This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft File: nOkX3Drgxboud8t3WjrZnGhcQGs.mft (raw, json) Hash identifier: LmQLqT7Gxqte/8xG21Nh6GhZTRAyn12ND3EKSNYvaog= Subject key identifier: 51:C3:FF:10:6C:F8:B7:24:95:E5:CF:A9:8A:EA:40:F7:25:58:16:31 Authority key identifier: 9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B Certificate issuer: /CN=A9161F3E/serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Certificate serial: 87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft Manifest number: 85 Signing time: Sun 21 Dec 2025 05:43:13 +0000 Manifest this update: Sun 21 Dec 2025 05:43:13 +0000 Manifest next update: Sun 28 Dec 2025 05:43:13 +0000 Files and hashes: 1: nOkX3Drgxboud8t3WjrZnGhcQGs.crl (hash: Bk0y8Uc/3SdI3aqDtguZuJBzzp2DfsORc/ffQjgKrD0=) 2: 4A3C802012A711F099020A73C4F9AE02.roa (hash: EvMFCkIZLxU/4T9yDv4rTrnplB41rjMOAziWwMgP5hQ=) 3: 49DEAEDC12A711F099020A73C4F9AE02.roa (hash: ZDuunhoBLIFxkgffUJp6fhz6W2Ysr7yM0HyGKDGLaSU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 05:43:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 135 (0x87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161F3E, serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Validity Not Before: Dec 21 05:43:13 2025 GMT Not After : Dec 28 05:43:13 2025 GMT Subject: CN=694788f1-4c8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:cc:f4:03:5a:76:43:ed:d3:59:14:ad:d2:b4: b8:11:d1:bd:67:43:49:99:fd:28:6a:5e:ad:63:0f: 9d:e1:89:14:e3:9a:3d:6e:23:73:2a:c7:05:c0:52: 21:57:8b:9d:43:9a:38:64:92:34:61:c9:cb:a1:57: 57:78:5d:db:c9:c6:b5:d4:fb:ee:c5:0c:2b:fd:43: 35:90:c9:4d:66:f1:6a:63:df:2a:6b:3f:d2:09:51: 96:e7:67:8e:a8:af:52:be:10:0f:36:c9:d4:b6:92: a7:ec:0d:4b:ff:e8:0a:d5:12:42:17:42:6f:37:79: 6a:3d:38:c1:60:15:f5:b3:0d:bb:9c:ed:ef:a0:fc: 26:8c:df:6a:12:d1:8b:eb:da:7a:eb:0c:7f:da:32: 5b:25:d0:28:fe:55:2b:7b:0f:b3:9a:29:41:63:05: 06:fe:b9:63:46:71:01:27:53:a8:88:4e:0f:02:e0: 62:bf:61:0f:45:6d:98:2e:42:93:61:11:e9:ba:37: a5:91:d8:42:69:65:99:15:6d:83:0f:37:6b:7c:fa: 6b:1c:09:68:69:23:76:b6:44:d2:da:a8:a8:6a:3d: 0d:24:3d:ca:2a:f7:85:04:4f:69:c7:ac:20:67:13: 01:ca:3a:e0:43:7b:71:f1:81:56:75:8f:00:22:75: 20:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:C3:FF:10:6C:F8:B7:24:95:E5:CF:A9:8A:EA:40:F7:25:58:16:31 X509v3 Authority Key Identifier: keyid:9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:5c:7d:69:e1:21:65:2a:88:f1:b6:64:31:3d:c3:2d:39:f1: