This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.mft File: oPy-m8tDKKnovMofXhSWrMLOLtk.mft (raw, json) Hash identifier: qFZMFlqHyp36V6HIulrGWRn8+2HU29q8AeJ/R+ji4y0= Subject key identifier: C1:78:E2:72:24:F9:F1:A8:6A:8F:6C:2F:D0:C5:7C:F7:32:5F:E6:1A Authority key identifier: A0:FC:BE:9B:CB:43:28:A9:E8:BC:CA:1F:5E:14:96:AC:C2:CE:2E:D9 Certificate issuer: /CN=A91FB297/serialNumber=A0FCBE9BCB4328A9E8BCCA1F5E1496ACC2CE2ED9 Certificate serial: 04 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oPy-m8tDKKnovMofXhSWrMLOLtk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.mft Manifest number: 04 Signing time: Fri 19 Dec 2025 03:07:58 +0000 Manifest this update: Fri 19 Dec 2025 03:07:58 +0000 Manifest next update: Fri 26 Dec 2025 03:07:58 +0000 Files and hashes: 1: oPy-m8tDKKnovMofXhSWrMLOLtk.crl (hash: 5PrDtq3psAdpo/Nc0g7EaaTJmcU0R0uuES96h/Ow5Vc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.crl rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oPy-m8tDKKnovMofXhSWrMLOLtk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 03:07:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB297, serialNumber=A0FCBE9BCB4328A9E8BCCA1F5E1496ACC2CE2ED9 Validity Not Before: Dec 19 03:07:58 2025 GMT Not After : Dec 26 03:07:58 2025 GMT Subject: CN=6944c18e-a368 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b7:78:10:4f:3a:a5:0d:a4:14:5d:aa:10:8a: c2:79:bc:25:8c:32:7e:9e:20:ce:1f:90:6a:99:17: 73:d5:ac:87:3e:b1:29:7b:f0:18:56:f1:5a:a6:67: a4:fd:27:62:15:4a:f1:25:66:dd:6c:24:f0:33:ce: fb:e6:21:c4:2d:3c:8a:c3:1a:dd:01:bc:c4:3f:d9: 47:5c:23:06:08:36:2a:fc:75:bf:b2:39:75:60:0d: 6d:60:d7:5d:83:90:52:1d:85:db:0a:12:fe:39:a2: ac:07:23:8f:30:50:1e:54:07:61:01:34:fc:7c:08: c8:c9:68:00:e0:fc:13:32:e4:d8:a1:9d:89:a4:b2: 93:7b:b7:cf:9a:7c:9c:4b:60:b8:91:70:ef:fc:70: fc:ac:87:93:9c:cf:49:13:15:e1:1b:fb:63:78:ea: 1b:89:36:77:14:7a:9d:77:3d:58:1a:67:5d:e5:79: 3d:65:57:ed:34:df:c0:90:ce:32:44:9e:09:97:65: d2:ee:a3:83:98:dd:7d:e3:8b:62:2d:72:de:85:1d: 49:6f:9e:91:54:76:a8:19:69:e6:ff:e6:c3:9b:bc: a0:ff:81:ba:1e:44:11:cf:94:0a:49:0a:95:04:13: 39:86:aa:b2:75:c2:4f:ad:fc:e0:55:ff:96:0c:e9: 55:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:78:E2:72:24:F9:F1:A8:6A:8F:6C:2F:D0:C5:7C:F7:32:5F:E6:1A X509v3 Authority Key Identifier: keyid:A0:FC:BE:9B:CB:43:28:A9:E8:BC:CA:1F:5E:14:96:AC:C2:CE:2E:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oPy-m8tDKKnovMofXhSWrMLOLtk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:1c:ba:66:b5:82:67:99:6a:63:70:93:39:0c:7c:d9:51:3f: 