This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft File: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft (raw, json) Hash identifier: S5cVFIKfNSVJFhFDf/zZsv+TaRgHw0NMngKUKVdUKoA= Subject key identifier: 63:46:A7:46:9A:B7:26:53:BD:AC:E6:F1:4A:91:61:DA:DE:12:BE:5F Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4 Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4 Certificate serial: 1E87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft Manifest number: 1E71 Signing time: Sat 20 Dec 2025 15:53:44 +0000 Manifest this update: Sat 20 Dec 2025 15:53:44 +0000 Manifest next update: Sat 27 Dec 2025 15:53:44 +0000 Files and hashes: 1: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl (hash: VebKSjTaYMxlE6VIbmkdgVNEzO7oGQ+BJbGXr5gnTZo=) 2: 4A6679EC14DF11EEAB46A86DC4F9AE02.roa (hash: AXKpStdDXM9wxv6G1AUD+699CXFgwwGK6Jd4DJQtq3o=) 3: 4CE75372B9DE11EEBC5B0D21C4F9AE02.roa (hash: 7zFzN5j9h6YzgNeZ8kZ1lY+L5+DYjuZkNzIwbCRSQJo=) 4: 1DBC9D405DB411EEA017251AC4F9AE02.roa (hash: X2p/Qp6ns6nKjiBarMkHBerDTuiMPK0sDvqZ6rcsECs=) 5: 4999305414DF11EEAB46A86DC4F9AE02.roa (hash: U2z4NGKM3y6RlvN/Vcw8vO0UDWLzoynGIyrvDNvIq28=) 6: 4B52A44814DF11EEAB46A86DC4F9AE02.roa (hash: NhB+p7+dqD+nB5j++Sxl/yETjDp4HDYVk+7B5ROENtY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 15:53:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7815 (0x1e87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4B1A, serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4 Validity Not Before: Dec 20 15:53:44 2025 GMT Not After : Dec 27 15:53:44 2025 GMT Subject: CN=6946c688-a7f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:f8:b8:1a:e8:23:66:69:19:2e:11:d8:d0:c4: e4:9c:23:39:0e:89:88:41:e3:a7:1a:9c:29:3e:45: ed:8d:ef:19:4f:1a:93:6c:66:5a:27:1c:09:9b:c4: 8b:9f:f6:e5:e9:8c:aa:f9:75:38:ad:26:c0:38:5c: c2:2b:87:c6:b8:91:c2:5f:37:0f:0e:ab:4e:51:51: eb:a4:cf:df:cf:68:b7:2b:89:64:76:a3:10:ec:cf: 34:38:41:bd:6b:8f:a1:4b:1b:39:35:52:cf:4b:cf: 7f:2b:eb:e6:8f:d8:30:0c:54:c8:8f:2c:8a:2e:46: c9:8a:e7:1f:2c:74:5d:65:8b:44:fd:83:63:c2:75: 05:5c:2e:38:ba:71:84:0f:e7:90:43:17:9d:48:aa: 0c:66:2f:3d:1f:51:b1:21:5d:70:b0:97:82:75:74: 4a:31:ca:ba:0f:24:9e:8b:02:39:4e:a1:45:f0:a1: f9:e5:86:c8:f9:0a:55:0b:14:bf:1b:81:c3:bd:cd: ee:0b:15:ff:a3:27:92:74:47:28:b2:83:36:ed:0c: 82:da:38:0f:dd:c2:7b:f0:11:fe:39:17:ac:9d:07: b3:9a:a1:87:8b:8a:9d:df:5f:b0:a0:df:9d:77:42: db:7e:a5:a6:98:5e:36:2f:b6:35:d1:5c:06:55:ab: d1:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:46:A7:46:9A:B7:26:53:BD:AC:E6:F1:4A:91:61:DA:DE:12:BE:5F X509v3 Authority Key Identifier: keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:04:81:71:67:77:4e:1b:0c:b4:f4:c8:03:5b:c6:3b:50:fb: a0:b3:06:88:80:0b:d0:f0:3f:43:45:b3:02:ca:c6:9c:98:18: 5a:47:2f:48:70:af:db:44:53:3c:02:29:80:8b:3e:d3:85:67: 63:87:4d:b7:f8:6e:9e:b6:6d:be:20:9b:e5:4d:9a:08:b6:6b: ca:c4:49:cd:e6:a0:fd:d2:67:08:d3:76:c2:3b:2a:07:59:29: 7d:f9:a5:de:bf:9d:27:b2:38:e3:d6:b9:50:f3:14:9f:fc:dc: 8b:62:80:d4:25:56:4e:64:20:0f:6d:67:f3:07:a9:f1:82:8b: e6:6a:ec:fd:28:c1:e0:37:d4:d6:50:7e:8b:8d:1b:cf:c5:c8: 36:67:41:af:96:e3:dc:fe:cb:d8:94:b4:b1:02:63:c6:ff:ce: aa:f3:a1:08:22:aa:fc:62:9b:f8:20:50:36:65:27:b2:4d:3e: ac:be:d9:21:e7:c9:99:4b:de:a3:92:e6:f0:4d:09:bb:e7:2e: 41:a0:d2:88:e8:c0:6b:e1:bf:73:78:38:54:d2:46:f8:54:1d: 42:2c:62:b5:c1:9d:b8:4d:49:5f:ce:4d:2d:6e:73:98:90:77: d4:34:59:6a:62:37:2d:c2:8b:17:ff:39:6d:d6:29:18:68:9d: 4d:df:27:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF RUFFQkYwRDQwHhcNMjUxMjIwMTU1MzQ0WhcNMjUxMjI3MTU1MzQ0WjAYMRYwFAYD VQQDDA02OTQ2YzY4OC1hN2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0/i4GugjZmkZLhHY0MTknCM5DomIQeOnGpwpPkXtje8ZTxqTbGZaJxwJm8SL n/bl6Yyq+XU4rSbAOFzCK4fGuJHCXzcPDqtOUVHrpM/fz2i3K4lkdqMQ7M80OEG9 a4+hSxs5NVLPS89/K+vmj9gwDFTIjyyKLkbJiucfLHRdZYtE/YNjwnUFXC44unGE D+eQQxedSKoMZi89H1GxIV1wsJeCdXRKMcq6DySeiwI5TqFF8KH55YbI+QpVCxS/ G4HDvc3uCxX/oyeSdEcosoM27QyC2jgP3cJ78BH+OResnQezmqGHi4qd31+woN+d d0LbfqWmmF42L7Y10VwGVavR6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGNGp0aa tyZTvazm8UqRYdreEr5fMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5 RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4 TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NEIxQS81REQ0OEFCNjg5RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRa dkQ4WWdOWVExcTd1cnI4TlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbBIFxZ3dOGwy09MgDW8Y7UPugswaIgAvQ8D9DRbMCysacmBhaRy9I cK/bRFM8AimAiz7ThWdjh023+G6etm2+IJvlTZoItmvKxEnN5qD90mcI03bCOyoH WSl9+aXev50nsjjj1rlQ8xSf/NyLYoDUJVZOZCAPbWfzB6nxgovmauz9KMHgN9TW UH6LjRvPxcg2Z0GvluPc/svYlLSxAmPG/86q86EIIqr8Ypv4IFA2ZSeyTT6svtkh 58mZS96jkubwTQm75y5BoNKI6MBr4b9zeDhU0kb4VB1CLGK1wZ24TUlfzk0tbnOY kHfUNFlqYjctwosX/zlt1ikYaJ1N3ycP -----END CERTIFICATE-----Generated at Mon Dec 22 00:53:22 2025 by rpki-client