ce:4d:07:6d:54:43:02:be:06:5a:9d:e0:63:3b:36:5c:25:83: b6:13:3c:a6:ff:ad:10:8d:0a:78:3e:2f:20:95:c2:cf:79:ac: 0d:6e:de:5e:dc:c1:df:a3:dd:bd:05:81:66:5c:3a:fd:63:8e: 62:97:a5:31:36:ea:f1:a0:d9:d6:f0:63:d6:97:59:6b:f5:1f: 76:e4:5c:35:75:7f:24:37:4d:ea:b6:3c:5f:8e:16:e3:ba:7b: 24:bd:e0:26:07:d0:01:79:57:23:50:d4:d3:a3:c9:2d:69:b9: b7:ba:a3:bb:3c:ce:d9:a1:8d:f0:7f:b1:9a:c4:39:68:08:e8: 72:07:91:fb:41:39:f0:e0:7b:98:cd:8e:bf:fa:78:b8:78:52: 4a:03:be:27:61:0d:c3:6d:f7:56:ea:0b:f9:75:57:bb:9b:5f: eb:2b:d6:32:f2:03:15:33:13:a5:30:b0:7f:02:35:4b:49:7b: 67:f1:66:32:95:d9:13:ed:62:52:b3:09:14:89:fd:bf:36:45: 90:3c:a3:07:c8:30:81:32:30:b6:96:74:bd:0d:c9:f4:55:d0: 96:53:5b:b5:aa:7f:31:33:00:86:d5:c6:54:3f:10:e3:40:92: 22:fa:8d:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjFGM0UxMTAvBgNVBAUTKDlDRTkxN0RDM0FFMEM1QkEyRTc3Q0I3NzVBM0FEOTlD Njg1QzQwNkIwHhcNMjUxMjIxMDU0MzEzWhcNMjUxMjI4MDU0MzEzWjAYMRYwFAYD VQQDDA02OTQ3ODhmMS00YzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA78z0A1p2Q+3TWRSt0rS4EdG9Z0NJmf0oal6tYw+d4YkU45o9biNzKscFwFIh V4udQ5o4ZJI0YcnLoVdXeF3byca11PvuxQwr/UM1kMlNZvFqY98qaz/SCVGW52eO qK9SvhAPNsnUtpKn7A1L/+gK1RJCF0JvN3lqPTjBYBX1sw27nO3voPwmjN9qEtGL 69p66wx/2jJbJdAo/lUrew+zmilBYwUG/rljRnEBJ1OoiE4PAuBiv2EPRW2YLkKT YRHpujelkdhCaWWZFW2DDzdrfPprHAloaSN2tkTS2qioaj0NJD3KKveFBE9px6wg ZxMByjrgQ3tx8YFWdY8AInUgJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFHD/xBs +LckleXPqYrqQPclWBYxMB8GA1UdIwQYMBaAFJzpF9w64MW6LnfLd1o62ZxoXEBr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUYzRS8zMzlFREU2ODEw RTQxMUYwQjc1QjgxNjZDNEY5QUUwMi9uT2tYM0RyZ3hib3VkOHQzV2pyWm5HaGNR R3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25Pa1gzRHJneGJvdWQ4dDNXanJabkdoY1FHcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MUYzRS8zMzlFREU2ODEwRTQxMUYwQjc1QjgxNjZDNEY5QUUwMi9uT2tYM0RyZ3hi b3VkOHQzV2pyWm5HaGNRR3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCrXH1p4SFlKojxtmQxPcMtOfHOTQdtVEMCvgZaneBjOzZcJYO2Ezym /60QjQp4Pi8glcLPeawNbt5e3MHfo929BYFmXDr9Y45il6UxNurxoNnW8GPWl1lr 9R925Fw1dX8kN03qtjxfjhbjunskveAmB9ABeVcjUNTTo8ktabm3uqO7PM7ZoY3w f7GaxDloCOhyB5H7QTnw4HuYzY6/+ni4eFJKA74nYQ3DbfdW6gv5dVe7m1/rK9Yy 8gMVMxOlMLB/AjVLSXtn8WYyldkT7WJSswkUif2/NkWQPKMHyDCBMjC2lnS9Dcn0 VdCWU1u1qn8xMwCG1cZUPxDjQJIi+o0O -----END CERTIFICATE-----Generated at Mon Dec 22 06:15:32 2025 by rpki-client