This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft File: kGA-NU21aLPKQpAOcDAR55ZiiS4.mft (raw, json) Hash identifier: xO5h0Far5mOCT1MzBZ/1NMCNMejeMSZeVcHE63OjOV8= Subject key identifier: 37:61:50:85:6F:FC:AD:44:34:39:23:C5:C8:1C:00:6D:7E:6B:85:79 Authority key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E Certificate issuer: /CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E Certificate serial: 0664 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft Manifest number: 0658 Signing time: Sat 06 Dec 2025 15:43:38 +0000 Manifest this update: Sat 06 Dec 2025 15:43:38 +0000 Manifest next update: Sat 13 Dec 2025 15:43:38 +0000 Files and hashes: 1: kGA-NU21aLPKQpAOcDAR55ZiiS4.crl (hash: JfTd3P442gKBy78ljR0n8HtZtEXQHewXjeX79lWtkXg=) 2: 8CD64094BDFE11EBBBB16A42C4F9AE02.roa (hash: JYcdT8gc4SSOPp9mZ4cChcf87lzFLOtfwrJ4fYMBet4=) 3: 30857DB6CBA211ECAE233133C4F9AE02.roa (hash: eSlTAoQ5k0fFKiHMdeu9X90T/rFtlTnA6Fx/5ofc1sU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 15:10:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1636 (0x664) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E, serialNumber=90603E354DB568B3CA42900E703011E79662892E Validity Not Before: Dec 6 15:43:38 2025 GMT Not After : Dec 13 15:43:38 2025 GMT Subject: CN=69344f2a-ef53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:77:2c:af:dd:c8:41:23:a2:28:64:20:fb:ac: 9c:67:60:8b:91:56:f0:54:66:77:ee:97:4e:f1:12: 5e:cf:1e:c1:d0:d4:84:d6:91:6b:88:da:5c:51:a3: af:77:7d:e5:7f:ca:52:5e:dd:67:25:cd:4d:65:7e: 28:13:90:9e:fb:76:3f:a8:bb:ea:53:ea:e5:b6:93: 62:31:e7:4a:4d:45:8d:14:89:b8:ed:69:9d:12:eb: e0:86:ee:30:55:a0:b6:73:77:b1:47:2e:62:e4:8f: 10:85:9c:1b:a4:a7:d3:e2:7a:d8:c4:aa:0b:3b:1b: 07:23:b4:5d:24:57:93:3c:0a:df:63:30:d2:db:32: ea:7a:7b:5c:dc:67:9c:e8:4f:11:f8:f0:d0:89:dc: 11:2a:e9:7b:6f:67:b9:0e:c2:ce:2c:36:7f:87:eb: 0d:a0:9c:f8:9a:2b:b3:93:c3:62:16:cb:4c:77:86: af:f1:75:36:7c:95:25:47:1d:ad:c6:f1:9f:d3:23: 29:54:05:07:88:90:09:ea:ba:f9:84:a9:86:da:85: 2d:15:0b:ee:d8:13:b8:26:95:10:3c:d4:69:0a:5b: 93:78:98:99:8b:13:2c:3b:6e:45:1f:a6:d9:7e:4e: 4a:dc:47:f5:5c:e4:31:16:9c:9b:89:4f:38:37:9c: 63:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:61:50:85:6F:FC:AD:44:34:39:23:C5:C8:1C:00:6D:7E:6B:85:79 X509v3 Authority Key Identifier: keyid:90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:f0:62:d5:94:7c:24:ad:36:bb:e4:ec:91:c8:a6:e0:73:31: 7e:33:9c:d2:ac:39:0c:59:4c:35:f3:f6:87:10:91:81:a2:74: 2e:8d:e1:fc:f3:5e:5b:51:3b:78:ed:1d:cd:e6:ea:9a:27:e4: d9:3f:b9:fb:5a:92:d0:9b:0b:05:69:c9:5f:4a:6b:b4:d8:f7: 9b:4d:97:56:83:1d:e5:4a:9b:60:6c:f7:8f:95:32:28:14:82: 6a:2d:71:ee:c3:17:7f:37:05:62:f0:07:90:f5:7d:52:a8:cf: 5c:b0:1d:19:42:29:07:27:47:88:09:88:d9:93:fd:9d:b0:4b: 55:37:75:14:98:50:46:67:c7:24:e5:8f:78:68:d3:92:de:de: 00:a3:a1:92:0d:06:1a:a9:d1:a5:8d:86:06:69:a9:16:9d:04: cc:03:be:05:28:3e:dd:7a:76:1d:c8:0c:ce:11:2c:e5:64:b8: 5b:a1:9b:5f:38:ce:9b:ae:55:1f:a4:39:86:18:e2:e6:10:26: 3b:ca:7b:e6:59:63:c0:79:f0:3a:a8:d3:71:c7:2c:31:70:b1: 14:14:be:02:87:e3:d6:a3:0c:78:11:0b:15:47:46:ee:95:03: ca:f5:33:c3:4d:cb:e2:80:58:c3:4f:b7:f9:f0:b8:65:11:66: bd:14:ea:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDkwNjAzRTM1NERCNTY4QjNDQTQyOTAwRTcwMzAxMUU3 OTY2Mjg5MkUwHhcNMjUxMjA2MTU0MzM4WhcNMjUxMjEzMTU0MzM4WjAYMRYwFAYD VQQDEw02OTM0NGYyYS1lZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA33csr93IQSOiKGQg+6ycZ2CLkVbwVGZ37pdO8RJezx7B0NSE1pFriNpcUaOv d33lf8pSXt1nJc1NZX4oE5Ce+3Y/qLvqU+rltpNiMedKTUWNFIm47WmdEuvghu4w VaC2c3exRy5i5I8QhZwbpKfT4nrYxKoLOxsHI7RdJFeTPArfYzDS2zLqentc3Gec 6E8R+PDQidwRKul7b2e5DsLOLDZ/h+sNoJz4miuzk8NiFstMd4av8XU2fJUlRx2t xvGf0yMpVAUHiJAJ6rr5hKmG2oUtFQvu2BO4JpUQPNRpCluTeJiZixMsO25FH6bZ fk5K3Ef1XOQxFpybiU84N5xj0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDdhUIVv /K1ENDkjxcgcAG1+a4V5MB8GA1UdIwQYMBaAFJBgPjVNtWizykKQDnAwEeeWYoku MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9FQUExOUNCNEIy REMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFMUEtRcEFPY0RBUjU1Wmlp UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tHQS1OVTIxYUxQS1FwQU9jREFSNTVaaWlTNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzMxRS9FQUExOUNCNEIyREMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFM UEtRcEFPY0RBUjU1WmlpUzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAn8GLVlHwkrTa75OyRyKbgczF+M5zSrDkMWUw18/aHEJGBonQujeH8 815bUTt47R3N5uqaJ+TZP7n7WpLQmwsFaclfSmu02PebTZdWgx3lSptgbPePlTIo FIJqLXHuwxd/NwVi8AeQ9X1SqM9csB0ZQikHJ0eICYjZk/2dsEtVN3UUmFBGZ8ck 5Y94aNOS3t4Ao6GSDQYaqdGljYYGaakWnQTMA74FKD7denYdyAzOESzlZLhboZtf OM6brlUfpDmGGOLmECY7ynvmWWPAefA6qNNxxywxcLEUFL4Ch+PWowx4EQsVR0bu lQPK9TPDTcvigFjDT7f58LhlEWa9FOpi -----END CERTIFICATE-----Generated at Sun Dec 7 02:18:40 2025 by rpki-client