This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft File: BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft (raw, json) Hash identifier: 1+HA92DERfsrY9203uy78WyqLq1Cqq/gh2mNKom8kWs= Subject key identifier: 4A:B8:A6:BD:F5:C4:61:69:17:38:71:30:1D:07:CE:9D:2C:C8:01:C1 Authority key identifier: 04:74:93:7E:79:A9:D6:73:35:3E:AB:D8:2C:4B:84:24:B6:C6:83:0D Certificate issuer: /CN=A911CC61/serialNumber=0474937E79A9D673353EABD82C4B8424B6C6830D Certificate serial: 05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BHSTfnmp1nM1PqvYLEuEJLbGgw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft Manifest number: 03 Signing time: Fri 19 Dec 2025 07:02:51 +0000 Manifest this update: Fri 19 Dec 2025 07:02:50 +0000 Manifest next update: Fri 26 Dec 2025 07:02:50 +0000 Files and hashes: 1: BHSTfnmp1nM1PqvYLEuEJLbGgw0.crl (hash: N+q1oPqFIil61VVpSHFo70fLZJUINf8ddcoySpVEBqc=) 2: 87421F34DA3E11F09B1225578ED3641D.roa (hash: 8L4tAPrDqGgfmL4XivEBXxkIrTLCf+4aYWjfcHqE358=) 3: 86A83D10DA3E11F09B1225578ED3641D.roa (hash: cYo/bv4qOhqtc2EXJ3pnpcx0v1pGJ4KX6dqhgSn3dVg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.crl rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BHSTfnmp1nM1PqvYLEuEJLbGgw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 07:02:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CC61, serialNumber=0474937E79A9D673353EABD82C4B8424B6C6830D Validity Not Before: Dec 19 07:02:50 2025 GMT Not After : Dec 26 07:02:50 2025 GMT Subject: CN=6944f89b-0eea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:1f:7a:fb:02:2e:1c:cb:04:7f:c8:7b:9c:1d: 2b:aa:91:f9:3d:1c:4b:f4:73:89:3d:1e:28:38:53: ab:28:af:72:3b:c8:40:ed:9a:71:0a:f3:54:20:1b: 4c:ee:7c:b2:c1:9e:b4:e2:97:28:3b:17:0b:4b:47: c3:b6:fa:48:dd:40:2c:1a:5b:30:eb:58:76:bf:7b: b9:06:97:f9:b4:10:91:27:22:25:14:c6:37:da:3c: 59:6b:f8:ff:32:a2:72:76:9d:b5:ed:9d:18:71:4c: 49:0a:74:f2:9c:80:8a:8e:bd:45:df:dc:58:a9:4d: 1d:80:a8:0d:1a:35:df:68:ca:9e:1a:b1:be:b9:32: 71:9b:b7:69:14:b1:e1:24:ce:21:ed:8e:f4:a2:e7: ec:09:ad:f8:01:d0:be:a2:81:9f:1b:f5:04:a7:45: 77:ae:e4:c5:a9:b9:c8:45:d6:43:26:f8:1b:d2:c1: 35:7b:2c:a7:79:07:25:b7:28:44:68:f7:75:2a:71: aa:1f:6c:ca:4f:9e:f5:ca:3b:d1:00:6b:53:13:a8: b1:a0:b9:a2:ce:d4:d5:f8:5a:b9:d8:54:85:3d:ab: 6f:1f:02:53:72:bd:fe:e1:bc:6a:28:5b:d7:34:34: 82:1f:07:51:a4:9d:34:3d:33:bf:a3:8a:a4:ca:b2: 85:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:B8:A6:BD:F5:C4:61:69:17:38:71:30:1D:07:CE:9D:2C:C8:01:C1 X509v3 Authority Key Identifier: