This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft File: HQSsXQPY72rEMd4aeq57aHaBtjY.mft (raw, json) Hash identifier: mWkD2Eqwg95RAghuqv1tAFw3aP3f2dy+iK18Sg2cXkc= Subject key identifier: C8:D0:AF:64:4C:FE:40:AF:A7:66:33:08:52:9C:33:20:1D:E6:02:7A Authority key identifier: 1D:04:AC:5D:03:D8:EF:6A:C4:31:DE:1A:7A:AE:7B:68:76:81:B6:36 Certificate issuer: /CN=A9131A2D/serialNumber=1D04AC5D03D8EF6AC431DE1A7AAE7B687681B636 Certificate serial: 084D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft Manifest number: 0838 Signing time: Wed 24 Dec 2025 20:15:28 +0000 Manifest this update: Wed 24 Dec 2025 20:15:28 +0000 Manifest next update: Wed 31 Dec 2025 20:15:28 +0000 Files and hashes: 1: HQSsXQPY72rEMd4aeq57aHaBtjY.crl (hash: JMgjm1obqzPU8tlRNhLKFTtw97lTnGYK8A0WHIrZaOk=) 2: 111E53B6152811ECB2C0B70BC4F9AE02.roa (hash: zLBeyUvYeL3WiTP8OfhHdt93sxWxJckWd6if90VdF+g=) 3: 66EE9D94152511ECAD055780C4F9AE02.roa (hash: 8DddYe6Xxj3AQcHWCxpAXO4NAnMo0qG6fie32kIabM4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.crl rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Dec 2025 20:15:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2125 (0x84d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131A2D, serialNumber=1D04AC5D03D8EF6AC431DE1A7AAE7B687681B636 Validity Not Before: Dec 24 20:15:28 2025 GMT Not After : Dec 31 20:15:28 2025 GMT Subject: CN=694c49e0-9caa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:dc:88:17:6a:42:6b:ec:2c:35:ca:b7:51:a9: 79:a2:a0:f8:8b:f3:56:60:30:76:a1:b6:28:61:30: ca:d7:4d:e2:a3:8b:a5:4e:fc:cc:1c:8e:27:a9:09: a5:e2:95:72:d1:91:44:06:22:66:de:ed:ec:39:43: 53:e0:1c:7d:02:4e:91:5a:61:00:11:2d:3f:60:d0: 03:cc:3b:9c:2c:52:ed:f5:67:df:c2:61:cc:22:f9: a5:19:1e:62:5e:0a:54:61:52:b9:56:2b:6d:90:02: 01:9c:27:64:50:42:57:39:7c:77:b7:36:5b:f2:d2: 56:f3:58:15:62:50:5f:d5:dd:c6:cc:cc:98:17:e7: 21:77:f0:d2:86:90:d8:c1:6d:0e:82:cc:da:88:c6: b0:d1:2b:6d:2d:8e:66:2e:3c:91:5f:33:eb:84:a6: 4b:1e:32:d0:17:ed:4f:d1:a7:41:cd:c0:06:69:a0: cd:0d:95:1f:bb:ec:b7:71:bd:0a:2c:98:af:74:dc: 27:4b:6b:c5:5a:57:1a:23:62:be:d4:8c:d0:1f:0f: 88:dc:1c:15:c4:54:c6:5f:f1:ba:74:01:74:1d:98: f2:09:ca:c7:d3:22:2c:7d:4c:b0:2d:aa:88:3a:93: 8a:6d:bc:87:4c:89:81:36:9e:f0:d1:86:93:88:36: b4:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:D0:AF:64:4C:FE:40:AF:A7:66:33:08:52:9C:33:20:1D:E6:02:7A X509v3 Authority Key Identifier: