This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft File: KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft (raw, json) Hash identifier: DV0KUQAJd4I3ecQoo3zuS2Prt1levQ14Kb6JFtGVsjI= Subject key identifier: 68:36:61:DA:C6:EF:2A:0B:82:47:61:3F:83:C0:31:5F:05:7D:3D:35 Authority key identifier: 28:C0:60:7D:96:83:1A:3D:18:09:33:45:B3:72:58:EE:3B:D7:F3:E7 Certificate issuer: /CN=A91C5AEE/serialNumber=28C0607D96831A3D18093345B37258EE3BD7F3E7 Certificate serial: 01AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMBgfZaDGj0YCTNFs3JY7jvX8-c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft Manifest number: 01A9 Signing time: Tue 23 Dec 2025 02:13:48 +0000 Manifest this update: Tue 23 Dec 2025 02:13:48 +0000 Manifest next update: Tue 30 Dec 2025 02:13:48 +0000 Files and hashes: 1: KMBgfZaDGj0YCTNFs3JY7jvX8-c.crl (hash: yentBliX39g6TyhGJIXw1tuw8HiKH3mQiiUhE6RDfHM=) 2: 21525A1C520B11EE8B79021AC4F9AE02.roa (hash: BXgvpIKBLGyFXlTbrcn5D97Cd/AVN/R0856bn7qg3E8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.crl rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMBgfZaDGj0YCTNFs3JY7jvX8-c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 02:13:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 428 (0x1ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5AEE, serialNumber=28C0607D96831A3D18093345B37258EE3BD7F3E7 Validity Not Before: Dec 23 02:13:48 2025 GMT Not After : Dec 30 02:13:48 2025 GMT Subject: CN=6949fadc-573e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:e1:df:ad:e4:43:d5:2a:db:8f:04:a3:ba:f7: 80:b6:41:e0:12:69:51:50:2e:36:88:71:71:be:11: e7:63:dd:32:30:e5:3c:34:45:0d:4e:b9:31:b1:ed: c6:f7:1e:71:c3:0e:72:ed:07:02:34:7b:77:46:71: 3e:18:20:ef:eb:8c:38:72:0d:68:69:79:77:c0:5d: 87:22:09:af:57:8a:a6:49:77:cd:3e:6a:a5:2c:56: 2e:e8:7d:5e:c3:4c:ec:25:25:c2:ac:63:35:76:2c: 80:0d:67:e0:96:0b:e3:41:af:11:90:e6:c9:5f:3c: ed:62:40:0c:af:fe:9b:0c:c9:4c:4b:94:9e:5d:99: a6:e1:1f:37:eb:99:69:7d:ee:04:06:9c:67:31:d4: 12:d9:8e:81:e0:ad:19:52:0f:90:c9:0e:bd:48:05: fa:f7:da:1d:69:92:97:70:90:a2:cc:ca:24:7c:82: 20:c0:14:c5:67:f4:a2:73:7e:1c:75:13:8c:79:17: 33:57:4d:d9:1a:b1:3d:17:34:fd:91:ad:4b:b4:b3: 40:fc:24:25:08:60:45:9e:60:7f:1d:ab:58:d2:d0: 54:e9:de:fe:52:da:cf:50:a5:6f:25:9d:08:50:59: 2a:2a:a0:68:e5:af:f7:26:db:5b:49:90:76:c6:55: 5c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:36:61:DA:C6:EF:2A:0B:82:47:61:3F:83:C0:31:5F:05:7D:3D:35 X509v3 Authority Key Identifier: