This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft File: kGA-NU21aLPKQpAOcDAR55ZiiS4.mft (raw, json) Hash identifier: i3TywF6Vz6qcTDoKEFT5gMR87bRKsSrs7wC7kenbpq4= Subject key identifier: 65:0C:E1:04:CF:04:EC:C3:B2:BB:63:B8:33:7C:8C:71:A3:F5:BC:92 Authority key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E Certificate issuer: /CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E Certificate serial: 067D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft Manifest number: 0671 Signing time: Sat 24 Jan 2026 15:49:55 +0000 Manifest this update: Sat 24 Jan 2026 15:49:55 +0000 Manifest next update: Sat 31 Jan 2026 15:49:55 +0000 Files and hashes: 1: kGA-NU21aLPKQpAOcDAR55ZiiS4.crl (hash: JvDgWF9M0yjKzySWZKqB85qQWwgrN5DNU3+c9E4LwBQ=) 2: 8CD64094BDFE11EBBBB16A42C4F9AE02.roa (hash: JYcdT8gc4SSOPp9mZ4cChcf87lzFLOtfwrJ4fYMBet4=) 3: 30857DB6CBA211ECAE233133C4F9AE02.roa (hash: eSlTAoQ5k0fFKiHMdeu9X90T/rFtlTnA6Fx/5ofc1sU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 31 Jan 2026 15:49:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1661 (0x67d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E, serialNumber=90603E354DB568B3CA42900E703011E79662892E Validity Not Before: Jan 24 15:49:55 2026 GMT Not After : Jan 31 15:49:55 2026 GMT Subject: CN=6974ea23-d2a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:9a:f4:c3:67:b7:41:bc:a3:b4:e7:88:2a:2e: e9:09:fd:61:a5:90:d2:cd:8f:4a:67:64:3a:a2:8b: 94:5b:1f:c4:b6:64:10:ae:dc:15:73:16:99:de:ab: a9:59:b6:09:69:d8:cd:70:4c:df:13:ba:a8:d8:1d: 72:49:13:7c:76:55:8f:6e:6b:f3:78:00:ce:5f:dd: 30:d8:33:04:2e:4f:6e:94:88:0e:2a:d2:d9:92:4d: f1:35:ff:ab:7c:27:d9:d5:cf:4f:84:e0:e9:b2:7f: 3b:b1:6d:f2:bd:aa:ae:d2:f8:58:74:d9:eb:f9:cf: e3:37:d4:15:e3:04:06:29:15:8b:0f:ab:23:c4:ac: 53:97:ed:66:f8:03:a6:8d:6d:40:3f:b4:62:f9:79: 53:9f:c3:d6:d7:0f:a2:da:ac:f5:09:a9:95:95:98: 54:b6:0b:dc:43:f5:74:8e:c8:4b:34:78:bf:ee:66: 23:99:69:1c:bb:1d:0d:f3:18:98:6f:24:b9:ab:4b: 50:06:ed:fd:ce:91:96:3f:47:a2:b0:93:c9:5b:d4: 0c:e0:bb:ad:39:eb:83:40:db:4f:7d:62:01:da:b4: c9:dc:cd:70:e6:ee:9d:87:3f:5a:e4:22:a6:9a:7a: a7:23:26:50:7c:b1:67:9e:ac:13:2e:34:8d:4b:2c: e3:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:0C:E1:04:CF:04:EC:C3:B2:BB:63:B8:33:7C:8C:71:A3:F5:BC:92 X509v3 Authority Key Identifier: keyid:90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:88:8a:3e:c0:76:9d:98:b6:93:fe:99:05:44:c8:11:35:3e: 