This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft File: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft (raw, json) Hash identifier: B7e7eL2iRxX9i18axjtkBT7ljvOhPTiJuNX+wpCmX5c= Subject key identifier: DE:3F:3A:EB:17:F8:A4:50:DB:34:C6:C8:9B:82:99:21:E6:8A:9E:E0 Authority key identifier: DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 Certificate issuer: /CN=A912BAAD/serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Certificate serial: 0C63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft Manifest number: 0C54 Signing time: Thu 18 Dec 2025 18:22:08 +0000 Manifest this update: Thu 18 Dec 2025 18:22:08 +0000 Manifest next update: Thu 25 Dec 2025 18:22:08 +0000 Files and hashes: 1: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl (hash: AlI763iIrAPFBdOtbqxEoyohyvkf8mXS5/FGRNC4L2A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 18:22:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3171 (0xc63) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BAAD, serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Validity Not Before: Dec 18 18:22:08 2025 GMT Not After : Dec 25 18:22:08 2025 GMT Subject: CN=69444650-dd1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:9a:13:82:5c:ba:41:8a:f9:d4:e4:79:f0:67: 7a:0c:4a:a8:c3:2d:54:b7:bb:6e:0d:cb:65:ad:fa: 19:9f:a8:1a:4c:69:ea:b7:43:2f:ec:b1:8a:f6:8c: 0d:d3:35:0c:72:9e:19:b2:92:4b:78:0f:78:3b:92: 80:39:35:72:1e:dc:10:15:47:c7:9e:5c:21:c9:fc: 12:36:71:ae:b2:d4:7c:00:8e:00:4a:b7:56:09:a1: be:d2:cd:fd:4c:03:7c:10:af:05:39:ed:47:17:67: 1c:15:57:80:3e:cd:af:b0:c0:cb:db:0b:c2:a8:51: a1:cf:a5:90:11:21:5f:ee:53:a4:63:31:62:29:6f: 80:09:d3:f9:2c:4d:78:01:54:f5:e6:ee:71:c1:51: e3:89:53:81:fe:6c:4e:1b:1c:3d:5b:13:46:5a:54: 8f:5b:58:24:d4:94:f5:db:ae:6f:1a:02:e2:4a:3e: 6d:dc:95:fd:ba:86:12:5f:98:db:1f:eb:32:6d:c5: ed:d7:f0:55:97:e6:00:89:a7:e3:a8:40:40:87:5d: 7d:88:ed:fe:04:cd:e3:3a:0c:c5:53:93:eb:f6:5c: a2:38:52:0f:03:df:b7:37:b5:f1:a3:b5:77:81:4a: 11:16:60:3d:25:40:af:70:15:92:fc:82:56:ca:9b: 13:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:3F:3A:EB:17:F8:A4:50:DB:34:C6:C8:9B:82:99:21:E6:8A:9E:E0 X509v3 Authority Key Identifier: keyid:DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:33:64:a6:e8:c6:d0:66:84:89:94:ec:8e:78:3e:7c:70:9c: 5e:a7:9b:64:b3:7c:63:43:6a:4c:5d:53:ec:20:53:33:4c:18: 33:b8:92:c2:94:db:03:bf:2a:7c:4d:c1:96:e8:65:00:6c:75: c7:08:12:09:99:45:1a:90:5b:0f:aa:26:a1:2f:65:86:15:b7: e7:f2:e1:82:28:06:03:44:ff:c2:a6:39:e4:07:41:ca:53:7f: 06:b8:c8:7b:5a:3c:41:22:54:ba:60:53:b9:c5:9b:47:ef:82: 79:7f:ed:da:c3:e5:49:f3:c7:07:1e:a8:bb:ab:35:45:6d:f2: 32:7e:6a:e4:32:cb:56:b4:ed:60:29:08:b1:99:96:6d:e7:91: 43:51:b9:a5:c5:0d:51:f9:8f:78:fc:f4:5c:a6:9e:2c:66:10: fc:b0:a7:00:b0:3a:8d:42:0f:8b:ba:fa:d1:9e:09:21:38:e8: 12:9d:fa:f8:ca:c1:a3:b4:98:03:fb:95:73:40:05:f4:15:f2: 9b:c3:1b:e4:91:96:fd:dd:a0:30:22:ee:95:ea:88:20:b4:ee: 84:e7:4f:95:8e:4f:48:c5:ab:12:59:86:87:8b:b3:1f:69:49: 88:88:fb:1b:89:4e:20:e1:d7:0c:54:6b:fb:98:4e:1b:ec:b8: 8e:ae:3c:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJBQUQxMTAvBgNVBAUTKERERjg4NDkxMUFEM0YyOENDOUQ5NkE4QzI0QTkzOUE2 NUY4QjI1NzYwHhcNMjUxMjE4MTgyMjA4WhcNMjUxMjI1MTgyMjA4WjAYMRYwFAYD VQQDDA02OTQ0NDY1MC1kZDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsJoTgly6QYr51OR58Gd6DEqowy1Ut7tuDctlrfoZn6gaTGnqt0Mv7LGK9owN 0zUMcp4ZspJLeA94O5KAOTVyHtwQFUfHnlwhyfwSNnGustR8AI4ASrdWCaG+0s39 TAN8EK8FOe1HF2ccFVeAPs2vsMDL2wvCqFGhz6WQESFf7lOkYzFiKW+ACdP5LE14 AVT15u5xwVHjiVOB/mxOGxw9WxNGWlSPW1gk1JT1265vGgLiSj5t3JX9uoYSX5jb H+sybcXt1/BVl+YAiafjqEBAh119iO3+BM3jOgzFU5Pr9lyiOFIPA9+3N7Xxo7V3 gUoRFmA9JUCvcBWS/IJWypsTnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN4/OusX +KRQ2zTGyJuCmSHmip7gMB8GA1UdIwQYMBaAFN34hJEa0/KMydlqjCSpOaZfiyV2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkFBRC81MjFBRERDODE4 NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhvekoyV3FNSktrNXBsLUxK WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNmaUVrUnJUOG96SjJXcU1KS2s1cGwtTEpYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkFBRC81MjFBRERDODE4NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhv ekoyV3FNSktrNXBsLUxKWFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9M2Sm6MbQZoSJlOyOeD58cJxep5tks3xjQ2pMXVPsIFMzTBgzuJLC lNsDvyp8TcGW6GUAbHXHCBIJmUUakFsPqiahL2WGFbfn8uGCKAYDRP/CpjnkB0HK U38GuMh7WjxBIlS6YFO5xZtH74J5f+3aw+VJ88cHHqi7qzVFbfIyfmrkMstWtO1g KQixmZZt55FDUbmlxQ1R+Y94/PRcpp4sZhD8sKcAsDqNQg+LuvrRngkhOOgSnfr4 ysGjtJgD+5VzQAX0FfKbwxvkkZb93aAwIu6V6oggtO6E50+Vjk9IxasSWYaHi7Mf aUmIiPsbiU4g4dcMVGv7mE4b7LiOrjxI -----END CERTIFICATE-----Generated at Fri Dec 19 19:04:03 2025 by rpki-client