This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft File: 2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft (raw, json) Hash identifier: 5shMHgrsmnXfcn1hlMjVhf7cNpB00PdMrPVwv8mzmEo= Subject key identifier: DF:EE:52:9E:0D:8E:16:E1:A3:F7:0A:B2:72:86:59:85:B3:49:91:31 Authority key identifier: D9:5D:A1:17:14:12:30:0A:B5:3B:3E:48:70:F2:F4:41:F0:6C:81:24 Certificate issuer: /CN=A9159ECD/serialNumber=D95DA1171412300AB53B3E4870F2F441F06C8124 Certificate serial: 0120 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft Manifest number: 011D Signing time: Tue 06 Jan 2026 22:29:54 +0000 Manifest this update: Tue 06 Jan 2026 22:29:54 +0000 Manifest next update: Tue 13 Jan 2026 22:29:54 +0000 Files and hashes: 1: 2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl (hash: qnDt0+aK1rf/N4V0TDiWJAgMz92YMS2znq7FSUrIrQI=) 2: 5A4723DA6F3C11EF8FD45F13C4F9AE02.roa (hash: nJrP5XyTG2U3goSrQUjPEnvTLR/1/bqUd5TtsJOT5YA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 Jan 2026 22:29:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 288 (0x120) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9159ECD, serialNumber=D95DA1171412300AB53B3E4870F2F441F06C8124 Validity Not Before: Jan 6 22:29:54 2026 GMT Not After : Jan 13 22:29:54 2026 GMT Subject: CN=695d8ce2-5645 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:73:b0:e8:4d:77:b9:fb:13:14:09:9b:a0:79: 8f:da:e0:57:7f:ab:1b:39:25:38:3b:ae:9a:64:d1: 49:44:c8:15:dd:d4:d3:fe:75:34:c9:f5:8e:27:13: 90:25:2f:3f:fe:d4:02:4d:7a:fc:1e:bb:0a:0d:5a: 66:33:2c:cc:4f:fd:71:69:c9:a7:86:a9:73:f1:30: 80:14:59:74:91:ee:8e:ff:81:e0:3b:80:53:31:11: aa:4b:e4:1d:fc:50:ff:b5:1b:09:89:3c:dc:a2:6a: 2e:35:d5:c3:3e:50:67:bc:98:0d:69:ff:74:b6:ce: f4:ea:6f:bf:0c:04:f5:3b:c3:f3:e1:28:5f:77:05: 66:1f:ad:d1:11:2c:34:09:a0:34:88:d6:76:d5:e4: f8:be:68:b9:ec:1a:4d:2e:74:96:8e:a8:6d:9d:7e: 0a:19:c5:e0:a4:55:24:71:66:bc:06:e6:a6:76:db: 03:4d:ae:06:b3:cb:cf:e5:73:a7:b5:c7:65:50:2c: 05:11:a9:25:10:d4:6a:4d:af:bc:3d:1b:46:c7:c6: 35:7f:d8:8b:58:dc:8c:38:bc:ef:9e:66:1b:a9:8a: 21:13:cb:f4:40:7e:82:f2:7a:fd:45:9f:55:c8:c8: e6:63:00:87:d8:ed:a8:fa:f7:e5:32:8d:58:1d:8c: 6a:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:EE:52:9E:0D:8E:16:E1:A3:F7:0A:B2:72:86:59:85:B3:49:91:31 X509v3 Authority Key Identifier: keyid:D9:5D:A1:17:14:12:30:0A:B5:3B:3E:48:70:F2:F4:41:F0:6C:81:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:63:1a:77:42:29:95:3b:dd:18:76:6a:b3:ad:93:c5:7a:bb: 