67:58:64:06:0f:89:9e:2d:24:e0:98:b0:61:d7:12:d5:da:2e: ed:0c:ce:eb:a7:21:de:7e:fa:a5:20:6d:2b:15:c6:b5:3a:33: 2c:05:8a:9e:32:61:c7:21:d2:35:26:d7:48:68:d6:12:a1:11: e7:43:11:b3:99:a3:10:c7:3e:2a:46:f5:01:74:40:3a:7e:3b: 36:e3:a7:b1:3d:83:04:e3:c0:46:e4:2f:6b:3e:8a:b7:0c:e5: e2:20:7a:60:eb:53:09:77:c2:4b:06:c1:13:9d:4b:73:96:7e: ba:0d:97:79:3c:40:8b:87:aa:76:19:3b:34:bf:4d:12:0d:e4: 08:3c:11:35:2c:4b:1f:14:fd:0a:f2:67:cc:59:51:e8:64:27: 1a:bc:22:bd:d2:de:5d:98:6d:ae:9d:2a:7e:a1:7e:ff:cd:f1: c3:ff:15:b6:9c:a5:ac:bb:eb:b8:c0:3c:fa:c2:72:23:c0:f2: e6:6a:d2:cc:f1:ee:98:4f:f4:a0:a9:16:ef:9d:cd:70:44:6d: 75:05:28:e9:d1:44:b9:05:ca:c7:56:90:b3:f3:c8:07:6b:a4: 94:71:b4:13:e5:20:3b:90:9a:03:93:8d:64:2e:48:93:d4:23: 10:21:62:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDkwNjAzRTM1NERCNTY4QjNDQTQyOTAwRTcwMzAxMUU3 OTY2Mjg5MkUwHhcNMjYwMTI0MTU0OTU1WhcNMjYwMTMxMTU0OTU1WjAYMRYwFAYD VQQDDA02OTc0ZWEyMy1kMmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzpr0w2e3QbyjtOeIKi7pCf1hpZDSzY9KZ2Q6oouUWx/EtmQQrtwVcxaZ3qup WbYJadjNcEzfE7qo2B1ySRN8dlWPbmvzeADOX90w2DMELk9ulIgOKtLZkk3xNf+r fCfZ1c9PhODpsn87sW3yvaqu0vhYdNnr+c/jN9QV4wQGKRWLD6sjxKxTl+1m+AOm jW1AP7Ri+XlTn8PW1w+i2qz1CamVlZhUtgvcQ/V0jshLNHi/7mYjmWkcux0N8xiY byS5q0tQBu39zpGWP0eisJPJW9QM4LutOeuDQNtPfWIB2rTJ3M1w5u6dhz9a5CKm mnqnIyZQfLFnnqwTLjSNSyzjbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGUM4QTP BOzDsrtjuDN8jHGj9bySMB8GA1UdIwQYMBaAFJBgPjVNtWizykKQDnAwEeeWYoku MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9FQUExOUNCNEIy REMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFMUEtRcEFPY0RBUjU1Wmlp UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tHQS1OVTIxYUxQS1FwQU9jREFSNTVaaWlTNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzMxRS9FQUExOUNCNEIyREMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFM UEtRcEFPY0RBUjU1WmlpUzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaiIo+wHadmLaT/pkFRMgRNT5nWGQGD4meLSTgmLBh1xLV2i7tDM7r pyHefvqlIG0rFca1OjMsBYqeMmHHIdI1JtdIaNYSoRHnQxGzmaMQxz4qRvUBdEA6 fjs246exPYME48BG5C9rPoq3DOXiIHpg61MJd8JLBsETnUtzln66DZd5PECLh6p2 GTs0v00SDeQIPBE1LEsfFP0K8mfMWVHoZCcavCK90t5dmG2unSp+oX7/zfHD/xW2 nKWsu+u4wDz6wnIjwPLmatLM8e6YT/SgqRbvnc1wRG11BSjp0US5BcrHVpCz88gH a6SUcbQT5SA7kJoDk41kLkiT1CMQIWJF -----END CERTIFICATE-----Generated at Mon Jan 26 02:15:16 2026 by rpki-client