This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: zbCRhs92C3LR7ftz6eyK15u5kkUlQRVTKS0l/fWdiuE= Subject key identifier: A7:00:0C:D1:B6:4E:FB:DF:2A:5B:4D:9D:17:EF:45:AB:FE:7F:3E:C2 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0CAD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0CA6 Signing time: Sat 20 Dec 2025 17:57:48 +0000 Manifest this update: Sat 20 Dec 2025 17:57:48 +0000 Manifest next update: Sat 27 Dec 2025 17:57:48 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: UWp0GEyAh0zg3yfqy1IPDh/4SSM3OLv5UBh0KhUkJp0=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: zg4ngSvDnII0EgnGozN5wPgIbLHYCQwnbwFPTUFG8lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 17:57:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3245 (0xcad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Dec 20 17:57:48 2025 GMT Not After : Dec 27 17:57:48 2025 GMT Subject: CN=6946e39c-5196 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:35:e8:d5:db:21:a9:6a:bb:10:b7:fe:0f:d0: ab:46:ba:92:88:36:0f:a3:2b:0b:c5:c7:8a:a6:6c: ad:13:0e:56:6e:28:f9:bf:12:7c:13:99:73:aa:11: f9:33:e8:a0:f2:bc:66:e2:e4:29:4f:f8:d4:7d:0c: 2a:bb:7d:1e:2f:3a:8f:11:c7:10:6a:6f:78:b1:dc: 6f:38:50:d7:c7:94:df:84:81:c3:09:21:1a:5b:d2: 1b:45:75:a1:91:cf:b4:af:3d:07:72:04:35:2f:ca: 5d:71:61:86:46:be:04:6d:c4:ba:c5:63:88:3d:00: b5:e1:32:5a:43:bf:e8:16:17:18:dd:62:da:5f:53: 27:79:64:e1:b5:62:15:bf:3c:8c:aa:19:28:eb:5d: 2a:d7:1a:b2:4f:69:8f:37:bf:90:e8:d4:ca:7d:c9: dd:b9:10:d4:30:b7:7b:6d:96:94:62:d4:0a:ef:1e: 12:00:55:dd:b5:75:ed:92:ca:83:2c:7c:10:69:51: 02:5b:8a:87:61:d9:4b:f9:0e:4d:4f:67:e3:6a:6d: 20:be:1a:3f:88:f4:36:5a:e1:91:2e:90:1d:d9:c0: 9a:f1:42:7d:1c:81:6c:5d:8a:66:e1:2e:f7:e0:65: ff:fc:2f:2d:4e:31:bb:d8:3f:30:37:56:2e:36:e3: c1:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:00:0C:D1:B6:4E:FB:DF:2A:5B:4D:9D:17:EF:45:AB:FE:7F:3E:C2 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:4c:ce:c0:f0:80:4a:e7:db:91:85:65:4d:5b:67:4c:97:30: dc:0c:38:6f:00:f6:4b:29:d0:c8:23:d7:43:4e:0c:70:2b:fe: 9a:5f:1d:d6:67:c0:74:da:bc:12:94:11:fc:f5:13:8d:38:31: 2f:ae:48:e1:d7:00:65:de:54:e9:3c:fb:f9:84:65:91:54:6b: 98:ae:fb:eb:97:e7:3c:46:1f:02:91:a5:2d:2a:d0:5e:48:aa: c7:b6:a4:1b:7f:be:1d:09:63:e4:ea:0a:63:10:12:fc:d0:33: 89:d2:52:bd:71:e2:3d:21:65:de:d7:48:6d:04:ef:46:89:99: ff:72:27:75:c6:c0:fc:f0:23:52:b8:d9:25:90:cf:5f:10:f9: 3e:ee:91:5f:0a:bc:24:33:14:1d:0a:41:ea:57:8f:b9:ec:6a: 6e:9d:e1:78:83:34:20:e7:a6:99:b1:8e:59:03:52:3e:97:cd: d9:c2:bc:23:47:cc:80:6d:4a:57:8e:b0:ea:1d:c1:73:3c:47: 0c:29:47:dc:3b:e2:51:a4:60:1d:82:32:3d:9f:0a:d1:6e:ed: d7:d3:e9:ed:0d:4b:b2:1b:9a:fb:8f:12:dd:16:87:76:f0:83: f4:1e:2e:67:a2:a1:74:5b:d9:ea:c1:9d:2b:91:50:6a:89:cb: 25:91:a6:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUxMjIwMTc1NzQ4WhcNMjUxMjI3MTc1NzQ4WjAYMRYwFAYD VQQDDA02OTQ2ZTM5Yy01MTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxjXo1dshqWq7ELf+D9CrRrqSiDYPoysLxceKpmytEw5Wbij5vxJ8E5lzqhH5 M+ig8rxm4uQpT/jUfQwqu30eLzqPEccQam94sdxvOFDXx5TfhIHDCSEaW9IbRXWh kc+0rz0HcgQ1L8pdcWGGRr4EbcS6xWOIPQC14TJaQ7/oFhcY3WLaX1MneWThtWIV vzyMqhko610q1xqyT2mPN7+Q6NTKfcnduRDUMLd7bZaUYtQK7x4SAFXdtXXtksqD LHwQaVECW4qHYdlL+Q5NT2fjam0gvho/iPQ2WuGRLpAd2cCa8UJ9HIFsXYpm4S73 4GX//C8tTjG72D8wN1YuNuPBlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKcADNG2 TvvfKltNnRfvRav+fz7CMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYTM7A8IBK59uRhWVNW2dMlzDcDDhvAPZLKdDII9dDTgxwK/6aXx3W Z8B02rwSlBH89RONODEvrkjh1wBl3lTpPPv5hGWRVGuYrvvrl+c8Rh8CkaUtKtBe SKrHtqQbf74dCWPk6gpjEBL80DOJ0lK9ceI9IWXe10htBO9GiZn/cid1xsD88CNS uNklkM9fEPk+7pFfCrwkMxQdCkHqV4+57GpuneF4gzQg56aZsY5ZA1I+l83Zwrwj R8yAbUpXjrDqHcFzPEcMKUfcO+JRpGAdgjI9nwrRbu3X0+ntDUuyG5r7jxLdFod2 8IP0Hi5noqF0W9nqwZ0rkVBqicslkaY2 -----END CERTIFICATE-----Generated at Sat Dec 20 22:24:55 2025 by rpki-client