This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft File: 4Y0K0YMT4gIg3qG4cW37310JzPg.mft (raw, json) Hash identifier: DYVjCqOvN8JMqunmb3SSKAW9rUfC4wL6FqgOf822qbQ= Subject key identifier: 71:BA:84:06:A2:74:49:17:51:2E:67:DA:D2:71:B1:B3:0E:C2:48:DA Authority key identifier: E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 Certificate issuer: /CN=A91DBB66/serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Certificate serial: 79 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft Manifest number: 77 Signing time: Mon 29 Dec 2025 05:50:30 +0000 Manifest this update: Mon 29 Dec 2025 05:50:30 +0000 Manifest next update: Mon 05 Jan 2026 05:50:30 +0000 Files and hashes: 1: 4Y0K0YMT4gIg3qG4cW37310JzPg.crl (hash: B5hghrF/rQKSjqN6u+vzDdbmW7gFcvJMWALgRtmlfjM=) 2: 099A56FE2FB311F09E3A9373C4F9AE02.roa (hash: c58CHJdQfloT8cjooayoSNCaLkxE9yxaVBgoB9VE0Hs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 Jan 2026 05:50:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 121 (0x79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBB66, serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Validity Not Before: Dec 29 05:50:30 2025 GMT Not After : Jan 5 05:50:30 2026 GMT Subject: CN=695216a6-c9e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fa:84:b9:6f:8f:d8:ec:a2:22:8a:f2:86:ca: 49:a6:46:8d:2d:72:bf:25:62:b2:5b:9d:43:0c:fd: a9:25:da:c7:fe:c2:30:02:83:67:4a:15:ed:d5:35: db:71:2a:34:87:e7:6f:b7:68:7c:59:a9:70:b3:93: 24:43:89:4f:dd:40:ff:ec:ec:2f:bc:2a:a3:94:79: e2:d8:b8:d7:eb:ed:d0:f0:9d:56:97:3f:df:e5:4a: 9c:ae:31:96:bb:cc:8f:f2:f8:fb:5f:3f:6c:76:49: ae:e0:ed:ab:55:33:1c:85:51:0a:24:59:48:e6:85: 3f:8e:1a:ec:0b:b4:ed:a1:81:81:ab:05:7a:57:36: cf:24:e1:f3:32:9a:ac:73:d3:2b:aa:f2:b2:66:3c: 98:d8:8c:83:9a:bc:24:15:ca:d8:3b:17:ce:b9:ba: 2b:82:2c:9d:83:00:36:90:4a:77:cf:9b:90:ac:95: 1c:d2:57:7c:d1:4d:7b:cc:39:5b:ad:fe:59:15:a8: 30:ac:32:17:22:de:c8:8d:11:75:ff:40:84:37:ea: 27:c3:12:cf:7f:78:f8:3a:a7:d8:a7:4e:85:52:0f: 33:bc:b0:8a:92:1d:e2:a8:b9:3f:2f:76:62:58:61: 9d:d1:7a:b6:6c:74:94:b9:93:66:b3:d2:35:d1:c6: 68:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:BA:84:06:A2:74:49:17:51:2E:67:DA:D2:71:B1:B3:0E:C2:48:DA X509v3 Authority Key Identifier: keyid:E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:c0:f9:54:17:9e:f0:c2:47:32:65:26:64:2f:2b:50:4a:b8: d6:1d:8d:14:32:25:57:c3:48:e1:ff:b6:41:a9:b1:02:8d:c7: b3:9a:72:f8:86:bd:6b:84:ef:15:c4:83:94:70:d1:ed:cc:c5: d9:74:89:91:9b:ed:f6:83:95:ef:fc:24:ac:36:2b:1c:35:ed: d8:b1:09:49:b5:cb:d5:a0:f0:ff:ac:51:46:7c:8c:bc:24:85: 6e:89:54:ad:7a:37:f5:9f:3e:38:0b:66:ad:01:01:11:2e:70: 70:09:24:ab:82:d7:a4:5c:91:80:b8:95:bd:b8:78:e2:58:e9: e0:68:0e:ca:cb:93:90:55:26:fa:a1:86:2d:76:94:45:27:a6: 47:85:04:ee:ff:4a:3f:c4:89:2e:cb:1e:3d:77:3b:52:b8:d9: c9:4a:74:39:d3:d9:ed:f6:14:7d:aa:9c:cf:78:7f:50:75:c6: c4:a3:8a:a7:7f:aa:98:71:b1:a2:7a:74:a2:94:14:87:c2:e8: df:c2:25:b6:9a:97:7a:e9:a0:0e:b5:52:5d:89:90:fb:9f:15: c5:9b:bf:a3:dd:84:c1:07:e9:b0:67:74:c2:f4:46:3d:92:54: 52:3d:de:5f:95:20:e4:c7:20:0a:fd:63:7d:11:e0:6b:ef:d5: 07:dc:42:b2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkI2NjExMC8GA1UEBRMoRTE4RDBBRDE4MzEzRTIwMjIwREVBMUI4NzE2REZCREY1 RDA5Q0NGODAeFw0yNTEyMjkwNTUwMzBaFw0yNjAxMDUwNTUwMzBaMBgxFjAUBgNV BAMMDTY5NTIxNmE2LWM5ZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2+oS5b4/Y7KIiivKGykmmRo0tcr8lYrJbnUMM/akl2sf+wjACg2dKFe3VNdtx KjSH52+3aHxZqXCzkyRDiU/dQP/s7C+8KqOUeeLYuNfr7dDwnVaXP9/lSpyuMZa7 zI/y+PtfP2x2Sa7g7atVMxyFUQokWUjmhT+OGuwLtO2hgYGrBXpXNs8k4fMymqxz 0yuq8rJmPJjYjIOavCQVytg7F865uiuCLJ2DADaQSnfPm5CslRzSV3zRTXvMOVut /lkVqDCsMhci3siNEXX/QIQ36ifDEs9/ePg6p9inToVSDzO8sIqSHeKouT8vdmJY YZ3RerZsdJS5k2az0jXRxmjrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUcbqEBqJ0 SRdRLmfa0nGxsw7CSNowHwYDVR0jBBgwFoAU4Y0K0YMT4gIg3qG4cW37310JzPgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQjY2LzBDMEQ4MERFMkZB QzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJZzNxRzRjVzM3MzEwSnpQ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNFkwSzBZTVQ0Z0lnM3FHNGNXMzczMTBKelBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURC QjY2LzBDMEQ4MERFMkZBQzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJ ZzNxRzRjVzM3MzEwSnpQZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF/A+VQXnvDCRzJlJmQvK1BKuNYdjRQyJVfDSOH/tkGpsQKNx7OacviG vWuE7xXEg5Rw0e3Mxdl0iZGb7faDle/8JKw2Kxw17dixCUm1y9Wg8P+sUUZ8jLwk hW6JVK16N/WfPjgLZq0BAREucHAJJKuC16RckYC4lb24eOJY6eBoDsrLk5BVJvqh hi12lEUnpkeFBO7/Sj/EiS7LHj13O1K42clKdDnT2e32FH2qnM94f1B1xsSjiqd/ qphxsaJ6dKKUFIfC6N/CJbaal3rpoA61Ul2JkPufFcWbv6PdhMEH6bBndML0Rj2S VFI93l+VIOTHIAr9Y30R4Gvv1QfcQrI= -----END CERTIFICATE-----Generated at Tue Dec 30 18:40:48 2025 by rpki-client