This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.mft File: he6QOP_DVBq9-33Z7TPyquNy54w.mft (raw, json) Hash identifier: bKjggIADCgmuOeGAy7euxe1KzUSaD+NrlSPKHJvSHYw= Subject key identifier: 0A:EB:E2:1F:1A:71:4C:66:43:CC:67:F3:EE:6D:21:56:4A:9C:26:D1 Authority key identifier: 85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C Certificate issuer: /CN=A91FF5E4/serialNumber=85EE9038FFC3541ABDFB7DD9ED33F2AAE372E78C Certificate serial: 05EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.mft Manifest number: 05DD Signing time: Thu 18 Dec 2025 22:22:45 +0000 Manifest this update: Thu 18 Dec 2025 22:22:44 +0000 Manifest next update: Thu 25 Dec 2025 22:22:44 +0000 Files and hashes: 1: he6QOP_DVBq9-33Z7TPyquNy54w.crl (hash: KLt17uJWaQp+CmfTe46gtl5hhN/VBqM6XZT+nYn9GoU=) 2: 09182D38084E11EF89D29620C4F9AE02.roa (hash: Mr4cvAF99YsJ9vM3bpplyr/XjV6Oh9dCkUlGWW3glRM=) 3: 07FBA006084E11EF89D29620C4F9AE02.roa (hash: olIQCCewOfkMwGkHHOS/5ivD24pRNNt8XVcMGE/8pfs=) 4: 7AFCC818E38611EB8BC17765C4F9AE02.roa (hash: yhFTvnQ9OnQm5YRLzb7trt3j3jJDg72T+yloJnYuUVI=) 5: A6EF097068F911F092D77151C4F9AE02.roa (hash: CVgVNZzRg+yoeNSO5TmorciwKychjnQza4bd4ni3W/0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.crl rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 22:22:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1518 (0x5ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF5E4, serialNumber=85EE9038FFC3541ABDFB7DD9ED33F2AAE372E78C Validity Not Before: Dec 18 22:22:44 2025 GMT Not After : Dec 25 22:22:44 2025 GMT Subject: CN=69447eb4-7ab3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:58:d0:85:fa:85:07:2b:e6:0a:b4:ad:0d:39: 99:34:29:d9:20:91:47:ac:0c:39:7e:ae:9a:86:ed: 67:75:da:0d:e9:6f:5a:df:2d:7b:fe:6a:5b:cd:19: e2:f3:9f:ac:35:ef:2b:5f:b0:78:35:a5:f8:a7:9d: 30:84:90:84:cd:4c:46:03:d1:d6:45:1e:6b:04:5e: 2a:47:c5:70:9a:a3:48:94:2b:a4:47:b9:88:24:38: 0d:ae:18:09:4e:7e:86:50:a1:c8:d1:3e:1f:84:e4: e9:f2:43:cb:9f:ec:26:bd:ac:bd:98:9d:85:5b:c6: 7b:b1:1e:14:bf:f5:b2:f3:29:52:f4:b3:de:17:d6: e8:30:55:bd:da:ce:e0:25:06:e3:bf:11:ca:5f:7e: 93:b3:42:13:77:a2:ea:86:84:c7:f5:da:55:c8:e3: 5c:f0:36:7e:a9:c6:11:2a:f1:d8:cd:8b:d3:f5:25: 0d:64:20:1c:8b:03:be:5e:f4:fd:1f:da:67:7d:fa: 8e:e9:82:00:0b:b4:8a:46:56:ce:1a:ec:36:1c:a5: 13:47:f5:fd:9a:80:d6:16:c4:dd:07:f8:af:1b:96: d8:17:ad:ff:22:ed:f9:73:c0:80:26:97:56:65:86: b4:c7:e6:14:2d:7b:4f:64:cd:eb:2c:82:18:0e:14: 06:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:EB:E2:1F:1A:71:4C:66:43:CC:67:F3:EE:6D:21:56:4A:9C:26:D1 