This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft File: D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft (raw, json) Hash identifier: yDDCFPuEicovgcLhc+J91AwjFegTfT4QoKvfa/bGtLg= Subject key identifier: 1D:87:34:E5:52:2D:F8:E8:41:38:A2:72:17:3F:77:18:F6:4A:57:7B Authority key identifier: 0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34 Certificate issuer: /CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34 Certificate serial: 023B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft Manifest number: 022E Signing time: Sun 21 Dec 2025 01:22:45 +0000 Manifest this update: Sun 21 Dec 2025 01:22:44 +0000 Manifest next update: Sun 28 Dec 2025 01:22:44 +0000 Files and hashes: 1: D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl (hash: svp5wUUBn62LkOB4fwKnjX78/KAFy2cjdkZmvP5thUk=) 2: BC72661A972911ED8CBCA476C4F9AE02.roa (hash: 50hi2vNUebBRUz8ceA03XMTbcW3zeli1X+BmJSriA30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 01:22:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 571 (0x23b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7C68, serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34 Validity Not Before: Dec 21 01:22:44 2025 GMT Not After : Dec 28 01:22:44 2025 GMT Subject: CN=69474be5-9125 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:3e:a6:72:8a:25:fd:99:10:64:a8:25:c5:9c: 9e:60:ff:a2:c4:3e:b1:d4:d9:68:01:1e:aa:3e:3f: 3d:64:bb:f5:51:d9:a8:85:5f:25:99:d6:5a:6c:fb: cc:cb:4f:20:b9:cf:3c:ed:a0:85:e4:23:1b:83:ee: ef:62:36:78:69:26:b5:88:7c:17:1c:b3:e3:f8:72: c6:73:2e:20:e1:d5:d4:70:6a:27:f5:87:dd:84:c4: 5e:31:a5:99:8e:93:19:f9:61:1e:1b:8e:fe:4d:a9: 00:5c:92:d9:34:8c:9f:21:6e:05:7f:af:3c:25:f1: c0:49:a2:44:8b:a4:6e:53:c9:65:ac:1b:74:85:5d: 86:55:1e:c5:02:e2:f1:41:c0:9e:0d:8f:20:0e:2d: 5e:41:cf:3d:a8:77:f5:b4:e1:cc:d4:12:fe:06:48: 7d:20:ae:66:81:1a:15:69:7a:a9:ef:9d:e1:67:30: 7b:4c:b3:27:1f:81:fa:4c:8b:39:bb:af:4d:e5:d5: 5e:1e:9a:9f:9c:2f:e1:90:eb:85:de:55:27:18:e3: 82:bc:aa:58:be:70:91:0b:ba:1b:9a:71:10:0c:82: de:01:c8:3f:9e:1d:a7:17:a0:e1:09:3e:23:8b:ef: 2b:6e:71:b9:10:50:3b:7b:e7:5f:a8:e0:8c:8d:bc: fe:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:87:34:E5:52:2D:F8:E8:41:38:A2:72:17:3F:77:18:F6:4A:57:7B X509v3 Authority Key Identifier: keyid:0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:c9:4f:81:56:d0:dd:25:78:39:e4:89:f5:f0:5a:b3:57:5a: a4:7d:ee:03:e3:22:ce:38:c9:94:ba:04:02:68:e4:d0:68:eb: f7:ca:0e:de:36:60:0d:f3:41:e1:b6:61:5c:13:4e:60:9c:46: c6:56:26:3e:45:78:a3:ae:ba:47:06:9a:be:e9:f3:b7:43:bf: 1c:5d:fa:0b:0c:5c:f1:da:3b:34:a3:78:65:f5:30:06:b7:4a: 95:39:98:d6:a8:2f:0f:90:51:08:30:56:aa:ba:67:d0:15:51: 6a:3d:07:15:26:ca:6f:a7:fc:2f:53:98:99:40:f9:0a:38:7f: ca:73:14:47:50:68:c1:ba:9c:b4:82:5f:1e:9c:b5:ab:26:fd: 48:30:92:88:8f:28:80:a7:ee:85:a0:18:8a:fc:dd:59:06:31: 22:67:6a:9e:69:a6:f9:6f:00:85:45:e3:6d:29:bd:e6:9e:8e: 2a:ad:a0:91:c8:58:24:8c:c9:25:93:7b:30:82:bf:24:0c:b8: 9a:c4:5f:8b:dd:99:0b:88:42:f1:f6:6b:56:1f:18:74:14:96: 89:c7:e1:2b:50:15:47:b6:e5:09:9c:d7:c3:ef:ae:05:82:4f: d8:5a:ee:43:1d:e3:0b:71:20:ec:77:ab:e9:9f:f8:07:53:df: 09:36:2c:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTdDNjgxMTAvBgNVBAUTKDBGNjI2QTMyNjRENkZFQ0NDQkZFQjJEOTlCMURCRjhB RkZFQzNCMzQwHhcNMjUxMjIxMDEyMjQ0WhcNMjUxMjI4MDEyMjQ0WjAYMRYwFAYD VQQDDA02OTQ3NGJlNS05MTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtz6mcool/ZkQZKglxZyeYP+ixD6x1NloAR6qPj89ZLv1UdmohV8lmdZabPvM y08guc887aCF5CMbg+7vYjZ4aSa1iHwXHLPj+HLGcy4g4dXUcGon9YfdhMReMaWZ jpMZ+WEeG47+TakAXJLZNIyfIW4Ff688JfHASaJEi6RuU8llrBt0hV2GVR7FAuLx QcCeDY8gDi1eQc89qHf1tOHM1BL+Bkh9IK5mgRoVaXqp753hZzB7TLMnH4H6TIs5 u69N5dVeHpqfnC/hkOuF3lUnGOOCvKpYvnCRC7obmnEQDILeAcg/nh2nF6DhCT4j i+8rbnG5EFA7e+dfqOCMjbz+RwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB2HNOVS LfjoQTiichc/dxj2Sld7MB8GA1UdIwQYMBaAFA9iajJk1v7My/6y2Zsdv4r/7Ds0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0M2OC80MjM5ODZGNjk3 MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19zekxfckxabXgyX2l2X3NP elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QySnFNbVRXX3N6TF9yTFpteDJfaXZfc096US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB N0M2OC80MjM5ODZGNjk3MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19z ekxfckxabXgyX2l2X3NPelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9yU+BVtDdJXg55In18FqzV1qkfe4D4yLOOMmUugQCaOTQaOv3yg7e NmAN80HhtmFcE05gnEbGViY+RXijrrpHBpq+6fO3Q78cXfoLDFzx2js0o3hl9TAG t0qVOZjWqC8PkFEIMFaqumfQFVFqPQcVJspvp/wvU5iZQPkKOH/KcxRHUGjBupy0 gl8enLWrJv1IMJKIjyiAp+6FoBiK/N1ZBjEiZ2qeaab5bwCFReNtKb3mno4qraCR yFgkjMklk3swgr8kDLiaxF+L3ZkLiELx9mtWHxh0FJaJx+ErUBVHtuUJnNfD764F gk/YWu5DHeMLcSDsd6vpn/gHU98JNizI -----END CERTIFICATE-----Generated at Sun Dec 21 13:29:18 2025 by rpki-client