keyid:1D:04:AC:5D:03:D8:EF:6A:C4:31:DE:1A:7A:AE:7B:68:76:81:B6:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:c5:0d:10:08:ff:c2:4e:5d:92:34:fe:8c:73:90:b2:36:dd: 17:99:22:d4:17:e9:ba:5f:40:f0:d3:54:20:8d:c0:fb:3f:a9: 50:e7:2b:b4:ce:ed:07:da:1c:c8:5b:1a:09:48:b6:83:e0:75: be:cc:9b:d4:27:a3:99:6a:cf:b1:c1:db:a9:20:64:8a:4a:16: 87:58:98:0d:d7:ee:4c:92:de:fd:2f:f5:df:a4:5b:bf:56:73: 91:66:41:01:c3:d4:1f:e0:52:ee:5c:fc:2b:8c:f7:b3:37:30: 26:a6:9d:75:db:b0:29:7e:40:ef:7f:99:5d:6f:8f:5c:03:8e: 31:0a:30:49:25:ad:4e:3f:9a:e8:90:0d:5a:2e:8d:5f:52:84: 28:8b:fe:76:51:1d:a3:58:6c:e1:08:f2:b1:de:39:4e:e8:2e: 3b:7b:17:00:d8:1b:b6:63:6a:a7:54:03:5a:8f:23:0d:0f:29: 22:7c:f6:09:70:f3:be:07:9c:cc:f6:58:0c:ed:a9:8e:c2:7e: 79:7b:ee:19:84:4c:13:af:35:96:df:1a:f4:de:a5:67:55:a9: f6:2f:20:14:18:e7:51:f6:4f:dd:89:9b:fb:7f:93:8b:ea:5f: 5b:ef:ba:89:5f:52:14:c4:9e:c6:cc:bc:0d:a4:fd:75:4c:b1: 6b:f2:8f:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzFBMkQxMTAvBgNVBAUTKDFEMDRBQzVEMDNEOEVGNkFDNDMxREUxQTdBQUU3QjY4 NzY4MUI2MzYwHhcNMjUxMjI0MjAxNTI4WhcNMjUxMjMxMjAxNTI4WjAYMRYwFAYD VQQDDA02OTRjNDllMC05Y2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxNyIF2pCa+wsNcq3Ual5oqD4i/NWYDB2obYoYTDK103io4ulTvzMHI4nqQml 4pVy0ZFEBiJm3u3sOUNT4Bx9Ak6RWmEAES0/YNADzDucLFLt9WffwmHMIvmlGR5i XgpUYVK5VittkAIBnCdkUEJXOXx3tzZb8tJW81gVYlBf1d3GzMyYF+chd/DShpDY wW0OgszaiMaw0SttLY5mLjyRXzPrhKZLHjLQF+1P0adBzcAGaaDNDZUfu+y3cb0K LJivdNwnS2vFWlcaI2K+1IzQHw+I3BwVxFTGX/G6dAF0HZjyCcrH0yIsfUywLaqI OpOKbbyHTImBNp7w0YaTiDa0bwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMjQr2RM /kCvp2YzCFKcMyAd5gJ6MB8GA1UdIwQYMBaAFB0ErF0D2O9qxDHeGnque2h2gbY2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMUEyRC9EQTQ2NjA5QUY3 QzMxMUVBOUIyRUY3ODVDNEY5QUUwMi9IUVNzWFFQWTcyckVNZDRhZXE1N2FIYUJ0 alkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hRU3NYUVBZNzJyRU1kNGFlcTU3YUhhQnRqWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MUEyRC9EQTQ2NjA5QUY3QzMxMUVBOUIyRUY3ODVDNEY5QUUwMi9IUVNzWFFQWTcy ckVNZDRhZXE1N2FIYUJ0alkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2xQ0QCP/CTl2SNP6Mc5CyNt0XmSLUF+m6X0Dw01QgjcD7P6lQ5yu0 zu0H2hzIWxoJSLaD4HW+zJvUJ6OZas+xwdupIGSKShaHWJgN1+5Mkt79L/XfpFu/ VnORZkEBw9Qf4FLuXPwrjPezNzAmpp1127ApfkDvf5ldb49cA44xCjBJJa1OP5ro kA1aLo1fUoQoi/52UR2jWGzhCPKx3jlO6C47excA2Bu2Y2qnVANajyMNDykifPYJ cPO+B5zM9lgM7amOwn55e+4ZhEwTrzWW3xr03qVnVan2LyAUGOdR9k/diZv7f5OL 6l9b77qJX1IUxJ7GzLwNpP11TLFr8o+T -----END CERTIFICATE-----Generated at Wed Dec 24 21:48:35 2025 by rpki-client