This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91371E4/38247A70F16911E8B3A79D1EC4F9AE02/KbnmrAGSmMyglt6Jcancj3144dk.mft File: KbnmrAGSmMyglt6Jcancj3144dk.mft (raw, json) Hash identifier: LUHy9+ImhF/uCFH2fr9BY5eESJHH8O3riBus0VY9kHY= Subject key identifier: 69:F2:A6:CC:B0:0B:B0:5C:75:99:83:60:2C:B2:3C:2C:F4:F5:A2:95 Authority key identifier: 29:B9:E6:AC:01:92:98:CC:A0:96:DE:89:71:A9:DC:8F:7D:78:E1:D9 Certificate issuer: /CN=A91371E4/serialNumber=29B9E6AC019298CCA096DE8971A9DC8F7D78E1D9 Certificate serial: 1234 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KbnmrAGSmMyglt6Jcancj3144dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91371E4/38247A70F16911E8B3A79D1EC4F9AE02/KbnmrAGSmMyglt6Jcancj3144dk.mft Manifest number: 1228 Signing time: Sat 20 Dec 2025 16:52:32 +0000 Manifest this update: Sat 20 Dec 2025 16:52:31 +0000 Manifest next update: Sat 27 Dec 2025 16:52:31 +0000 Files and hashes: 1: KbnmrAGSmMyglt6Jcancj3144dk.crl (hash: lvMB1vo8CHBhruiVRb3L7RoxqlGqm7Fwr4VcowUQtsg=) 2: B6C2A27AF16A11E89550B621C4F9AE02.roa (hash: BFzxkw6Jl6Lyrixu4gWs2v/y+sObxx8rIEhHM4ZupXs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91371E4/38247A70F16911E8B3A79D1EC4F9AE02/KbnmrAGSmMyglt6Jcancj3144dk.crl rsync://rpki.apnic.net/member_repository/A91371E4/38247A70F16911E8B3A79D1EC4F9AE02/KbnmrAGSmMyglt6Jcancj3144dk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KbnmrAGSmMyglt6Jcancj3144dk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 16:52:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4660 (0x1234) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91371E4, serialNumber=29B9E6AC019298CCA096DE8971A9DC8F7D78E1D9 Validity Not Before: Dec 20 16:52:31 2025 GMT Not After : Dec 27 16:52:31 2025 GMT Subject: CN=6946d44f-574f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:8d:1c:df:b4:33:1f:92:67:47:cb:63:ed:e0: b8:3f:10:67:b2:44:bc:07:88:d9:36:90:ef:56:ed: dd:c2:ac:b1:5c:65:56:1e:67:89:16:2c:81:d6:5f: 9a:ed:3f:09:e7:3a:73:b9:fe:22:63:c2:9c:04:8f: 91:e6:60:81:5e:20:dd:7b:b4:2d:26:88:da:0a:45: 38:55:98:2a:01:8b:c1:0c:62:e7:e2:fc:89:da:f7: f6:53:7a:f1:46:34:36:72:a0:fc:fb:b7:e0:75:70: 70:36:94:5d:9d:1d:9b:3b:c7:e9:3c:81:17:0b:80: 3d:64:be:da:b8:bf:5a:ed:e9:9c:4c:72:eb:fe:d5: ad:27:5c:07:e8:1f:79:1a:ef:3e:a3:c3:59:ba:fc: 35:a0:28:f9:14:0a:c0:a0:35:45:3a:c7:93:1b:23: e5:c5:3f:50:5d:d5:b9:c4:b2:b0:f4:5b:4e:e2:73: ae:66:04:d3:72:99:44:18:8a:a9:36:d1:13:12:92: 32:10:c9:58:46:0c:e4:d5:3b:e2:16:4e:81:b6:09: 9e:07:60:23:cb:73:23:28:cc:20:4d:c0:9c:30:bf: f5:11:f4:60:9e:1d:fa:18:67:c7:4f:27:4a:2a:60: 3f:3e:6a:f6:b4:80:6f:c8:a5:5a:60:66:41:f4:24: 73:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:F2:A6:CC:B0:0B:B0:5C:75:99:83:60:2C:B2:3C:2C:F4:F5:A2:95 X509v3 Authority Key Identifier: