This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft File: 320AK7yrolDSrmtEVOPL_WfSx-o.mft (raw, json) Hash identifier: hua6lnO49bnqPWz7A2kZiWZVLQS3HZFPUr2/QIOQj5Q= Subject key identifier: 4E:0C:A8:81:D7:F6:81:94:08:E0:FD:F4:77:88:92:BB:15:43:80:1F Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Certificate serial: 09FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft Manifest number: 09F3 Signing time: Fri 26 Dec 2025 19:18:15 +0000 Manifest this update: Fri 26 Dec 2025 19:18:14 +0000 Manifest next update: Fri 02 Jan 2026 19:18:14 +0000 Files and hashes: 1: 320AK7yrolDSrmtEVOPL_WfSx-o.crl (hash: /7EXB2lMdF9fFY/0CYX00vxHYRNjBbxbtl93VVq7tb4=) 2: C07738FE9F4511EB88EBCA76C4F9AE02.roa (hash: 4EX6NY3ufYSUTvJdu2riLSr05m0sa3A6m+1xwUYJIdg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 Jan 2026 19:18:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2558 (0x9fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143DE2, serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Validity Not Before: Dec 26 19:18:14 2025 GMT Not After : Jan 2 19:18:14 2026 GMT Subject: CN=694edf76-4645 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:cb:0b:e5:8a:2d:dc:92:f1:c5:ad:bf:7b:f5: 51:44:83:8f:ab:f5:bb:9c:87:19:6d:e3:d0:0c:32: fa:e6:19:25:30:8e:d8:d1:1f:2e:f6:52:2e:3c:66: 47:57:f1:1a:c4:85:0e:23:05:d2:ab:1e:5e:7e:75: cd:60:13:d8:61:b9:d6:33:e4:00:d6:59:04:33:f1: 5b:b9:b0:44:51:d7:3e:7c:0a:5a:c1:aa:1d:7b:dd: a1:59:ad:2d:14:4b:1e:73:fb:e3:65:64:f8:3e:67: 39:fc:c4:ea:e5:9f:41:a0:2d:e7:c6:8b:70:64:67: 5f:34:d8:8e:d9:cd:91:17:d3:0f:62:32:2a:f2:ee: a9:0f:4c:4c:29:b5:ab:e4:b4:e7:e3:d7:19:d9:23: 57:f9:54:02:37:68:75:e5:e2:57:26:2a:72:c1:b8: 25:da:91:53:9a:df:e6:74:e9:49:1d:43:3c:57:e3: 04:10:40:b7:26:2e:3f:aa:4d:a9:7a:8b:9d:06:f0: fd:66:c6:7d:b7:a8:ab:6e:cf:f2:cb:74:1a:d7:44: ae:8a:e1:10:44:c4:34:ab:2d:12:a1:df:49:5d:cd: ac:d5:54:4a:cf:eb:68:7c:96:d3:77:67:2e:84:3b: db:61:d8:34:ca:50:98:9d:b5:7a:af:02:ea:f0:94: d0:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:0C:A8:81:D7:F6:81:94:08:E0:FD:F4:77:88:92:BB:15:43:80:1F X509v3 Authority Key Identifier: keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:70:ee:47:76:51:ae:ae:ed:70:d4:45:57:b1:38:ad:67:b5: 0d:83:87:1b:c8:65:b9:1a:21:03:cc:1b:5e:3f:a1:90:29:57: 6d:7c:71:15:23:ea:05:2d:7c:72:c5:a0:6b:7d:f0:b1:2f:8a: d3:ec:c0:09:7d:40:bf:26:b2:11:07:7c:5e:4a:7a:7a:28:56: 2a:1c:c3:56:3d:6a:d7:b9:02:df:fb:8a:b3:fa:99:bf:ad:98: 91:6d:d1:fa:98:be:ed:9c:70:74:f6:91:25:77:6f:95:21:38: 33:81:4c:0b:0d:cf:11:49:46:8e:87:e4:4a:c5:44:e6:10:7b: 63:eb:bf:1a:7e:e9:93:e2:32:1a:09:a5:f6:ca:4c:26:f7:bb: 99:72:9c:96:3a:98:af:14:71:72:a4:73:93:bc:09:ef:3b:2c: 26:d5:9c:44:9a:ad:c6:7f:88:ca:57:32:a2:17:30:88:ad:ad: 5e:42:14:6c:af:73:87:76:35:ef:72:38:e6:17:39:4f:79:58: 59:c9:ec:23:69:44:e9:eb:70:8b:5e:95:f5:b4:1b:44:e8:b6: a7:1f:af:45:22:da:63:f1:e9:11:b1:6e:c2:4e:5f:2d:1f:7c: 04:62:2d:41:7f:a6:f2:1a:72:80:dc:98:be:16:e7:61:27:88: de:92:fa:4f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE NjdEMkM3RUEwHhcNMjUxMjI2MTkxODE0WhcNMjYwMTAyMTkxODE0WjAYMRYwFAYD VQQDDA02OTRlZGY3Ni00NjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv8sL5Yot3JLxxa2/e/VRRIOPq/W7nIcZbePQDDL65hklMI7Y0R8u9lIuPGZH V/EaxIUOIwXSqx5efnXNYBPYYbnWM+QA1lkEM/FbubBEUdc+fApawaode92hWa0t FEsec/vjZWT4Pmc5/MTq5Z9BoC3nxotwZGdfNNiO2c2RF9MPYjIq8u6pD0xMKbWr 5LTn49cZ2SNX+VQCN2h15eJXJipywbgl2pFTmt/mdOlJHUM8V+MEEEC3Ji4/qk2p eoudBvD9ZsZ9t6irbs/yy3Qa10SuiuEQRMQ0qy0Sod9JXc2s1VRKz+tofJbTd2cu hDvbYdg0ylCYnbV6rwLq8JTQjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE4MqIHX 9oGUCOD99HeIkrsVQ4AfMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4 LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0RFMi9EMjE4REQ1MjhFOTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9s RFNybXRFVk9QTF9XZlN4LW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAcO5HdlGuru1w1EVXsTitZ7UNg4cbyGW5GiEDzBteP6GQKVdtfHEV I+oFLXxyxaBrffCxL4rT7MAJfUC/JrIRB3xeSnp6KFYqHMNWPWrXuQLf+4qz+pm/ rZiRbdH6mL7tnHB09pEld2+VITgzgUwLDc8RSUaOh+RKxUTmEHtj678afumT4jIa CaX2ykwm97uZcpyWOpivFHFypHOTvAnvOywm1ZxEmq3Gf4jKVzKiFzCIra1eQhRs r3OHdjXvcjjmFzlPeVhZyewjaUTp63CLXpX1tBtE6LanH69FItpj8ekRsW7CTl8t H3wEYi1Bf6byGnKA3Ji+FudhJ4jekvpP -----END CERTIFICATE-----Generated at Sat Dec 27 19:27:50 2025 by rpki-client