This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft File: Ok9ILhJcCNuDBRbVGkot8eCqiso.mft (raw, json) Hash identifier: tbg4Lhcrp0HvviU09pWLHlIYMXfUtNrOpCpp5zCKsDI= Subject key identifier: 45:96:8F:4A:94:B9:9E:48:C6:77:A6:2D:64:29:B5:44:96:DB:19:2E Authority key identifier: 3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA Certificate issuer: /CN=A918C158/serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Certificate serial: 0ABC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft Manifest number: 0AB6 Signing time: Sat 20 Dec 2025 18:59:59 +0000 Manifest this update: Sat 20 Dec 2025 18:59:58 +0000 Manifest next update: Sat 27 Dec 2025 18:59:58 +0000 Files and hashes: 1: Ok9ILhJcCNuDBRbVGkot8eCqiso.crl (hash: 7vzUQnsSJ/HSYz7zqYUcPRlmKfvqb7Tx50NT/lIfy6Q=) 2: F25A6266796A11EB82E0EE24C4F9AE02.roa (hash: O/F4TEeQrnUUSKYZMDqIO0+JzSXznAo+/sHQLTeUsVk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 14:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2748 (0xabc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C158, serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Validity Not Before: Dec 20 18:59:58 2025 GMT Not After : Dec 27 18:59:58 2025 GMT Subject: CN=6946f22f-3742 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:8b:39:50:ff:92:b5:5f:c8:98:93:e2:c8:97: 76:59:a1:a8:59:58:bb:7a:77:45:7e:2e:1b:e4:3b: 05:9b:93:59:fe:48:5f:e2:ae:88:41:13:05:45:11: 05:0d:5e:3c:fd:b1:2c:79:5c:97:39:2e:4a:3a:3f: 85:93:31:58:77:1f:a4:0a:d2:70:fe:1b:cf:b9:a4: 2f:df:68:eb:35:80:a5:74:e3:2d:22:8f:67:f8:6b: 5f:69:4a:1f:76:3b:03:b0:b4:8e:81:26:95:31:4b: 72:a8:14:d9:aa:58:ec:d1:43:b0:d9:28:ad:d0:e6: f2:b7:e0:2b:d7:70:02:69:41:6a:45:c7:36:46:63: 4b:71:10:7e:f8:ad:2f:cc:27:64:0b:a5:2f:a1:9b: e0:3a:9e:1c:d3:5e:ff:56:d6:fa:4c:b7:53:99:49: 6e:bb:36:53:0f:15:55:60:ba:e2:41:4a:ca:7f:88: 57:b6:15:3e:e4:5c:0e:e6:6d:1b:49:89:a3:77:b1: 4a:c7:0b:78:82:a9:2c:64:e1:dd:69:6e:7c:37:fc: f4:08:9c:65:84:22:ea:0a:1c:1b:27:18:62:43:54: 02:e8:7b:52:f0:7e:72:f7:41:79:98:56:58:03:05: 90:69:7b:08:81:b5:aa:59:2a:6d:b4:ed:2a:3d:95: ef:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:96:8F:4A:94:B9:9E:48:C6:77:A6:2D:64:29:B5:44:96:DB:19:2E X509v3 Authority Key Identifier: keyid:3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:c5:97:4e:42:01:53:11:5c:19:f6:c3:c9:1f:fe:15:14:89: 7c:94:2b:a0:02:cd:9c:54:2d:2a:9a:15:d8:05:2b:3f:1e:96: 1e:c7:5f:4d:f5:a3:18:04:0e:6e:a4:39:c9:da:3b:bf:b6:72: 90:2a:74:02:d3:17:c2:12:55:0e:f2:66:29:f9:73:08:a0:30: df:96:f3:94:d1:48:39:f4:04:e5:7f:5f:ff:87:76:ec:60:bf: cc:fd:7a:ec:99:12:83:b1:95:fe:bd:c0:57:b7:15:37:1c:75: 6c:d0:57:f5:23:59:9a:47:fb:06:2a:df:15:3d:f7:05:de:d6: 42:43:e3:af:77:1f:8a:2b:ab:8c:d7:ea:0d:5c:41:d0:ad:5c: c6:d1:3a:41:77:22:15:da:f4:cf:4b:c5:4e:db:fd:27:7a:cd: 41:32:2b:2d:27:f9:6e:6e:15:25:a8:6c:59:e1:0c:57:2a:54: 49:e5:0d:c2:db:a5:98:10:97:e8:15:b6:63:fa:71:23:7a:69: 03:18:2e:a3:eb:cf:4d:99:31:d2:1d:99:c9:14:d1:90:ae:c4: 10:40:64:68:84:38:83:aa:55:76:3a:7c:52:bd:ec:ff:4b:49: 4f:36:2e:ff:b9:0f:65:ee:1b:0b:cf:4d:fc:7d:6a:b1:0b:83: 61:46:dd:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMxNTgxMTAvBgNVBAUTKDNBNEY0ODJFMTI1QzA4REI4MzA1MTZENTFBNEEyREYx RTBBQThBQ0EwHhcNMjUxMjIwMTg1OTU4WhcNMjUxMjI3MTg1OTU4WjAYMRYwFAYD VQQDDA02OTQ2ZjIyZi0zNzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Ys5UP+StV/ImJPiyJd2WaGoWVi7endFfi4b5DsFm5NZ/khf4q6IQRMFRREF DV48/bEseVyXOS5KOj+FkzFYdx+kCtJw/hvPuaQv32jrNYCldOMtIo9n+GtfaUof djsDsLSOgSaVMUtyqBTZqljs0UOw2Sit0Obyt+Ar13ACaUFqRcc2RmNLcRB++K0v zCdkC6UvoZvgOp4c017/Vtb6TLdTmUluuzZTDxVVYLriQUrKf4hXthU+5FwO5m0b SYmjd7FKxwt4gqksZOHdaW58N/z0CJxlhCLqChwbJxhiQ1QC6HtS8H5y90F5mFZY AwWQaXsIgbWqWSpttO0qPZXvOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEWWj0qU uZ5IxnemLWQptUSW2xkuMB8GA1UdIwQYMBaAFDpPSC4SXAjbgwUW1RpKLfHgqorK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzE1OC9BRTUxRDgwMjY3 M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NOdURCUmJWR2tvdDhlQ3Fp c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rOUlMaEpjQ051REJSYlZHa290OGVDcWlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzE1OC9BRTUxRDgwMjY3M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NO dURCUmJWR2tvdDhlQ3Fpc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKxZdOQgFTEVwZ9sPJH/4VFIl8lCugAs2cVC0qmhXYBSs/HpYex19N 9aMYBA5upDnJ2ju/tnKQKnQC0xfCElUO8mYp+XMIoDDflvOU0Ug59ATlf1//h3bs YL/M/XrsmRKDsZX+vcBXtxU3HHVs0Ff1I1maR/sGKt8VPfcF3tZCQ+Ovdx+KK6uM 1+oNXEHQrVzG0TpBdyIV2vTPS8VO2/0nes1BMistJ/lubhUlqGxZ4QxXKlRJ5Q3C 26WYEJfoFbZj+nEjemkDGC6j689NmTHSHZnJFNGQrsQQQGRohDiDqlV2OnxSvez/ S0lPNi7/uQ9l7hsLz038fWqxC4NhRt3I -----END CERTIFICATE-----Generated at Sat Dec 20 20:58:04 2025 by rpki-client