This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft File: d9okgAToxYcr33K6wSIsfMtujjc.mft (raw, json) Hash identifier: QfTnX0PXSRok2i0qNAVSHsKys48c+lp7/KL/RcZ5YKQ= Subject key identifier: CD:50:B1:A5:FB:AD:13:3F:58:A0:21:67:1D:2B:9C:56:E3:91:98:CD Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 09E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft Manifest number: 09C3 Signing time: Sat 20 Dec 2025 19:27:04 +0000 Manifest this update: Sat 20 Dec 2025 19:27:03 +0000 Manifest next update: Sat 27 Dec 2025 19:27:03 +0000 Files and hashes: 1: d9okgAToxYcr33K6wSIsfMtujjc.crl (hash: OjpXa+VMsxJF+sXGcBGr3iQAIlkmcDtG/OEG0iF7u0Y=) 2: 3AFD491C99E611EAB3C00943C4F9AE02.roa (hash: fDQ1zYNxLplPrz4Qpls9Fd7tB57/fNGS1+72t/RyA84=) 3: 3A58D9F499E611EAB3C00943C4F9AE02.roa (hash: +eSXmzBbgmezGg93b3TG7JXzkYgFkvNOYfX8lsh6cSU=) 4: 3BABBD7699E611EAB3C00943C4F9AE02.roa (hash: 39xXi+BE3qKyQgrVuislk1mPEFnbEpJPwLiHtitE6BQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 19:27:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2532 (0x9e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Dec 20 19:27:03 2025 GMT Not After : Dec 27 19:27:03 2025 GMT Subject: CN=6946f888-fa1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:f7:4e:cd:2a:ef:c6:38:63:26:ea:ba:4d:d8: b3:3f:1a:5d:e7:6e:44:b4:b0:92:fe:3b:04:50:92: 5e:05:cb:e0:10:da:af:98:e9:cf:2e:76:4d:77:d7: 24:b8:02:92:3c:04:84:f1:ca:73:21:60:dd:1c:5b: 40:24:77:6b:cf:31:e3:6c:08:88:10:73:71:f8:dd: 88:10:2e:2c:01:b4:9f:2a:e3:42:6b:65:53:47:20: 77:48:78:e8:21:37:a5:b6:b6:94:58:22:b6:bf:eb: 83:94:4f:94:cd:fa:50:e2:3b:79:be:fe:0e:a4:14: 3f:cc:27:84:fc:74:e3:15:6d:5b:e5:a1:14:8e:c3: 17:62:a1:20:46:32:8c:92:05:19:5a:17:0f:b0:cf: 56:22:1c:f9:23:61:26:8a:61:a3:bb:83:a9:c5:27: 2e:d1:ca:87:cf:7f:8a:fc:e4:b0:45:20:03:f4:05: c0:15:9d:82:61:36:b4:28:0b:29:c2:49:3a:b2:05: 2c:2a:40:bb:a1:68:69:cd:6b:23:f7:07:18:ba:e8: ef:68:a1:f8:9a:f3:61:dc:cb:fe:7a:a5:e0:a1:b9: 82:08:5f:68:41:55:84:f0:c2:9e:c9:9a:04:48:56: aa:1d:57:9f:8f:14:7b:62:92:89:43:f2:d9:b2:e3: 9b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:50:B1:A5:FB:AD:13:3F:58:A0:21:67:1D:2B:9C:56:E3:91:98:CD X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:4a:cf:ee:a4:58:65:59:02:5c:94:85:67:21:96:ba:39:2a: 60:38:a2:fe:5e:d1:cf:52:5c:06:f2:52:29:23:9f:da:30:40: c9:d6:2b:a0:d4:f0:8b:0c:c3:08:f7:8d:7e:8f:1e:a2:bc:c0: e8:bf:04:f2:ba:6d:67:0e:32:88:0e:d6:bf:4d:5d:ca:d6:04: cd:a7:36:06:06:8a:43:eb:2b:03:4f:f4:57:5f:e2:6e:ad:b1: fe:73:09:05:3f:d5:50:3d:d2:c2:2d:6d:a5:c8:53:de:6e:d0: c2:01:4a:5e:bc:a1:b2:c7:b8:c2:f3:ed:b4:b6:aa:9c:62:e9: ea:ee:79:db:45:ce:4a:b8:6f:8a:b8:14:b6:98:c3:97:09:d0: e4:63:be:16:88:26:82:64:27:3d:ae:60:8e:a7:56:d3:12:84: c1:bb:c9:2e:e5:dd:52:35:9b:14:a0:bd:b4:73:45:6f:ff:a5: a9:de:0f:53:8c:f5:8d:c0:93:8a:0e:d3:89:c1:70:78:50:bf: a6:16:66:2f:38:b8:7a:33:46:94:ff:06:12:aa:82:70:ca:ef: e5:e3:71:00:61:5a:f9:76:da:2a:83:37:93:f0:73:ac:70:03: 54:d7:dd:2f:68:98:5c:47:d6:54:60:af:8c:ad:58:67:a2:67: 33:f6:44:cc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCeQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjUxMjIwMTkyNzAzWhcNMjUxMjI3MTkyNzAzWjAYMRYwFAYD VQQDDA02OTQ2Zjg4OC1mYTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5vdOzSrvxjhjJuq6TdizPxpd525EtLCS/jsEUJJeBcvgENqvmOnPLnZNd9ck uAKSPASE8cpzIWDdHFtAJHdrzzHjbAiIEHNx+N2IEC4sAbSfKuNCa2VTRyB3SHjo ITeltraUWCK2v+uDlE+UzfpQ4jt5vv4OpBQ/zCeE/HTjFW1b5aEUjsMXYqEgRjKM kgUZWhcPsM9WIhz5I2EmimGju4OpxScu0cqHz3+K/OSwRSAD9AXAFZ2CYTa0KAsp wkk6sgUsKkC7oWhpzWsj9wcYuujvaKH4mvNh3Mv+eqXgobmCCF9oQVWE8MKeyZoE SFaqHVefjxR7YpKJQ/LZsuObjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM1QsaX7 rRM/WKAhZx0rnFbjkZjNMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NjM0Mi9CREY4OTA4MDk5RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZ Y3IzM0s2d1NJc2ZNdHVqamMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOSs/upFhlWQJclIVnIZa6OSpgOKL+XtHPUlwG8lIpI5/aMEDJ1iug 1PCLDMMI941+jx6ivMDovwTyum1nDjKIDta/TV3K1gTNpzYGBopD6ysDT/RXX+Ju rbH+cwkFP9VQPdLCLW2lyFPebtDCAUpevKGyx7jC8+20tqqcYunq7nnbRc5KuG+K uBS2mMOXCdDkY74WiCaCZCc9rmCOp1bTEoTBu8ku5d1SNZsUoL20c0Vv/6Wp3g9T jPWNwJOKDtOJwXB4UL+mFmYvOLh6M0aU/wYSqoJwyu/l43EAYVr5dtoqgzeT8HOs cANU190vaJhcR9ZUYK+MrVhnomcz9kTM -----END CERTIFICATE-----Generated at Sun Dec 21 13:43:02 2025 by rpki-client