This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft File: ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft (raw, json) Hash identifier: P5yML248mIkzsHCz+nqM7SCBFmGGlJih4668ZsuryYA= Subject key identifier: BF:48:80:DB:3A:EA:86:EB:91:70:1B:FE:5E:98:EC:A3:91:65:49:2F Authority key identifier: 67:21:24:F6:33:C8:91:9C:A5:D7:66:D8:9E:9C:CF:F0:B2:1F:0C:8D Certificate issuer: /CN=A91CAA4E/serialNumber=672124F633C8919CA5D766D89E9CCFF0B21F0C8D Certificate serial: 139C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft Manifest number: 1B1C Signing time: Mon 22 Dec 2025 16:41:30 +0000 Manifest this update: Mon 22 Dec 2025 16:41:29 +0000 Manifest next update: Mon 29 Dec 2025 16:41:29 +0000 Files and hashes: 1: ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl (hash: dlE/ddt6uZxEhctD4M+IgkvK/kyC0qoUs7FwywjTQSo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 16:41:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5020 (0x139c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAA4E, serialNumber=672124F633C8919CA5D766D89E9CCFF0B21F0C8D Validity Not Before: Dec 22 16:41:29 2025 GMT Not After : Dec 29 16:41:29 2025 GMT Subject: CN=694974ba-46d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:6b:2f:51:bc:44:ee:ee:49:25:8d:75:c8:89: fd:c1:f4:b4:1f:ab:55:5a:32:49:ae:5d:26:90:4c: c7:5f:1a:84:98:14:10:9a:71:f1:ec:35:11:d1:77: d1:ac:d6:60:aa:a7:0b:35:2b:cf:44:c1:f9:f8:80: 3f:c4:41:d0:80:ad:76:db:59:3e:9b:c8:81:82:0a: 4a:1f:a3:b1:3e:d3:3b:c8:ac:1c:a6:97:80:44:2b: ba:1e:7b:32:be:d1:51:24:11:c9:1d:e9:1f:3d:24: df:f0:71:ad:d0:06:0f:06:69:be:68:e1:9e:6a:13: 94:37:ee:7f:20:08:43:26:63:77:56:4a:a2:c1:4d: 5e:8d:71:b8:a1:68:5b:0b:7e:11:52:9a:3c:3d:96: 3d:70:30:11:70:5d:29:4f:7c:3a:ba:99:e2:8b:fa: 47:a9:a8:46:bf:64:05:a0:b5:54:bf:5b:31:e8:9f: 8f:4c:14:88:76:cb:a3:3d:78:84:e0:b7:f7:b8:a8: 68:aa:32:34:b6:18:68:76:03:1e:83:3d:ca:d8:be: 74:23:1e:55:56:d5:33:2a:56:0f:02:05:cd:36:33: d0:94:d1:97:d5:f5:f2:27:9a:43:a9:64:36:fc:e4: de:74:58:34:09:1e:7f:33:b7:4e:00:78:a2:36:7b: f3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:48:80:DB:3A:EA:86:EB:91:70:1B:FE:5E:98:EC:A3:91:65:49:2F X509v3 Authority Key Identifier: keyid:67:21:24:F6:33:C8:91:9C:A5:D7:66:D8:9E:9C:CF:F0:B2:1F:0C:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:c6:bc:26:1b:81:ee:15:a0:bc:dd:25:4c:0b:35:55:38:de: 