This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft File: 3IDIXlEBCJqyQl0_yRd5haASXG4.mft (raw, json) Hash identifier: eYmfRBZgQ0uXVFNCi5iG2dTgaT3qIAOTeFe9DrXsJLE= Subject key identifier: BF:4E:31:3C:AE:60:5C:B0:1C:58:CE:34:8A:98:5C:A5:91:00:A0:CA Authority key identifier: DC:80:C8:5E:51:01:08:9A:B2:42:5D:3F:C9:17:79:85:A0:12:5C:6E Certificate issuer: /CN=A91D74A6/serialNumber=DC80C85E5101089AB2425D3FC9177985A0125C6E Certificate serial: C2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft Manifest number: BA Signing time: Fri 19 Dec 2025 05:14:00 +0000 Manifest this update: Fri 19 Dec 2025 05:14:00 +0000 Manifest next update: Fri 26 Dec 2025 05:14:00 +0000 Files and hashes: 1: 3IDIXlEBCJqyQl0_yRd5haASXG4.crl (hash: Y3gZB5WzVX1VwDDI++qC6z5/8O6CybM3Bo8YoCorOac=) 2: 727850D8D3EF11EFB596E00CC4F9AE02.roa (hash: hvte1LGzH8lQs5HlVIeT4otbezAzwXIr7d7vqIECmd8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.crl rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 05:13:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 194 (0xc2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D74A6, serialNumber=DC80C85E5101089AB2425D3FC9177985A0125C6E Validity Not Before: Dec 19 05:14:00 2025 GMT Not After : Dec 26 05:14:00 2025 GMT Subject: CN=6944df18-d604 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:cf:c2:03:08:d2:6f:e2:4b:a2:7f:4f:e6:a2: 2c:93:cf:28:b0:1a:f6:41:66:7b:f2:97:95:3f:bd: 6e:a8:2a:d4:68:77:dc:76:57:0d:ef:f0:dd:ed:f5: f4:52:3f:f5:af:82:79:70:e8:46:03:28:c8:7e:69: 65:80:02:49:79:45:e1:e6:e2:9d:59:fe:a4:5e:6e: b9:14:b1:d3:df:61:7c:bd:39:19:1d:e0:1b:94:25: 71:b5:fa:61:a0:3a:b9:92:8a:29:49:6c:a2:8b:10: 5a:c0:93:5f:6c:11:c8:46:84:0f:bb:76:4a:94:03: c5:50:a9:f2:e1:ca:3a:6f:ea:4a:01:4d:e6:02:3b: e8:50:cd:ea:b9:ca:77:17:53:12:42:5e:86:ce:18: 84:67:a9:98:2f:8f:52:08:a5:76:35:1a:bd:fd:9a: 74:97:b4:e8:73:1b:c6:82:5d:d0:95:0d:33:0d:fa: 22:f6:6c:b2:46:7c:51:fb:68:f7:f9:bf:49:94:f9: 2e:8d:d3:91:2d:d4:68:3d:34:b4:81:03:b7:cf:9e: 54:f9:c6:c5:06:c2:83:be:e7:7e:52:55:ef:a7:dc: 01:4f:f1:b5:a8:6e:53:15:9d:8b:fc:9a:c0:a0:32: c1:bd:d0:c2:44:16:cd:ad:bb:04:f5:83:1d:da:67: c2:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:4E:31:3C:AE:60:5C:B0:1C:58:CE:34:8A:98:5C:A5:91:00:A0:CA X509v3 Authority Key Identifier: keyid:DC:80:C8:5E:51:01:08:9A:B2:42:5D:3F:C9:17:79:85:A0:12:5C:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:c7:56:16:77:22:c4:60:f7:4c:88:5b:1a:17:f9:36:58:36: