:59:8f: 46:f5:de:03:63:12:26:fc:91:11:d4:ca:c6:fd:25: a0:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:74:F3:88:50:9E:6E:2B:F8:07:8C:0F:29:CB:A9:9E:42:5E:AA:DD X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:ed:9f:e5:fa:cd:7a:7f:dc:c9:49:40:a7:95:89:08:3b:19: 5d:33:30:55:6f:bb:59:fc:d8:58:78:1c:7b:a1:fd:a4:3c:e4: 5e:81:39:53:6b:d7:af:dc:ad:26:eb:2e:40:5b:3a:05:19:e6: f9:48:ee:33:c7:0d:79:60:ed:00:8a:54:14:57:33:fe:b2:92: 8f:c3:7a:88:c9:a3:1f:0b:73:9e:6b:e9:aa:ed:9f:dc:5e:cc: 55:06:65:25:3c:dc:e9:01:f9:63:41:cb:f7:85:cf:44:cc:5d: ec:21:2d:c3:34:f8:32:3e:1b:6e:53:6d:e8:c8:ee:ea:31:ca: f2:bc:26:95:72:bb:d7:5d:e7:a3:be:5d:d0:8a:07:95:6a:d5: e1:9e:52:a3:01:bb:97:5f:2b:b2:45:fc:0c:a4:df:a6:4f:cd: ef:de:0e:9b:96:67:a7:98:14:24:10:e7:83:96:f9:4e:0d:ce: 22:07:62:31:f0:25:f2:50:65:17:c8:6b:97:d0:f7:43:e3:ca: 26:b7:14:cc:58:26:f0:12:43:b8:6a:af:16:89:10:df:d0:27: f6:0f:7d:36:32:68:05:52:b3:5b:df:0b:b4:07:c3:1b:bf:1c: 78:5f:39:7a:2e:05:21:c3:70:74:fa:b7:0f:13:b8:b2:62:0e: c1:6f:4a:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjUxMjA2MTcxMTAyWhcNMjUxMjEzMTcxMTAyWjAYMRYwFAYD VQQDEw02OTM0NjNhNi0wYTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr/0ioDTz9Q9UXcmdQMVfhrRoBIRyynNnPp9mC2tTHI1r72ZHXixjAFJd8fnR ++pv7nv+f5dwClokda9a+j2xF5MPFOfZCHtqxQO6YE4LGn57D9EKYlXD8AFlGyoX c6UhhEbEwjsgtAYPuhkwQqU7ut4vp0qv5hvsvTcYmdGsAEKQO4h3sEn0x4IG72AB S/4Wvo1pCxrIQXDU4vAfyl9jgFHfTeBfovUFFVh4HefhAnNi+k0mD3pToPJ7pSs1 7nSp9u21V0HhfVDGoVIF8XY1wPyL+7HW4Xe8BVBI3XsNskPO6FwCgOE1RkDAMA1H WY9G9d4DYxIm/JER1MrG/SWgiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCd084hQ nm4r+AeMDynLqZ5CXqrdMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2 QmNZN3RXYmlBOFVkeEY0ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBT7Z/l+s16f9zJSUCnlYkIOxldMzBVb7tZ/NhYeBx7of2kPORegTlT a9ev3K0m6y5AWzoFGeb5SO4zxw15YO0AilQUVzP+spKPw3qIyaMfC3Oea+mq7Z/c XsxVBmUlPNzpAfljQcv3hc9EzF3sIS3DNPgyPhtuU23oyO7qMcryvCaVcrvXXeej vl3QigeVatXhnlKjAbuXXyuyRfwMpN+mT83v3g6blmenmBQkEOeDlvlODc4iB2Ix 8CXyUGUXyGuX0PdD48omtxTMWCbwEkO4aq8WiRDf0Cf2D302MmgFUrNb3wu0B8Mb vxx4Xzl6LgUhw3B0+rcPE7iyYg7Bb0p4 -----END CERTIFICATE-----Generated at Sun Dec 7 03:08:42 2025 by rpki-client