This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft File: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json) Hash identifier: 8rkVe7vW2Gfy4LF1yIFKY0HfutK2XvVz4HpnVG7P0cI= Subject key identifier: F8:E3:F0:74:EA:45:3D:7B:A8:31:A8:5A:1A:9F:1E:45:FC:9B:4E:D0 Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 Certificate issuer: /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Certificate serial: 0EC0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft Manifest number: 0EB8 Signing time: Thu 18 Dec 2025 17:27:49 +0000 Manifest this update: Thu 18 Dec 2025 17:27:49 +0000 Manifest next update: Thu 25 Dec 2025 17:27:49 +0000 Files and hashes: 1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: 7o60d/rMbk6BmiLATaqSuY57hBbi+EUDwl1XeqNatlY=) 2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 17:27:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3776 (0xec0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Validity Not Before: Dec 18 17:27:49 2025 GMT Not After : Dec 25 17:27:49 2025 GMT Subject: CN=69443995-fe5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:5b:51:9d:c8:9e:ca:1a:9b:4e:c6:b7:23:e2: eb:cb:b7:9d:38:a9:14:af:c8:35:8b:20:e3:46:14: 17:f0:66:ce:81:fb:09:0a:a2:3b:c5:17:b1:a0:1c: c1:e7:66:21:3e:f3:a4:2a:5b:d3:93:10:8b:bf:e6: 39:63:21:2a:a2:24:3a:28:16:78:0f:b1:47:2b:a4: b4:a6:4d:33:78:24:09:d0:fa:6b:c1:e0:41:09:d6: 93:03:bd:d9:5d:20:89:d7:e1:c9:6f:6f:3f:49:02: 01:52:e2:42:78:67:86:27:cd:5c:c8:21:5c:f5:53: ae:24:d3:4a:66:93:5c:53:35:af:b2:7b:90:e3:cc: 0a:e6:ea:fa:aa:d6:c3:cd:40:fc:56:73:4a:11:87: 81:42:7e:99:72:f7:6b:56:e4:77:75:90:f2:52:8c: 4b:7f:21:b8:ca:bb:5b:7c:57:31:f0:60:b1:05:4c: 39:c9:1b:99:bd:b8:40:92:03:8f:79:4a:ee:be:55: ea:90:53:a8:b2:2a:fc:11:a5:3f:90:43:2c:03:70: 32:21:61:d6:d2:f8:6b:fe:ee:12:e3:21:c9:69:ac: c7:7b:a4:00:6a:6d:d5:32:91:f9:fb:c9:fb:26:e6: 04:70:d9:6f:ca:92:21:7f:30:b9:fb:bb:2e:a4:11: 25:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:E3:F0:74:EA:45:3D:7B:A8:31:A8:5A:1A:9F:1E:45:FC:9B:4E:D0 X509v3 Authority Key Identifier: keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:96:d6:df:59:8b:98:68:2c:bf:6c:fe:ba:18:88:56:12:97: 69:9c:70:b3:bd:c9:7b:fa:a5:ae:b8:ea:0d:b0:c5:fc:dd:4a: aa:d2:01:29:b8:2a:09:14:f5:38:bf:d2:cd:ae:91:f5:d0:56: 58:5e:e0:e0:40:11:c5:89:01:56:5d:40:84:49:45:08:99:20: 2f:bf:1c:63:46:53:63:90:2c:76:bb:75:17:f3:ae:77:99:69: c8:25:78:e7:a8:05:ae:f7:53:85:47:24:00:01:70:8c:b5:48: e8:0c:57:16:b0:a4:a5:bf:28:61:57:62:50:cb:3a:0a:c0:cd: c0:b8:eb:1b:79:ac:0b:7f:b1:ff:12:07:76:3b:6e:bf:62:f3: eb:7a:81:12:9b:f2:d9:ac:be:1c:32:75:1c:79:e6:73:a4:99: 9c:03:47:34:35:27:60:dd:28:6c:97:fb:4f:3c:4c:ca:e7:92: ed:a9:3f:e4:19:99:a3:f4:e6:3c:7f:91:54:34:28:7f:6d:4e: df:43:4b:2d:d1:95:0d:0d:67:f4:2a:33:17:54:16:9a:91:dd: 09:ef:11:0a:e5:41:ba:10:90:b6:c8:0c:91:28:3d:a6:28:8b: bf:24:29:ed:37:3b:5c:cb:53:5f:04:94:9a:83:6f:09:70:e3: 89:e5:f5:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDsAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5 QTRGMEExMTQwHhcNMjUxMjE4MTcyNzQ5WhcNMjUxMjI1MTcyNzQ5WjAYMRYwFAYD VQQDDA02OTQ0Mzk5NS1mZTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr1tRncieyhqbTsa3I+Lry7edOKkUr8g1iyDjRhQX8GbOgfsJCqI7xRexoBzB 52YhPvOkKlvTkxCLv+Y5YyEqoiQ6KBZ4D7FHK6S0pk0zeCQJ0PprweBBCdaTA73Z XSCJ1+HJb28/SQIBUuJCeGeGJ81cyCFc9VOuJNNKZpNcUzWvsnuQ48wK5ur6qtbD zUD8VnNKEYeBQn6ZcvdrVuR3dZDyUoxLfyG4yrtbfFcx8GCxBUw5yRuZvbhAkgOP eUruvlXqkFOosir8EaU/kEMsA3AyIWHW0vhr/u4S4yHJaazHe6QAam3VMpH5+8n7 JuYEcNlvypIhfzC5+7supBElSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPjj8HTq RT17qDGoWhqfHkX8m07QMB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFltbfWYuYaCy/bP66GIhWEpdpnHCzvcl7+qWuuOoNsMX83Uqq0gEp uCoJFPU4v9LNrpH10FZYXuDgQBHFiQFWXUCESUUImSAvvxxjRlNjkCx2u3UX8653 mWnIJXjnqAWu91OFRyQAAXCMtUjoDFcWsKSlvyhhV2JQyzoKwM3AuOsbeawLf7H/ Egd2O26/YvPreoESm/LZrL4cMnUceeZzpJmcA0c0NSdg3Shsl/tPPEzK55LtqT/k GZmj9OY8f5FUNCh/bU7fQ0st0ZUNDWf0KjMXVBaakd0J7xEK5UG6EJC2yAyRKD2m KIu/JCntNztcy1NfBJSag28JcOOJ5fVe -----END CERTIFICATE-----Generated at Fri Dec 19 23:59:21 2025 by rpki-client