This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft File: BUM8OuqKSXAsmoLuyV0WtVA86mA.mft (raw, json) Hash identifier: vzHR1f+Rf/OQZ6cBdhCXb7bEP3YmTB6qXJ+xOwlt7/k= Subject key identifier: 19:4C:58:B0:44:F3:71:7B:33:D4:0A:39:43:71:0D:A7:08:94:ED:06 Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Certificate serial: 0DBA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft Manifest number: 0D98 Signing time: Thu 18 Dec 2025 17:43:35 +0000 Manifest this update: Thu 18 Dec 2025 17:43:35 +0000 Manifest next update: Thu 25 Dec 2025 17:43:35 +0000 Files and hashes: 1: BUM8OuqKSXAsmoLuyV0WtVA86mA.crl (hash: 9Xbqg0DyKB69hTfARX5m89pQ0teDyslT5U7vgLztVHk=) 2: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (hash: BThAKf2icEZsZqpXgnFl9VpqvpRKYGs7e0515Blb0yw=) 3: E6F0F39214CE11EA9E740182C4F9AE02.roa (hash: zpETj3vTU+4JGJFNH2bJangxDJpoV//my0UXRjaLeMk=) 4: 1F4E1CC014D311EA81309110C4F9AE02.roa (hash: zPumQuSa3V5Do5kU4HAy8QEzfyGrDVZPMvaKh+jhJxk=) 5: 83ECD7C40CCA11ED97820077C4F9AE02.roa (hash: tsWCAJh3hDUuF0jt3mDhnNo48pJ1cTxWnbkE+ZQXBxw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 17:43:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3514 (0xdba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0, serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Validity Not Before: Dec 18 17:43:35 2025 GMT Not After : Dec 25 17:43:35 2025 GMT Subject: CN=69443d47-081a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:8d:ad:2d:d0:4f:64:84:85:e6:77:5d:14:5f: b8:32:df:6b:4e:87:6a:31:1d:56:fc:e9:7d:bb:16: 4a:df:d6:74:d0:a3:3d:87:5a:aa:ce:f4:7d:de:e2: e5:f5:e5:37:85:13:7a:8a:75:25:62:37:b6:d6:4a: 83:34:72:d5:89:c0:af:1a:42:98:0e:2e:01:1a:6e: e1:06:c2:9e:f0:49:5f:25:88:de:ec:44:c2:a0:a1: 9d:95:57:c1:77:05:54:4a:7b:39:9d:27:fc:98:af: 1d:17:8c:ef:f8:58:03:6d:40:6a:77:8a:55:36:3b: 1f:cf:11:59:9d:94:43:ec:5f:df:49:16:fd:5c:92: ad:ac:a0:06:aa:b1:34:ec:26:d7:4c:6c:7f:71:d5: 8d:52:c7:f8:4b:bb:0d:40:8b:75:a5:c2:ee:81:23: 09:2d:bd:74:88:be:a2:4c:c9:ad:5b:d2:f2:f2:c5: e9:f0:98:e7:97:de:34:fd:16:82:52:be:2a:0e:02: aa:36:37:78:b7:47:bf:f5:79:45:67:d2:df:e5:11: 7c:0f:8c:66:f7:01:3e:5f:5c:cc:47:08:93:1e:6c: 1d:f0:b3:bc:5a:e8:5d:19:7b:23:31:d9:16:f1:25: 54:7c:8d:40:9d:8a:b4:96:0d:d1:5c:e7:43:d8:b8: 1b:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:4C:58:B0:44:F3:71:7B:33:D4:0A:39:43:71:0D:A7:08:94:ED:06 X509v3 Authority Key Identifier: keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:0c:f0:98:2b:53:10:43:db:6c:d8:b0:96:36:df:89:40:e9: 69:2d:16:eb:ed:5f:c5:a0:46:db:9f:60:eb:fe:3e:7e:57:ef: 93:ae:6c:66:ce:55:10:89:ee:aa:59:e7:4a:53:9b:87:45:17: e3:2f:0d:ee:a3:22:19:4a:76:5a:c1:7a:bb:58:ef:98:99:36: b4:d4:cf:89:33:45:c3:8a:60:5b:39:1f:81:de:32:e5:20:24: 6a:8b:17:38:fc:7f:33:5d:b3:b3:49:e8:bd:de:89:6a:35:03: 5a:0f:b8:a9:77:89:75:4a:ec:f0:52:a7:56:8e:77:f2:88:db: cf:06:5f:8a:28:8c:6a:02:f6:57:e3:11:fe:fa:e0:19:27:71: 1b:0f:9a:8c:86:4c:ae:70:bd:e6:c9:8f:cf:81:18:57:53:fd: 15:62:eb:3e:df:2e:4d:07:b0:0e:7e:5d:fd:ae:ff:ab:ec:e0: 7a:28:16:b6:aa:6d:b3:77:7d:0c:f2:ed:87:38:92:1d:5d:1b: ce:64:79:22:b2:46:62:22:6c:1a:ee:e3:f8:bc:f9:10:03:32: 24:3f:03:31:d0:18:b0:da:23:f1:b4:63:bc:70:4f:87:70:80: 00:cd:7d:d9:88:3f:c7:8c:1d:f9:e4:19:03:e5:12:91:a0:fe: 8c:b9:f7:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1 NTAzQ0VBNjAwHhcNMjUxMjE4MTc0MzM1WhcNMjUxMjI1MTc0MzM1WjAYMRYwFAYD VQQDDA02OTQ0M2Q0Ny0wODFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr42tLdBPZISF5nddFF+4Mt9rTodqMR1W/Ol9uxZK39Z00KM9h1qqzvR93uLl 9eU3hRN6inUlYje21kqDNHLVicCvGkKYDi4BGm7hBsKe8ElfJYje7ETCoKGdlVfB dwVUSns5nSf8mK8dF4zv+FgDbUBqd4pVNjsfzxFZnZRD7F/fSRb9XJKtrKAGqrE0 7CbXTGx/cdWNUsf4S7sNQIt1pcLugSMJLb10iL6iTMmtW9Ly8sXp8Jjnl940/RaC Ur4qDgKqNjd4t0e/9XlFZ9Lf5RF8D4xm9wE+X1zMRwiTHmwd8LO8WuhdGXsjMdkW 8SVUfI1AnYq0lg3RXOdD2Lgb7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBlMWLBE 83F7M9QKOUNxDacIlO0GMB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2 bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZBMC8xNTBCRjY5MEQ4Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NY QXNtb0x1eVYwV3RWQTg2bUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHDPCYK1MQQ9ts2LCWNt+JQOlpLRbr7V/FoEbbn2Dr/j5+V++Trmxm zlUQie6qWedKU5uHRRfjLw3uoyIZSnZawXq7WO+YmTa01M+JM0XDimBbOR+B3jLl ICRqixc4/H8zXbOzSei93olqNQNaD7ipd4l1SuzwUqdWjnfyiNvPBl+KKIxqAvZX 4xH++uAZJ3EbD5qMhkyucL3myY/PgRhXU/0VYus+3y5NB7AOfl39rv+r7OB6KBa2 qm2zd30M8u2HOJIdXRvOZHkiskZiImwa7uP4vPkQAzIkPwMx0Biw2iPxtGO8cE+H cIAAzX3ZiD/HjB355BkD5RKRoP6Mufd5 -----END CERTIFICATE-----Generated at Sat Dec 20 00:56:19 2025 by rpki-client