keyid:29:B9:E6:AC:01:92:98:CC:A0:96:DE:89:71:A9:DC:8F:7D:78:E1:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91371E4/38247A70F16911E8B3A79D1EC4F9AE02/KbnmrAGSmMyglt6Jcancj3144dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KbnmrAGSmMyglt6Jcancj3144dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91371E4/38247A70F16911E8B3A79D1EC4F9AE02/KbnmrAGSmMyglt6Jcancj3144dk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:d4:7c:ab:b9:1f:20:ae:b1:cc:a6:18:a0:88:a4:de:82:0f: ad:64:1d:87:b6:05:99:86:9e:c7:54:6a:06:62:f3:ee:c1:e0: 1c:68:22:f3:33:ed:62:31:c9:43:64:b0:db:e3:97:49:4f:98: f5:35:e1:bf:d2:39:96:b9:83:3c:49:ed:7f:36:c6:99:2b:4c: a7:f2:35:b9:d9:1a:79:01:5e:c4:8c:48:ba:6f:21:8f:a1:09: 6c:48:45:f2:a3:1a:a6:5f:38:1a:bb:ca:36:15:a6:7a:3b:69: 48:78:a8:cf:0e:1c:ca:ab:d9:96:a2:90:20:38:5c:3b:5c:31: fd:d0:89:16:b2:61:b0:69:df:96:57:1b:b4:f1:59:51:a5:f4: ee:ba:0e:3c:bf:f4:8c:ad:db:a1:44:5f:dd:ae:20:10:79:2e: b3:b5:2e:37:82:cc:50:28:74:cc:7d:a9:82:cb:c5:b9:7c:2e: b4:e6:e7:d2:77:1d:23:e1:0a:a5:76:76:75:c8:27:ea:9b:0b: 2b:ba:5d:f2:66:2f:b7:d6:b9:08:7b:f0:7d:e9:f8:bf:fa:1e: f8:89:ed:34:29:c8:ca:ea:2f:ec:9c:8c:ae:4d:fb:ec:1d:c9: 6f:b8:2a:a6:e1:a7:35:f6:cb:dd:0a:dd:cf:7e:c5:03:d5:0e: c5:15:11:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzcxRTQxMTAvBgNVBAUTKDI5QjlFNkFDMDE5Mjk4Q0NBMDk2REU4OTcxQTlEQzhG N0Q3OEUxRDkwHhcNMjUxMjIwMTY1MjMxWhcNMjUxMjI3MTY1MjMxWjAYMRYwFAYD VQQDDA02OTQ2ZDQ0Zi01NzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAso0c37QzH5JnR8tj7eC4PxBnskS8B4jZNpDvVu3dwqyxXGVWHmeJFiyB1l+a 7T8J5zpzuf4iY8KcBI+R5mCBXiDde7QtJojaCkU4VZgqAYvBDGLn4vyJ2vf2U3rx RjQ2cqD8+7fgdXBwNpRdnR2bO8fpPIEXC4A9ZL7auL9a7emcTHLr/tWtJ1wH6B95 Gu8+o8NZuvw1oCj5FArAoDVFOseTGyPlxT9QXdW5xLKw9FtO4nOuZgTTcplEGIqp NtETEpIyEMlYRgzk1TviFk6BtgmeB2Ajy3MjKMwgTcCcML/1EfRgnh36GGfHTydK KmA/Pmr2tIBvyKVaYGZB9CRzHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGnypsyw C7BcdZmDYCyyPCz09aKVMB8GA1UdIwQYMBaAFCm55qwBkpjMoJbeiXGp3I99eOHZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNzFFNC8zODI0N0E3MEYx NjkxMUU4QjNBNzlEMUVDNEY5QUUwMi9LYm5tckFHU21NeWdsdDZKY2FuY2ozMTQ0 ZGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tibm1yQUdTbU15Z2x0NkpjYW5jajMxNDRkay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NzFFNC8zODI0N0E3MEYxNjkxMUU4QjNBNzlEMUVDNEY5QUUwMi9LYm5tckFHU21N eWdsdDZKY2FuY2ozMTQ0ZGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAS1HyruR8grrHMphigiKTegg+tZB2HtgWZhp7HVGoGYvPuweAcaCLz M+1iMclDZLDb45dJT5j1NeG/0jmWuYM8Se1/NsaZK0yn8jW52Rp5AV7EjEi6byGP oQlsSEXyoxqmXzgau8o2FaZ6O2lIeKjPDhzKq9mWopAgOFw7XDH90IkWsmGwad+W Vxu08VlRpfTuug48v/SMrduhRF/driAQeS6ztS43gsxQKHTMfamCy8W5fC605ufS dx0j4QqldnZ1yCfqmwsrul3yZi+31rkIe/B96fi/+h74ie00KcjK6i/snIyuTfvs HclvuCqm4ac19svdCt3PfsUD1Q7FFRES -----END CERTIFICATE-----Generated at Sun Dec 21 02:11:04 2025 by rpki-client