84:9a:ae:18:a2:5b:f7:c1:33:5e:56:97:8c:d7:19:52:61:20: 14:13:b7:b9:9e:c2:03:8b:cd:22:16:d3:74:23:1c:35:ec:2b: 0b:80:33:86:b6:19:c6:c7:7b:37:f5:98:b7:bc:cc:ba:14:8d: 9e:54:6b:c9:cf:3e:4e:12:3c:d2:7e:57:81:bc:1b:f6:3d:6a: 95:2e:07:5f:79:47:c4:03:79:31:72:f1:e1:82:35:dd:93:bb: e1:2c:ff:ef:99:4c:e0:f3:a0:c7:40:7c:14:a8:8d:d2:bb:f1: 8d:4f:38:3c:0b:81:b0:09:88:b7:e7:d1:0c:0d:33:46:bb:ab: 64:7e:1f:b6:88:17:52:7b:58:1a:b4:f4:68:fe:1b:3e:bd:36: 52:b0:95:5e:35:9a:f3:6c:39:95:06:a7:b2:a3:b9:73:30:d7: e9:62:91:89:fb:ff:00:b7:70:af:b6:18:b0:fe:9c:6b:34:30: fa:38:5c:15:0b:07:0a:21:d3:8e:c0:8b:b2:91:1d:b3:43:25: 80:af:86:10:a8:e0:be:6b:25:dd:89:f2:66:ff:b8:c6:22:cb: 61:30:a3:2b:b4:eb:06:c0:42:77:78:1b:83:22:3c:0f:6c:c4: 36:8e:8f:cc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTlFQ0QxMTAvBgNVBAUTKEQ5NURBMTE3MTQxMjMwMEFCNTNCM0U0ODcwRjJGNDQx RjA2QzgxMjQwHhcNMjYwMTA2MjIyOTU0WhcNMjYwMTEzMjIyOTU0WjAYMRYwFAYD VQQDDA02OTVkOGNlMi01NjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvHOw6E13ufsTFAmboHmP2uBXf6sbOSU4O66aZNFJRMgV3dTT/nU0yfWOJxOQ JS8//tQCTXr8HrsKDVpmMyzMT/1xacmnhqlz8TCAFFl0ke6O/4HgO4BTMRGqS+Qd /FD/tRsJiTzcomouNdXDPlBnvJgNaf90ts706m+/DAT1O8Pz4ShfdwVmH63RESw0 CaA0iNZ21eT4vmi57BpNLnSWjqhtnX4KGcXgpFUkcWa8BuamdtsDTa4Gs8vP5XOn tcdlUCwFEaklENRqTa+8PRtGx8Y1f9iLWNyMOLzvnmYbqYohE8v0QH6C8nr9RZ9V yMjmYwCH2O2o+vflMo1YHYxqVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN/uUp4N jhbho/cKsnKGWYWzSZExMB8GA1UdIwQYMBaAFNldoRcUEjAKtTs+SHDy9EHwbIEk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OUVDRC9FRjYzODNFMjNE OUYxMUVGOTkwMzM3NjhDNEY5QUUwMi8yVjJoRnhRU01BcTFPejVJY1BMMFFmQnNn U1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJWMmhGeFFTTUFxMU96NUljUEwwUWZCc2dTUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OUVDRC9FRjYzODNFMjNEOUYxMUVGOTkwMzM3NjhDNEY5QUUwMi8yVjJoRnhRU01B cTFPejVJY1BMMFFmQnNnU1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZYxp3QimVO90YdmqzrZPFeruEmq4Yolv3wTNeVpeM1xlSYSAUE7e5 nsIDi80iFtN0Ixw17CsLgDOGthnGx3s39Zi3vMy6FI2eVGvJzz5OEjzSfleBvBv2 PWqVLgdfeUfEA3kxcvHhgjXdk7vhLP/vmUzg86DHQHwUqI3Su/GNTzg8C4GwCYi3 59EMDTNGu6tkfh+2iBdSe1gatPRo/hs+vTZSsJVeNZrzbDmVBqeyo7lzMNfpYpGJ +/8At3Cvthiw/pxrNDD6OFwVCwcKIdOOwIuykR2zQyWAr4YQqOC+ayXdifJm/7jG IsthMKMrtOsGwEJ3eBuDIjwPbMQ2jo/M -----END CERTIFICATE-----Generated at Thu Jan 8 11:29:09 2026 by rpki-client