keyid:28:C0:60:7D:96:83:1A:3D:18:09:33:45:B3:72:58:EE:3B:D7:F3:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMBgfZaDGj0YCTNFs3JY7jvX8-c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:73:07:dd:03:8f:35:5f:f3:29:5b:3a:31:c4:49:e8:7d:8e: 0b:91:3d:e9:87:0b:3f:39:fc:90:07:41:6b:63:de:17:07:65: 2f:e2:22:44:d9:75:2e:eb:31:52:4f:c1:b5:c6:59:21:29:bc: 2d:a4:48:6c:1c:61:58:de:10:3f:60:0c:32:98:99:0a:28:ea: b3:81:bb:ce:6f:1d:2a:73:07:e8:f2:3e:31:7d:92:30:55:87: bf:c0:87:92:57:6a:b4:8a:87:3c:72:8e:bc:92:92:a0:1a:8e: fc:9d:02:bf:9e:69:02:b3:a6:5b:97:03:83:66:a6:38:c9:6b: 77:b4:7f:78:4e:3e:62:98:9a:90:ed:fe:c6:68:12:e9:8a:34: 1f:8c:69:72:2e:38:ff:59:a6:2c:c7:ba:b9:14:bb:34:cd:de: ee:cc:bf:f6:03:89:fa:30:ee:1b:4d:fa:de:b0:01:94:11:37: a0:80:06:12:7d:8e:31:9f:b4:39:ed:37:8f:95:f3:cf:99:b2: 47:64:41:ea:62:fb:de:07:01:92:d5:6c:08:06:e5:fb:ec:4a: 21:3d:08:e8:f6:59:78:42:80:33:8f:17:a4:77:27:85:ec:bd: 4a:71:b1:ef:10:cc:53:db:d9:d5:ac:03:e8:fa:34:21:21:9a: b6:9d:45:d8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzVBRUUxMTAvBgNVBAUTKDI4QzA2MDdEOTY4MzFBM0QxODA5MzM0NUIzNzI1OEVF M0JEN0YzRTcwHhcNMjUxMjIzMDIxMzQ4WhcNMjUxMjMwMDIxMzQ4WjAYMRYwFAYD VQQDDA02OTQ5ZmFkYy01NzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo+HfreRD1SrbjwSjuveAtkHgEmlRUC42iHFxvhHnY90yMOU8NEUNTrkxse3G 9x5xww5y7QcCNHt3RnE+GCDv64w4cg1oaXl3wF2HIgmvV4qmSXfNPmqlLFYu6H1e w0zsJSXCrGM1diyADWfglgvjQa8RkObJXzztYkAMr/6bDMlMS5SeXZmm4R8365lp fe4EBpxnMdQS2Y6B4K0ZUg+QyQ69SAX699odaZKXcJCizMokfIIgwBTFZ/Sic34c dROMeRczV03ZGrE9FzT9ka1LtLNA/CQlCGBFnmB/HatY0tBU6d7+UtrPUKVvJZ0I UFkqKqBo5a/3JttbSZB2xlVcIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGg2YdrG 7yoLgkdhP4PAMV8FfT01MB8GA1UdIwQYMBaAFCjAYH2Wgxo9GAkzRbNyWO471/Pn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNUFFRS8zRTM5MDFGMjUy MDcxMUVFQjU3QjU4NzdDNEY5QUUwMi9LTUJnZlphREdqMFlDVE5GczNKWTdqdlg4 LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tNQmdmWmFER2owWUNUTkZzM0pZN2p2WDgtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NUFFRS8zRTM5MDFGMjUyMDcxMUVFQjU3QjU4NzdDNEY5QUUwMi9LTUJnZlphREdq MFlDVE5GczNKWTdqdlg4LWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGcwfdA481X/MpWzoxxEnofY4LkT3phws/OfyQB0FrY94XB2Uv4iJE 2XUu6zFST8G1xlkhKbwtpEhsHGFY3hA/YAwymJkKKOqzgbvObx0qcwfo8j4xfZIw VYe/wIeSV2q0ioc8co68kpKgGo78nQK/nmkCs6ZblwODZqY4yWt3tH94Tj5imJqQ 7f7GaBLpijQfjGlyLjj/WaYsx7q5FLs0zd7uzL/2A4n6MO4bTfresAGUETeggAYS fY4xn7Q57TePlfPPmbJHZEHqYvveBwGS1WwIBuX77EohPQjo9ll4QoAzjxekdyeF 7L1KcbHvEMxT29nVrAPo+jQhIZq2nUXY -----END CERTIFICATE-----Generated at Thu Dec 25 03:27:40 2025 by rpki-client