This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft File: X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft (raw, json) Hash identifier: gVr9v3VRIg14D8Sd0grAY7yvXA4SpC9tWQ7IKyFyaJc= Subject key identifier: 2E:68:8C:D3:71:D4:4C:42:45:EB:F4:82:72:7C:35:A9:7F:C0:59:79 Authority key identifier: 5F:8A:F3:59:73:FD:4F:A5:63:F3:3B:73:76:53:46:82:10:7B:C8:F9 Certificate issuer: /CN=A91CE285/serialNumber=5F8AF35973FD4FA563F33B7376534682107BC8F9 Certificate serial: 0A24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft Manifest number: 0A1D Signing time: Mon 22 Dec 2025 19:13:04 +0000 Manifest this update: Mon 22 Dec 2025 19:13:04 +0000 Manifest next update: Mon 29 Dec 2025 19:13:04 +0000 Files and hashes: 1: X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl (hash: J2BOHxCx1ys9fKYQrNGAh6+tJsk3w4wmtm9Wb+JkRa8=) 2: E5C4974689CF11EAA39AF441C4F9AE02.roa (hash: S/+GQ9LaNR6oJzl2BIn9qWcVDZWjqUHkpie5l4NiGuc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 19:13:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2596 (0xa24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE285, serialNumber=5F8AF35973FD4FA563F33B7376534682107BC8F9 Validity Not Before: Dec 22 19:13:04 2025 GMT Not After : Dec 29 19:13:04 2025 GMT Subject: CN=69499840-d9a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:22:e7:6c:7d:01:49:fa:0e:29:74:d4:b9:12: 2e:80:75:86:b2:7b:8d:c2:65:37:6c:16:0e:70:6e: 8e:47:ba:e2:94:43:1f:4f:77:18:7b:f7:84:b5:45: 49:47:00:0b:a9:19:c5:18:dc:cb:94:de:3e:34:8e: 36:fd:64:6e:1e:52:34:7b:1e:b7:8e:ab:9b:0d:dc: bc:fc:33:fc:9c:bb:87:ec:ad:59:d6:ed:ab:c1:67: 2b:f8:d2:be:09:10:c7:50:69:94:ee:45:b5:39:bc: cf:80:5c:ab:d1:18:ab:40:6b:ad:5b:ca:4a:02:83: 74:a0:8a:46:ba:37:fe:4d:1a:f0:4e:b4:d0:1a:02: dd:aa:5d:36:7c:28:07:b7:cd:8b:28:97:67:68:d0: ff:de:8d:4c:31:73:45:5e:a3:6d:15:9e:6b:a8:12: f2:55:31:73:b2:68:7a:22:b5:82:d7:e6:f5:46:89: b6:31:bf:5b:91:ed:fc:73:67:d4:f9:26:21:73:a1: c9:0f:b4:33:00:a3:60:51:ba:af:b4:5a:58:68:c2: 4c:a9:2a:58:68:8c:7d:35:5f:e5:71:f4:03:80:30: d8:af:67:fc:dc:87:37:28:44:94:fa:6a:7b:12:00: e3:5b:d4:55:c0:e8:32:79:dc:00:1e:80:34:48:38: 65:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:68:8C:D3:71:D4:4C:42:45:EB:F4:82:72:7C:35:A9:7F:C0:59:79 X509v3 Authority Key Identifier: keyid:5F:8A:F3:59:73:FD:4F:A5:63:F3:3B:73:76:53:46:82:10:7B:C8:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:0e:61:41:89:2d:6e:f5:4b:47:24:b7:4d:0a:fd:1e:ea:89: f8:03:5a:2b:c9:c1:e0:e4:27:30:6e:49:dd:f0:e8:f0:88:ac: 7e:b8:f2:df:62:9d:81:7c:00:8f:3f:29:aa:7f:d3:f3:fe:49: 58:f4:c2:96:99:ff:a7:b7:5f:2f:0c:e4:5f:07:40:53:7e:71: 3b:b6:6d:74:8d:c4:75:ab:27:c5:8c:e7:b0:37:36:a9:3c:59: 45:81:ad:58:d8:c9:fb:3d:95:46:f0:f0:01:0f:08:57:f4:3d: 4f:13:ac:52:47:2e:1a:55:5d:cd:c3:39:b0:52:5b:8c:33:77: 8d:87:b4:eb:71:5e:f1:2c:b2:2c:11:b9:4c:b3:1f:c3:a0:dc: 0c:d4:75:58:e1:21:1a:4b:52:5e:d3:86:8e:b8:36:c4:8d:7c: d5:2b:22:82:23:27:40:b9:da:e8:e5:53:6d:fe:2a:b4:75:eb: b6:6e:b2:b3:b8:1b:46:ba:a0:78:53:6b:7d:c1:6e:b5:5c:b6: 83:4a:a7:4e:b9:29:c7:33:04:da:28:82:50:a1:7f:bc:7d:e2: 0c:3e:e2:cd:90:7c:01:eb:35:46:30:4f:6d:12:48:cc:d5:57: d3:36:33:12:de:9e:0a:31:80:db:aa:31:31:d1:35:80:d7:28: 7e:ed:da:50 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0UyODUxMTAvBgNVBAUTKDVGOEFGMzU5NzNGRDRGQTU2M0YzM0I3Mzc2NTM0Njgy MTA3QkM4RjkwHhcNMjUxMjIyMTkxMzA0WhcNMjUxMjI5MTkxMzA0WjAYMRYwFAYD VQQDDA02OTQ5OTg0MC1kOWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsiLnbH0BSfoOKXTUuRIugHWGsnuNwmU3bBYOcG6OR7rilEMfT3cYe/eEtUVJ RwALqRnFGNzLlN4+NI42/WRuHlI0ex63jqubDdy8/DP8nLuH7K1Z1u2rwWcr+NK+ CRDHUGmU7kW1ObzPgFyr0RirQGutW8pKAoN0oIpGujf+TRrwTrTQGgLdql02fCgH t82LKJdnaND/3o1MMXNFXqNtFZ5rqBLyVTFzsmh6IrWC1+b1Rom2Mb9bke38c2fU +SYhc6HJD7QzAKNgUbqvtFpYaMJMqSpYaIx9NV/lcfQDgDDYr2f83Ic3KESU+mp7 EgDjW9RVwOgyedwAHoA0SDhlVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC5ojNNx 1ExCRev0gnJ8Nal/wFl5MB8GA1UdIwQYMBaAFF+K81lz/U+lY/M7c3ZTRoIQe8j5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTI4NS81RTE2NDhCNjg0 QkMxMUVBQTUyNjIyNjNDNEY5QUUwMi9YNHJ6V1hQOVQ2Vmo4enR6ZGxOR2doQjd5 UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g0cnpXWFA5VDZWajh6dHpkbE5HZ2hCN3lQay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTI4NS81RTE2NDhCNjg0QkMxMUVBQTUyNjIyNjNDNEY5QUUwMi9YNHJ6V1hQOVQ2 Vmo4enR6ZGxOR2doQjd5UGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3DmFBiS1u9UtHJLdNCv0e6on4A1orycHg5Ccwbknd8OjwiKx+uPLf Yp2BfACPPymqf9Pz/klY9MKWmf+nt18vDORfB0BTfnE7tm10jcR1qyfFjOewNzap PFlFga1Y2Mn7PZVG8PABDwhX9D1PE6xSRy4aVV3NwzmwUluMM3eNh7TrcV7xLLIs EblMsx/DoNwM1HVY4SEaS1Je04aOuDbEjXzVKyKCIydAudro5VNt/iq0deu2brKz uBtGuqB4U2t9wW61XLaDSqdOuSnHMwTaKIJQoX+8feIMPuLNkHwB6zVGME9tEkjM 1VfTNjMS3p4KMYDbqjEx0TWA1yh+7dpQ -----END CERTIFICATE-----Generated at Wed Dec 24 11:05:40 2025 by rpki-client