This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: IqP4MMPdLXg2sm7TcaYHhU0pEyJ3eovwMu91xnif4ZI= Subject key identifier: 75:3E:2F:BB:AF:6C:F4:F1:AB:B3:F2:77:AE:52:C1:BA:31:66:20:0F Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 34F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 34F2 Signing time: Thu 18 Dec 2025 14:49:30 +0000 Manifest this update: Thu 18 Dec 2025 14:49:29 +0000 Manifest next update: Thu 25 Dec 2025 14:49:29 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: OnbKs42i2fdi6FJFQoUmCGxt0kK9n2bXzDoCnuXsr38=) 2: 796A04A6BA1A11F08C920A83C4F9AE02.roa (hash: XrkdqNUQGwomIdIUUZC2gUbbnUvFxDZ/p2osIbne7lw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 14:49:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13561 (0x34f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Dec 18 14:49:29 2025 GMT Not After : Dec 25 14:49:29 2025 GMT Subject: CN=69441479-4bec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:74:37:74:24:af:88:f9:be:bb:65:c0:00:ae: b0:76:67:bd:27:6e:58:56:bf:f7:1b:ac:77:7b:98: e9:b1:0b:3c:24:b1:3a:2f:55:c5:3f:ca:f5:02:00: 89:36:c5:ea:eb:03:90:09:76:6d:77:80:5c:47:5c: 74:ea:8c:75:be:9d:83:1a:c5:78:32:ce:18:ed:b4: 8e:04:89:15:60:f7:10:27:b8:bc:8f:41:d0:b9:82: 38:32:25:44:ad:04:7a:6b:27:34:f5:cc:54:e6:3a: 2d:b0:d0:82:3e:1c:03:43:e3:26:82:1c:11:7b:23: 0d:fb:ec:f3:c9:60:75:57:07:4f:84:63:96:a0:2b: 8d:6a:62:15:07:fe:46:9a:d1:95:09:31:c0:2c:05: 76:f6:7b:9d:e9:ac:0a:1a:b8:ef:bc:02:45:42:f4: 0f:a7:63:1c:3e:ae:88:0b:3e:99:97:5e:cb:79:4b: 2e:fb:4f:92:4c:ac:67:e0:1f:03:b0:41:e4:7d:ee: 83:fd:14:42:88:9b:78:a5:8a:52:64:c1:7f:65:bf: cf:13:91:8c:20:a1:ef:6a:c6:19:0b:17:fe:9c:4e: 32:56:2f:af:52:e6:00:17:94:1c:91:0c:c9:03:5f: 97:4a:13:2d:be:e9:df:72:54:68:be:3b:7b:86:eb: 5b:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:3E:2F:BB:AF:6C:F4:F1:AB:B3:F2:77:AE:52:C1:BA:31:66:20:0F X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:9b:f5:e6:4a:f4:9e:ff:20:b8:7e:7c:c0:1b:d9:34:bd:cb: 0d:2e:76:e9:98:ef:4c:05:9c:77:c0:da:f8:92:12:8e:1e:9f: c6:2b:98:dd:cb:f0:4f:f0:33:2c:0b:63:4e:59:ad:5b:54:40: 38:6f:c4:95:f6:60:07:12:ed:32:31:ac:77:f9:76:51:d7:17: 06:6d:80:a9:f5:a4:80:0e:fc:cc:93:68:0f:38:99:ae:67:f6: c2:f4:57:d2:2d:dd:a3:e5:8f:fa:1c:39:99:e6:f6:be:99:0d: c3:2a:2c:a2:4a:a4:06:28:3b:f4:94:19:a2:d8:a2:0a:82:4f: 1b:80:1b:a2:dd:c0:5a:3b:33:44:9c:5d:6b:e8:72:19:c6:50: 03:42:3c:22:ba:9d:d1:45:2a:d9:35:48:76:2a:0d:6e:f5:db: 42:d8:81:bb:5c:f0:fc:04:4e:04:e2:db:4e:cf:9d:cf:66:91: 07:12:1a:61:13:72:5f:11:e8:99:bd:71:82:d3:d4:60:5d:32: d2:98:27:d6:da:9c:3a:3e:14:6a:45:1b:72:4c:b5:45:b3:df: a3:cf:39:b7:9a:cb:64:f6:c0:0b:c8:dc:be:fb:51:9d:26:ef: 62:1e:3a:1c:40:b6:30:7f:98:aa:6b:27:59:07:8c:5c:8a:7a: f4:30:6a:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUxMjE4MTQ0OTI5WhcNMjUxMjI1MTQ0OTI5WjAYMRYwFAYD VQQDDA02OTQ0MTQ3OS00YmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4XQ3dCSviPm+u2XAAK6wdme9J25YVr/3G6x3e5jpsQs8JLE6L1XFP8r1AgCJ NsXq6wOQCXZtd4BcR1x06ox1vp2DGsV4Ms4Y7bSOBIkVYPcQJ7i8j0HQuYI4MiVE rQR6ayc09cxU5jotsNCCPhwDQ+MmghwReyMN++zzyWB1VwdPhGOWoCuNamIVB/5G mtGVCTHALAV29nud6awKGrjvvAJFQvQPp2McPq6ICz6Zl17LeUsu+0+STKxn4B8D sEHkfe6D/RRCiJt4pYpSZMF/Zb/PE5GMIKHvasYZCxf+nE4yVi+vUuYAF5QckQzJ A1+XShMtvunfclRovjt7hutblQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHU+L7uv bPTxq7Pyd65SwboxZiAPMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0m/XmSvSe/yC4fnzAG9k0vcsNLnbpmO9MBZx3wNr4khKOHp/GK5jd y/BP8DMsC2NOWa1bVEA4b8SV9mAHEu0yMax3+XZR1xcGbYCp9aSADvzMk2gPOJmu Z/bC9FfSLd2j5Y/6HDmZ5va+mQ3DKiyiSqQGKDv0lBmi2KIKgk8bgBui3cBaOzNE nF1r6HIZxlADQjwiup3RRSrZNUh2Kg1u9dtC2IG7XPD8BE4E4ttOz53PZpEHEhph E3JfEeiZvXGC09RgXTLSmCfW2pw6PhRqRRtyTLVFs9+jzzm3mstk9sALyNy++1Gd Ju9iHjocQLYwf5iqaydZB4xcinr0MGqA -----END CERTIFICATE-----Generated at Fri Dec 19 17:48:02 2025 by rpki-client