This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft File: Z38M1kpd4sGwKO0APFaHS0j6LiE.mft (raw, json) Hash identifier: 4/LRfByNHLfCYfu25etgXuW+e3iGk1yFK/IqlWH+CpE= Subject key identifier: 2E:CA:5E:C7:84:86:27:10:F7:D3:EB:0B:24:12:80:E0:9A:E1:D8:02 Authority key identifier: 67:7F:0C:D6:4A:5D:E2:C1:B0:28:ED:00:3C:56:87:4B:48:FA:2E:21 Certificate issuer: /CN=A91F17B3/serialNumber=677F0CD64A5DE2C1B028ED003C56874B48FA2E21 Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft Manifest number: 3C Signing time: Fri 05 Dec 2025 05:20:08 +0000 Manifest this update: Fri 05 Dec 2025 05:20:07 +0000 Manifest next update: Fri 12 Dec 2025 05:20:07 +0000 Files and hashes: 1: Z38M1kpd4sGwKO0APFaHS0j6LiE.crl (hash: GIuIS8/BPoFN+bt6hzjZQrk/3FIDRlbyqE/jLGOBJN0=) 2: AD46933EB65011F0B751DB86C4F9AE02.roa (hash: 4nT2yihpsRgIGDl3UtBaxjdfAfsQlqp6s85lRI5En8w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.crl rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 05:20:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F17B3, serialNumber=677F0CD64A5DE2C1B028ED003C56874B48FA2E21 Validity Not Before: Dec 5 05:20:07 2025 GMT Not After : Dec 12 05:20:07 2025 GMT Subject: CN=69326b88-3cfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a6:e9:8c:40:0b:97:d5:f8:bf:32:70:8e:33: e1:40:73:0f:fc:df:87:34:63:ae:76:11:3d:3a:0d: b3:fc:27:fb:dc:f8:b6:44:d2:f2:16:f9:30:52:69: 56:a0:e3:0f:a0:ef:9b:ff:c1:d7:a3:d3:d7:92:47: 39:38:01:d6:de:63:21:f3:14:38:03:85:f2:3e:0b: 74:b6:73:a4:8a:b2:2a:38:7b:46:c9:e3:44:37:a7: d4:cf:16:33:70:23:77:80:52:fb:f6:f1:e5:77:84: 1f:0e:d7:fa:d4:19:42:ff:eb:4c:3c:4c:2a:55:9e: 64:60:24:3b:f0:14:44:fe:33:19:bd:a9:33:dc:f3: bd:02:30:3d:a1:78:1f:48:47:12:34:65:84:bf:74: c5:ae:e0:87:e7:93:0a:a6:0e:7b:71:93:f3:ff:98: c1:8c:65:a1:04:7e:10:52:02:7d:fc:ae:81:66:da: 16:5a:01:b2:24:b9:f6:e3:cc:60:9d:13:76:dd:4c: 3d:27:5d:3c:af:f5:e2:bc:d4:2c:31:fd:78:24:d4: 6d:fb:7f:5d:cf:b2:3d:0f:1b:b6:52:8c:27:8e:c2: f2:42:b9:78:46:38:a4:8e:d4:8e:00:7b:e3:2a:24: 51:2a:92:d4:13:32:93:04:11:ae:c2:6e:1f:0a:41: 7c:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:CA:5E:C7:84:86:27:10:F7:D3:EB:0B:24:12:80:E0:9A:E1:D8:02 X509v3 Authority Key Identifier: keyid:67:7F:0C:D6:4A:5D:E2:C1:B0:28:ED:00:3C:56:87:4B:48:FA:2E:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:19:8f:63:ff:c5:5f:e2:ca:ce:1a:5d:6a:a6:55:ec:ff:13: