This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/CNJW1CbKIXH86BfGRSP4MqNpF70.mft File: CNJW1CbKIXH86BfGRSP4MqNpF70.mft (raw, json) Hash identifier: q4o/yPlHghlMb9YknwLvlJEwdMwi6DiSIjTvg8jsqQg= Subject key identifier: EB:2C:A2:6B:80:6A:1F:C8:83:82:83:E6:F2:E1:0C:CB:8B:B3:97:A0 Authority key identifier: 08:D2:56:D4:26:CA:21:71:FC:E8:17:C6:45:23:F8:32:A3:69:17:BD Certificate issuer: /CN=A91C1FCC/serialNumber=08D256D426CA2171FCE817C64523F832A36917BD Certificate serial: 0ABC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CNJW1CbKIXH86BfGRSP4MqNpF70.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/CNJW1CbKIXH86BfGRSP4MqNpF70.mft Manifest number: 0A98 Signing time: Sat 20 Dec 2025 19:05:13 +0000 Manifest this update: Sat 20 Dec 2025 19:05:13 +0000 Manifest next update: Sat 27 Dec 2025 19:05:13 +0000 Files and hashes: 1: CNJW1CbKIXH86BfGRSP4MqNpF70.crl (hash: 6tXuCE7YX/zEONEk+IdocsFF29Jsy1y7JclxjzGIlWU=) 2: C6671418A37A11EFBED1AE3BC4F9AE02.roa (hash: RtmiTTWdzbSA6sjEHPl66WT8irnWI6qg0r7cthFL2r8=) 3: 54098620A37B11EFAC4F8E3CC4F9AE02.roa (hash: FXrJzxpIMY/mjFWppW9CWCLKoy10/on9Vdnxt1X4PXY=) 4: F15AD62031FA11EE96640F3EC4F9AE02.roa (hash: WTs+9o9qNNM6mr7pnkWN7ajLcOyi6E/nvXwiULfR9Fc=) 5: 8F12C9C8391F11EFB455E565C4F9AE02.roa (hash: EvThvFOZKz48161MvTnVXiDNJ6HNF5HAel5hAOJCG+c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/CNJW1CbKIXH86BfGRSP4MqNpF70.crl rsync://rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/CNJW1CbKIXH86BfGRSP4MqNpF70.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CNJW1CbKIXH86BfGRSP4MqNpF70.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 19:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2748 (0xabc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1FCC, serialNumber=08D256D426CA2171FCE817C64523F832A36917BD Validity Not Before: Dec 20 19:05:13 2025 GMT Not After : Dec 27 19:05:13 2025 GMT Subject: CN=6946f369-aa30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:3b:6d:92:24:d4:1a:e4:4f:13:be:ea:30:9f: 72:58:63:e4:8a:00:5a:3a:04:18:b9:af:2b:c8:63: 17:8d:cb:ce:0c:3a:bb:7d:33:81:ce:f7:ad:0d:1d: 64:99:af:38:f0:bd:59:fe:93:57:ac:f2:63:aa:28: a4:9d:b9:22:a3:80:71:2c:60:33:15:61:2d:e1:b5: 61:4f:33:27:d1:88:55:78:43:6d:ac:b6:d3:ef:4d: ca:92:39:9a:f1:05:b0:79:a2:ed:f1:05:aa:29:ec: a2:05:1a:4f:a1:43:97:ad:0b:0d:73:2f:e3:0d:6c: 4b:7d:a2:6e:d1:20:ca:23:54:f5:62:7f:68:0d:e6: d8:ff:0f:c9:58:3b:6c:25:c1:16:84:8b:45:f3:48: 3e:a4:c3:d4:f8:50:1a:50:21:8c:d3:95:6e:be:64: 21:a6:76:4e:bf:1f:ed:cd:11:0e:79:48:1e:07:80: 7d:0e:c0:9e:ff:3f:16:ee:c5:b0:18:91:24:e5:27: b9:84:57:7d:b6:fb:28:23:04:04:67:e7:97:3e:cd: dd:3c:59:3c:13:be:29:f7:db:a1:6f:75:85:55:84: 1b:9e:e7:0b:ab:f3:97:be:a5:ea:1a:e9:f7:e9:d0: 32:fa:dd:c1:68:98:ac:3c:d3:31:ff:71:c6:3e:e3: 6c:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:2C:A2:6B:80:6A:1F:C8:83:82:83:E6:F2:E1:0C:CB:8B:B3:97:A0 X509v3 Authority Key Identifier: keyid:08:D2:56:D4:26:CA:21:71:FC:E8:17:C6:45:23:F8:32:A3:69:17:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/CNJW1CbKIXH86BfGRSP4MqNpF70.