50:1e:9d:54:78:16:6d:87:88:4f:61:c8:cb:6f:21:c5:5b:b1: ee:20:e0:da:8b:43:de:22:63:86:39:e7:3f:c9:80:0d:63:3b: 69:96:99:71:9f:77:c7:fa:37:e4:3e:2a:02:17:26:58:a9:01: 64:c8:81:77:da:30:39:33:1f:a6:b7:52:49:24:a7:ae:ad:b1: 4e:e4:4b:89:d6:52:6c:cd:20:22:58:84:42:c1:bb:a5:42:41: 34:75:a5:d7:d7:c3:7b:2a:be:48:0f:e9:76:97:02:7c:32:ef: 5a:c8:28:9e:09:01:12:b0:fb:78:cc:ca:f6:9c:e5:8d:ae:9a: 27:e4:6b:40:60:b4:dd:90:4e:95:8e:ed:e2:62:58:cc:51:05: d3:3c:79:71:c0:9f:e8:07:ac:85:97:c8:d5:61:78:58:57:f5: bb:31:bf:1e:88:75:6b:e9:3c:dc:e7:da:c2:15:aa:4f:a4:f0: e1:2b:40:4a:7f:99:a4:bb:d0:bb:18:35:43:d7:d2:c7:64:26: af:6e:4e:f8:48:d9:f9:41:1b:aa:68:eb:a2:96:d4:a0:8d:f9: 3f:a6:c6:bb:ee:58:3d:45:6b:9f:a6:9b:9b:d6:76:05:1d:ad: 87:c4:2b:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FBNEUxMTAvBgNVBAUTKDY3MjEyNEY2MzNDODkxOUNBNUQ3NjZEODlFOUNDRkYw QjIxRjBDOEQwHhcNMjUxMjIyMTY0MTI5WhcNMjUxMjI5MTY0MTI5WjAYMRYwFAYD VQQDDA02OTQ5NzRiYS00NmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8GsvUbxE7u5JJY11yIn9wfS0H6tVWjJJrl0mkEzHXxqEmBQQmnHx7DUR0XfR rNZgqqcLNSvPRMH5+IA/xEHQgK1221k+m8iBggpKH6OxPtM7yKwcppeARCu6Hnsy vtFRJBHJHekfPSTf8HGt0AYPBmm+aOGeahOUN+5/IAhDJmN3VkqiwU1ejXG4oWhb C34RUpo8PZY9cDARcF0pT3w6upnii/pHqahGv2QFoLVUv1sx6J+PTBSIdsujPXiE 4Lf3uKhoqjI0thhodgMegz3K2L50Ix5VVtUzKlYPAgXNNjPQlNGX1fXyJ5pDqWQ2 /OTedFg0CR5/M7dOAHiiNnvzzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL9IgNs6 6obrkXAb/l6Y7KORZUkvMB8GA1UdIwQYMBaAFGchJPYzyJGcpddm2J6cz/CyHwyN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUE0RS81NUU5Nzk1QUE5 NEYxMUU4QUEwQzkwMEVDNEY5QUUwMi9aeUVrOWpQSWtaeWwxMmJZbnB6UDhMSWZE STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1p5RWs5alBJa1p5bDEyYllucHpQOExJZkRJMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUE0RS81NUU5Nzk1QUE5NEYxMUU4QUEwQzkwMEVDNEY5QUUwMi9aeUVrOWpQSWta eWwxMmJZbnB6UDhMSWZESTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAUxrwmG4HuFaC83SVMCzVVON5QHp1UeBZth4hPYcjLbyHFW7HuIODa i0PeImOGOec/yYANYztplplxn3fH+jfkPioCFyZYqQFkyIF32jA5Mx+mt1JJJKeu rbFO5EuJ1lJszSAiWIRCwbulQkE0daXX18N7Kr5ID+l2lwJ8Mu9ayCieCQESsPt4 zMr2nOWNrpon5GtAYLTdkE6Vju3iYljMUQXTPHlxwJ/oB6yFl8jVYXhYV/W7Mb8e iHVr6Tzc59rCFapPpPDhK0BKf5mku9C7GDVD19LHZCavbk74SNn5QRuqaOuiltSg jfk/psa77lg9RWufppub1nYFHa2HxCvB -----END CERTIFICATE-----Generated at Wed Dec 24 14:46:01 2025 by rpki-client