This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft File: d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft (raw, json) Hash identifier: N+Xzaxr9T2Qhurdk7lL2+u6NDPTke0BN6k1fFotrdaw= Subject key identifier: 3F:2D:86:B0:0F:C1:C4:6B:E1:2B:AB:16:4D:99:C2:93:79:63:60:3D Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92 Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892 Certificate serial: 04C3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft Manifest number: 0490 Signing time: Sat 20 Dec 2025 23:22:17 +0000 Manifest this update: Sat 20 Dec 2025 23:22:17 +0000 Manifest next update: Sat 27 Dec 2025 23:22:17 +0000 Files and hashes: 1: d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl (hash: oh2YHafU6EpZXiLwWzlUurgQhsr3OYN56SpFpKDeldE=) 2: EEECC55A8C3611EFA07E612DC4F9AE02.roa (hash: S448nKM+pkzyKAVAq+QLZ6c2Rwj7lMGOSqjzi17yKYo=) 3: 1FBEA1EEDE9711EC9289256FC4F9AE02.roa (hash: Pw1VfyFxavHvFST5T+H3g0H5LvyxMCtjtqjSFSOsHV4=) 4: E84DD6FAC9C311F0ACE5A118C4F9AE02.roa (hash: k9zWu2QJsnTRLP5WsBWNL6UAK85169EhgA+nfe0CwrY=) 5: E0C5B7148F2C11EEA361B22FC4F9AE02.roa (hash: LQAzx13tozFHaI0HVuth0BIpfSl3xV9vs2/iuXhYbao=) 6: 204E25DADE9711EC9289256FC4F9AE02.roa (hash: /aQYygAsI5fV2mFcfHBoburj5j4bXjYX8PU+kzkSJik=) 7: 216DB034DE9711EC9289256FC4F9AE02.roa (hash: wYrjUP6ABXM9BKVFoyMoT84PmJsIQ6eyebTIC1QQGZ0=) 8: E184C6F48F2C11EEA361B22FC4F9AE02.roa (hash: hroMg7e8nFXh4Bq6R1BL3suX2BZ1hZT6N2FbEkOK+8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 23:22:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1219 (0x4c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEB81, serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892 Validity Not Before: Dec 20 23:22:17 2025 GMT Not After : Dec 27 23:22:17 2025 GMT Subject: CN=69472fa9-26ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b4:18:6d:93:dd:b4:6b:0e:f6:6b:ae:ef:81: 46:b2:38:62:fa:e1:ce:4f:fd:ee:76:5b:88:ef:3d: 44:8e:fd:cf:c4:0d:59:3a:fc:93:1c:47:5d:c0:d3: 5c:d8:54:d9:79:4e:46:3e:ee:e7:b7:21:85:e2:5c: 5d:15:93:ae:c3:9d:08:12:97:a1:07:bf:75:ee:a2: ce:55:a1:d0:c4:6b:5a:fe:e6:18:54:6f:f0:cf:c9: fa:d6:1f:01:f6:ef:05:85:08:f8:09:70:7a:c8:e7: 5c:d4:27:34:1b:72:cc:2f:4a:cf:64:73:e7:7d:7f: 73:51:18:7b:89:3b:7f:72:71:46:27:80:b1:1e:46: 0c:af:cb:f9:72:ca:86:07:06:8f:f1:0d:4c:7e:af: 47:0b:82:45:c7:48:36:eb:56:4e:7f:a4:f7:74:de: c2:dd:93:8a:93:07:06:f1:85:85:41:8d:d4:0f:98: 05:11:e8:11:eb:5a:e7:42:bf:02:b9:29:54:e7:ac: 