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CNJW1CbKIXH86BfGRSP4MqNpF70.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/CNJW1CbKIXH86BfGRSP4MqNpF70.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:e0:ad:3b:7f:71:28:12:be:f6:98:08:ee:7e:97:06:e5:cb: 55:69:f1:23:bd:e4:95:9d:52:46:aa:51:40:4f:78:81:1f:ef: f6:e6:35:e9:0a:9b:12:6e:ee:7b:3f:db:17:2e:e7:13:7e:e0: fc:b3:fa:e1:ce:67:63:cb:98:bc:56:9e:44:b6:c3:11:84:01: f6:f0:72:89:0b:c3:c0:08:a3:dc:7b:1a:12:e4:f7:d6:bd:57: fc:ed:aa:de:2f:06:a9:d4:7d:1f:bf:b2:b0:b5:1c:da:98:2b: 40:54:85:05:63:02:4c:a9:2e:93:88:83:1d:64:7b:26:bc:76: 05:04:b4:5b:cf:a7:12:cb:eb:6e:f6:e1:80:b5:88:b9:b5:40: 0f:1e:9a:1c:d3:26:93:31:8a:29:b9:9d:3e:2b:00:66:79:40: df:e5:e8:67:66:09:b0:e3:48:91:bc:57:5f:6e:2f:d7:08:61: f4:fc:9b:2d:17:a1:8a:4f:0e:8e:26:96:f1:f5:8f:9a:12:8a: 38:ee:6b:bd:2f:8c:fd:59:66:ab:76:73:80:bd:98:6d:d3:04: f9:68:70:3b:5f:1a:3b:ab:78:c1:7a:5a:9c:1f:30:7f:b6:6f: 7f:85:22:b8:8e:68:bc:58:c2:4f:7f:2e:e5:d7:5c:2c:03:9e: 7a:52:9c:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFGQ0MxMTAvBgNVBAUTKDA4RDI1NkQ0MjZDQTIxNzFGQ0U4MTdDNjQ1MjNGODMy QTM2OTE3QkQwHhcNMjUxMjIwMTkwNTEzWhcNMjUxMjI3MTkwNTEzWjAYMRYwFAYD VQQDDA02OTQ2ZjM2OS1hYTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwDttkiTUGuRPE77qMJ9yWGPkigBaOgQYua8ryGMXjcvODDq7fTOBzvetDR1k ma848L1Z/pNXrPJjqiiknbkio4BxLGAzFWEt4bVhTzMn0YhVeENtrLbT703Kkjma 8QWweaLt8QWqKeyiBRpPoUOXrQsNcy/jDWxLfaJu0SDKI1T1Yn9oDebY/w/JWDts JcEWhItF80g+pMPU+FAaUCGM05VuvmQhpnZOvx/tzREOeUgeB4B9DsCe/z8W7sWw GJEk5Se5hFd9tvsoIwQEZ+eXPs3dPFk8E74p99uhb3WFVYQbnucLq/OXvqXqGun3 6dAy+t3BaJisPNMx/3HGPuNsAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOssomuA ah/Ig4KD5vLhDMuLs5egMB8GA1UdIwQYMBaAFAjSVtQmyiFx/OgXxkUj+DKjaRe9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUZDQy9DREJDNTk4Njcz MDkxMUVBQTg4MjAwMzBDNEY5QUUwMi9DTkpXMUNiS0lYSDg2QmZHUlNQNE1xTnBG NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NOSlcxQ2JLSVhIODZCZkdSU1A0TXFOcEY3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MUZDQy9DREJDNTk4NjczMDkxMUVBQTg4MjAwMzBDNEY5QUUwMi9DTkpXMUNiS0lY SDg2QmZHUlNQNE1xTnBGNzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDB4K07f3EoEr72mAjufpcG5ctVafEjveSVnVJGqlFAT3iBH+/25jXp CpsSbu57P9sXLucTfuD8s/rhzmdjy5i8Vp5EtsMRhAH28HKJC8PACKPcexoS5PfW vVf87areLwap1H0fv7KwtRzamCtAVIUFYwJMqS6TiIMdZHsmvHYFBLRbz6cSy+tu 9uGAtYi5tUAPHpoc0yaTMYopuZ0+KwBmeUDf5ehnZgmw40iRvFdfbi/XCGH0/Jst F6GKTw6OJpbx9Y+aEoo47mu9L4z9WWardnOAvZht0wT5aHA7Xxo7q3jBelqcHzB/ tm9/hSK4jmi8WMJPfy7l11wsA556UpwY -----END CERTIFICATE-----Generated at Sun Dec 21 02:27:34 2025 by rpki-client