This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft File: xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft (raw, json) Hash identifier: YEbHSnZCab1hvvVI1MBo4iXjEBqHwh4sGWlSM4s8zxQ= Subject key identifier: 3B:EE:A9:73:1E:63:2D:3E:A5:7F:A2:0A:55:39:EF:E3:62:8D:4A:14 Authority key identifier: C6:53:EF:77:B1:9D:10:8C:F5:C5:9A:E1:80:1F:02:00:3A:B5:5E:ED Certificate issuer: /CN=A91EBFAE/serialNumber=C653EF77B19D108CF5C59AE1801F02003AB55EED Certificate serial: 2574 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft Manifest number: 2574 Signing time: Sun 28 Dec 2025 14:31:01 +0000 Manifest this update: Sun 28 Dec 2025 14:31:00 +0000 Manifest next update: Sun 04 Jan 2026 14:31:00 +0000 Files and hashes: 1: xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl (hash: yD7MrzRpS6BpUyBGuaAWuKRHFd8ErHMrlG+lFgs3yqA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 Jan 2026 14:30:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9588 (0x2574) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBFAE, serialNumber=C653EF77B19D108CF5C59AE1801F02003AB55EED Validity Not Before: Dec 28 14:31:00 2025 GMT Not After : Jan 4 14:31:00 2026 GMT Subject: CN=69513f24-696a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:55:c6:e2:80:eb:fc:c4:ff:d5:e3:44:51:86: 33:43:32:1b:38:31:27:19:4c:71:6d:be:54:38:cb: e7:eb:10:ab:21:48:6c:a3:7d:8f:06:4a:9b:36:c3: ff:5c:28:c6:1f:28:9e:cb:0e:94:f8:d3:29:15:ac: f8:40:d0:98:42:a3:28:9d:95:39:51:a0:ba:8c:b2: 87:22:93:43:f6:ed:c3:20:50:fa:92:32:a7:75:a9: 30:89:51:f4:56:97:26:79:f5:69:29:c9:d8:ad:d9: 81:b5:83:60:d7:ee:91:49:60:6c:1e:9e:83:4e:a2: 37:5b:9d:9a:c5:ed:a1:fe:eb:fa:d3:66:e6:2c:55: d2:95:3b:19:57:de:a7:22:df:71:97:bb:61:d4:bd: d2:d7:6a:97:90:15:6b:b4:ac:2c:82:f9:45:f6:5f: 4f:f4:54:03:d2:3b:c3:d0:8c:44:21:88:6b:3d:0f: 27:98:40:24:5d:10:b7:97:0b:b6:de:f8:04:14:80: 32:e6:a1:de:8f:2a:0a:7a:34:e5:6e:17:80:dd:4c: 2f:46:0f:d3:38:f6:54:f5:78:77:e8:4b:a9:7b:f6: 98:25:08:83:c4:1a:1d:cd:b2:17:7a:6f:8b:d3:b0: 43:1e:b8:6d:80:90:4c:99:4b:3e:72:29:30:16:f5: 5e:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:EE:A9:73:1E:63:2D:3E:A5:7F:A2:0A:55:39:EF:E3:62:8D:4A:14 X509v3 Authority Key Identifier: keyid:C6:53:EF:77:B1:9D:10:8C:F5:C5:9A:E1:80:1F:02:00:3A:B5:5E:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xlPvd7GdEIz1xZrhgB8CADq1Xu0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/ED32440A290911E593BFC626C4F9AE02/xlPvd7GdEIz1xZrhgB8CADq1Xu0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:44:11:6f:ef:5d:b2:10:9f:c7:ac:67:83:10:25:ca:7f:a1: