This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft File: zFfgNkMaXqPBcqpyg0Aa88StXFk.mft (raw, json) Hash identifier: 4XwueIHyPq6hZqm4uRuc7MY7pfNyofGsHI9YA7zMRlQ= Subject key identifier: D8:25:75:74:58:EC:3A:CB:1E:4F:C8:27:5B:00:E2:B1:44:BC:D7:6D Authority key identifier: CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 Certificate issuer: /CN=A91FDC78/serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Certificate serial: 096B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft Manifest number: 0959 Signing time: Sat 20 Dec 2025 19:36:53 +0000 Manifest this update: Sat 20 Dec 2025 19:36:53 +0000 Manifest next update: Sat 27 Dec 2025 19:36:53 +0000 Files and hashes: 1: zFfgNkMaXqPBcqpyg0Aa88StXFk.crl (hash: 7dlSJqR6E2IMd+mNtNLC1c1w0qAANb4imgk21+m760Y=) 2: DA0B639E89E711F08DD17A55C4F9AE02.roa (hash: 92JEuDCm1e9WQ8I7GIzUujJiphmCChYv7JlAxtt8zqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 19:36:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2411 (0x96b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDC78, serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Validity Not Before: Dec 20 19:36:53 2025 GMT Not After : Dec 27 19:36:53 2025 GMT Subject: CN=6946fad5-0c5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e6:c7:9b:26:29:f6:c2:0f:34:cd:d1:f7:e2: 1c:6b:23:59:94:00:26:29:1f:22:c1:b4:c8:d0:29: 27:60:12:44:6c:bc:54:d7:f8:80:7f:c6:c1:95:33: 31:98:47:4f:82:11:bc:d6:c5:ff:30:38:2e:de:be: 33:dc:9a:ab:ee:d7:73:f0:34:43:0a:9b:d9:b0:dc: 31:46:0c:08:00:ce:af:5c:6e:ad:9e:c5:f3:9f:25: 20:8e:bb:d4:6f:b8:38:9a:84:9d:78:55:68:c5:6a: 8f:24:9b:b3:d8:05:d4:7c:27:61:7d:0e:90:d6:e8: 22:a9:ec:15:ce:e9:94:7d:a5:3e:e6:ad:45:ca:31: 59:93:d4:36:1f:41:8e:f0:32:2c:03:70:91:d8:67: a7:00:e4:ff:96:0e:e3:4c:f7:66:b2:ec:cf:cb:cc: c7:e4:02:e0:29:fa:58:26:81:36:90:78:ac:95:0b: cf:98:2c:ec:da:3e:cc:06:0a:dd:f5:00:c0:ee:3e: 87:a3:0f:0f:8d:1d:18:3d:09:1b:73:e9:98:82:f5: c2:30:25:e2:c9:da:bf:db:42:f0:a1:27:8a:0d:f7: 82:36:ac:05:b5:4b:ff:be:b6:d2:92:a8:b5:40:b6: ac:f2:8e:aa:c7:c2:fb:5b:0d:da:51:39:b6:25:45: 4e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:25:75:74:58:EC:3A:CB:1E:4F:C8:27:5B:00:E2:B1:44:BC:D7:6D X509v3 Authority Key Identifier: keyid:CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:a4:71:21:09:bc:e0:26:e6:c2:1b:e1:d6:f3:46:b4:7a:7f: 68:a6:46:f1:a5:55:1c:c5:71:bf:26:5d:b1:7a:76:88:a3:2a: 13:db:e5:43:c5:49:6f:2f:7e:b0:bd:98:12:58:64:18:36:4f: ca:4c:4c:7a:ba:2f:c4:3e:dd:92:24:9d:9f:a3:a2:70:2f:57: 9b:46:2a:17:05:24:50:5b:d7:0f:da:d1:fc:22:d2:7c:b3:b7: 44:8e:7e:1c:c1:15:c1:47:e0:a8:ff:18:b1:62:be:79:d0:e5: 83:26:fa:bf:a7:35:e8:07:78:56:aa:bd:c0:76:c3:aa:df:99: 8a:a3:8b:49:33:e8:70:36:83:58:7c:77:9d:c5:1d:2f:9c:d3: 11:68:d2:2b:57:b2:4d:28:c9:7c:4a:34:a4:e6:5e:e8:b7:e5: 31:cf:9c:35:f7:91:b6:a4:0f:fe:a4:13:d5:e9:f2:87:90:44: a6:d5:d6:29:58:1d:ea:64:31:a7:f6:b4:fa:3c:d2:62:6c:4f: 67:bd:62:0a:12:9d:07:3a:eb:f0:89:32:f9:81:43:7d:00:8d: 83:51:9d:7e:1c:c5:47:fd:db:64:9d:42:74:1f:57:62:9e:48: 30:6e:70:ff:a3:2f:4c:f2:80:49:3a:1f:9c:b1:90:b4:01:12: e9:dc:77:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRDNzgxMTAvBgNVBAUTKENDNTdFMDM2NDMxQTVFQTNDMTcyQUE3MjgzNDAxQUYz QzRBRDVDNTkwHhcNMjUxMjIwMTkzNjUzWhcNMjUxMjI3MTkzNjUzWjAYMRYwFAYD VQQDDA02OTQ2ZmFkNS0wYzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqObHmyYp9sIPNM3R9+IcayNZlAAmKR8iwbTI0CknYBJEbLxU1/iAf8bBlTMx mEdPghG81sX/MDgu3r4z3Jqr7tdz8DRDCpvZsNwxRgwIAM6vXG6tnsXznyUgjrvU b7g4moSdeFVoxWqPJJuz2AXUfCdhfQ6Q1ugiqewVzumUfaU+5q1FyjFZk9Q2H0GO 8DIsA3CR2GenAOT/lg7jTPdmsuzPy8zH5ALgKfpYJoE2kHislQvPmCzs2j7MBgrd 9QDA7j6How8PjR0YPQkbc+mYgvXCMCXiydq/20LwoSeKDfeCNqwFtUv/vrbSkqi1 QLas8o6qx8L7Ww3aUTm2JUVOfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNgldXRY 7DrLHk/IJ1sA4rFEvNdtMB8GA1UdIwQYMBaAFMxX4DZDGl6jwXKqcoNAGvPErVxZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREM3OC8xNTQ3NDAwOEFF QUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhxUEJjcXB5ZzBBYTg4U3RY RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pGZmdOa01hWHFQQmNxcHlnMEFhODhTdFhGay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REM3OC8xNTQ3NDAwOEFFQUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhx UEJjcXB5ZzBBYTg4U3RYRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFpHEhCbzgJubCG+HW80a0en9opkbxpVUcxXG/Jl2xenaIoyoT2+VD xUlvL36wvZgSWGQYNk/KTEx6ui/EPt2SJJ2fo6JwL1ebRioXBSRQW9cP2tH8ItJ8 s7dEjn4cwRXBR+Co/xixYr550OWDJvq/pzXoB3hWqr3AdsOq35mKo4tJM+hwNoNY fHedxR0vnNMRaNIrV7JNKMl8SjSk5l7ot+Uxz5w195G2pA/+pBPV6fKHkESm1dYp WB3qZDGn9rT6PNJibE9nvWIKEp0HOuvwiTL5gUN9AI2DUZ1+HMVH/dtknUJ0H1di nkgwbnD/oy9M8oBJOh+csZC0ARLp3HcS -----END CERTIFICATE-----Generated at Sun Dec 21 02:48:28 2025 by rpki-client