This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft File: NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft (raw, json) Hash identifier: 8ka0XECLvIIKvUWxUHAtUjUM+yX7UfHitEccNF9cxSQ= Subject key identifier: 52:4B:21:FE:A9:E1:5E:30:DE:9B:33:A4:98:F2:56:2E:CF:BE:8A:1B Authority key identifier: 34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 Certificate issuer: /CN=A91FA562/serialNumber=340F813433719A760E3BFE21933687261179C327 Certificate serial: 01D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft Manifest number: 01D1 Signing time: Fri 05 Dec 2025 01:08:25 +0000 Manifest this update: Fri 05 Dec 2025 01:08:25 +0000 Manifest next update: Fri 12 Dec 2025 01:08:25 +0000 Files and hashes: 1: NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl (hash: oVi+lVLykzZZD1qqxVA+yIud83g6IyaudubXgi9KVnE=) 2: 7588035C913E11EFB46E9A72C4F9AE02.roa (hash: mBxiRWgEarnzYFat9Qg22lu2bbXA9CIcAcjVQbJnnic=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 01:08:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 470 (0x1d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA562, serialNumber=340F813433719A760E3BFE21933687261179C327 Validity Not Before: Dec 5 01:08:25 2025 GMT Not After : Dec 12 01:08:25 2025 GMT Subject: CN=69323089-06b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:2e:f5:82:4d:9e:11:56:8b:5e:c9:24:92:22: ee:f9:d1:d8:ae:f8:fd:82:0d:5a:bc:e5:5c:9d:2d: 75:19:9b:c5:d5:de:da:d7:80:2b:5d:d1:e3:23:83: 78:44:b1:40:26:f6:7c:6f:7b:da:fb:92:7d:57:87: 45:85:e8:93:31:69:08:c4:6d:87:07:be:0e:27:ad: e5:45:d6:25:8e:f6:1b:a8:84:ae:eb:69:b7:69:1d: 34:7f:06:ac:86:54:39:cb:57:5e:3b:47:b4:e9:02: 8c:9f:a1:b1:b3:cd:30:a0:11:4f:73:c0:8f:79:db: 5a:e4:cf:b5:07:81:8c:85:21:39:64:7c:b1:6f:40: 8c:b2:62:d5:3a:9a:1b:ce:e4:bf:41:94:84:d6:81: 50:82:ad:33:93:39:2a:c1:08:9b:57:15:71:0c:3c: 74:c9:b6:86:82:2f:3c:aa:09:d9:23:4d:e3:88:a7: bf:73:9f:91:0b:5b:5d:a3:bf:3c:f1:e2:e1:d9:de: b9:ae:94:85:a6:8f:f0:61:06:5a:8b:2b:11:af:55: fb:14:f6:df:f8:a2:34:69:25:87:5e:57:40:6f:a6: 33:33:aa:3b:fd:92:3c:86:01:2a:50:38:67:9a:0e: d3:bc:f8:1f:ff:ae:8a:10:6e:46:2a:76:c1:fb:43: 1d:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:4B:21:FE:A9:E1:5E:30:DE:9B:33:A4:98:F2:56:2E:CF:BE:8A:1B X509v3 Authority Key Identifier: keyid:34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:11:70:9d:e3:96:e7:4a:5f:d5:a7:4b:ef:2c:17:65:c9:98: 30:de:dd:98:46:6e:34:65:58:98:06:a4:d5:1f:e7:16:6c:b8: 84:ca:30:e9:cc:ed:e5:a7:2c:63:d0:49:c5:46:92:c6:d7:42: da:00:77:02:e1:60:5a:eb:4a:0e:c1:73:a9:f1:32:31:43:4d: 91:dc:ac:d2:7f:50:4b:5a:10:e0:8d:7a:51:76:f3:55:ca:ca: 85:5d:bb:c8:e5:e8:50:ed:ba:34:f8:a9:2c:85:db:19:e2:e2: 5a:be:5c:d1:e9:56:55:ed:b9:ce:12:00:aa:05:b0:04:f4:a2: 16:37:64:4b:51:7f:41:8f:f4:69:e6:4c:da:24:14:9f:3e:14: 88:69:f5:6b:19:af:fb:c0:34:5a:0c:61:4e:fd:91:a5:4b:9c: 86:88:62:67:46:58:a1:32:f0:3d:40:15:27:82:54:f4:ac:89: 73:f9:ee:f7:4d:06:dd:b8:de:43:59:a1:bd:55:bb:6e:f5:03: 88:c3:fb:0d:7f:2c:ae:26:fd:3d:97:97:0e:f4:b8:b4:4a:e9: c7:e2:4f:a1:47:95:e6:20:5f:35:6a:ee:7f:50:bb:d6:b9:58: 08:f2:91:b1:14:d0:ff:69:95:38:4d:34:45:6b:26:1c:30:7a: 76:6f:6e:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1NjIxMTAvBgNVBAUTKDM0MEY4MTM0MzM3MTlBNzYwRTNCRkUyMTkzMzY4NzI2 MTE3OUMzMjcwHhcNMjUxMjA1MDEwODI1WhcNMjUxMjEyMDEwODI1WjAYMRYwFAYD VQQDEw02OTMyMzA4OS0wNmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyi71gk2eEVaLXskkkiLu+dHYrvj9gg1avOVcnS11GZvF1d7a14ArXdHjI4N4 RLFAJvZ8b3va+5J9V4dFheiTMWkIxG2HB74OJ63lRdYljvYbqISu62m3aR00fwas hlQ5y1deO0e06QKMn6Gxs80woBFPc8CPedta5M+1B4GMhSE5ZHyxb0CMsmLVOpob zuS/QZSE1oFQgq0zkzkqwQibVxVxDDx0ybaGgi88qgnZI03jiKe/c5+RC1tdo788 8eLh2d65rpSFpo/wYQZaiysRr1X7FPbf+KI0aSWHXldAb6YzM6o7/ZI8hgEqUDhn mg7TvPgf/66KEG5GKnbB+0MdXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFJLIf6p 4V4w3pszpJjyVi7PvoobMB8GA1UdIwQYMBaAFDQPgTQzcZp2Djv+IZM2hyYRecMn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTU2Mi8yNjU3RjczRTBC QzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1uWU9PXzRoa3phSEpoRjV3 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BLUJORE54bW5ZT09fNGhremFISmhGNXd5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTU2Mi8yNjU3RjczRTBCQzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1u WU9PXzRoa3phSEpoRjV3eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgEXCd45bnSl/Vp0vvLBdlyZgw3t2YRm40ZViYBqTVH+cWbLiEyjDp zO3lpyxj0EnFRpLG10LaAHcC4WBa60oOwXOp8TIxQ02R3KzSf1BLWhDgjXpRdvNV ysqFXbvI5ehQ7bo0+KkshdsZ4uJavlzR6VZV7bnOEgCqBbAE9KIWN2RLUX9Bj/Rp 5kzaJBSfPhSIafVrGa/7wDRaDGFO/ZGlS5yGiGJnRlihMvA9QBUnglT0rIlz+e73 TQbduN5DWaG9Vbtu9QOIw/sNfyyuJv09l5cO9Li0SunH4k+hR5XmIF81au5/ULvW uVgI8pGxFND/aZU4TTRFayYcMHp2b26D -----END CERTIFICATE-----Generated at Sat Dec 6 20:08:19 2025 by rpki-client