This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft File: iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft (raw, json) Hash identifier: /HdaaHiNA+/zUfbMBKIEhffc4hVNsFfHT9KoMZiyTV0= Subject key identifier: 7E:15:86:DD:A4:00:32:1B:16:05:D4:47:84:10:D8:17:13:40:25:DE Authority key identifier: 88:28:59:D5:23:01:F0:15:71:D9:D4:CF:95:3F:45:E0:75:E0:9A:98 Certificate issuer: /CN=A919D588/serialNumber=882859D52301F01571D9D4CF953F45E075E09A98 Certificate serial: 4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft Manifest number: 44 Signing time: Tue 23 Dec 2025 06:14:53 +0000 Manifest this update: Tue 23 Dec 2025 06:14:52 +0000 Manifest next update: Tue 30 Dec 2025 06:14:52 +0000 Files and hashes: 1: iChZ1SMB8BVx2dTPlT9F4HXgmpg.crl (hash: 1mj8jpAKrBSQvWtmhn5YU6rTCTvQN3VRM3J/z2MFycU=) 2: 8938B9DA7BF511F0BEBF8326C4F9AE02.roa (hash: vQ9ge67AKzH4HNbVsuxX3Mwi95vAo6POwUTMCo0fB8I=) 3: 5C7DE69E7EFD11F0827C5F1DC4F9AE02.roa (hash: LhJsIUDxJjf34uwAXx8g7B6lkG4erRS20bGVNhkO1Ek=) 4: 8B58F72A7BF511F0BEBF8326C4F9AE02.roa (hash: DPudtrZt3zDLn6cOKt8G2uNXGPQUskKpTDxbAvt9zzA=) 5: 8A65797E7BF511F0BEBF8326C4F9AE02.roa (hash: 8VEPDf924YuQ0JrYCDPzrjF2qm9rSo7AZ2xnXGQmqpY=) 6: 8AF73C7E7BF511F0BEBF8326C4F9AE02.roa (hash: ccXunp3OE2ONSoYTGcr2m1hcygin6LHeeNQEO7if+44=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.crl rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 06:14:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75 (0x4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919D588, serialNumber=882859D52301F01571D9D4CF953F45E075E09A98 Validity Not Before: Dec 23 06:14:52 2025 GMT Not After : Dec 30 06:14:52 2025 GMT Subject: CN=694a335d-faef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:20:14:e7:61:20:bf:9c:dc:37:7f:8d:3b:a2: 73:1d:5c:80:7b:bc:eb:45:8a:b8:ef:6d:33:d5:f6: 8d:04:dd:9b:16:02:71:56:47:bd:5e:4b:1c:14:7e: cb:1c:5e:b5:c2:05:bf:8d:27:ad:8e:ec:5f:f6:1b: 7b:a4:e3:59:90:88:4e:2b:97:f5:44:57:64:04:12: fc:c1:d8:7f:7f:35:f8:93:27:9d:fc:ce:8f:c9:19: 30:02:dd:13:31:b3:b7:f2:93:94:5e:5d:85:bd:2e: ad:23:59:74:56:bf:ac:8e:f5:96:7a:b2:30:63:fc: 67:bd:7b:31:9e:7a:c1:ec:21:85:50:d4:af:ae:ed: 08:39:cb:d0:93:55:a4:e0:00:ca:ec:86:db:35:26: 71:53:a2:1d:54:1c:b5:b1:88:49:da:04:11:bf:f9: cc:40:c6:1d:47:de:64:41:a8:bc:2e:ee:ee:37:5a: 1b:5e:c2:c5:ad:fb:fd:f7:9d:64:58:cd:3d:fd:65: c8:70:64:63:1f:ea:0a:9a:97:f2:d7:5b:1d:72:f3: 4d:3f:85:e1:ac:a2:b3:91:49:0c:3f:5a:3e:02:bd: e4:98:f6:17:5b:fd:6b:c1:c5:a3:f3:9c:04:37:7f: 68:29:b4:dd:2a:2d:c1:33:f4:b2:0b:12:75:3b:30: 94:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:15:86:DD:A4:00:32:1B:16:05:D4:47:84:10:D8:17:13:40:25:DE