85:57:3f:41:4e:a9:63:68:5b:7c:b5:7c:da:17:35:51:b9:dd: fe:53:28:22:b2:d7:5e:c7:12:1f:b0:16:e0:33:a1:47:af:63: b4:36:05:93:89:86:4e:b7:ae:07:32:aa:38:2b:ba:44:a1:3f: 62:64:fb:6c:82:ba:26:fd:01:f4:3e:57:7e:a0:b8:2a:f5:d5: 30:06:3d:40:87:1b:a3:39:9f:a9:1d:bb:60:ff:7d:b8:14:31: 90:81:6e:da:e7:ad:b7:74:2e:85:d6:f0:cb:b9:30:1b:7c:fa: 6d:75:19:94:4d:00:b8:be:cd:00:4a:73:a1:ce:d2:3a:13:b2: 20:22:49:79:55:51:84:a0:4c:3f:50:d3:5c:17:1e:66:10:0b: 07:8e:24:0d:6a:11:29:64:41:24:d0:74:0e:bb:6f:da:4a:f3: ff:e1:7d:4c:32:66:ef:93:88:cc:61:04:b0:5e:13:22:a3:34: 0f:32:85:72:83:6d:68:53:72:98:d7:e8:88:a6:d5:ec:fb:15: 6f:2a:e3:5b:a0:58:f9:03:bf:94:96:6b:a4:8e:b6:34:05:82: 1f:87:6c:33:48:c7:d8:e0:bd:32:6d:ee:21:9c:2e:09:06:7e: 4b:59:19:43 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QjI5NzExMC8GA1UEBRMoQTBGQ0JFOUJDQjQzMjhBOUU4QkNDQTFGNUUxNDk2QUND MkNFMkVEOTAeFw0yNTEyMTkwMzA3NThaFw0yNTEyMjYwMzA3NThaMBgxFjAUBgNV BAMMDTY5NDRjMThlLWEzNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0t3gQTzqlDaQUXaoQisJ5vCWMMn6eIM4fkGqZF3PVrIc+sSl78BhW8VqmZ6T9 J2IVSvElZt1sJPAzzvvmIcQtPIrDGt0BvMQ/2UdcIwYINir8db+yOXVgDW1g112D kFIdhdsKEv45oqwHI48wUB5UB2EBNPx8CMjJaADg/BMy5NihnYmkspN7t8+afJxL YLiRcO/8cPysh5Ocz0kTFeEb+2N46huJNncUep13PVgaZ13leT1lV+0038CQzjJE ngmXZdLuo4OY3X3ji2Itct6FHUlvnpFUdqgZaeb/5sObvKD/gboeRBHPlApJCpUE EzmGqrJ1wk+t/OBV/5YM6VW5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUwXjiciT5 8ahqj2wv0MV89zJf5howHwYDVR0jBBgwFoAUoPy+m8tDKKnovMofXhSWrMLOLtkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCMjk3L0JCRjI4RERBRDk5 NTExRjA5QTE4NjIzQjY0RDM2NDFEL29QeS1tOHRES0tub3ZNb2ZYaFNXck1MT0x0 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvb1B5LW04dERLS25vdk1vZlhoU1dyTUxPTHRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZC Mjk3L0JCRjI4RERBRDk5NTExRjA5QTE4NjIzQjY0RDM2NDFEL29QeS1tOHRES0tu b3ZNb2ZYaFNXck1MT0x0ay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC8cuma1gmeZamNwkzkMfNlRP4VXP0FOqWNoW3y1fNoXNVG53f5TKCKy 117HEh+wFuAzoUevY7Q2BZOJhk63rgcyqjgrukShP2Jk+2yCuib9AfQ+V36guCr1 1TAGPUCHG6M5n6kdu2D/fbgUMZCBbtrnrbd0LoXW8Mu5MBt8+m11GZRNALi+zQBK c6HO0joTsiAiSXlVUYSgTD9Q01wXHmYQCweOJA1qESlkQSTQdA67b9pK8//hfUwy Zu+TiMxhBLBeEyKjNA8yhXKDbWhTcpjX6Iim1ez7FW8q41ugWPkDv5SWa6SOtjQF gh+HbDNIx9jgvTJt7iGcLgkGfktZGUM= -----END CERTIFICATE-----Generated at Sat Dec 20 00:28:53 2025 by rpki-client