X509v3 Authority Key Identifier: keyid:85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:1b:17:11:8c:5a:13:3a:de:5a:2b:f6:96:99:a7:06:b3:bd: b1:b0:95:ee:ed:8e:67:22:85:73:b0:f4:d6:28:67:9a:1e:f9: 25:09:8a:d7:96:37:c4:b4:2a:00:24:c8:f9:d9:a1:11:8a:18: 77:5c:18:1f:80:ab:31:aa:d3:07:c4:85:a6:1c:07:50:b3:a0: a2:20:1c:45:b0:7d:a1:a9:aa:ff:f8:1a:cc:44:d4:59:49:ca: 59:b3:f1:d4:2c:f6:24:a4:9b:fb:37:6c:b2:41:3f:ba:6e:2e: e1:1e:f8:92:09:44:e4:6d:a7:8a:56:96:a7:52:5a:35:95:95: d5:d3:13:6d:22:8c:b8:da:f0:71:14:dd:fa:ab:f1:ee:89:99: 69:05:1a:cf:1f:c1:ac:ff:22:9d:9a:99:fc:48:d6:2b:db:8e: 21:df:32:b5:29:5d:59:47:7e:d7:c5:0f:5e:d8:56:53:e3:03: aa:0e:a2:31:f1:2f:98:1e:44:a4:da:59:93:66:e8:c4:73:37: e9:f0:69:ee:64:cf:1f:c0:91:06:39:e0:ce:38:dc:ca:1b:f0: 8a:42:dc:c9:49:ed:1a:a1:5f:7b:50:14:14:59:84:8a:e8:80: 2f:5c:c3:db:14:07:c7:ca:c9:d8:42:88:35:9d:e2:98:89:9b: b2:b3:81:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY1RTQxMTAvBgNVBAUTKDg1RUU5MDM4RkZDMzU0MUFCREZCN0REOUVEMzNGMkFB RTM3MkU3OEMwHhcNMjUxMjE4MjIyMjQ0WhcNMjUxMjI1MjIyMjQ0WjAYMRYwFAYD VQQDDA02OTQ0N2ViNC03YWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlljQhfqFByvmCrStDTmZNCnZIJFHrAw5fq6ahu1nddoN6W9a3y17/mpbzRni 85+sNe8rX7B4NaX4p50whJCEzUxGA9HWRR5rBF4qR8VwmqNIlCukR7mIJDgNrhgJ Tn6GUKHI0T4fhOTp8kPLn+wmvay9mJ2FW8Z7sR4Uv/Wy8ylS9LPeF9boMFW92s7g JQbjvxHKX36Ts0ITd6LqhoTH9dpVyONc8DZ+qcYRKvHYzYvT9SUNZCAciwO+XvT9 H9pnffqO6YIAC7SKRlbOGuw2HKUTR/X9moDWFsTdB/ivG5bYF63/Iu35c8CAJpdW ZYa0x+YULXtPZM3rLIIYDhQGHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFArr4h8a cUxmQ8xn8+5tIVZKnCbRMB8GA1UdIwQYMBaAFIXukDj/w1Qavft92e0z8qrjcueM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjVFNC9FRDA3OURGRUUz ODQxMUVCQTg1OTNCNjVDNEY5QUUwMi9oZTZRT1BfRFZCcTktMzNaN1RQeXF1Tnk1 NHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hlNlFPUF9EVkJxOS0zM1o3VFB5cXVOeTU0dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RjVFNC9FRDA3OURGRUUzODQxMUVCQTg1OTNCNjVDNEY5QUUwMi9oZTZRT1BfRFZC cTktMzNaN1RQeXF1Tnk1NHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9GxcRjFoTOt5aK/aWmacGs72xsJXu7Y5nIoVzsPTWKGeaHvklCYrX ljfEtCoAJMj52aERihh3XBgfgKsxqtMHxIWmHAdQs6CiIBxFsH2hqar/+BrMRNRZ ScpZs/HULPYkpJv7N2yyQT+6bi7hHviSCUTkbaeKVpanUlo1lZXV0xNtIoy42vBx FN36q/HuiZlpBRrPH8Gs/yKdmpn8SNYr244h3zK1KV1ZR37XxQ9e2FZT4wOqDqIx 8S+YHkSk2lmTZujEczfp8GnuZM8fwJEGOeDOONzKG/CKQtzJSe0aoV97UBQUWYSK 6IAvXMPbFAfHysnYQog1neKYiZuys4ES -----END CERTIFICATE-----Generated at Fri Dec 19 19:01:34 2025 by rpki-client