This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: gAhaCkIZddodXrKVcfSCK0RBzkCfKpX5tCK+4ZQEIIk= Subject key identifier: 21:44:35:46:D9:D7:2B:98:5E:8B:43:7D:EE:FA:9E:59:67:5F:45:AC Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0ACB Signing time: Wed 24 Dec 2025 19:04:50 +0000 Manifest this update: Wed 24 Dec 2025 19:04:50 +0000 Manifest next update: Wed 31 Dec 2025 19:04:50 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: HMynftpKp9f2X7ER1sCZR+406WRpQsxjoWhWUyZFZgc=) 2: B379B0346F4711EA81200366C4F9AE02.roa (hash: 34aVw5Rt72hNPVd0d/UxB/shSl9fnFPWjJTO5/uz5ZU=) 3: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: GD8TE1iM2Ym7f93p/1VYDkqCG50V4KFtJCkioUpH7AI=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: 5hsatirdoTAMt8sVP/32NV6rGnCIOasP2d6dKTsMLr4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Dec 2025 19:04:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2844 (0xb1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Dec 24 19:04:50 2025 GMT Not After : Dec 31 19:04:50 2025 GMT Subject: CN=694c3952-903c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b9:9d:fb:97:84:dd:92:8f:ce:80:35:a4:fd: bc:96:d3:a1:1d:03:85:bf:1c:68:8d:53:22:a4:26: 7b:4b:6f:c4:7c:41:3f:7e:b9:ce:b6:00:8f:fe:1d: 61:a5:e2:0f:4a:cf:88:de:b7:4e:d8:fb:b3:63:c1: 47:71:ff:49:09:ca:84:45:9d:76:02:25:fc:71:0d: eb:9e:a7:d7:c7:d9:38:ec:78:67:2a:72:05:0f:01: 8b:ae:cc:07:e0:1a:e7:8e:b9:b8:9c:58:ab:0c:4b: e6:92:d8:e6:ee:38:20:9a:c3:b2:0f:2e:d6:f3:98: 32:e4:24:7f:1a:f9:23:02:9c:15:b3:7f:c3:4f:30: 83:a8:3a:e2:f8:30:6c:00:26:d7:d7:79:95:1b:eb: f7:48:6d:b8:78:6b:92:c8:fc:2a:9b:22:6e:c4:c0: f8:bf:74:46:d0:a1:ca:c9:96:3f:e2:d1:b9:6b:25: cf:57:7e:43:ff:42:a4:e2:2b:61:06:20:50:05:ac: a7:04:38:8d:12:9b:1d:b6:e0:3d:69:bb:0b:7e:50: fc:19:a2:ac:f5:62:41:35:3f:11:96:0d:a8:39:88: 3b:ee:02:84:3f:dc:9a:2b:67:af:68:22:10:80:51: d4:9b:c0:b7:87:13:c4:e2:40:37:8b:05:4c:13:38: 0b:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:44:35:46:D9:D7:2B:98:5E:8B:43:7D:EE:FA:9E:59:67:5F:45:AC X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:0f:d8:6e:46:ec:63:07:c9:12:b5:e9:bb:36:69:69:6b:5a: 8e:c6:85:5d:56:d5:b7:8b:85:f8:fe:fc:ea:8a:e4:90:4e:64: 29:42:e5:97:21:79:75:c6:38:a3:b6:c8:3f:c0:58:e9:1e:be: fe:83:81:ed:59:15:b3:cf:85:7b:da:14:f9:c6:5a:c8:70:97: 95:5c:9d:59:e9:0b:db:98:6e:12:02:a3:59:96:61:12:ab:1f: b9:0a:91:b0:4b:56:8b:d5:a9:e5:df:69:70:48:76:6c:a3:7a: dc:a3:60:f6:42:c9:56:b5:3d:63:c4:63:07:ae:7c:5f:fa:b2: 51:6c:91:5d:7f:04:0b:4f:d0:6f:88:12:c4:8b:6d:fa:60:49: bd:10:03:ed:7e:24:14:73:13:e9:0b:63:f2:dc:64:bf:d8:5b: 79:ce:79:45:26:2e:25:99:51:e0:74:a5:97:b0:d0:ce:60:42: a9:d4:f1:df:50:a6:cd:57:7b:6b:a4:32:c2:7d:f5:9c:03:bd: 6a:76:e9:46:38:51:1a:75:47:99:90:dc:0e:10:6b:00:3e:27: ba:f4:5c:42:46:4b:55:7b:3c:55:b3:5a:30:19:2d:44:20:c0: e8:52:3f:3a:80:29:88:a6:31:8c:6d:aa:cb:28:80:36:32:82: 1a:69:0a:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCxwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUxMjI0MTkwNDUwWhcNMjUxMjMxMTkwNDUwWjAYMRYwFAYD VQQDDA02OTRjMzk1Mi05MDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuLmd+5eE3ZKPzoA1pP28ltOhHQOFvxxojVMipCZ7S2/EfEE/frnOtgCP/h1h peIPSs+I3rdO2PuzY8FHcf9JCcqERZ12AiX8cQ3rnqfXx9k47HhnKnIFDwGLrswH 4Brnjrm4nFirDEvmktjm7jggmsOyDy7W85gy5CR/GvkjApwVs3/DTzCDqDri+DBs ACbX13mVG+v3SG24eGuSyPwqmyJuxMD4v3RG0KHKyZY/4tG5ayXPV35D/0Kk4ith BiBQBaynBDiNEpsdtuA9absLflD8GaKs9WJBNT8Rlg2oOYg77gKEP9yaK2evaCIQ gFHUm8C3hxPE4kA3iwVMEzgLNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFENUbZ 1yuYXotDfe76nllnX0WsMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABD9huRuxjB8kStem7Nmlpa1qOxoVdVtW3i4X4/vzqiuSQTmQpQuWX IXl1xjijtsg/wFjpHr7+g4HtWRWzz4V72hT5xlrIcJeVXJ1Z6QvbmG4SAqNZlmES qx+5CpGwS1aL1anl32lwSHZso3rco2D2QslWtT1jxGMHrnxf+rJRbJFdfwQLT9Bv iBLEi236YEm9EAPtfiQUcxPpC2Py3GS/2Ft5znlFJi4lmVHgdKWXsNDOYEKp1PHf UKbNV3trpDLCffWcA71qdulGOFEadUeZkNwOEGsAPie69FxCRktVezxVs1owGS1E IMDoUj86gCmIpjGMbarLKIA2MoIaaQpI -----END CERTIFICATE-----Generated at Fri Dec 26 03:26:45 2025 by rpki-client