X509v3 Authority Key Identifier: keyid:88:28:59:D5:23:01:F0:15:71:D9:D4:CF:95:3F:45:E0:75:E0:9A:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:b4:ec:86:09:c8:9c:45:e0:c0:d6:a5:bd:97:37:99:09:b6: 46:e1:e2:d5:6b:3b:23:58:08:85:94:e2:74:97:4d:0a:9a:5f: fc:19:ef:ff:76:66:07:73:71:d3:00:ab:cc:22:84:b0:22:e6: 88:c3:63:51:74:80:13:2c:57:3e:c7:9a:db:24:f6:ae:fc:8b: a3:18:12:cc:8f:8c:c5:47:72:e8:35:b5:b8:f8:e5:7b:c1:75: 74:b1:97:e7:12:bb:f3:39:e3:5e:ba:18:eb:9d:d5:51:30:91: a4:3c:9b:04:5b:1f:40:2f:33:c7:b2:73:ae:b4:e4:5d:e2:bb: 85:09:01:7c:ec:cb:38:e7:b4:83:d7:1a:ec:c5:72:e0:d5:39: e1:5f:f5:f4:96:c1:b1:a5:0a:e4:03:4d:ad:32:cf:73:80:73: d8:c3:6e:71:fd:bb:cf:43:f0:32:fa:15:ea:ea:b4:93:63:f5: 64:54:be:78:41:27:85:35:09:34:2f:a9:45:b4:37:0f:60:e1: b0:a0:3c:4a:79:60:5a:6a:32:f8:27:50:47:c3:3d:5a:30:66: 94:73:ff:fe:23:ae:f7:87:a1:c8:69:00:1c:c3:61:60:78:c2: 5e:5d:dd:74:6c:30:0b:39:c2:4a:a4:31:ff:70:cf:c0:bd:de: 7e:04:4a:5b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 RDU4ODExMC8GA1UEBRMoODgyODU5RDUyMzAxRjAxNTcxRDlENENGOTUzRjQ1RTA3 NUUwOUE5ODAeFw0yNTEyMjMwNjE0NTJaFw0yNTEyMzAwNjE0NTJaMBgxFjAUBgNV BAMMDTY5NGEzMzVkLWZhZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUIBTnYSC/nNw3f407onMdXIB7vOtFirjvbTPV9o0E3ZsWAnFWR71eSxwUfssc XrXCBb+NJ62O7F/2G3uk41mQiE4rl/VEV2QEEvzB2H9/NfiTJ538zo/JGTAC3RMx s7fyk5ReXYW9Lq0jWXRWv6yO9ZZ6sjBj/Ge9ezGeesHsIYVQ1K+u7Qg5y9CTVaTg AMrshts1JnFToh1UHLWxiEnaBBG/+cxAxh1H3mRBqLwu7u43WhtewsWt+/33nWRY zT39ZchwZGMf6gqal/LXWx1y800/heGsorORSQw/Wj4CveSY9hdb/WvBxaPznAQ3 f2gptN0qLcEz9LILEnU7MJTvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfhWG3aQA MhsWBdRHhBDYFxNAJd4wHwYDVR0jBBgwFoAUiChZ1SMB8BVx2dTPlT9F4HXgmpgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlENTg4L0JGN0Q1RTc2N0JG MzExRjBBMDVGQUQ4MkM0RjlBRTAyL2lDaFoxU01COEJWeDJkVFBsVDlGNEhYZ21w Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaUNoWjFTTUI4QlZ4MmRUUGxUOUY0SFhnbXBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlE NTg4L0JGN0Q1RTc2N0JGMzExRjBBMDVGQUQ4MkM0RjlBRTAyL2lDaFoxU01COEJW eDJkVFBsVDlGNEhYZ21wZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALS07IYJyJxF4MDWpb2XN5kJtkbh4tVrOyNYCIWU4nSXTQqaX/wZ7/92 ZgdzcdMAq8wihLAi5ojDY1F0gBMsVz7Hmtsk9q78i6MYEsyPjMVHcug1tbj45XvB dXSxl+cSu/M54166GOud1VEwkaQ8mwRbH0AvM8eyc6605F3iu4UJAXzsyzjntIPX GuzFcuDVOeFf9fSWwbGlCuQDTa0yz3OAc9jDbnH9u89D8DL6FerqtJNj9WRUvnhB J4U1CTQvqUW0Nw9g4bCgPEp5YFpqMvgnUEfDPVowZpRz//4jrveHochpABzDYWB4 wl5d3XRsMAs5wkqkMf9wz8C93n4ESls= -----END CERTIFICATE-----Generated at Thu Dec 25 05:33:12 2025 by rpki-client