This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: z7QdN1aVKAVjqzsLlXlcgzvFF3u9nymBV6O0WR3v5Bs= Subject key identifier: 1B:F6:92:04:99:0D:62:E6:94:3E:06:F1:6A:DF:13:8E:E0:8C:D7:6B Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 72 Signing time: Thu 25 Dec 2025 05:50:12 +0000 Manifest this update: Thu 25 Dec 2025 05:50:12 +0000 Manifest next update: Thu 01 Jan 2026 05:50:12 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: l+YVgneQVymUtaxZh+eN4gakesxTvHeZdCMlAzBOVGs=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: GbT2Xq8LMseiodZFptbEkKwR2JJrCaZJBMK5VYRS9TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 Jan 2026 05:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 117 (0x75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Dec 25 05:50:12 2025 GMT Not After : Jan 1 05:50:12 2026 GMT Subject: CN=694cd094-bf51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:04:f6:f5:2a:a8:ca:1b:0a:3f:92:61:46:1e: 84:31:af:31:09:13:53:10:a6:14:f7:d2:e6:d0:a0: 6c:22:88:1b:d7:16:99:21:00:14:45:73:8a:19:34: 60:93:c1:5a:9a:57:30:37:d7:bc:10:43:fe:63:ae: 7b:6e:e6:3a:c1:18:fa:e6:0b:e9:d3:3d:14:d0:ed: e1:90:6f:9d:04:3a:ec:da:c1:2f:bf:49:43:c0:47: f6:cb:46:d1:cf:7f:25:04:fc:29:36:3b:39:59:63: 36:6f:26:90:6c:f2:58:d1:f8:c9:c1:0e:5a:28:e0: 74:fc:a6:b2:69:40:b2:37:d7:1b:86:bd:ab:f1:77: a6:43:4c:b4:57:ad:87:62:90:d2:38:c8:bb:7e:87: b2:41:9c:19:5e:89:b1:1a:39:bb:35:0c:7e:13:8a: 86:ee:26:e9:da:65:7d:1d:0f:3c:ab:31:1c:81:f6: b1:70:65:64:36:be:42:b7:86:2e:79:53:11:15:6a: 45:4d:94:39:e3:c1:2d:d4:06:83:fa:35:54:63:8c: cd:4d:f5:4b:36:22:3d:67:36:1a:1b:0e:84:33:01: d2:5f:77:d4:d1:9b:02:ff:64:05:89:5b:5d:28:cb: 57:f8:b2:1b:50:aa:1a:b1:b9:5c:9d:7f:9f:fc:06: 12:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:F6:92:04:99:0D:62:E6:94:3E:06:F1:6A:DF:13:8E:E0:8C:D7:6B X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:30:49:65:df:a8:f5:b0:92:97:fc:b3:a6:68:ad:4b:74:f2: e3:42:c2:eb:3c:d1:be:56:0e:d3:24:19:f7:e6:22:54:cf:3f: 85:ef:d7:29:6e:23:ad:18:39:23:f1:52:c2:d1:b4:5e:06:95: 8d:59:3f:2f:38:42:e1:e5:8d:10:14:f3:31:cb:95:24:0c:07: bc:ca:25:8b:59:39:44:74:16:07:be:16:7c:09:b8:7a:3f:cb: 8b:da:e9:d2:ed:67:fa:69:55:3c:37:b7:53:2a:c7:d2:38:a6: 08:d6:ef:b7:52:1e:e6:33:8e:26:29:1c:0b:cf:59:db:1e:43: ab:00:b2:92:20:95:58:97:0d:b5:6a:d7:49:6e:f7:ee:4b:65: 2b:cb:09:4f:dc:d2:c9:b4:bd:a4:d7:46:2d:00:66:79:56:7d: 38:67:b8:c4:a0:be:ed:09:33:9d:08:f2:0c:12:b8:48:7b:63: f7:c1:1f:2e:ab:cd:fc:9c:f5:9e:71:c9:d9:cb:8a:4a:1e:53: 56:0c:f5:55:71:ae:19:3d:9c:b2:5f:a3:39:a9:fd:a3:fb:c1: 6e:5d:f4:5c:c8:e6:d6:94:e4:58:ab:08:21:48:11:77:2c:35: d2:77:ec:9e:df:f6:d0:be:10:f7:9f:b1:a9:61:9d:cb:db:b3: 1c:41:86:2d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTEyMjUwNTUwMTJaFw0yNjAxMDEwNTUwMTJaMBgxFjAUBgNV BAMMDTY5NGNkMDk0LWJmNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxBPb1KqjKGwo/kmFGHoQxrzEJE1MQphT30ubQoGwiiBvXFpkhABRFc4oZNGCT wVqaVzA317wQQ/5jrntu5jrBGPrmC+nTPRTQ7eGQb50EOuzawS+/SUPAR/bLRtHP fyUE/Ck2OzlZYzZvJpBs8ljR+MnBDloo4HT8prJpQLI31xuGvavxd6ZDTLRXrYdi kNI4yLt+h7JBnBleibEaObs1DH4TiobuJunaZX0dDzyrMRyB9rFwZWQ2vkK3hi55 UxEVakVNlDnjwS3UBoP6NVRjjM1N9Us2Ij1nNhobDoQzAdJfd9TRmwL/ZAWJW10o y1f4shtQqhqxuVydf5/8BhIbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUG/aSBJkN YuaUPgbxat8TjuCM12swHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACAwSWXfqPWwkpf8s6ZorUt08uNCwus80b5WDtMkGffmIlTPP4Xv1ylu I60YOSPxUsLRtF4GlY1ZPy84QuHljRAU8zHLlSQMB7zKJYtZOUR0Fge+FnwJuHo/ y4va6dLtZ/ppVTw3t1Mqx9I4pgjW77dSHuYzjiYpHAvPWdseQ6sAspIglViXDbVq 10lu9+5LZSvLCU/c0sm0vaTXRi0AZnlWfThnuMSgvu0JM50I8gwSuEh7Y/fBHy6r zfyc9Z5xydnLikoeU1YM9VVxrhk9nLJfozmp/aP7wW5d9FzI5taU5FirCCFIEXcs NdJ37J7f9tC+EPefsalhncvbsxxBhi0= -----END CERTIFICATE-----Generated at Thu Dec 25 09:16:24 2025 by rpki-client