This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft File: nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft (raw, json) Hash identifier: 5NqnF7C0i0AtKByxgg8yOP+mGTt9jVdxptSbOlbeN2I= Subject key identifier: 8C:F6:ED:13:7F:8C:BF:C9:12:F6:57:F8:A0:99:86:B4:29:DC:67:0F Authority key identifier: 9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD Certificate issuer: /CN=A9185D34/serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD Certificate serial: 0876 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft Manifest number: 0869 Signing time: Sat 20 Dec 2025 20:05:39 +0000 Manifest this update: Sat 20 Dec 2025 20:05:38 +0000 Manifest next update: Sat 27 Dec 2025 20:05:38 +0000 Files and hashes: 1: nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl (hash: BcgGBcIk6N9XjF9ITpDSotHcSscHWa/CVnxKqTZIJsU=) 2: C1171FCAB1B111ECBA7F614FC4F9AE02.roa (hash: 5pc4Fgf96yhJHg1dXqyOkvTiTCFOmyYqtcguriQDwlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 20:05:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2166 (0x876) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185D34, serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD Validity Not Before: Dec 20 20:05:38 2025 GMT Not After : Dec 27 20:05:38 2025 GMT Subject: CN=69470193-cacb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:fa:e0:4b:04:c1:b5:61:3c:9c:96:64:e5:5d: 53:f4:33:0c:8c:c5:00:0e:d7:6f:32:a8:70:12:fe: db:4a:dc:e7:8e:47:18:79:0f:31:d2:23:4a:a5:87: 51:dc:18:89:aa:a8:41:f5:54:1a:d4:8e:33:14:18: e6:68:92:4e:a1:c9:a3:d2:75:d8:5a:f4:1e:b1:01: bd:b6:fb:3a:18:4d:5d:75:36:3a:74:0a:4c:9a:32: ce:1e:02:ad:e5:a5:3a:06:c6:ee:2e:36:6d:3f:6a: fa:62:37:2f:46:c0:dd:2b:32:33:e2:d3:0b:40:b3: 8f:30:49:16:04:78:e1:42:95:d9:f3:88:ea:45:79: 35:45:91:b6:46:0e:4b:e8:c5:4d:9c:c4:e0:59:ca: c2:c1:4b:ad:a9:a7:eb:a5:8e:fb:21:4d:3d:95:a7: 2f:f9:a8:67:99:b5:26:6c:c3:d1:f9:66:f5:66:db: ff:cd:14:5f:55:ed:a9:1f:73:6c:3c:d1:5c:fc:d5: 17:15:48:ea:ba:7e:e0:e9:07:b8:ed:70:d4:43:19: d0:8e:ae:db:0f:93:af:84:8e:0f:61:b2:9e:a9:0b: 22:eb:94:51:1b:18:84:e7:25:29:f3:45:fb:33:23: 68:8d:35:56:b5:6d:7c:e4:78:94:98:0f:d5:1b:f2: c5:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:F6:ED:13:7F:8C:BF:C9:12:F6:57:F8:A0:99:86:B4:29:DC:67:0F X509v3 Authority Key Identifier: keyid:9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:ff:87:34:da:9b:3c:b9:36:eb:cd:49:a2:0a:71:9e:75:d2: a6:12:bb:d1:c2:0a:8f:a5:35:c4:16:fe:57:44:22:98:8d:04: 0f:e6:b2:92:54:5c:31:9b:a4:07:1e:22:ee:c9:37:ca:74:85: 24:cd:e6:6b:e6:be:d6:1a:8e:c3:cb:d4:cc:53:b6:e1:9c:42: 9f:e2:af:c6:53:e9:a5:31:3b:81:6a:d4:45:eb:ed:67:31:a3: e8:ca:dc:21:87:56:ca:10:56:a9:62:54:e4:7c:be:5f:c4:67: 19:0e:a6:80:d2:e3:0d:c6:d9:2d:51:54:88:50:68:57:44:60: a9:ae:2d:09:6e:33:2b:d7:34:66:5b:cf:af:0f:be:74:67:73: 9f:15:d3:84:fb:a4:74:29:51:db:cb:cf:e6:37:a6:d2:40:d0: 1e:49:d7:e3:35:da:d2:43:64:74:a2:d5:2a:56:d9:5f:43:ed: b2:e0:70:93:f6:66:b9:3f:a5:de:73:3b:75:6b:e7:ab:77:db: 86:d6:a7:8d:79:1c:62:6a:75:d9:be:1a:ea:ac:1a:b3:7d:d3: 9e:d4:c0:32:a5:f0:bd:e9:42:2d:93:3c:35:83:2e:86:c1:5b: b8:97:58:df:78:4d:2f:41:f1:a0:e9:58:86:b4:86:b2:55:0d: 72:21:3e:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVEMzQxMTAvBgNVBAUTKDlFQzEyMTZEMjU2NDE2NDAzQ0I1QzUzRTczNDU1MzBG ODMyNzJDREQwHhcNMjUxMjIwMjAwNTM4WhcNMjUxMjI3MjAwNTM4WjAYMRYwFAYD VQQDDA02OTQ3MDE5My1jYWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzvrgSwTBtWE8nJZk5V1T9DMMjMUADtdvMqhwEv7bStznjkcYeQ8x0iNKpYdR 3BiJqqhB9VQa1I4zFBjmaJJOocmj0nXYWvQesQG9tvs6GE1ddTY6dApMmjLOHgKt 5aU6BsbuLjZtP2r6YjcvRsDdKzIz4tMLQLOPMEkWBHjhQpXZ84jqRXk1RZG2Rg5L 6MVNnMTgWcrCwUutqafrpY77IU09lacv+ahnmbUmbMPR+Wb1Ztv/zRRfVe2pH3Ns PNFc/NUXFUjqun7g6Qe47XDUQxnQjq7bD5OvhI4PYbKeqQsi65RRGxiE5yUp80X7 MyNojTVWtW185HiUmA/VG/LFnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIz27RN/ jL/JEvZX+KCZhrQp3GcPMB8GA1UdIwQYMBaAFJ7BIW0lZBZAPLXFPnNFUw+DJyzd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQzNC9EQkE4Nzg1OEU2 QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0ZrQTh0Y1UtYzBWVEQ0TW5M TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25zRWhiU1ZrRmtBOHRjVS1jMFZURDRNbkxOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUQzNC9EQkE4Nzg1OEU2QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0Zr QTh0Y1UtYzBWVEQ0TW5MTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQ/4c02ps8uTbrzUmiCnGeddKmErvRwgqPpTXEFv5XRCKYjQQP5rKS VFwxm6QHHiLuyTfKdIUkzeZr5r7WGo7Dy9TMU7bhnEKf4q/GU+mlMTuBatRF6+1n MaPoytwhh1bKEFapYlTkfL5fxGcZDqaA0uMNxtktUVSIUGhXRGCpri0JbjMr1zRm W8+vD750Z3OfFdOE+6R0KVHby8/mN6bSQNAeSdfjNdrSQ2R0otUqVtlfQ+2y4HCT 9ma5P6Xeczt1a+erd9uG1qeNeRxianXZvhrqrBqzfdOe1MAypfC96UItkzw1gy6G wVu4l1jfeE0vQfGg6ViGtIayVQ1yIT4i -----END CERTIFICATE-----Generated at Mon Dec 22 04:27:44 2025 by rpki-client