This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft File: HretI1L3xupKYveEzl-7EW3ybsI.mft (raw, json) Hash identifier: IqRenzwibZq9lcYHa7q/b65NJ5d9+NJq6of21rt375E= Subject key identifier: 16:36:69:F0:93:11:A1:19:5E:39:DF:23:22:0E:C5:4A:8A:5A:FB:25 Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Certificate serial: 084D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft Manifest number: 0832 Signing time: Sat 06 Dec 2025 20:04:03 +0000 Manifest this update: Sat 06 Dec 2025 20:04:02 +0000 Manifest next update: Sat 13 Dec 2025 20:04:02 +0000 Files and hashes: 1: HretI1L3xupKYveEzl-7EW3ybsI.crl (hash: tDecIXTAGVDI4LmAMb7VwvtVqQ14R8oNNljSOhcXrd0=) 2: 84B96CA6904111EF8D11A381C4F9AE02.roa (hash: bp4jWdbgFBJj7qXPWgiCGUliXYnrbIsNlkes3iQSxxc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 20:04:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2125 (0x84d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF24F, serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Validity Not Before: Dec 6 20:04:02 2025 GMT Not After : Dec 13 20:04:02 2025 GMT Subject: CN=69348c32-98be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:29:0b:d3:17:e8:80:b9:65:3a:37:7f:3f:35: 89:01:41:a7:0d:82:84:6f:43:33:ab:ca:c4:9d:47: 65:28:e9:ab:66:7e:d4:24:0f:51:eb:8c:cd:7d:55: 36:b1:26:7e:fe:8d:3c:5e:ac:5f:1d:31:1d:2a:6d: 2b:99:8b:2e:1c:1f:37:0c:c8:ec:9b:f8:8d:cb:76: 77:6e:d3:41:0a:4b:b1:7e:a9:c4:60:e0:f4:63:fd: 8e:d5:b1:78:4e:5c:84:cd:a0:e7:06:ef:98:a9:18: 4e:4b:56:e1:17:71:eb:a1:09:01:70:70:33:57:67: a7:34:05:3f:12:70:94:68:9e:2f:89:24:cb:25:89: 57:76:2a:07:63:cd:4a:7b:8e:a6:3f:2a:6a:d9:6d: b8:15:78:ab:16:ad:f4:a7:73:d8:c5:d4:93:20:1e: 3c:46:2c:74:51:71:d1:81:7e:83:4f:49:df:5b:8c: c7:8f:5d:c2:af:14:d7:2a:36:a5:85:0c:df:f7:4f: 63:7f:19:cf:d1:be:74:3b:3a:0c:eb:ec:6f:af:58: 97:2e:d8:d6:79:25:aa:4b:2d:39:64:6b:79:34:2c: 42:fe:d5:5a:05:0f:be:2c:1b:1a:11:c5:82:d1:94: a7:4a:68:57:52:a6:d6:fe:d1:f9:66:2a:b6:05:89: 7b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:36:69:F0:93:11:A1:19:5E:39:DF:23:22:0E:C5:4A:8A:5A:FB:25 X509v3 Authority Key Identifier: keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:1f:f8:ca:2a:35:de:86:02:a9:43:5b:a9:1a:08:73:cd:80: 4f:df:8b:b9:4a:9c:5a:4a:a9:0b:7b:62:e7:5b:bc:18:1a:e7: 3b:a1:61:96:47:88:07:cd:d7:26:03:2e:b7:39:5e:b0:25:56: 79:67:58:80:4e:1f:5e:5a:46:cc:e7:56:6d:7e:8b:45:5d:4b: 40:0b:ee:1b:94:13:7a:14:86:b8:5a:e5:01:09:a6:05:1f:43: ba:c6:29:5a:21:df:ec:3d:e2:c0:c3:88:02:64:3c:e3:a7:fe: dc:bd:5e:c8:c0:ce:e1:d9:9c:8a:ef:81:aa:1d:7d:ae:5a:59: 67:de:49:fa:f1:85:01:b3:aa:16:6e:5d:ec:ba:16:2a:cb:3e: c0:e0:2f:ea:3b:a1:c6:ed:28:ef:cf:33:89:43:a0:15:11:b0: 11:70:bd:6c:b4:33:83:c5:46:de:b1:fc:c3:65:b8:60:50:07: 94:61:0c:2f:48:10:c9:a8:24:4f:d3:fa:56:18:ec:02:e4:84: 01:3b:20:96:7d:0d:39:22:59:35:6e:44:ef:ad:92:db:4e:e3: b4:5d:1e:b1:0e:25:24:23:6b:05:26:74:ed:bd:83:16:1f:fa: 38:1f:71:77:62:41:87:dd:eb:d1:b3:5f:d8:41:40:c9:ee:44: a6:a0:d0:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx NkRGMjZFQzIwHhcNMjUxMjA2MjAwNDAyWhcNMjUxMjEzMjAwNDAyWjAYMRYwFAYD VQQDEw02OTM0OGMzMi05OGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6ikL0xfogLllOjd/PzWJAUGnDYKEb0Mzq8rEnUdlKOmrZn7UJA9R64zNfVU2 sSZ+/o08XqxfHTEdKm0rmYsuHB83DMjsm/iNy3Z3btNBCkuxfqnEYOD0Y/2O1bF4 TlyEzaDnBu+YqRhOS1bhF3HroQkBcHAzV2enNAU/EnCUaJ4viSTLJYlXdioHY81K e46mPypq2W24FXirFq30p3PYxdSTIB48Rix0UXHRgX6DT0nfW4zHj13CrxTXKjal hQzf909jfxnP0b50OzoM6+xvr1iXLtjWeSWqSy05ZGt5NCxC/tVaBQ++LBsaEcWC 0ZSnSmhXUqbW/tH5Ziq2BYl7CQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBY2afCT EaEZXjnfIyIOxUqKWvslMB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjI0Ri82NURERkFCNDAyRkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1 cEtZdmVFemwtN0VXM3lic0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYH/jKKjXehgKpQ1upGghzzYBP34u5SpxaSqkLe2LnW7wYGuc7oWGW R4gHzdcmAy63OV6wJVZ5Z1iATh9eWkbM51ZtfotFXUtAC+4blBN6FIa4WuUBCaYF H0O6xilaId/sPeLAw4gCZDzjp/7cvV7IwM7h2ZyK74GqHX2uWlln3kn68YUBs6oW bl3suhYqyz7A4C/qO6HG7SjvzzOJQ6AVEbARcL1stDODxUbesfzDZbhgUAeUYQwv SBDJqCRP0/pWGOwC5IQBOyCWfQ05Ilk1bkTvrZLbTuO0XR6xDiUkI2sFJnTtvYMW H/o4H3F3YkGH3evRs1/YQUDJ7kSmoNA2 -----END CERTIFICATE-----Generated at Mon Dec 8 09:12:59 2025 by rpki-client