This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft File: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft (raw, json) Hash identifier: X+0J/BoKJzZkGRifZ5DG+J+LmwGaao+sTW+SRb3zGZo= Subject key identifier: 3E:05:A4:CE:39:61:19:EA:17:1B:4D:62:D4:4B:BA:17:18:6C:CD:E1 Authority key identifier: DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD Certificate issuer: /CN=A9147CA8/serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Certificate serial: 4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft Manifest number: 4B Signing time: Fri 19 Dec 2025 06:19:19 +0000 Manifest this update: Fri 19 Dec 2025 06:19:18 +0000 Manifest next update: Fri 26 Dec 2025 06:19:18 +0000 Files and hashes: 1: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl (hash: tfSNqJpqMsVrEmcWunBjtP6fAjHzmzf6t7qSuH/dKQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 06:19:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75 (0x4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147CA8, serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Validity Not Before: Dec 19 06:19:18 2025 GMT Not After : Dec 26 06:19:18 2025 GMT Subject: CN=6944ee66-127f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1e:88:55:8c:a8:06:22:44:8d:34:9f:71:57: 10:38:3c:59:1d:a1:ca:d4:37:40:25:25:99:d8:c0: 3c:a9:0f:2a:74:10:1d:43:f2:7b:7f:53:70:6d:21: 2e:5b:4f:3c:e6:2b:64:61:7c:b2:d8:89:60:69:55: 54:f3:43:b6:d5:79:c8:8d:78:68:c0:23:52:6b:5b: 7c:86:5e:93:61:8a:bc:45:57:c2:0d:11:d4:96:11: 6b:64:d1:10:9e:44:17:cf:de:d3:03:b0:2d:95:59: 75:99:ac:0f:94:05:6b:30:6e:84:b5:ae:fa:19:64: 6c:3a:76:c2:d8:9a:67:2f:fe:63:ee:0a:d1:7b:bc: 40:58:33:fe:a0:34:4f:6a:ca:8c:75:00:37:e3:6f: 54:5a:f5:b3:f9:8a:38:27:33:7e:51:ad:e3:3e:01: f2:d9:2e:20:f3:91:be:f8:28:84:9c:18:67:2f:9d: 96:e5:29:d8:61:cc:1b:9b:b8:ed:86:d5:9e:ab:6b: 04:bc:24:08:c0:51:9b:da:0d:ca:56:46:36:d4:bc: 4b:71:65:4a:39:ce:aa:fb:5b:49:18:b2:af:8c:45: 58:53:95:cb:80:dc:bc:8b:f2:32:11:31:9a:02:ac: 08:06:4f:13:42:33:ca:2d:33:f0:7a:19:91:79:12: af:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:05:A4:CE:39:61:19:EA:17:1B:4D:62:D4:4B:BA:17:18:6C:CD:E1 X509v3 Authority Key Identifier: keyid:DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:aa:06:92:aa:a9:02:cb:fe:6c:0a:34:74:71:a1:4e:a9:e4: d9:f7:f7:a7:72:38:00:5d:3c:80:02:15:04:cf:c6:2f:ea:d0: 27:c0:bc:c7:47:34:8d:af:31:9f:4a:c0:be:18:bc:87:b3:ad: 9f:36:bf:10:90:07:00:ca:dc:2c:bd:19:09:0b:58:f0:33:cf: d3:bd:51:97:50:c5:98:aa:d9:e5:9c:c7:8f:48:84:20:81:ab: 59:23:36:30:ac:37:15:e4:81:bd:bf:d4:26:e3:98:cd:98:fd: 45:10:f2:35:a1:72:9a:2d:22:be:0c:da:2d:51:d6:2b:22:cb: 91:16:1f:fa:06:65:48:73:4d:98:da:e5:b6:d9:b5:94:e9:14: 99:0f:dc:dd:12:42:ff:f0:61:1c:e3:5d:a0:fd:fd:7c:d5:79: f8:72:0e:d5:fe:ee:3a:eb:3e:45:ac:28:bc:4f:67:6b:a8:30: b9:78:c3:2f:5f:da:50:44:f0:83:81:fe:95:d5:38:54:98:0e: 5d:09:3c:3e:32:76:a6:fd:33:16:a0:14:18:29:c5:08:f3:01: cf:e6:d4:54:5e:fe:da:a8:b8:a3:35:23:a2:58:4f:83:ae:40: 14:85:16:7c:a6:7a:af:f5:76:d5:ce:f9:34:db:8d:49:ec:32: 1f:56:ee:4c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 N0NBODExMC8GA1UEBRMoREQyODA4MjhGRjA5OTZBOENCRUYyOUJGMEQ5MTRERjI1 MkRGMUNCRDAeFw0yNTEyMTkwNjE5MThaFw0yNTEyMjYwNjE5MThaMBgxFjAUBgNV BAMMDTY5NDRlZTY2LTEyN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOHohVjKgGIkSNNJ9xVxA4PFkdocrUN0AlJZnYwDypDyp0EB1D8nt/U3BtIS5b TzzmK2RhfLLYiWBpVVTzQ7bVeciNeGjAI1JrW3yGXpNhirxFV8INEdSWEWtk0RCe RBfP3tMDsC2VWXWZrA+UBWswboS1rvoZZGw6dsLYmmcv/mPuCtF7vEBYM/6gNE9q yox1ADfjb1Ra9bP5ijgnM35RreM+AfLZLiDzkb74KIScGGcvnZblKdhhzBubuO2G 1Z6rawS8JAjAUZvaDcpWRjbUvEtxZUo5zqr7W0kYsq+MRVhTlcuA3LyL8jIRMZoC rAgGTxNCM8otM/B6GZF5Eq+pAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPgWkzjlh GeoXG01i1Eu6FxhszeEwHwYDVR0jBBgwFoAU3SgIKP8JlqjL7ym/DZFN8lLfHL0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3Q0E4LzZBOUU5MTVDNkVF OTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFqTDd5bV9EWkZOOGxMZkhM MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM1NnSUtQOEpscWpMN3ltX0RaRk44bExmSEwwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 Q0E4LzZBOUU5MTVDNkVFOTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFq TDd5bV9EWkZOOGxMZkhMMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIaqBpKqqQLL/mwKNHRxoU6p5Nn396dyOABdPIACFQTPxi/q0CfAvMdH NI2vMZ9KwL4YvIezrZ82vxCQBwDK3Cy9GQkLWPAzz9O9UZdQxZiq2eWcx49IhCCB q1kjNjCsNxXkgb2/1CbjmM2Y/UUQ8jWhcpotIr4M2i1R1isiy5EWH/oGZUhzTZja 5bbZtZTpFJkP3N0SQv/wYRzjXaD9/XzVefhyDtX+7jrrPkWsKLxPZ2uoMLl4wy9f 2lBE8IOB/pXVOFSYDl0JPD4ydqb9MxagFBgpxQjzAc/m1FRe/tqouKM1I6JYT4Ou QBSFFnymeq/1dtXO+TTbjUnsMh9W7kw= -----END CERTIFICATE-----Generated at Fri Dec 19 17:47:13 2025 by rpki-client