This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: +tB6fjupiPHOIhmZk+8QNIWyMWy5YKIom9ZCeez2K6M= Subject key identifier: 52:26:45:9C:85:1F:D2:7D:F5:02:EB:F4:F6:A5:CA:61:C9:9B:9B:F9 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 0853 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 0816 Signing time: Sat 20 Dec 2025 20:31:43 +0000 Manifest this update: Sat 20 Dec 2025 20:31:43 +0000 Manifest next update: Sat 27 Dec 2025 20:31:43 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: SoCnLi2tyQvRiLBJo/IK2GvAM41TyHozwv/kB6HPJJ4=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: WVXeC6AWS7dfqRcacJcoXn1KRTzKsuhGFEjOvtdw4gQ=) 3: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HBup3egCFQ+j4w8tn/YgKXDolvmk1GZOCKm/FjBELHI=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: 4+YaEU8/WKlhoShMZ2jQANGth6P34fJaow29AZ/vK1g=) 5: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: KydrQv3Yet/a3HLO3h2lsIOeUoieRU/2J4jW34hxmG0=) 6: B512A570109211ECA693D74EC4F9AE02.roa (hash: x6M8DR+ao43yWMJcYfflaCD3HANg4LUaSOgGurV26Rc=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: xo4YbqiE7X/F67UsXOYb5uFnpLPpFvm6ZJLr7VXM8NU=) 8: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: TVq9O75Mk8dBtHdZIdf95FNbNlO+Xgr7jZqSFhUdSlc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 20:31:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2131 (0x853) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Dec 20 20:31:43 2025 GMT Not After : Dec 27 20:31:43 2025 GMT Subject: CN=694707af-ef42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0d:e1:d0:8a:08:4d:33:2e:f1:64:0f:bd:07: 69:a0:dd:65:26:2c:8d:d2:a6:d3:dc:cf:f3:82:97: cd:55:58:2b:a7:b7:cd:5c:99:3c:79:ba:04:b1:74: 3f:d1:0a:86:5d:c4:fd:7d:7f:69:a3:a4:a2:af:84: 2a:46:35:ab:f1:94:8d:a2:51:e7:0b:bd:1d:3a:c2: 6f:9c:9c:c1:29:7b:7f:60:ed:a8:a8:2a:4d:2a:e5: 41:24:e0:05:06:bb:eb:0d:af:2c:2c:83:2d:ad:ea: b7:72:c2:3d:8d:aa:19:b1:2a:ab:e3:15:c5:6c:56: 65:f8:f6:5d:55:f6:2d:3e:6d:db:f1:c1:0a:c1:53: 29:34:2f:c8:b5:7b:10:b5:ad:71:91:5a:24:dc:1b: 1e:f5:9c:7b:66:0d:1f:4f:e0:4d:9f:c0:43:84:ef: 7b:ab:eb:6a:e6:0c:06:1d:c9:f1:74:a2:6f:cb:19: 0a:d3:57:ed:f5:1a:22:bf:bf:9a:49:93:5d:2a:94: 17:14:06:64:5a:08:5d:21:30:48:eb:09:0e:14:d0: 32:bf:ae:d7:ea:9b:e2:66:11:91:80:ea:6b:66:a8: 9f:9d:e7:c3:f8:be:9b:10:05:60:8d:0c:f9:65:17: 8e:01:db:83:92:bc:45:c0:d0:95:a9:14:b5:b8:27: 35:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:26:45:9C:85:1F:D2:7D:F5:02:EB:F4:F6:A5:CA:61:C9:9B:9B:F9 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:79:e6:df:7e:78:c3:24:f7:e6:6f:37:32:16:fc:d9:a8:79: 00:30:45:f1:f7:9c:4d:37:bc:5f:5c:ea:4e:3d:5e:a2:aa:4d: 05:a4:78:ec:23:dd:af:f3:4e:61:32:35:f3:02:2e:74:53:8b: 11:a3:be:05:1b:f2:15:62:42:9c:c4:2f:2b:86:fa:9b:99:a5: 9e:ff:91:82:66:e8:d1:c7:96:6e:db:aa:72:38:ee:25:b6:5e: 93:07:e9:a2:2f:ff:4b:98:79:7e:14:58:35:91:8a:2c:42:65: bd:c7:df:fb:ee:e1:c7:2f:be:35:a5:cf:58:de:06:33:6d:6f: 41:f1:6b:e0:7f:ce:ba:ae:67:2f:1b:99:23:01:ae:14:50:53: 32:9d:a6:2a:27:21:9a:d6:c6:10:77:dd:07:e8:1c:a6:64:01: 65:73:07:63:55:36:c8:3a:46:d5:bd:07:62:ba:24:8f:68:e6: 2f:73:3d:08:13:31:24:05:fc:cc:40:2c:eb:77:71:43:97:9d: e7:38:3e:00:6f:65:81:6e:6d:20:ac:4d:48:e0:71:c0:69:ac: 2c:30:a7:eb:4e:f7:cb:84:e9:e4:72:fc:52:7a:5c:b9:12:49: dc:e5:41:1a:68:17:0b:ff:9b:ab:09:9e:f4:49:df:f3:7f:15: 2b:a5:50:d6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUxMjIwMjAzMTQzWhcNMjUxMjI3MjAzMTQzWjAYMRYwFAYD VQQDDA02OTQ3MDdhZi1lZjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxg3h0IoITTMu8WQPvQdpoN1lJiyN0qbT3M/zgpfNVVgrp7fNXJk8eboEsXQ/ 0QqGXcT9fX9po6Sir4QqRjWr8ZSNolHnC70dOsJvnJzBKXt/YO2oqCpNKuVBJOAF BrvrDa8sLIMtreq3csI9jaoZsSqr4xXFbFZl+PZdVfYtPm3b8cEKwVMpNC/ItXsQ ta1xkVok3Bse9Zx7Zg0fT+BNn8BDhO97q+tq5gwGHcnxdKJvyxkK01ft9Roiv7+a SZNdKpQXFAZkWghdITBI6wkOFNAyv67X6pviZhGRgOprZqifnefD+L6bEAVgjQz5 ZReOAduDkrxFwNCVqRS1uCc1HQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFImRZyF H9J99QLr9PalymHJm5v5MB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNeebffnjDJPfmbzcyFvzZqHkAMEXx95xNN7xfXOpOPV6iqk0FpHjs I92v805hMjXzAi50U4sRo74FG/IVYkKcxC8rhvqbmaWe/5GCZujRx5Zu26pyOO4l tl6TB+miL/9LmHl+FFg1kYosQmW9x9/77uHHL741pc9Y3gYzbW9B8Wvgf866rmcv G5kjAa4UUFMynaYqJyGa1sYQd90H6BymZAFlcwdjVTbIOkbVvQdiuiSPaOYvcz0I EzEkBfzMQCzrd3FDl53nOD4Ab2WBbm0grE1I4HHAaawsMKfrTvfLhOnkcvxSely5 Eknc5UEaaBcL/5urCZ70Sd/zfxUrpVDW -----END CERTIFICATE-----Generated at Sun Dec 21 08:18:57 2025 by rpki-client