This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.mft File: KOAXfHClckcH27FJ7VV8D4FW4Ok.mft (raw, json) Hash identifier: wX/HiJBFOYO2ulmgli3h89siGbS13Lzkstjhm2l6Hoc= Subject key identifier: AE:11:68:16:9C:C8:4A:ED:23:C4:AE:BE:CC:48:FB:FA:40:35:3D:95 Authority key identifier: 28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9 Certificate issuer: /CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9 Certificate serial: 0641 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.mft Manifest number: 0632 Signing time: Thu 18 Dec 2025 22:09:46 +0000 Manifest this update: Thu 18 Dec 2025 22:09:45 +0000 Manifest next update: Thu 25 Dec 2025 22:09:45 +0000 Files and hashes: 1: KOAXfHClckcH27FJ7VV8D4FW4Ok.crl (hash: t8LYfOr+Zk80NcSjIRPOvz9XjTtVe0M9jPXQHBbdOSU=) 2: 590697D6465611EE8128031BC4F9AE02.roa (hash: D/6BYkGqlNOLOYOgY8KQs7LafMiP8Rro2RlyCrKrnhM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 22:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1601 (0x641) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136109, serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9 Validity Not Before: Dec 18 22:09:45 2025 GMT Not After : Dec 25 22:09:45 2025 GMT Subject: CN=69447ba9-2026 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:3f:36:53:39:9c:d2:ab:3b:a8:64:31:c9:4d: 31:b5:9e:10:cc:33:1b:c4:57:d3:d8:e4:e2:65:72: 79:11:d3:73:d2:ba:a0:ca:5d:17:f2:65:b4:f3:d9: d2:29:f0:0c:1a:6e:ba:10:2f:fb:ae:0d:a9:3f:d7: 7d:14:1f:37:34:21:15:b4:b2:99:e4:61:63:ca:dd: 51:41:b1:79:f9:4e:e1:b3:64:20:2a:b9:da:59:a0: d9:0d:d4:94:59:a9:1b:c3:d6:73:f6:42:e0:1d:9d: 6c:24:93:a7:be:c1:85:d0:aa:73:99:54:86:7d:84: db:e5:27:90:75:18:da:7e:93:80:6a:ce:9a:00:71: a0:b8:19:16:b4:28:3e:7d:ef:cc:79:d1:e8:dd:16: db:00:07:56:af:b4:08:0b:af:e6:62:96:fc:01:ed: 4b:71:98:1d:2c:57:04:18:c7:75:5c:69:d5:5d:62: eb:77:87:dd:e1:79:cf:de:49:db:79:c1:23:83:6b: 91:77:cb:86:35:12:ee:b0:11:1b:3b:fc:2e:68:96: 15:19:07:76:1a:1e:5a:5a:bd:32:69:d7:d8:25:15: 0c:e9:f3:d6:91:4b:b7:c4:6d:51:c1:da:b4:f9:cc: 9e:f5:96:13:e2:5f:1e:10:a3:f7:53:e9:d9:49:0c: 80:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:11:68:16:9C:C8:4A:ED:23:C4:AE:BE:CC:48:FB:FA:40:35:3D:95 X509v3 Authority Key Identifier: keyid:28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:5e:13:7e:20:7c:a2:a6:c1:d8:fb:2e:7f:72:f1:78:cc:00: 21:28:7a:18:9f:db:1c:91:00:02:fb:d9:9b:98:b5:76:4c:40: 03:0c:08:8a:d7:b2:73:12:88:75:f7:d1:75:0b:b3:00:7a:18: cb:5b:a8:a6:66:e5:13:f2:19:34:d6:28:a4:8a:b6:6b:60:85: c8:37:15:f9:7b:ce:76:3b:2e:b7:00:98:b0:e5:85:af:1d:6d: f0:c6:d2:29:04:09:f1:6d:54:4b:17:ea:bb:21:2c:c6:a2:d4: b9:6d:9f:b3:10:c0:94:bf:68:1a:a7:79:7b:a9:f4:1b:a8:c0: 68:80:7e:b1:1b:da:01:eb:20:5f:8a:2b:02:c2:d1:bb:12:be: 78:bd:04:53:65:1c:c4:4e:4c:78:db:b6:ae:9f:dc:ea:6e:c5: e7:9d:bd:4d:00:ad:a7:98:7e:ad:97:28:af:3e:2d:d1:0b:a2: 51:36:9b:f7:74:05:88:28:f8:d2:0e:97:2e:d1:df:a8:05:e0: 4c:4c:a1:81:85:dd:3b:96:ba:9b:fa:96:7c:9a:88:9a:32:73: 97:8f:1a:17:ab:51:3a:91:11:17:82:12:c3:69:77:46:b4:b3: f8:81:5c:d5:4e:39:4a:3f:fc:52:00:f5:33:e1:35:1a:96:fb: 9b:c9:e1:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzYxMDkxMTAvBgNVBAUTKDI4RTAxNzdDNzBBNTcyNDcwN0RCQjE0OUVENTU3QzBG ODE1NkUwRTkwHhcNMjUxMjE4MjIwOTQ1WhcNMjUxMjI1MjIwOTQ1WjAYMRYwFAYD VQQDDA02OTQ0N2JhOS0yMDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtz82Uzmc0qs7qGQxyU0xtZ4QzDMbxFfT2OTiZXJ5EdNz0rqgyl0X8mW089nS KfAMGm66EC/7rg2pP9d9FB83NCEVtLKZ5GFjyt1RQbF5+U7hs2QgKrnaWaDZDdSU Wakbw9Zz9kLgHZ1sJJOnvsGF0KpzmVSGfYTb5SeQdRjafpOAas6aAHGguBkWtCg+ fe/MedHo3RbbAAdWr7QIC6/mYpb8Ae1LcZgdLFcEGMd1XGnVXWLrd4fd4XnP3knb ecEjg2uRd8uGNRLusBEbO/wuaJYVGQd2Gh5aWr0yadfYJRUM6fPWkUu3xG1Rwdq0 +cye9ZYT4l8eEKP3U+nZSQyAdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK4RaBac yErtI8SuvsxI+/pANT2VMB8GA1UdIwQYMBaAFCjgF3xwpXJHB9uxSe1VfA+BVuDp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjEwOS9DODIwNzIxMkM1 MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNrY0gyN0ZKN1ZWOEQ0Rlc0 T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPQVhmSENsY2tjSDI3Rko3VlY4RDRGVzRPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NjEwOS9DODIwNzIxMkM1MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNr Y0gyN0ZKN1ZWOEQ0Rlc0T2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/XhN+IHyipsHY+y5/cvF4zAAhKHoYn9sckQAC+9mbmLV2TEADDAiK 17JzEoh199F1C7MAehjLW6imZuUT8hk01iikirZrYIXINxX5e852Oy63AJiw5YWv HW3wxtIpBAnxbVRLF+q7ISzGotS5bZ+zEMCUv2gap3l7qfQbqMBogH6xG9oB6yBf iisCwtG7Er54vQRTZRzETkx427aun9zqbsXnnb1NAK2nmH6tlyivPi3RC6JRNpv3 dAWIKPjSDpcu0d+oBeBMTKGBhd07lrqb+pZ8moiaMnOXjxoXq1E6kREXghLDaXdG tLP4gVzVTjlKP/xSAPUz4TUalvubyeFu -----END CERTIFICATE-----Generated at Fri Dec 19 21:58:09 2025 by rpki-client