This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft File: CeskiT_4OKrchy_8N1hCf2rsIXI.mft (raw, json) Hash identifier: X5O3VV/EYZPvAaTaEadD6bvd1f5RthFSC5JBNmljzVs= Subject key identifier: B5:4B:AA:80:BC:58:AF:82:34:CF:CB:58:C6:CC:9F:9B:27:E1:EC:91 Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 Certificate issuer: /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Certificate serial: 05A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft Manifest number: 07C4 Signing time: Thu 18 Dec 2025 22:28:57 +0000 Manifest this update: Thu 18 Dec 2025 22:28:57 +0000 Manifest next update: Thu 25 Dec 2025 22:28:57 +0000 Files and hashes: 1: CeskiT_4OKrchy_8N1hCf2rsIXI.crl (hash: /TVr66CR0DN11Tw0K98rmiNdgN3LUTxDGWxQTusZuSg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 22:28:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1447 (0x5a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F7A1, serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Validity Not Before: Dec 18 22:28:57 2025 GMT Not After : Dec 25 22:28:57 2025 GMT Subject: CN=69448029-b715 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:17:92:bf:0b:ec:75:02:98:72:74:aa:dc:35: 20:a1:f9:15:cf:c6:23:70:ef:37:46:bc:ae:b5:96: fd:09:fd:9e:71:4b:97:20:2e:54:7f:7e:47:1c:d0: 09:36:b8:a3:0d:74:11:86:a0:a2:b0:e3:7e:92:be: 63:51:37:f6:be:d7:0c:f9:4c:d3:62:f4:b9:47:d9: 38:a3:47:c3:14:2a:f0:8c:ae:81:02:24:ab:7e:75: ae:98:14:fb:81:90:fc:c7:0f:ee:b0:5c:06:fe:ed: 17:18:f8:83:c6:64:2a:46:96:10:57:fa:05:7d:05: 01:77:d5:4a:37:54:a1:0d:d5:b3:1e:46:4a:83:95: d9:06:64:92:76:ea:a9:a0:be:db:bf:da:b3:0d:35: 60:a4:72:b7:87:d0:f6:38:e9:c5:83:5f:f1:ad:38: cb:6d:ec:c5:4f:90:cd:38:7a:02:96:18:2f:84:39: 13:d9:2d:7f:c4:7d:30:98:a5:57:33:5e:aa:8f:83: 0a:a5:b2:4d:85:f0:46:a9:79:04:09:1f:08:0b:52: 2d:d6:55:c8:23:4d:b8:16:3a:6d:92:57:15:6b:01: ac:d8:f7:0b:a6:b8:25:4e:27:98:ec:4d:00:73:90: 0d:2a:68:a9:99:14:30:01:0b:25:ff:40:9c:fc:6c: fc:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:4B:AA:80:BC:58:AF:82:34:CF:CB:58:C6:CC:9F:9B:27:E1:EC:91 X509v3 Authority Key Identifier: keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:ba:5a:12:7e:0f:f8:f9:63:02:1d:f8:fe:a5:ea:99:2a:57: e9:89:6d:37:7f:2f:ad:ed:1d:3b:d2:c3:5f:63:92:9a:34:77: 66:fa:23:50:f1:0b:da:93:6d:24:57:b0:de:be:a7:37:72:0b: 9a:8f:a6:30:63:ed:df:7c:f0:1c:9d:66:3a:c1:11:b2:7d:91: d4:73:37:cb:bb:ed:0e:67:27:4f:ee:d0:f6:9c:46:67:c6:c5: c0:bb:59:64:ee:00:3c:25:d3:6f:fb:ef:b5:f7:36:cc:b2:63: 59:94:9c:03:2b:8c:a0:ee:95:f4:00:86:51:7a:d0:c1:f8:30: 0f:e4:ef:5d:69:a4:f7:6c:6c:91:8f:ec:59:76:ae:aa:b4:d1: 3d:2f:1e:97:ad:b6:0b:8a:3c:a3:11:24:25:ed:d6:85:9c:e3: 1a:75:33:0d:3e:75:8c:29:b3:14:ac:74:30:0a:b0:dc:e5:60: c3:10:da:66:28:52:22:51:ff:68:7a:15:f7:2f:30:4b:63:76: 32:9c:46:f3:b8:c5:ed:bc:57:7b:24:36:8f:aa:26:98:7c:26: 66:e6:ec:d7:2f:f6:e9:4a:a6:86:1e:ae:dd:43:50:fb:de:22: 77:2c:51:4b:6a:5d:17:e3:6b:0b:21:54:83:90:7c:63:63:49: fa:08:6f:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG NkFFQzIxNzIwHhcNMjUxMjE4MjIyODU3WhcNMjUxMjI1MjIyODU3WjAYMRYwFAYD VQQDDA02OTQ0ODAyOS1iNzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxReSvwvsdQKYcnSq3DUgofkVz8YjcO83RryutZb9Cf2ecUuXIC5Uf35HHNAJ NrijDXQRhqCisON+kr5jUTf2vtcM+UzTYvS5R9k4o0fDFCrwjK6BAiSrfnWumBT7 gZD8xw/usFwG/u0XGPiDxmQqRpYQV/oFfQUBd9VKN1ShDdWzHkZKg5XZBmSSduqp oL7bv9qzDTVgpHK3h9D2OOnFg1/xrTjLbezFT5DNOHoClhgvhDkT2S1/xH0wmKVX M16qj4MKpbJNhfBGqXkECR8IC1It1lXII024FjptklcVawGs2PcLprglTieY7E0A c5ANKmipmRQwAQsl/0Cc/Gz8cQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLVLqoC8 WK+CNM/LWMbMn5sn4eyRMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0 MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9L cmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEuloSfg/4+WMCHfj+peqZKlfpiW03fy+t7R070sNfY5KaNHdm+iNQ 8Qvak20kV7Devqc3cguaj6YwY+3ffPAcnWY6wRGyfZHUczfLu+0OZydP7tD2nEZn xsXAu1lk7gA8JdNv+++19zbMsmNZlJwDK4yg7pX0AIZRetDB+DAP5O9daaT3bGyR j+xZdq6qtNE9Lx6XrbYLijyjESQl7daFnOMadTMNPnWMKbMUrHQwCrDc5WDDENpm KFIiUf9oehX3LzBLY3YynEbzuMXtvFd7JDaPqiaYfCZm5uzXL/bpSqaGHq7dQ1D7 3iJ3LFFLal0X42sLIVSDkHxjY0n6CG82 -----END CERTIFICATE-----Generated at Fri Dec 19 23:57:34 2025 by rpki-client