This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft File: AO-zr_90_WIfS42RFpt6HEOzlBc.mft (raw, json) Hash identifier: QfUPPc+q4sYw6X/r9Dth2avGpyxUf0qp3VHLFJPDXtA= Subject key identifier: A9:01:C7:4D:82:0A:BA:0E:03:E7:E5:57:E2:FC:E9:68:08:F7:13:9D Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Certificate serial: 01B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft Manifest number: 01AE Signing time: Fri 19 Dec 2025 02:26:39 +0000 Manifest this update: Fri 19 Dec 2025 02:26:39 +0000 Manifest next update: Fri 26 Dec 2025 02:26:39 +0000 Files and hashes: 1: AO-zr_90_WIfS42RFpt6HEOzlBc.crl (hash: jUU2BiRTEjWf1zO5+hh1UJLinEJE2p+zy6/Lh6TOg3E=) 2: A80498FABAAB11EEBA024655C4F9AE02.roa (hash: g6wCJDrtHyuCox1Dak/0D/0mdLei/24CwRHwHNh/Oi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 02:26:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 438 (0x1b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8FA, serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Validity Not Before: Dec 19 02:26:39 2025 GMT Not After : Dec 26 02:26:39 2025 GMT Subject: CN=6944b7df-6afa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8e:4c:c7:73:5e:36:e8:9a:ce:d5:73:01:a2: 7d:bf:cc:7f:b6:50:4e:e9:f9:f1:e2:31:fc:b9:c7: 1a:ef:ad:c4:86:07:b1:73:31:2f:f5:f0:69:e5:e8: 7e:c6:54:48:0d:54:e8:c9:0d:19:b6:ba:94:bf:c5: 92:2c:55:70:09:2a:8c:6e:00:12:96:92:cc:30:73: 70:c0:77:60:de:54:44:72:dd:d6:19:8d:a6:0c:91: e5:f6:94:09:21:6d:20:1c:ab:64:62:39:52:36:86: 64:e8:00:41:96:57:12:ff:86:22:dc:a4:26:2a:85: 1a:55:ae:3f:fc:24:94:49:63:30:9c:3c:c0:43:14: 25:f9:14:45:12:fa:9e:87:17:23:5e:7b:00:5d:14: 33:02:a7:83:7f:c7:64:22:ed:3a:40:8c:b8:34:a9: 32:80:cf:f5:d3:74:53:1a:d1:f6:fc:59:8d:c9:f9: 13:08:36:26:d3:bd:c2:a6:73:d7:4d:57:69:de:3c: c2:71:6a:32:94:c4:20:e6:31:54:7e:97:53:ad:ea: b0:ef:b3:fa:ac:4f:2a:9d:11:21:0b:d2:a0:33:ed: 6a:eb:6e:0c:2b:de:bf:fc:9c:4d:b3:86:74:71:ff: 82:9b:69:b0:02:9a:cf:bc:d2:a8:b4:e1:1c:b4:24: 65:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:01:C7:4D:82:0A:BA:0E:03:E7:E5:57:E2:FC:E9:68:08:F7:13:9D X509v3 Authority Key Identifier: keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:1c:37:61:c3:cd:9e:76:ad:df:13:51:4b:98:b1:72:67:25: 94:fc:16:0b:59:4d:cd:ea:75:2e:ae:41:8c:20:43:b9:15:0a: 83:26:a6:29:9f:ae:7e:9b:29:1a:f4:f8:23:5e:ea:f4:2d:27: 19:90:30:c2:64:19:71:57:ba:51:7b:64:49:fc:5a:70:ef:ad: 5e:fe:f5:8e:dd:33:a7:75:61:40:72:74:fa:07:e6:db:40:76: 65:1e:2e:c3:65:af:55:ac:52:1b:3a:b7:aa:3a:62:50:0c:ce: d4:31:d6:99:84:69:66:6d:e1:77:d9:f0:77:c2:4b:b3:d0:f6: 9c:62:52:96:e7:ea:2e:73:92:1b:36:33:07:78:58:d2:c5:98: 6e:89:5e:b1:bb:da:60:37:f0:35:69:fe:77:cb:da:c7:06:bd: 25:47:69:39:b3:ec:70:6f:d9:85:56:73:00:a1:38:d8:d6:70: a3:47:78:f5:9d:75:6c:ca:fc:17:59:4a:7b:42:58:0c:f1:6b: 79:20:47:c0:c3:cf:91:a0:5d:a4:ce:bd:20:c9:f3:1e:3c:51: fc:da:15:04:3c:b8:16:41:cc:31:65:13:2d:18:9e:b1:0f:05: e2:b4:7e:af:98:00:d6:f5:cb:1a:40:ab:c6:81:ac:2c:9c:83: bc:29:23:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4RkExMTAvBgNVBAUTKDAwRUZCM0FGRkY3NEZENjIxRjRCOEQ5MTE2OUI3QTFD NDNCMzk0MTcwHhcNMjUxMjE5MDIyNjM5WhcNMjUxMjI2MDIyNjM5WjAYMRYwFAYD VQQDDA02OTQ0YjdkZi02YWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu45Mx3NeNuiaztVzAaJ9v8x/tlBO6fnx4jH8ucca763EhgexczEv9fBp5eh+ xlRIDVToyQ0ZtrqUv8WSLFVwCSqMbgASlpLMMHNwwHdg3lREct3WGY2mDJHl9pQJ IW0gHKtkYjlSNoZk6ABBllcS/4Yi3KQmKoUaVa4//CSUSWMwnDzAQxQl+RRFEvqe hxcjXnsAXRQzAqeDf8dkIu06QIy4NKkygM/103RTGtH2/FmNyfkTCDYm073CpnPX TVdp3jzCcWoylMQg5jFUfpdTreqw77P6rE8qnREhC9KgM+1q624MK96//JxNs4Z0 cf+Cm2mwAprPvNKotOEctCRl6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKkBx02C CroOA+flV+L86WgI9xOdMB8GA1UdIwQYMBaAFADvs6//dP1iH0uNkRabehxDs5QX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhGQS80MDAzRjkzMDU0 QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9XSWZTNDJSRnB0NkhFT3ps QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9X SWZTNDJSRnB0NkhFT3psQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFHDdhw82edq3fE1FLmLFyZyWU/BYLWU3N6nUurkGMIEO5FQqDJqYp n65+myka9PgjXur0LScZkDDCZBlxV7pRe2RJ/Fpw761e/vWO3TOndWFAcnT6B+bb QHZlHi7DZa9VrFIbOreqOmJQDM7UMdaZhGlmbeF32fB3wkuz0PacYlKW5+ouc5Ib NjMHeFjSxZhuiV6xu9pgN/A1af53y9rHBr0lR2k5s+xwb9mFVnMAoTjY1nCjR3j1 nXVsyvwXWUp7QlgM8Wt5IEfAw8+RoF2kzr0gyfMePFH82hUEPLgWQcwxZRMtGJ6x DwXitH6vmADW9csaQKvGgawsnIO8KSOc -----END CERTIFICATE-----Generated at Fri Dec 19 19:05:45 2025 by rpki-client