This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft File: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft (raw, json) Hash identifier: viOQtSOU7etw6elELSbUeEpdcZmDrFWywKjFIg3+AQo= Subject key identifier: 68:C1:12:D9:F0:8A:23:64:A4:AA:61:C5:A7:6F:6B:A6:25:F2:17:2A Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0BE8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft Manifest number: 0A1A Signing time: Fri 26 Dec 2025 20:55:03 +0000 Manifest this update: Fri 26 Dec 2025 20:55:03 +0000 Manifest next update: Fri 02 Jan 2026 20:55:03 +0000 Files and hashes: 1: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl (hash: ft0aJxbAw100wK+7R9vvKizIV+aEtI6i7RZZhM5NOBE=) 2: B8D1EFFECFF111F085D0CF76C4F9AE02.roa (hash: O3l12cVrUOS8U9iR93efMuyRPJjx+/kubWNGPD9xecQ=) 3: 93EE047E4BB511EE9309AA4EC4F9AE02.roa (hash: vQWuHkxNO3W+64VKIpJFVWJTeNRMIc+wKzNHsAhde4Q=) 4: 263DB02C4BB611EE9B959267C4F9AE02.roa (hash: uy/Ya9Uphz8yk5gzFrvw8K92wA25vKbiFTbIY5cp56U=) 5: 61EE2500936E11F091943583C4F9AE02.roa (hash: qQaUk6cquZP7nNyZHTQszjiLtFKFkr+G2zqYs9o1x6o=) 6: 72C9BE36950211EFAC892C5EC4F9AE02.roa (hash: tUqKc58G4NP/ZiNhEE4m52A3vGMH09GTzhVMgnnCe/8=) 7: AB96EF3852CD11ECAB209C5FC4F9AE02.roa (hash: KHmIhJVDnUN/JIAGOGyBUT9fEQNuIGqQSzduAjkMS7g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 Jan 2026 20:55:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3048 (0xbe8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Dec 26 20:55:03 2025 GMT Not After : Jan 2 20:55:03 2026 GMT Subject: CN=694ef627-9cf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:fa:bf:29:4a:e1:66:33:86:0d:20:92:0d:8b: af:f2:b3:67:ad:89:81:f3:df:82:66:b4:5a:e9:a7: e4:85:4e:58:45:b1:f9:08:14:70:32:b1:b2:45:f0: da:6f:ea:c0:39:66:ce:07:27:fd:19:db:5f:75:0a: 6f:13:70:10:6a:b6:cc:c7:db:af:64:89:87:4e:7c: ca:eb:cd:a8:2c:ce:02:18:6a:ab:1b:3b:01:f6:38: 25:0e:2a:4f:71:1f:2b:b7:7c:2d:94:68:c7:cc:58: 4d:30:bb:5f:cc:65:a6:88:91:b6:3a:38:98:6e:a2: d5:47:38:8e:13:62:6c:bd:01:61:69:e0:38:b3:fd: 15:c5:f2:2a:2e:88:cf:70:b6:df:6c:06:8d:5e:ab: 32:35:0e:c4:4d:52:80:3c:46:f5:5a:48:c9:9d:96: 80:d0:5a:04:dd:b6:5e:4c:4f:ae:78:1d:02:25:83: c7:92:82:cc:dd:a2:7c:55:60:64:98:a6:63:57:86: 62:55:e4:8c:74:1d:ea:09:94:d8:13:5b:86:f2:1d: 28:19:a7:81:9f:54:d4:c0:ad:c8:03:58:b2:f0:7b: 89:2e:46:16:17:d5:35:7b:ab:e9:97:da:d2:ab:a1: 77:2a:82:de:3d:f5:aa:e0:81:9c:86:74:5c:b7:29: b6:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:C1:12:D9:F0:8A:23:64:A4:AA:61:C5:A7:6F:6B:A6:25:F2:17:2A X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:4a:67:e8:00:9f:16:86:f6:3c:12:69:cc:13:5d:a3:f9:ad: e4:33:0e:a1:cb:00:e5:f8:0b:b0:49:d4:50:2e:02:1c:e3:e8: 02:06:bd:d5:0f:bd:13:d4:2b:28:f7:a8:5b:a7:4f:63:d6:f8: 11:56:46:d2:78:fb:f6:3d:08:3d:5e:f3:e1:3e:75:a1:50:f6: 6e:e4:98:ca:bb:3a:b5:f4:30:78:04:74:b9:a0:0a:d3:50:35: ef:ca:f3:fa:98:f4:05:28:51:8c:63:f1:ba:34:fb:98:9f:ad: 4e:d5:27:3b:24:d7:d4:bb:40:59:0e:69:6b:ab:50:94:dc:44: f1:17:e6:ee:cd:d6:17:47:53:7c:a3:e8:e6:ee:f0:a7:dd:cb: 4e:39:9d:c0:68:a4:02:a2:a1:fa:02:a3:28:8b:53:7a:97:2e: 05:fd:28:f5:ea:e9:5d:91:8f:f6:a7:0b:46:40:73:fd:3d:31: d2:ab:79:41:03:eb:19:41:7c:7b:60:9f:2e:cc:7a:c9:56:36: 03:f3:c2:64:ad:d3:7d:ff:af:c0:b3:2d:e5:b6:81:0a:bc:f9: 38:70:0f:3a:d0:ad:69:d8:13:98:10:c0:40:16:cc:d4:a3:54: cd:0a:6b:84:54:b8:0f:80:96:b8:e7:c9:e7:a0:35:49:f3:28: 2e:f4:50:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjUxMjI2MjA1NTAzWhcNMjYwMTAyMjA1NTAzWjAYMRYwFAYD VQQDDA02OTRlZjYyNy05Y2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArfq/KUrhZjOGDSCSDYuv8rNnrYmB89+CZrRa6afkhU5YRbH5CBRwMrGyRfDa b+rAOWbOByf9GdtfdQpvE3AQarbMx9uvZImHTnzK682oLM4CGGqrGzsB9jglDipP cR8rt3wtlGjHzFhNMLtfzGWmiJG2OjiYbqLVRziOE2JsvQFhaeA4s/0VxfIqLojP cLbfbAaNXqsyNQ7ETVKAPEb1WkjJnZaA0FoE3bZeTE+ueB0CJYPHkoLM3aJ8VWBk mKZjV4ZiVeSMdB3qCZTYE1uG8h0oGaeBn1TUwK3IA1iy8HuJLkYWF9U1e6vpl9rS q6F3KoLePfWq4IGchnRctym2mQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGjBEtnw iiNkpKphxadva6Yl8hcqMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0Q2Ny82OUU2QzE2QTQ0MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhf V0Q1Q1dwX3B0cHVWQnFXYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbSmfoAJ8WhvY8EmnME12j+a3kMw6hywDl+AuwSdRQLgIc4+gCBr3V D70T1Cso96hbp09j1vgRVkbSePv2PQg9XvPhPnWhUPZu5JjKuzq19DB4BHS5oArT UDXvyvP6mPQFKFGMY/G6NPuYn61O1Sc7JNfUu0BZDmlrq1CU3ETxF+buzdYXR1N8 o+jm7vCn3ctOOZ3AaKQCoqH6AqMoi1N6ly4F/Sj16uldkY/2pwtGQHP9PTHSq3lB A+sZQXx7YJ8uzHrJVjYD88JkrdN9/6/Asy3ltoEKvPk4cA860K1p2BOYEMBAFszU o1TNCmuEVLgPgJa458nnoDVJ8ygu9FAL -----END CERTIFICATE-----Generated at Fri Dec 26 23:10:29 2025 by rpki-client