This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft File: 0aHv0iQTWusJg56ovbjNxZnOZX8.mft (raw, json) Hash identifier: lRhED4zvt4dnWAegnN7tkUQDqYXWCaZimFhkb+VcQmE= Subject key identifier: EA:BA:2F:EC:C5:10:2F:9A:9A:B9:EA:DF:4F:37:02:46:2F:DF:98:BE Authority key identifier: D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F Certificate issuer: /CN=A917D9FC/serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Certificate serial: 04F7 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft Manifest number: 04F2 Signing time: Sat 20 Dec 2025 16:17:40 +0000 Manifest this update: Sat 20 Dec 2025 16:17:40 +0000 Manifest next update: Sat 27 Dec 2025 16:17:40 +0000 Files and hashes: 1: 0aHv0iQTWusJg56ovbjNxZnOZX8.crl (hash: Lx7iM+mYYYqpeiqUH6vBm6dCZC6ijnFINdREDxMR67o=) 2: AD94C92242BA11ECB1E8FF11C4F9AE02.roa (hash: v+UfHJBNUMJhgU+Hq/Ni7UlIWeTPSw4kY7gKtnOeoHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 14:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1271 (0x4f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9FC, serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Validity Not Before: Dec 20 16:17:40 2025 GMT Not After : Dec 27 16:17:40 2025 GMT Subject: CN=6946cc24-6d84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:80:d0:c7:0c:cd:1a:24:0e:3d:ff:87:6b:a6: 8e:76:02:a6:95:8d:ae:b4:06:0e:0c:97:b5:19:c4: 6e:36:48:11:42:f6:1c:6d:8b:8f:26:84:cf:bf:06: e9:1f:b8:33:e9:36:af:8e:d6:bd:dc:20:6f:08:f1: 4b:cb:b3:31:4c:b8:69:72:8a:b2:55:a2:5c:a2:69: 1b:cf:2f:6d:80:7e:cb:2f:92:1d:2f:ba:a6:63:21: 60:41:51:89:88:84:47:e2:70:d8:c9:5d:29:48:50: 41:09:f5:a0:0f:a6:b9:1f:ef:61:f5:e2:90:87:06: 7e:31:c8:ca:50:46:80:2c:77:38:32:ae:6d:81:63: 26:c6:26:f2:b6:5e:28:35:18:1a:b4:5c:f7:cc:b7: 3f:2e:48:6f:63:90:00:01:d1:a9:71:a6:d5:a4:7c: 37:c0:85:fe:2b:bf:d9:e8:3d:a1:8b:5c:dc:c8:71: 24:d4:5f:49:bc:c7:d7:a8:50:f0:b8:c5:6d:93:7f: 2c:04:85:00:e1:03:7d:8f:d7:d0:0e:15:3f:7a:20: 51:7e:71:b2:bd:21:8b:d0:4a:48:ad:69:16:59:c5: c8:9f:b8:2d:6c:25:5b:9d:46:a0:f3:b0:12:5c:fd: 95:fe:85:3a:5a:91:64:48:b3:c1:c0:5a:23:4e:6f: e6:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:BA:2F:EC:C5:10:2F:9A:9A:B9:EA:DF:4F:37:02:46:2F:DF:98:BE X509v3 Authority Key Identifier: keyid:D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:cf:75:14:0f:cc:37:ed:e8:1e:2c:f7:aa:47:88:a0:ba:82: af:61:fa:18:0b:93:43:5e:73:e4:7c:b2:21:47:f1:ce:2a:9d: a0:69:b1:3c:ca:12:80:fc:a1:5e:a1:7f:99:d7:11:c1:41:dd: 97:79:55:ff:5a:e8:cc:dd:e6:ed:42:c1:db:8e:1c:95:96:44: 07:6b:7d:3f:c2:2a:e3:17:33:d2:32:1c:68:6b:c3:ff:c8:6f: 33:32:fb:2f:27:d1:f5:9f:23:c7:58:e9:6c:72:cd:76:e3:75: f6:ae:bf:86:cc:5c:2c:05:04:ce:72:e4:c1:fb:2c:d6:d4:d7: de:5a:8f:e5:70:11:0f:14:2f:a7:7e:e5:8e:6e:5f:39:c3:1b: 01:00:39:de:85:ef:62:d4:15:cd:7d:63:13:7a:af:1c:39:5f: ea:b6:e4:3f:38:2f:a7:2c:ab:2e:66:84:e8:86:0a:91:62:cd: ad:86:e5:69:96:27:d0:13:a7:26:ca:67:20:4f:79:9d:f4:9f: 63:2e:f8:a0:eb:3d:7c:e8:07:a5:77:1e:a0:9b:cd:9f:10:54: 99:90:c1:17:43:28:01:82:65:2f:f4:42:9e:84:7a:96:b1:0c: 1f:2b:32:c5:83:08:c4:e6:83:ee:12:d0:62:71:dd:fb:f4:2e: c0:3f:c9:c3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5RkMxMTAvBgNVBAUTKEQxQTFFRkQyMjQxMzVBRUIwOTgzOUVBOEJEQjhDREM1 OTlDRTY1N0YwHhcNMjUxMjIwMTYxNzQwWhcNMjUxMjI3MTYxNzQwWjAYMRYwFAYD VQQDDA02OTQ2Y2MyNC02ZDg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu4DQxwzNGiQOPf+Ha6aOdgKmlY2utAYODJe1GcRuNkgRQvYcbYuPJoTPvwbp H7gz6Tavjta93CBvCPFLy7MxTLhpcoqyVaJcomkbzy9tgH7LL5IdL7qmYyFgQVGJ iIRH4nDYyV0pSFBBCfWgD6a5H+9h9eKQhwZ+McjKUEaALHc4Mq5tgWMmxibytl4o NRgatFz3zLc/LkhvY5AAAdGpcabVpHw3wIX+K7/Z6D2hi1zcyHEk1F9JvMfXqFDw uMVtk38sBIUA4QN9j9fQDhU/eiBRfnGyvSGL0EpIrWkWWcXIn7gtbCVbnUag87AS XP2V/oU6WpFkSLPBwFojTm/mfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOq6L+zF EC+amrnq3083AkYv35i+MB8GA1UdIwQYMBaAFNGh79IkE1rrCYOeqL24zcWZzmV/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlGQy83QTMwMkQwMDQy QjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1c0pnNTZvdmJqTnhabk9a WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzBhSHYwaVFUV3VzSmc1Nm92YmpOeFpuT1pYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDlGQy83QTMwMkQwMDQyQjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1 c0pnNTZvdmJqTnhabk9aWDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAaz3UUD8w37egeLPeqR4iguoKvYfoYC5NDXnPkfLIhR/HOKp2gabE8 yhKA/KFeoX+Z1xHBQd2XeVX/WujM3ebtQsHbjhyVlkQHa30/wirjFzPSMhxoa8P/ yG8zMvsvJ9H1nyPHWOlscs1243X2rr+GzFwsBQTOcuTB+yzW1NfeWo/lcBEPFC+n fuWObl85wxsBADnehe9i1BXNfWMTeq8cOV/qtuQ/OC+nLKsuZoTohgqRYs2thuVp lifQE6cmymcgT3md9J9jLvig6z186Aeldx6gm82fEFSZkMEXQygBgmUv9EKehHqW sQwfKzLFgwjE5oPuEtBicd379C7AP8nD -----END CERTIFICATE-----Generated at Sat Dec 20 21:07:33 2025 by rpki-client