This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft File: tkP-swMnQhSPOvnDU5M41VSTcig.mft (raw, json) Hash identifier: f++Qjfq5fLTUKJfZUVQBGhiIRgNrymFUGzHpMrUl3KI= Subject key identifier: 64:CB:C3:01:C3:13:92:2D:0F:6A:47:66:F9:97:50:3F:FE:66:62:6A Authority key identifier: B6:43:FE:B3:03:27:42:14:8F:3A:F9:C3:53:93:38:D5:54:93:72:28 Certificate issuer: /CN=A91CD0DE/serialNumber=B643FEB3032742148F3AF9C3539338D554937228 Certificate serial: 28 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft Manifest number: 27 Signing time: Mon 29 Dec 2025 06:38:57 +0000 Manifest this update: Mon 29 Dec 2025 06:38:56 +0000 Manifest next update: Mon 05 Jan 2026 06:38:56 +0000 Files and hashes: 1: tkP-swMnQhSPOvnDU5M41VSTcig.crl (hash: 8bt1MbhK8uL9PrRgkC5jJgScdjorp7ONg34bbvMltfs=) 2: 341BBBECA99411F093BBAA15C4F9AE02.roa (hash: TNOMyUTzIQDmtZMNg4RAepXI8EHziIAFioU9/cJC+ek=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.crl rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 Jan 2026 06:38:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD0DE, serialNumber=B643FEB3032742148F3AF9C3539338D554937228 Validity Not Before: Dec 29 06:38:56 2025 GMT Not After : Jan 5 06:38:56 2026 GMT Subject: CN=69522200-87e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:b2:aa:d4:35:21:65:3a:36:bd:e9:0e:35:df: 7f:31:2c:20:3d:01:64:1d:0d:2f:35:31:8b:a3:7f: 05:87:d9:3b:23:64:9d:88:fe:15:3b:a7:5e:f8:98: 42:e1:0a:07:da:1b:f6:67:47:12:e9:6d:36:21:f5: bc:a1:85:ab:41:ad:43:fc:70:96:22:d8:7d:ac:d0: 46:72:de:ee:90:83:49:98:0f:3f:0a:d9:28:8b:8c: df:72:d2:3f:c0:88:7e:c9:6d:32:1a:4c:02:18:3d: 66:0e:f8:04:6f:b0:3e:cc:28:d1:06:15:60:5a:cc: 4b:a1:cc:6b:c3:95:2f:80:bc:07:95:8c:5b:79:ca: 4f:7e:bd:9d:ce:38:b9:8c:f3:9d:3a:28:c0:6e:30: a4:b7:e4:b4:00:62:fd:3d:21:07:c9:ab:0d:f8:4c: a0:4d:9e:4f:80:8d:48:d5:3e:8d:67:99:62:a9:63: 36:2e:ce:dd:27:00:df:69:dc:a0:f3:35:62:90:01: 34:db:1a:da:c5:23:0b:4d:05:59:ff:4f:91:99:de: b5:73:fe:fc:99:da:7d:99:28:44:bd:ae:6f:12:f3: 6c:3d:49:45:25:14:2b:b3:34:c7:85:a7:2f:95:ad: 5d:96:10:40:76:63:aa:1d:1b:50:56:00:bf:60:42: 75:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:CB:C3:01:C3:13:92:2D:0F:6A:47:66:F9:97:50:3F:FE:66:62:6A X509v3 Authority Key Identifier: keyid:B6:43:FE:B3:03:27:42:14:8F:3A:F9:C3:53:93:38:D5:54:93:72:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:49:cd:95:d1:86:01:4b:9f:51:63:bd:d5:23:b2:b3:8f:c7: 