This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: bOWfEFRsEtcpzCsrD43xEG1ftVFu6YJhV3T9UjYQ3Oo= Subject key identifier: D9:B9:09:E8:EB:51:43:17:6C:01:CF:A9:2B:98:7A:62:0A:6A:52:25 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: D5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: D3 Signing time: Fri 19 Dec 2025 04:48:51 +0000 Manifest this update: Fri 19 Dec 2025 04:48:50 +0000 Manifest next update: Fri 26 Dec 2025 04:48:50 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: CZZKITQMm2WhtRvkzvTo/ULhv+ERV3Z8OigVcRzGWEU=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 04:48:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 213 (0xd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Dec 19 04:48:50 2025 GMT Not After : Dec 26 04:48:50 2025 GMT Subject: CN=6944d933-b767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d8:75:2f:66:6b:1b:5c:67:0f:07:49:37:00: 64:8b:08:38:38:5d:d4:db:ff:70:e8:c5:05:78:41: 19:65:d4:74:c4:e6:9f:38:aa:36:69:7f:ce:55:a0: dd:1b:7d:94:26:10:75:68:73:00:dc:31:90:cc:30: 7f:02:a3:3d:fd:cc:35:85:11:2c:3f:e1:ce:4a:8f: f0:8d:ba:50:33:84:c5:7a:ef:48:03:3e:af:22:b5: c4:f6:0d:3e:34:79:ae:3a:e4:06:93:1c:ab:5b:45: f2:56:6a:b8:8a:b6:db:82:89:b4:83:95:72:d9:1e: 5b:96:46:05:22:76:3b:9a:81:86:58:ba:5a:5c:c3: d5:4d:6e:88:72:de:c5:4e:5a:fa:0b:4d:0a:e6:34: b1:db:5b:fe:69:44:3f:5f:ce:52:47:dc:f2:1a:64: 05:ff:3d:0d:64:9b:6d:eb:b0:05:bf:f1:55:d0:80: 70:78:1a:be:bb:56:e0:1a:20:23:e1:2b:59:9b:98: 73:0d:a1:88:c1:8b:0d:af:7b:d9:4c:be:31:60:75: a3:ff:0a:07:63:9a:21:59:fa:a8:38:65:ab:c4:b5: c2:a6:5c:7a:b3:f0:b7:bc:2f:c3:1d:85:3a:cf:8e: e7:26:74:75:a2:82:86:f8:20:64:b4:6a:7a:40:97: 5f:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:B9:09:E8:EB:51:43:17:6C:01:CF:A9:2B:98:7A:62:0A:6A:52:25 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:6f:be:95:20:da:6e:61:c0:68:ba:66:ff:4c:81:d0:e9:91: f1:03:78:f3:16:9d:a2:85:50:9b:2c:03:a3:e6:f9:de:8b:87: 74:a9:8f:9c:e1:b1:02:c4:88:b2:b3:58:d5:56:eb:e6:30:cf: 73:e4:92:df:69:11:c6:9b:97:f5:6c:93:60:ba:06:67:d0:2f: 7f:88:86:b2:1a:25:cc:c1:7c:80:28:16:47:53:fe:d8:27:20: f9:46:ef:29:b5:f0:70:b2:7b:fd:d3:21:20:fb:0c:77:1f:71: 20:bc:bc:54:1b:19:c7:0f:4e:b7:45:e2:ce:ba:58:14:87:05: a6:bd:ec:82:2a:d2:f3:86:7d:6f:1b:9c:7e:5c:31:71:30:8d: b7:07:28:71:89:31:0c:69:fc:9d:f1:6e:6a:ec:c5:ea:dc:64: 2d:0f:ab:78:eb:ff:50:15:04:75:c8:38:60:91:ba:e3:9e:23: eb:af:a7:3b:79:f3:21:45:f7:d1:50:6b:00:bb:b0:fb:6b:f4: 37:c4:69:42:24:2f:47:97:ac:1c:73:c7:24:c5:71:7f:25:ff: b5:9b:eb:f2:3e:cd:3d:24:68:e7:35:76:9b:e8:db:e4:47:c1: b3:e6:1b:b2:b5:8d:55:00:93:fc:e2:49:7c:3b:dc:dc:b2:4f: 0c:ca:cf:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0MDkxMTAvBgNVBAUTKDIxNjRERDU5QTYxNUQ1RjJFMzM5M0U3MjA5OEE3M0FE ODY4RTc4REEwHhcNMjUxMjE5MDQ0ODUwWhcNMjUxMjI2MDQ0ODUwWjAYMRYwFAYD VQQDDA02OTQ0ZDkzMy1iNzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAydh1L2ZrG1xnDwdJNwBkiwg4OF3U2/9w6MUFeEEZZdR0xOafOKo2aX/OVaDd G32UJhB1aHMA3DGQzDB/AqM9/cw1hREsP+HOSo/wjbpQM4TFeu9IAz6vIrXE9g0+ NHmuOuQGkxyrW0XyVmq4irbbgom0g5Vy2R5blkYFInY7moGGWLpaXMPVTW6Ict7F Tlr6C00K5jSx21v+aUQ/X85SR9zyGmQF/z0NZJtt67AFv/FV0IBweBq+u1bgGiAj 4StZm5hzDaGIwYsNr3vZTL4xYHWj/woHY5ohWfqoOGWrxLXCplx6s/C3vC/DHYU6 z47nJnR1ooKG+CBktGp6QJdf1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNm5Cejr UUMXbAHPqSuYemIKalIlMB8GA1UdIwQYMBaAFCFk3VmmFdXy4zk+cgmKc62Gjnja MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQwOS9GOTQ0RTNDQzlD QUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFmTGpPVDV5Q1lwenJZYU9l Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VOby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQwOS9GOTQ0RTNDQzlDQUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFm TGpPVDV5Q1lwenJZYU9lTm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLb76VINpuYcBoumb/TIHQ6ZHxA3jzFp2ihVCbLAOj5vnei4d0qY+c 4bECxIiys1jVVuvmMM9z5JLfaRHGm5f1bJNgugZn0C9/iIayGiXMwXyAKBZHU/7Y JyD5Ru8ptfBwsnv90yEg+wx3H3EgvLxUGxnHD063ReLOulgUhwWmveyCKtLzhn1v G5x+XDFxMI23ByhxiTEMafyd8W5q7MXq3GQtD6t46/9QFQR1yDhgkbrjniPrr6c7 efMhRffRUGsAu7D7a/Q3xGlCJC9Hl6wcc8ckxXF/Jf+1m+vyPs09JGjnNXab6Nvk R8Gz5huytY1VAJP84kl8O9zcsk8Mys9q -----END CERTIFICATE-----Generated at Sat Dec 20 00:55:38 2025 by rpki-client