This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.mft File: HsQsG2nhb183xz2Bv5-rH0ukIyk.mft (raw, json) Hash identifier: i5sj75QyWVF1c+0nxPCoXQo0M5qzdsbDn7HZ8x69ajQ= Subject key identifier: 46:24:95:F5:1C:91:AC:AA:1C:44:9E:BF:8B:95:72:D3:31:E3:2E:83 Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29 Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329 Certificate serial: 0AF0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.mft Manifest number: 0A87 Signing time: Thu 18 Dec 2025 19:21:04 +0000 Manifest this update: Thu 18 Dec 2025 19:21:04 +0000 Manifest next update: Thu 25 Dec 2025 19:21:04 +0000 Files and hashes: 1: HsQsG2nhb183xz2Bv5-rH0ukIyk.crl (hash: ypAEXBrFs9WfxY8HYhuwsVh7JwGX6NGC/anDIZvS0iA=) 2: B8D18508EDE011EF88407251C4F9AE02.roa (hash: hQatOvTRlWcPgRC3V8TR5lAol6xY99LUllDa1PgoJQw=) 3: A81364AC4B0611EF91534014C4F9AE02.roa (hash: efnu/0Jtb/6C3HwcOejChV2lA0Y4knvd4d3kMkHw2tg=) 4: D9AFDBC2400111EFBB30C475C4F9AE02.roa (hash: DOOQJ3+cGj42ubOtQXY1kZrabEjzpiZAb+fDiUicu64=) 5: 6C68485C5A1D11EFA9989052C4F9AE02.roa (hash: lt4zwgbzAIBl7L3nQCHbMTOSBOw22MQtzbieQ01mlLI=) 6: A7A72BF24B0611EF91534014C4F9AE02.roa (hash: rkEEq1NU0ZB0iJ206DwCqyTIcCk221/XirQFCrxsWtw=) 7: D42F0D06B51611EEADC7924BC4F9AE02.roa (hash: A9NzHssGcVbJE0bf4/leZQkSAZrkt2X7yYhptv+SQB8=) 8: 73DC26744B0611EF8698EB13C4F9AE02.roa (hash: R1OUwwbFhRrvM5hkT+3nm1/8xxFGqJcsm+CwuQRS+mE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 19:21:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2800 (0xaf0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C661, serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329 Validity Not Before: Dec 18 19:21:04 2025 GMT Not After : Dec 25 19:21:04 2025 GMT Subject: CN=69445420-21c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:72:2b:f2:c1:a5:47:bf:cb:e6:44:57:f5:95: d8:23:29:b6:7e:b9:06:be:51:43:f4:66:67:ef:a9: 3c:ae:71:e0:5e:07:34:56:f5:30:47:7d:7c:9b:d2: 90:5e:fb:cf:c2:ac:22:65:6b:13:f0:01:e3:88:cd: a0:68:4c:e1:45:de:1b:b3:73:5a:8b:75:9f:15:9a: 8a:5c:9c:c6:ec:59:fa:b7:5f:06:b9:27:98:03:90: 88:fc:81:b2:8b:76:c3:44:fc:35:82:1a:56:7f:65: 3a:36:ed:ad:ab:37:e2:93:9f:1c:96:29:5c:d5:64: 6e:c3:1b:dd:fc:e2:1e:1c:ab:76:cf:9c:5d:d0:2c: dd:d3:a0:31:2f:40:7b:c5:86:51:92:62:81:b5:ef: e0:98:85:39:31:a2:7f:41:67:13:6f:7d:c1:2d:9d: 35:9e:ca:ff:85:b2:37:01:2f:e6:f9:f9:45:84:62: 50:9b:f4:e2:c3:6b:c7:e6:fc:47:58:8a:54:4b:e2: f2:0c:53:7d:2f:1f:10:57:c3:86:51:5b:36:70:42: 7d:78:2d:8f:08:6b:78:6e:fd:84:d9:a3:eb:3f:9a: 5f:8a:27:e5:e7:68:ed:53:f4:d6:66:38:33:ff:59: 1f:80:40:1e:fd:31:ef:a2:bd:8c:e1:fa:ce:f9:e9: 1e:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:24:95:F5:1C:91:AC:AA:1C:44:9E:BF:8B:95:72:D3:31:E3:2E:83 X509v3 Authority Key Identifier: keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:18:db:74:13:6a:46:2d:e7:bf:95:39:d8:63:5e:39:14:b4: f6:a4:71:e3:63:0e:3c:0a:72:e4:9a:79:4f:42:67:99:72:4d: 0c:34:20:42:d6:2d:e3:39:de:47:76:fc:ec:b9:be:13:e1:9e: c1:f6:1e:8d:ae:db:9c:90:8e:89:e3:f8:f1:38:96:7a:df:1a: b6:92:a5:42:98:f8:1c:ec:b4:77:e2:5e:1b:24:ea:00:78:2e: 69:8d:de:e9:6e:e1:cd:29:5b:dc:d3:0d:b7:e5:ce:81:07:4f: bd:63:d2:e4:df:6d:04:8a:99:8f:5f:0b:de:a6:51:45:ee:dd: d2:e7:d4:ad:72:74:21:9a:bd:34:77:14:6f:4c:42:a9:90:ee: 76:55:0e:08:c4:ae:6e:78:f6:91:6c:f6:3f:00:b3:cd:73:7a: 06:e1:a4:e7:f5:32:d9:50:02:5f:19:41:80:79:e2:59:c0:ee: c6:ea:6f:93:a5:57:2d:da:be:95:cc:1a:e1:c0:d0:9c:25:ee: 1a:ed:ff:c3:4f:0f:6e:87:47:14:78:73:bd:58:a6:da:14:c2: 47:31:a4:ea:88:f6:2b:3a:15:24:f5:3f:77:ec:61:5f:2c:09: 62:1d:b4:4d:fb:b5:fd:a2:4c:0c:30:2b:df:f4:b6:8d:66:b6: 72:f8:1c:e6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG NEJBNDIzMjkwHhcNMjUxMjE4MTkyMTA0WhcNMjUxMjI1MTkyMTA0WjAYMRYwFAYD VQQDDA02OTQ0NTQyMC0yMWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx3Ir8sGlR7/L5kRX9ZXYIym2frkGvlFD9GZn76k8rnHgXgc0VvUwR318m9KQ XvvPwqwiZWsT8AHjiM2gaEzhRd4bs3Nai3WfFZqKXJzG7Fn6t18GuSeYA5CI/IGy i3bDRPw1ghpWf2U6Nu2tqzfik58clilc1WRuwxvd/OIeHKt2z5xd0Czd06AxL0B7 xYZRkmKBte/gmIU5MaJ/QWcTb33BLZ01nsr/hbI3AS/m+flFhGJQm/Tiw2vH5vxH WIpUS+LyDFN9Lx8QV8OGUVs2cEJ9eC2PCGt4bv2E2aPrP5pfiifl52jtU/TWZjgz /1kfgEAe/THvor2M4frO+ekerQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEYklfUc kayqHESev4uVctMx4y6DMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzY2MS8wQkJEOUVBMjgzNkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIx ODN4ejJCdjUtckgwdWtJeWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2GNt0E2pGLee/lTnYY145FLT2pHHjYw48CnLkmnlPQmeZck0MNCBC 1i3jOd5Hdvzsub4T4Z7B9h6NrtuckI6J4/jxOJZ63xq2kqVCmPgc7LR34l4bJOoA eC5pjd7pbuHNKVvc0w235c6BB0+9Y9Lk320EipmPXwveplFF7t3S59StcnQhmr00 dxRvTEKpkO52VQ4IxK5uePaRbPY/ALPNc3oG4aTn9TLZUAJfGUGAeeJZwO7G6m+T pVct2r6VzBrhwNCcJe4a7f/DTw9uh0cUeHO9WKbaFMJHMaTqiPYrOhUk9T937GFf LAliHbRN+7X9okwMMCvf9LaNZrZy+Bzm -----END CERTIFICATE-----Generated at Fri Dec 19 23:50:42 2025 by rpki-client