4c:33:f7:a5:2b:18:f7:74:15:4c:ec:8a:07:ea:6c:63:27:ea: c9:11:73:fd:8a:05:0c:de:cb:8f:dd:bf:fa:a1:49:bf:17:89: 8d:14:00:9c:f2:b5:cc:b9:00:65:81:3f:ad:f2:e1:6b:d3:68: fc:f2:26:3b:a7:e4:eb:c7:09:bd:b5:22:e4:5c:ee:98:98:70: f2:85:2d:3a:83:3f:2c:22:26:bf:5d:85:61:fa:e4:61:56:d6: 48:60:81:3f:9b:39:9c:9b:f0:02:5b:50:28:66:43:f8:8c:26: 17:cd:84:34:9a:06:5e:9c:7b:d4:0b:9c:5e:6d:0b:54:09:64: b2:e3:e4:d4:3e:3f:cd:50:bb:19:e5:34:4a:29:9e:74:60:07: 70:9d:d5:33:80:bf:f7:66:d7:0d:92:7c:e0:b2:9f:23:39:2e: f0:c7:87:1b:a7:69:72:be:ea:b6:a5:22:2e:d0:00:20:35:3c: d2:a4:27:c1:de:63:28:cf:78:de:ed:5f:77:aa:75:1b:f0:cc: 53:14:42:6e:04:75:23:f8:09:74:a7:c9:05:90:ae:44:a2:f9: 0c:3d:f0:24:6e:58:8e:4a:3e:cd:55:99:fb:18:be:d8:c2:0c: 5d:66:fb:43 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDBERTExMC8GA1UEBRMoQjY0M0ZFQjMwMzI3NDIxNDhGM0FGOUMzNTM5MzM4RDU1 NDkzNzIyODAeFw0yNTEyMjkwNjM4NTZaFw0yNjAxMDUwNjM4NTZaMBgxFjAUBgNV BAMMDTY5NTIyMjAwLTg3ZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDdsqrUNSFlOja96Q41338xLCA9AWQdDS81MYujfwWH2TsjZJ2I/hU7p174mELh CgfaG/ZnRxLpbTYh9byhhatBrUP8cJYi2H2s0EZy3u6Qg0mYDz8K2SiLjN9y0j/A iH7JbTIaTAIYPWYO+ARvsD7MKNEGFWBazEuhzGvDlS+AvAeVjFt5yk9+vZ3OOLmM 8506KMBuMKS35LQAYv09IQfJqw34TKBNnk+AjUjVPo1nmWKpYzYuzt0nAN9p3KDz NWKQATTbGtrFIwtNBVn/T5GZ3rVz/vyZ2n2ZKES9rm8S82w9SUUlFCuzNMeFpy+V rV2WEEB2Y6odG1BWAL9gQnWdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZMvDAcMT ki0Pakdm+ZdQP/5mYmowHwYDVR0jBBgwFoAUtkP+swMnQhSPOvnDU5M41VSTcigw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMERFLzRGNzY5RDU4QTk4 RjExRjBCMUZBNTA2NkM0RjlBRTAyL3RrUC1zd01uUWhTUE92bkRVNU00MVZTVGNp Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdGtQLXN3TW5RaFNQT3ZuRFU1TTQxVlNUY2lnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNE MERFLzRGNzY5RDU4QTk4RjExRjBCMUZBNTA2NkM0RjlBRTAyL3RrUC1zd01uUWhT UE92bkRVNU00MVZTVGNpZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAH9JzZXRhgFLn1FjvdUjsrOPx0wz96UrGPd0FUzsigfqbGMn6skRc/2K BQzey4/dv/qhSb8XiY0UAJzytcy5AGWBP63y4WvTaPzyJjun5OvHCb21IuRc7piY cPKFLTqDPywiJr9dhWH65GFW1khggT+bOZyb8AJbUChmQ/iMJhfNhDSaBl6ce9QL nF5tC1QJZLLj5NQ+P81QuxnlNEopnnRgB3Cd1TOAv/dm1w2SfOCynyM5LvDHhxun aXK+6ralIi7QACA1PNKkJ8HeYyjPeN7tX3eqdRvwzFMUQm4EdSP4CXSnyQWQrkSi +Qw98CRuWI5KPs1VmfsYvtjCDF1m+0M= -----END CERTIFICATE-----Generated at Mon Dec 29 17:02:49 2025 by rpki-client