This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft File: IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft (raw, json) Hash identifier: 91yfHbLIyLgFp4XEqvNnLfQR1qrlqiARgy7vxjGBImc= Subject key identifier: A6:07:2F:DB:6E:7E:E3:F8:9C:0A:2F:DE:17:1F:2E:CF:D4:11:7D:09 Authority key identifier: 21:0F:F1:66:68:DF:96:3B:E0:FC:A9:06:93:39:17:FF:ED:ED:9F:95 Certificate issuer: /CN=A9170BBF/serialNumber=210FF16668DF963BE0FCA906933917FFEDED9F95 Certificate serial: 0520 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IQ_xZmjfljvg_KkGkzkX_-3tn5U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft Manifest number: 0516 Signing time: Fri 26 Dec 2025 22:43:49 +0000 Manifest this update: Fri 26 Dec 2025 22:43:49 +0000 Manifest next update: Fri 02 Jan 2026 22:43:49 +0000 Files and hashes: 1: IQ_xZmjfljvg_KkGkzkX_-3tn5U.crl (hash: /hDFuamRHqwOV9NYK4Y00dMPiETLZRhKJQvVZTMdGqA=) 2: 06CAA9C230C211ECBB5A4116C4F9AE02.roa (hash: CU8ZA4/4TdlPTUdktMFTY7GCuwd/QCyrxC7+CMDATDo=) 3: 0628D74630C211ECBB5A4116C4F9AE02.roa (hash: yUQWHT36J9pLE1kpKGBgRzyjB4VNhd4/HCHR7qeOtAQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.crl rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IQ_xZmjfljvg_KkGkzkX_-3tn5U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 Jan 2026 22:43:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1312 (0x520) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170BBF, serialNumber=210FF16668DF963BE0FCA906933917FFEDED9F95 Validity Not Before: Dec 26 22:43:49 2025 GMT Not After : Jan 2 22:43:49 2026 GMT Subject: CN=694f0fa5-fe65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:43:bf:93:84:0b:16:b6:14:1d:6c:21:ae:53: f0:99:2e:dc:15:11:b5:de:95:35:84:f6:e6:73:72: cb:ac:7b:3c:e4:6d:e7:b0:e1:32:39:fa:68:38:13: 18:bd:d3:5b:68:17:06:d4:52:bc:4d:3d:b4:9d:68: f7:4d:84:35:80:38:be:a4:30:55:af:8e:61:70:e3: 8c:ab:b0:d2:d5:4d:3c:22:86:6e:0c:59:1b:d2:a9: 13:17:38:57:64:a3:8c:81:c8:61:c9:e4:90:99:79: bc:b7:f0:eb:9f:bd:e5:d1:7c:95:4b:bd:dd:1e:25: 42:9e:4a:ed:f0:df:fd:14:fa:d3:f1:0c:b9:4e:f7: 72:fb:48:af:78:38:0c:56:ba:1b:6c:99:a6:b5:23: d7:80:fc:b2:a0:63:1b:c6:5a:30:08:ad:82:a1:e6: f7:4b:74:9f:3a:10:73:fe:e7:b7:8c:a7:46:ff:0d: 23:44:94:8d:bb:f9:0a:8a:1a:80:36:3d:7f:0f:a6: 49:b2:26:cc:ec:23:c8:0d:e3:3a:ac:1e:74:e7:af: 58:2d:70:f8:be:75:9c:40:9c:e6:04:ba:8e:b8:9c: a2:2e:2a:e2:bb:24:9d:34:17:f9:e9:c6:74:6c:b6: 55:98:38:68:50:3b:b5:aa:cd:34:a0:92:c7:29:88: 96:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:07:2F:DB:6E:7E:E3:F8:9C:0A:2F:DE:17:1F:2E:CF:D4:11:7D:09 X509v3 Authority Key Identifier: keyid:21:0F:F1:66:68:DF:96:3B:E0:FC:A9:06:93:39:17:FF:ED:ED:9F:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IQ_xZmjfljvg_KkGkzkX_-3tn5U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:26:e9:02:71:ea:4c:0b:16:55:ca:cb:6c:55:8f:ec:98:f5: cb:f4:80:91:3d:17:02:94:18:31:ac:87:1f:78:0a:a5:79:42: b9:ab:24:d1:05:8c:6b:e7:8c:da:67:20:3f:81:c6:ba:a8:c4: d8:60:03:78:19:89:cf:7a:bb:41:99:ec:95:c8:8f:77:50:d4: f9:3d:5e:42:c1:f4:93:84:ea:9e:61:39:20:94:e3:0d:13:74: c9:e0:a3:0b:b7:d3:1e:af:a0:41:25:45:83:ab:bb:bb:ab:95: 5a:78:2e:86:cc:e5:f7:62:4d:f6:4d:c1:99:5e:35:91:0b:8f: 4f:21:cc:40:6c:5c:4d:7f:77:71:a5:47:33:e9:93:32:d4:4f: ba:f8:ac:13:d9:6c:55:e1:2c:2a:d2:9e:46:e0:46:35:93:01: 84:ad:98:3a:fe:bd:a2:af:2f:b0:0f:91:b5:d0:46:64:c3:9b: cb:ff:00:bc:34:26:1d:43:32:5d:76:78:ca:af:61:36:2c:79: bc:e7:31:a4:d9:a2:04:17:07:5a:65:3d:90:8c:ab:07:7f:99: 8c:fc:82:8f:b9:a3:c8:75:5a:db:d9:05:0e:72:7a:2c:ba:a1: a5:a2:1f:5d:d3:be:7e:f1:01:64:3f:74:9d:76:a9:88:7b:76: ca:ec:f6:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBCQkYxMTAvBgNVBAUTKDIxMEZGMTY2NjhERjk2M0JFMEZDQTkwNjkzMzkxN0ZG RURFRDlGOTUwHhcNMjUxMjI2MjI0MzQ5WhcNMjYwMTAyMjI0MzQ5WjAYMRYwFAYD VQQDDA02OTRmMGZhNS1mZTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArEO/k4QLFrYUHWwhrlPwmS7cFRG13pU1hPbmc3LLrHs85G3nsOEyOfpoOBMY vdNbaBcG1FK8TT20nWj3TYQ1gDi+pDBVr45hcOOMq7DS1U08IoZuDFkb0qkTFzhX ZKOMgchhyeSQmXm8t/Drn73l0XyVS73dHiVCnkrt8N/9FPrT8Qy5Tvdy+0iveDgM VrobbJmmtSPXgPyyoGMbxlowCK2Coeb3S3SfOhBz/ue3jKdG/w0jRJSNu/kKihqA Nj1/D6ZJsibM7CPIDeM6rB50569YLXD4vnWcQJzmBLqOuJyiLiriuySdNBf56cZ0 bLZVmDhoUDu1qs00oJLHKYiWCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKYHL9tu fuP4nAov3hcfLs/UEX0JMB8GA1UdIwQYMBaAFCEP8WZo35Y74PypBpM5F//t7Z+V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEJCRi9FNDkxMTIzQTMw QkYxMUVDQTg1QzQ0MTRDNEY5QUUwMi9JUV94Wm1qZmxqdmdfS2tHa3prWF8tM3Ru NVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lRX3habWpmbGp2Z19La0dremtYXy0zdG41VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEJCRi9FNDkxMTIzQTMwQkYxMUVDQTg1QzQ0MTRDNEY5QUUwMi9JUV94Wm1qZmxq dmdfS2tHa3prWF8tM3RuNVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIJukCcepMCxZVystsVY/smPXL9ICRPRcClBgxrIcfeAqleUK5qyTR BYxr54zaZyA/gca6qMTYYAN4GYnPertBmeyVyI93UNT5PV5CwfSThOqeYTkglOMN E3TJ4KMLt9Mer6BBJUWDq7u7q5VaeC6GzOX3Yk32TcGZXjWRC49PIcxAbFxNf3dx pUcz6ZMy1E+6+KwT2WxV4Swq0p5G4EY1kwGErZg6/r2iry+wD5G10EZkw5vL/wC8 NCYdQzJddnjKr2E2LHm85zGk2aIEFwdaZT2QjKsHf5mM/IKPuaPIdVrb2QUOcnos uqGloh9d075+8QFkP3SddqmIe3bK7Paj -----END CERTIFICATE-----Generated at Sat Dec 27 19:26:22 2025 by rpki-client