c5:2d:64:89:91:0b:1a:8c:5f:90:cf:52:75:9e:63:62:45:de: 8e:57:a2:f9:eb:b4:1c:02:83:e4:9f:b6:91:c7:ea:49:23:00: 7f:32:50:79:2e:9f:32:09:cb:21:93:0f:aa:c4:9a:67:96:a9: 35:0e:f1:97:c4:c8:ef:28:c6:e3:7f:57:e3:50:40:bf:f9:ea: 83:c4:63:08:b4:c2:ee:a0:ee:1a:84:ab:46:cc:5c:45:fa:ea: 0c:41:52:b5:72:cc:22:98:07:08:8d:7a:de:52:6b:e0:dd:e5: 67:30:10:61:78:58:37:e9:aa:f9:da:d3:66:c0:bc:74:63:12: 42:a5:13:a8:e5:be:57:c8:d2:30:c4:9d:18:ec:05:71:51:6b: 81:11:6d:2e:e6:e5:d2:55:73:be:49:f3:16:fa:31:2d:e8:ab: b2:85:6f:bf:1e:db:89:bc:e3:9b:12:bf:21:18:56:34:8e:89: 98:43:04:1c:88:0c:c1:74:c4:61:fa:d7:40:33:e0:09:13:0a: a9:21:69:88:4f:e5:52:4b:2e:41:3a:55:a1:86:dd:24:e0:78: c6:02:c6:21:d4:1e:cd:34:3b:66:12:e0:18:b5:ec:74:37:45: c1:da:25:4c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDc0QTYxMTAvBgNVBAUTKERDODBDODVFNTEwMTA4OUFCMjQyNUQzRkM5MTc3OTg1 QTAxMjVDNkUwHhcNMjUxMjE5MDUxNDAwWhcNMjUxMjI2MDUxNDAwWjAYMRYwFAYD VQQDDA02OTQ0ZGYxOC1kNjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAi8/CAwjSb+JLon9P5qIsk88osBr2QWZ78peVP71uqCrUaHfcdlcN7/Dd7fX0 Uj/1r4J5cOhGAyjIfmllgAJJeUXh5uKdWf6kXm65FLHT32F8vTkZHeAblCVxtfph oDq5koopSWyiixBawJNfbBHIRoQPu3ZKlAPFUKny4co6b+pKAU3mAjvoUM3qucp3 F1MSQl6GzhiEZ6mYL49SCKV2NRq9/Zp0l7TocxvGgl3QlQ0zDfoi9myyRnxR+2j3 +b9JlPkujdORLdRoPTS0gQO3z55U+cbFBsKDvud+UlXvp9wBT/G1qG5TFZ2L/JrA oDLBvdDCRBbNrbsE9YMd2mfCXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL9OMTyu YFywHFjONIqYXKWRAKDKMB8GA1UdIwQYMBaAFNyAyF5RAQiaskJdP8kXeYWgElxu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENzRBNi83MTcxQkJGMkQx OUMxMUVGODNDRUFEM0NDNEY5QUUwMi8zSURJWGxFQkNKcXlRbDBfeVJkNWhhQVNY RzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNJRElYbEVCQ0pxeVFsMF95UmQ1aGFBU1hHNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NzRBNi83MTcxQkJGMkQxOUMxMUVGODNDRUFEM0NDNEY5QUUwMi8zSURJWGxFQkNK cXlRbDBfeVJkNWhhQVNYRzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBax1YWdyLEYPdMiFsaF/k2WDbFLWSJkQsajF+Qz1J1nmNiRd6OV6L5 67QcAoPkn7aRx+pJIwB/MlB5Lp8yCcshkw+qxJpnlqk1DvGXxMjvKMbjf1fjUEC/ +eqDxGMItMLuoO4ahKtGzFxF+uoMQVK1cswimAcIjXreUmvg3eVnMBBheFg36ar5 2tNmwLx0YxJCpROo5b5XyNIwxJ0Y7AVxUWuBEW0u5uXSVXO+SfMW+jEt6KuyhW+/ HtuJvOObEr8hGFY0jomYQwQciAzBdMRh+tdAM+AJEwqpIWmIT+VSSy5BOlWhht0k 4HjGAsYh1B7NNDtmEuAYtex0N0XB2iVM -----END CERTIFICATE-----Generated at Sat Dec 20 00:55:03 2025 by rpki-client