This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft File: BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft (raw, json) Hash identifier: rgctbQJTf+8HUHwp/lqm6HVEXZyfd2/bJVJdOHKE81I= Subject key identifier: E0:6B:64:BF:96:41:84:51:68:29:81:05:04:54:ED:D3:86:53:48:FC Authority key identifier: 05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB Certificate issuer: /CN=A915E77C/serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Certificate serial: 023B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft Manifest number: 0238 Signing time: Sun 21 Dec 2025 01:09:55 +0000 Manifest this update: Sun 21 Dec 2025 01:09:55 +0000 Manifest next update: Sun 28 Dec 2025 01:09:55 +0000 Files and hashes: 1: BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl (hash: aHixdRiGRKbA4uqjNpq10lQd9vD7QVr3tc6kEi1zhxU=) 2: A20DDFE2725911ED8CB4D763C4F9AE02.roa (hash: YLNPavuZCOudMxVfyqmjZm9NJz/Z+dCM3fPBM36z61c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 01:09:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 571 (0x23b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915E77C, serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Validity Not Before: Dec 21 01:09:55 2025 GMT Not After : Dec 28 01:09:55 2025 GMT Subject: CN=694748e3-3f22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2e:76:79:aa:cc:47:f9:78:4c:11:bb:d0:3b: 6e:3a:20:6f:30:e5:da:c4:a0:8c:a5:39:a8:ac:f3: 5a:d5:7b:9d:e6:90:4f:5f:b9:15:38:2c:8b:a8:09: ba:36:4a:78:12:31:c3:b0:e7:1f:35:86:f6:e6:7e: 9d:76:7b:63:ab:2f:1b:6b:bb:39:6e:2c:ad:ab:cf: 1c:1e:2f:3a:2d:72:17:27:28:58:7b:c9:eb:40:96: b2:4b:3a:bc:36:d4:79:18:9d:91:36:2c:86:64:2c: 22:b1:27:6f:7b:72:6b:14:c9:a3:aa:f9:2f:56:9b: 4a:2a:bc:7d:23:d5:da:f7:24:df:58:a0:44:dc:48: 4f:c0:76:e4:57:3b:82:b1:67:3f:12:a6:b7:63:17: a9:e1:2a:c2:e2:86:97:60:4c:d8:8d:72:9c:29:d1: 76:7b:77:7a:ba:7d:97:3e:76:bd:64:5d:3c:0c:f7: 3f:7c:04:64:23:4d:24:c8:d0:e0:6e:2d:02:ad:a0: ab:8d:79:b8:cc:14:7d:8e:cc:d0:20:ff:7a:e6:25: 4e:e0:98:cb:60:10:fe:e4:9c:0d:a1:60:6a:04:9a: bd:86:5f:d1:11:1f:0d:37:a4:fb:75:8b:da:ac:7d: c4:a3:5b:06:ef:a2:78:71:a3:ec:ac:a9:37:63:53: a3:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:6B:64:BF:96:41:84:51:68:29:81:05:04:54:ED:D3:86:53:48:FC X509v3 Authority Key Identifier: keyid:05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:23:45:07:23:8f:e6:5f:13:75:c7:0b:ba:a4:b1:e5:83:8a: 7b:37:c5:63:d1:32:07:b2:15:08:4f:74:0c:1d:e8:45:ea:41: ed:7f:a9:00:6a:bd:90:08:02:20:fd:2f:44:7d:42:64:3d:e8: 4b:b7:66:c3:0f:b1:ed:4a:7c:8b:b5:e3:66:91:c0:7d:9c:20: 5a:bc:fa:67:91:a1:8d:02:f4:52:05:87:99:51:4d:9b:fa:bb: 23:ae:2e:56:89:c6:d4:78:1d:1f:42:9c:d8:bb:0d:e7:a0:bd: 4f:c8:94:f9:11:18:8d:3c:d6:37:b2:9b:b8:17:67:56:12:35: c9:9d:10:69:23:89:85:56:6a:37:54:0d:cb:2a:16:b2:de:9e: c4:b3:eb:46:8a:50:e6:9d:33:96:1a:48:78:66:a8:4a:01:cb: 70:23:a7:3f:e7:d6:a1:73:6a:2b:cd:59:31:be:97:98:51:fa: cc:53:af:37:0f:7b:74:94:dd:c5:59:ee:a3:d4:05:24:5b:66: 42:43:1f:f6:28:c1:a2:4d:53:09:1c:d7:4e:ef:3d:38:06:a4: f2:35:f8:43:e3:2a:97:c4:cb:56:42:c4:7d:93:1b:63:83:30: 30:d6:db:f8:31:ac:c9:3e:f7:18:ac:43:9e:ff:7a:fc:8a:86: 8c:8b:5d:bf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUU3N0MxMTAvBgNVBAUTKDA1MDM3RTRDREU0NEVDNjY0MkM0MTY5RkE4NTEzNzJE NzhGQkZDQUIwHhcNMjUxMjIxMDEwOTU1WhcNMjUxMjI4MDEwOTU1WjAYMRYwFAYD VQQDDA02OTQ3NDhlMy0zZjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxS52earMR/l4TBG70DtuOiBvMOXaxKCMpTmorPNa1Xud5pBPX7kVOCyLqAm6 Nkp4EjHDsOcfNYb25n6ddntjqy8ba7s5biytq88cHi86LXIXJyhYe8nrQJaySzq8 NtR5GJ2RNiyGZCwisSdve3JrFMmjqvkvVptKKrx9I9Xa9yTfWKBE3EhPwHbkVzuC sWc/Eqa3Yxep4SrC4oaXYEzYjXKcKdF2e3d6un2XPna9ZF08DPc/fARkI00kyNDg bi0CraCrjXm4zBR9jszQIP965iVO4JjLYBD+5JwNoWBqBJq9hl/RER8NN6T7dYva rH3Eo1sG76J4caPsrKk3Y1Oj3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOBrZL+W QYRRaCmBBQRU7dOGU0j8MB8GA1UdIwQYMBaAFAUDfkzeROxmQsQWn6hRNy14+/yr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTc3Qy9GNzAwQTlFQzcy NTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdHWkN4QmFmcUZFM0xYajdf S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JRTi1UTjVFN0daQ3hCYWZxRkUzTFhqN19Lcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RTc3Qy9GNzAwQTlFQzcyNTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdH WkN4QmFmcUZFM0xYajdfS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCyI0UHI4/mXxN1xwu6pLHlg4p7N8Vj0TIHshUIT3QMHehF6kHtf6kA ar2QCAIg/S9EfUJkPehLt2bDD7HtSnyLteNmkcB9nCBavPpnkaGNAvRSBYeZUU2b +rsjri5WicbUeB0fQpzYuw3noL1PyJT5ERiNPNY3spu4F2dWEjXJnRBpI4mFVmo3 VA3LKhay3p7Es+tGilDmnTOWGkh4ZqhKActwI6c/59ahc2orzVkxvpeYUfrMU683 D3t0lN3FWe6j1AUkW2ZCQx/2KMGiTVMJHNdO7z04BqTyNfhD4yqXxMtWQsR9kxtj gzAw1tv4MazJPvcYrEOe/3r8ioaMi12/ -----END CERTIFICATE-----Generated at Mon Dec 22 09:44:39 2025 by rpki-client