40:ca:0b:24:a8:dd:cb:2c:4c:05:3f:7c:11:bd:cb: c4:52:2a:0b:d7:6a:47:da:24:58:94:dd:39:23:e0: 83:00:36:92:88:56:67:6f:2b:fa:a7:0b:73:5a:27: 92:bd:da:4e:f3:c5:90:64:85:99:d8:46:01:a2:f3: dd:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:2D:86:B0:0F:C1:C4:6B:E1:2B:AB:16:4D:99:C2:93:79:63:60:3D X509v3 Authority Key Identifier: keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:f8:99:17:4a:c2:aa:7e:57:1d:57:23:7d:51:fd:6b:5e:95: ae:46:3f:3d:65:86:52:99:93:d0:20:de:73:c2:bb:57:0f:eb: 2b:b7:d9:ea:a3:08:12:1f:8f:a1:0f:68:4e:9e:2c:9a:3a:d5: 5b:20:ee:48:75:66:ef:83:cb:ce:04:d5:e4:03:47:2e:80:68: 3c:ca:14:fe:31:84:fa:0c:5a:25:cf:b7:a0:a2:fa:e1:49:1b: f0:4e:81:f2:b4:b0:7c:65:ee:c8:99:4c:a6:2f:81:9d:4f:bc: 6f:eb:b8:be:dd:4e:4f:73:61:d9:c6:50:64:87:cc:3e:91:51: 53:d1:f0:71:90:01:2c:32:16:6f:23:97:8a:16:ff:4b:b8:8d: ba:d8:37:b8:a9:d6:6f:d3:9f:2d:d1:c4:55:d4:0e:39:a9:45: 2f:e2:dd:6d:7a:81:ae:17:6d:c3:60:af:3a:23:ce:57:de:1c: 69:a7:cc:6c:2b:42:22:9c:32:ac:a0:aa:3f:5f:07:66:83:b2: 19:3c:9d:56:07:c3:5e:e0:78:9e:72:30:5a:85:0b:0e:30:02: 7c:40:0c:d9:01:06:be:f6:33:95:4c:63:bc:ce:42:b9:68:93: c2:d9:b8:8f:d3:04:e4:2e:e3:c7:fc:e8:64:d5:32:dd:47:19: 6b:4d:63:08 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC RUQ1RDk4OTIwHhcNMjUxMjIwMjMyMjE3WhcNMjUxMjI3MjMyMjE3WjAYMRYwFAYD VQQDDA02OTQ3MmZhOS0yNmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuLQYbZPdtGsO9muu74FGsjhi+uHOT/3udluI7z1Ejv3PxA1ZOvyTHEddwNNc 2FTZeU5GPu7ntyGF4lxdFZOuw50IEpehB7917qLOVaHQxGta/uYYVG/wz8n61h8B 9u8FhQj4CXB6yOdc1Cc0G3LML0rPZHPnfX9zURh7iTt/cnFGJ4CxHkYMr8v5csqG BwaP8Q1Mfq9HC4JFx0g261ZOf6T3dN7C3ZOKkwcG8YWFQY3UD5gFEegR61rnQr8C uSlU56xAygskqN3LLEwFP3wRvcvEUioL12pH2iRYlN05I+CDADaSiFZnbyv6pwtz WieSvdpO88WQZIWZ2EYBovPdjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD8thrAP wcRr4SurFk2ZwpN5Y2A9MB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RUI4MS9DRjk2NjNDNjcwRjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xR cG11UEUyZ0xNRmktMWRtSkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAr+JkXSsKqflcdVyN9Uf1rXpWuRj89ZYZSmZPQIN5zwrtXD+srt9nq owgSH4+hD2hOniyaOtVbIO5IdWbvg8vOBNXkA0cugGg8yhT+MYT6DFolz7egovrh SRvwToHytLB8Ze7ImUymL4GdT7xv67i+3U5Pc2HZxlBkh8w+kVFT0fBxkAEsMhZv I5eKFv9LuI262De4qdZv058t0cRV1A45qUUv4t1teoGuF23DYK86I85X3hxpp8xs K0IinDKsoKo/Xwdmg7IZPJ1WB8Ne4HiecjBahQsOMAJ8QAzZAQa+9jOVTGO8zkK5 aJPC2biP0wTkLuPH/Ohk1TLdRxlrTWMI -----END CERTIFICATE-----Generated at Sun Dec 21 08:17:19 2025 by rpki-client