This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft File: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft (raw, json) Hash identifier: nadfpisWbH9CtndJSsDAztRkY3E9oOOYIwKQbxjPp0U= Subject key identifier: 7A:0E:18:10:5A:84:66:D7:ED:DB:6C:F1:AE:C4:4F:BA:48:A5:DB:8B Authority key identifier: 6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 Certificate issuer: /CN=A91EAE3D/serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Certificate serial: 14E3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft Manifest number: 14CF Signing time: Sat 20 Dec 2025 16:38:15 +0000 Manifest this update: Sat 20 Dec 2025 16:38:14 +0000 Manifest next update: Sat 27 Dec 2025 16:38:14 +0000 Files and hashes: 1: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl (hash: Nh5HiD3+wxIzjIq52J8kFAFt5IKyjGwBAEE3WqVykrc=) 2: F693F2689CB811EB97F77E14C4F9AE02.roa (hash: U3tQJQlcyfHM4FE2g1sFZHo1n5O210FCbrxqZ5WoAEg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 16:38:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5347 (0x14e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Validity Not Before: Dec 20 16:38:14 2025 GMT Not After : Dec 27 16:38:14 2025 GMT Subject: CN=6946d0f7-15b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:b9:94:79:e0:1e:de:97:0b:e9:9b:e8:50:59: 5f:3b:b8:0b:45:01:64:30:79:53:c9:18:37:8f:a4: 3d:67:a5:f8:1d:2d:c8:41:bb:b2:4a:5b:82:5a:52: 9b:86:db:de:35:45:71:0d:c6:9b:c7:64:68:f3:0c: 52:b3:10:d5:8a:df:34:b4:a8:a9:fe:75:3a:f5:54: 6c:6a:8f:39:55:3d:c6:0d:51:59:49:87:c0:18:16: c4:4f:a7:34:bf:ff:bd:11:5f:75:06:42:f2:33:c6: 8f:d5:5c:be:01:ff:6c:00:e4:8e:07:40:35:b1:6c: e9:35:ca:e3:ac:0b:58:61:40:99:08:be:7d:cb:ba: 37:b0:f6:85:73:04:84:74:f1:55:c4:2b:95:e4:e8: 6d:49:08:f0:cf:a3:36:c3:dd:af:30:f6:f9:8d:57: 7b:08:09:cf:98:6f:a3:b1:05:6d:fa:a9:ff:c9:d7: 18:97:27:9e:96:ab:4d:c2:6e:5a:ff:34:95:15:52: a5:51:a0:a1:2d:f6:01:16:fd:26:f4:db:66:bd:c5: 13:8b:84:ac:50:f2:3a:60:59:a9:48:49:f4:9a:4b: 04:57:1a:c4:1c:51:79:c1:eb:20:80:c1:74:fc:c9: e3:39:1d:18:57:23:b5:9f:59:a0:dd:04:9b:a6:33: 5f:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:0E:18:10:5A:84:66:D7:ED:DB:6C:F1:AE:C4:4F:BA:48:A5:DB:8B X509v3 Authority Key Identifier: keyid:6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:9e:1c:dc:07:51:70:3d:e9:99:6b:44:8b:61:fd:9d:38:d4: c6:f2:3d:e8:7a:e4:c8:31:b7:72:b3:e0:63:61:99:c0:bc:17: f4:2c:59:30:79:ee:6a:b5:c2:84:9d:96:32:18:2f:31:5d:a4: 1c:d5:e0:c6:4d:f4:ac:a3:27:44:8a:29:28:64:43:82:bb:ed: 0c:38:9e:fc:2d:f9:47:44:98:00:aa:5c:18:f7:2d:87:c7:e0: 0c:a9:a2:f1:36:05:3a:3f:71:6c:32:89:e0:17:38:df:d1:70: 0f:73:49:bb:9d:3d:7e:b7:5d:20:b2:23:54:dc:2b:4a:bf:4c: 88:7c:8e:90:12:06:ce:fb:0f:63:a8:06:ab:e3:c3:23:6f:d1: a9:32:a8:1e:a5:7f:89:ff:d0:e1:aa:89:da:fa:08:35:02:a6: 01:ef:6a:70:61:4e:b1:fa:86:20:8b:cc:35:76:e5:d9:bd:47: 7d:e2:14:c2:f6:42:1e:f6:e1:86:00:c1:57:42:cc:d5:c3:b9: 14:52:16:90:df:02:fa:35:6a:fc:db:7e:50:5d:85:93:e2:0d: d9:d3:55:99:c9:2d:c1:fd:9f:d4:27:1b:b5:05:31:a2:2d:e8: 67:d2:b8:b3:3a:c4:c5:85:2d:9b:10:f3:40:56:d4:88:fe:f6: e1:ba:85:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKDZCNTY3Qzg0M0U0MjUyM0UwRTVCNjRGNjRBMEYyQUUw NTUxN0JCNzAwHhcNMjUxMjIwMTYzODE0WhcNMjUxMjI3MTYzODE0WjAYMRYwFAYD VQQDDA02OTQ2ZDBmNy0xNWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvrmUeeAe3pcL6ZvoUFlfO7gLRQFkMHlTyRg3j6Q9Z6X4HS3IQbuySluCWlKb htveNUVxDcabx2Ro8wxSsxDVit80tKip/nU69VRsao85VT3GDVFZSYfAGBbET6c0 v/+9EV91BkLyM8aP1Vy+Af9sAOSOB0A1sWzpNcrjrAtYYUCZCL59y7o3sPaFcwSE dPFVxCuV5OhtSQjwz6M2w92vMPb5jVd7CAnPmG+jsQVt+qn/ydcYlyeelqtNwm5a /zSVFVKlUaChLfYBFv0m9NtmvcUTi4SsUPI6YFmpSEn0mksEVxrEHFF5wesggMF0 /MnjOR0YVyO1n1mg3QSbpjNfJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHoOGBBa hGbX7dts8a7ET7pIpduLMB8GA1UdIwQYMBaAFGtWfIQ+QlI+Dltk9koPKuBVF7tw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC84RUY0MkE0Njc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1VqNE9XMlQyU2c4cTRGVVh1 M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ExWjhoRDVDVWo0T1cyVDJTZzhxNEZVWHUzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUzRC84RUY0MkE0Njc1REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1Vq NE9XMlQyU2c4cTRGVVh1M0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCunhzcB1FwPemZa0SLYf2dONTG8j3oeuTIMbdys+BjYZnAvBf0LFkw ee5qtcKEnZYyGC8xXaQc1eDGTfSsoydEiikoZEOCu+0MOJ78LflHRJgAqlwY9y2H x+AMqaLxNgU6P3FsMongFzjf0XAPc0m7nT1+t10gsiNU3CtKv0yIfI6QEgbO+w9j qAar48Mjb9GpMqgepX+J/9Dhqona+gg1AqYB72pwYU6x+oYgi8w1duXZvUd94hTC 9kIe9uGGAMFXQszVw7kUUhaQ3wL6NWr8235QXYWT4g3Z01WZyS3B/Z/UJxu1BTGi Lehn0rizOsTFhS2bEPNAVtSI/vbhuoXe -----END CERTIFICATE-----Generated at Sun Dec 21 08:59:39 2025 by rpki-client