keyid:04:74:93:7E:79:A9:D6:73:35:3E:AB:D8:2C:4B:84:24:B6:C6:83:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BHSTfnmp1nM1PqvYLEuEJLbGgw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:d1:6b:51:c3:d8:72:9f:23:0d:01:2a:7d:56:f4:17:b9:d4: d3:02:d5:fd:55:32:5a:97:4c:c6:9d:68:66:bb:83:c8:f5:fb: a0:51:3d:b7:28:7e:37:f7:5e:d7:2c:3d:2e:a1:24:c6:0f:5e: 55:39:72:d9:72:3b:af:c1:f0:46:11:ee:94:84:f7:78:6c:7b: be:c4:70:77:48:21:31:51:78:8a:cd:cf:92:2b:c4:25:0b:50: 4a:8c:51:fd:f3:9c:01:80:30:9c:22:3f:73:86:72:ca:23:9e: 66:7b:71:f0:19:f7:e9:d1:86:69:5d:fb:2b:61:39:99:ec:27: 05:62:31:0d:a3:9f:21:58:ac:78:cb:0c:9d:66:b6:6a:6b:82: 4b:a1:5b:8c:9c:90:30:f5:3a:80:59:4d:00:dc:75:c1:08:92: 41:58:83:35:ee:84:78:9a:02:c6:14:76:5d:d0:cf:2b:8d:4c: a7:d0:0b:db:13:59:2e:27:82:76:15:34:5b:84:41:f8:7e:f9: ff:b4:58:4b:1f:5e:8a:48:05:75:91:0c:21:4a:e1:8e:9d:f5: 51:95:57:c9:32:a3:ed:d5:f2:d2:8c:ee:62:23:33:fb:60:eb: 7a:f8:08:9b:cd:2b:9a:eb:65:da:3c:81:86:df:47:b3:b0:b6: 7b:35:ca:db -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx Q0M2MTExMC8GA1UEBRMoMDQ3NDkzN0U3OUE5RDY3MzM1M0VBQkQ4MkM0Qjg0MjRC NkM2ODMwRDAeFw0yNTEyMTkwNzAyNTBaFw0yNTEyMjYwNzAyNTBaMBgxFjAUBgNV BAMMDTY5NDRmODliLTBlZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCRH3r7Ai4cywR/yHucHSuqkfk9HEv0c4k9Hig4U6sor3I7yEDtmnEK81QgG0zu fLLBnrTilyg7FwtLR8O2+kjdQCwaWzDrWHa/e7kGl/m0EJEnIiUUxjfaPFlr+P8y onJ2nbXtnRhxTEkKdPKcgIqOvUXf3FipTR2AqA0aNd9oyp4asb65MnGbt2kUseEk ziHtjvSi5+wJrfgB0L6igZ8b9QSnRXeu5MWpuchF1kMm+BvSwTV7LKd5ByW3KERo 93UqcaofbMpPnvXKO9EAa1MTqLGguaLO1NX4WrnYVIU9q28fAlNyvf7hvGooW9c0 NIIfB1GknTQ9M7+jiqTKsoWVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSrimvfXE YWkXOHEwHQfOnSzIAcEwHwYDVR0jBBgwFoAUBHSTfnmp1nM1PqvYLEuEJLbGgw0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDQzYxLzMzMUQxNDE4REEz RTExRjA4RkQxRTgzODhFRDM2NDFEL0JIU1Rmbm1wMW5NMVBxdllMRXVFSkxiR2d3 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQkhTVGZubXAxbk0xUHF2WUxFdUVKTGJHZ3cwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFD QzYxLzMzMUQxNDE4REEzRTExRjA4RkQxRTgzODhFRDM2NDFEL0JIU1Rmbm1wMW5N MVBxdllMRXVFSkxiR2d3MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGbRa1HD2HKfIw0BKn1W9Be51NMC1f1VMlqXTMadaGa7g8j1+6BRPbco fjf3XtcsPS6hJMYPXlU5ctlyO6/B8EYR7pSE93hse77EcHdIITFReIrNz5IrxCUL UEqMUf3znAGAMJwiP3OGcsojnmZ7cfAZ9+nRhmld+ythOZnsJwViMQ2jnyFYrHjL DJ1mtmprgkuhW4yckDD1OoBZTQDcdcEIkkFYgzXuhHiaAsYUdl3QzyuNTKfQC9sT WS4ngnYVNFuEQfh++f+0WEsfXopIBXWRDCFK4Y6d9VGVV8kyo+3V8tKM7mIjM/tg 63r4CJvNK5rrZdo8gYbfR7Owtns1yts= -----END CERTIFICATE-----Generated at Fri Dec 19 19:06:18 2025 by rpki-client