f9:a2:fd:2c:c5:99:9d:de:71:df:cd:08:7a:38:46:b0:11:87: 39:31:f9:3a:d4:69:e3:db:42:b8:84:7d:b8:c9:59:79:c7:20: b6:4f:31:8e:3b:cf:32:e3:ef:f0:a7:2a:39:a9:ce:43:a9:d7: 75:66:0e:7c:e3:ce:82:37:e5:6c:b4:b7:20:51:05:ff:12:8d: 45:20:2b:07:ad:e2:99:96:bb:b7:b3:dd:19:8e:9a:68:a9:55: 22:f0:c3:d1:e2:d9:7b:2f:03:ce:16:78:b3:ec:44:a5:b9:70: 85:20:eb:e2:d3:0b:85:12:1a:6f:49:b4:48:59:0c:bf:c9:5c: 5f:39:03:1d:f3:fb:28:1f:fa:36:93:20:3a:86:67:25:54:d4: d5:dd:f0:91:57:a6:76:48:01:4f:45:9c:fc:ae:02:1e:0e:13: 98:6e:7d:e3:1b:bf:d9:b7:a1:82:50:8a:12:af:f3:a9:0c:1a: 09:fe:92:be:c6:3f:e3:0e:5e:e2:38:2f:a5:54:e4:09:22:96: 31:28:fa:1d:87:3f:af:51:7d:49:1e:8a:38:9a:df:ae:2d:91: 22:ac:7e:0e:60:9d:d2:57:f8:24:91:b7:d8:67:9b:78:aa:63: 15:ae:09:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJGQUUxMTAvBgNVBAUTKEM2NTNFRjc3QjE5RDEwOENGNUM1OUFFMTgwMUYwMjAw M0FCNTVFRUQwHhcNMjUxMjI4MTQzMTAwWhcNMjYwMTA0MTQzMTAwWjAYMRYwFAYD VQQDDA02OTUxM2YyNC02OTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAulXG4oDr/MT/1eNEUYYzQzIbODEnGUxxbb5UOMvn6xCrIUhso32PBkqbNsP/ XCjGHyieyw6U+NMpFaz4QNCYQqMonZU5UaC6jLKHIpND9u3DIFD6kjKndakwiVH0 VpcmefVpKcnYrdmBtYNg1+6RSWBsHp6DTqI3W52axe2h/uv602bmLFXSlTsZV96n It9xl7th1L3S12qXkBVrtKwsgvlF9l9P9FQD0jvD0IxEIYhrPQ8nmEAkXRC3lwu2 3vgEFIAy5qHejyoKejTlbheA3UwvRg/TOPZU9Xh36Eupe/aYJQiDxBodzbIXem+L 07BDHrhtgJBMmUs+cikwFvVe5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDvuqXMe Yy0+pX+iClU57+NijUoUMB8GA1UdIwQYMBaAFMZT73exnRCM9cWa4YAfAgA6tV7t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkZBRS9FRDMyNDQwQTI5 MDkxMUU1OTNCRkM2MjZDNEY5QUUwMi94bFB2ZDdHZEVJejF4WnJoZ0I4Q0FEcTFY dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3hsUHZkN0dkRUl6MXhacmhnQjhDQURxMVh1MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkZBRS9FRDMyNDQwQTI5MDkxMUU1OTNCRkM2MjZDNEY5QUUwMi94bFB2ZDdHZEVJ ejF4WnJoZ0I4Q0FEcTFYdTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxRBFv712yEJ/HrGeDECXKf6H5ov0sxZmd3nHfzQh6OEawEYc5Mfk6 1Gnj20K4hH24yVl5xyC2TzGOO88y4+/wpyo5qc5Dqdd1Zg58486CN+VstLcgUQX/ Eo1FICsHreKZlru3s90ZjppoqVUi8MPR4tl7LwPOFniz7ESluXCFIOvi0wuFEhpv SbRIWQy/yVxfOQMd8/soH/o2kyA6hmclVNTV3fCRV6Z2SAFPRZz8rgIeDhOYbn3j G7/Zt6GCUIoSr/OpDBoJ/pK+xj/jDl7iOC+lVOQJIpYxKPodhz+vUX1JHoo4mt+u LZEirH4OYJ3SV/gkkbfYZ5t4qmMVrgnG -----END CERTIFICATE-----Generated at Tue Dec 30 12:30:09 2025 by rpki-client