d0:15:a3:7c:d6:9c:b5:d5:03:19:6d:4a:9f:53:41:a9:2a:f7: 11:23:e6:a8:8c:7f:d6:00:a2:cd:94:8e:b5:9a:79:a3:e8:6e: a7:07:70:a9:b5:ea:b8:70:1f:49:db:32:18:e5:20:f7:e0:b8: 1b:33:3f:bc:6d:c2:22:a1:d9:56:f0:9e:05:43:81:1b:59:58: d7:93:16:74:d3:df:c9:74:0f:33:74:46:6b:4a:55:c8:5a:fb: df:53:dd:d1:2c:37:b9:9d:9b:86:2e:fe:ee:b0:19:50:6c:96: 25:66:60:b7:12:12:ef:e2:fe:ad:0d:d9:a8:a3:f8:ee:3b:36: d5:96:e4:a1:17:86:6f:9e:44:66:d4:3e:e8:38:c1:ac:57:96: d3:49:2b:d5:37:7a:53:76:67:46:e6:9d:d1:0f:de:88:0c:04: d3:f3:d1:cc:ce:cc:f4:55:21:4f:99:9f:39:e1:91:63:07:f0: 52:d4:32:32:dd:f3:91:b5:b1:aa:7e:5b:ae:e6:2e:7d:2b:cf: 0c:39:de:c1:f6:ae:60:74:88:d9:a3:57:af:ad:63:d5:ef:62: 4a:3a:f3:3b:22:20:ea:0c:52:d8:d5:22:84:4c:60:eb:30:c3: 7b:0a:c2:4d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG MTdCMzExMC8GA1UEBRMoNjc3RjBDRDY0QTVERTJDMUIwMjhFRDAwM0M1Njg3NEI0 OEZBMkUyMTAeFw0yNTEyMDUwNTIwMDdaFw0yNTEyMTIwNTIwMDdaMBgxFjAUBgNV BAMTDTY5MzI2Yjg4LTNjZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzpumMQAuX1fi/MnCOM+FAcw/834c0Y652ET06DbP8J/vc+LZE0vIW+TBSaVag 4w+g75v/wdej09eSRzk4AdbeYyHzFDgDhfI+C3S2c6SKsio4e0bJ40Q3p9TPFjNw I3eAUvv28eV3hB8O1/rUGUL/60w8TCpVnmRgJDvwFET+Mxm9qTPc870CMD2heB9I RxI0ZYS/dMWu4IfnkwqmDntxk/P/mMGMZaEEfhBSAn38roFm2hZaAbIkufbjzGCd E3bdTD0nXTyv9eK81Cwx/Xgk1G37f13Psj0PG7ZSjCeOwvJCuXhGOKSO1I4Ae+Mq JFEqktQTMpMEEa7Cbh8KQXzBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULspex4SG JxD30+sLJBKA4Jrh2AIwHwYDVR0jBBgwFoAUZ38M1kpd4sGwKO0APFaHS0j6LiEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0IzLzU1OEM2MDk4NzlD RDExRjBBOUI5MDMyMUM0RjlBRTAyL1ozOE0xa3BkNHNHd0tPMEFQRmFIUzBqNkxp RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWjM4TTFrcGQ0c0d3S08wQVBGYUhTMGo2TGlFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYx N0IzLzU1OEM2MDk4NzlDRDExRjBBOUI5MDMyMUM0RjlBRTAyL1ozOE0xa3BkNHNH d0tPMEFQRmFIUzBqNkxpRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEEZj2P/xV/iys4aXWqmVez/E9AVo3zWnLXVAxltSp9TQakq9xEj5qiM f9YAos2UjrWaeaPobqcHcKm16rhwH0nbMhjlIPfguBszP7xtwiKh2VbwngVDgRtZ WNeTFnTT38l0DzN0RmtKVcha+99T3dEsN7mdm4Yu/u6wGVBsliVmYLcSEu/i/q0N 2aij+O47NtWW5KEXhm+eRGbUPug4waxXltNJK9U3elN2Z0bmndEP3ogMBNPz0czO zPRVIU+ZnznhkWMH8FLUMjLd85G1sap+W67mLn0rzww53sH2rmB0iNmjV6+tY9Xv Yko68zsiIOoMUtjVIoRMYOsww3sKwk0= -----END CERTIFICATE-----Generated at Sun Dec 7 02:56:57 2025 by rpki-client