This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json) Hash identifier: /fWZrglW2jBzH8hUW0CPvUefg4Rvps0iinHOdjQpEiw= Subject key identifier: EA:E3:5D:7A:15:55:25:7F:7E:1D:73:F5:7B:A1:79:36:CF:E7:44:E0 Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2 Certificate issuer: /CN=apnic-rpki-root-iana-origin Certificate serial: 010C Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft Manifest number: D5 Signing time: Thu 18 Dec 2025 23:57:50 +0000 Manifest this update: Thu 18 Dec 2025 23:57:49 +0000 Manifest next update: Sun 25 Jan 2026 23:57:49 +0000 Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: LkTO9usbtleTA4BEUIKvRg6TN/lQ/UzOvYAjF4G25QI=) 2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: ahHgYHJpPQeo+cEhGy/tSNz0120m2CdyQeEG6CiAs50=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 23:57:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 268 (0x10c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=apnic-rpki-root-iana-origin Validity Not Before: Dec 18 23:57:49 2025 GMT Not After : Jan 25 23:57:49 2026 GMT Subject: CN=694494fe-9ed7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:59:1f:5d:de:27:85:3e:cc:93:2c:24:fe:7e: f4:44:3f:5e:d2:e4:e1:e4:7a:4c:1c:bf:35:ce:f7: b6:49:93:71:84:39:64:4e:58:8f:2b:0a:f5:bb:a2: 4c:84:23:b2:2d:c2:a8:4a:20:e4:a4:02:5d:23:33: f9:b6:ac:74:10:5f:a1:9d:00:92:6c:04:1a:c0:d8: f6:55:14:7b:88:be:c3:e8:72:52:79:84:ea:03:16: fc:1e:8b:84:2f:b2:e4:4d:41:3c:63:65:7c:9c:46: de:06:1d:67:a6:ef:65:36:0b:b5:a7:cb:86:4b:6f: 08:ff:77:b7:89:2a:03:05:ee:ed:22:35:c3:71:c5: 35:44:fa:aa:3c:f2:55:48:00:b7:74:89:05:fb:77: 26:67:9a:34:f5:0c:f3:79:0e:2c:a7:53:a4:4b:ba: bc:0c:b2:c5:f2:68:b8:cd:4e:48:30:6a:e7:7d:d4: e0:bc:4b:65:dc:29:a7:18:5a:0a:75:15:c4:6c:eb: 0a:a0:c5:45:cc:13:7a:e9:69:c5:46:33:55:c7:5a: a5:65:c5:e9:10:9d:4c:88:f5:36:c0:79:eb:67:a8: c8:1a:4e:86:1c:2e:b9:01:72:5e:64:24:34:7c:22: b0:a0:bf:d6:ea:5d:5c:c8:fb:fa:49:54:bc:ce:8b: bf:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:E3:5D:7A:15:55:25:7F:7E:1D:73:F5:7B:A1:79:36:CF:E7:44:E0 X509v3 Authority Key Identifier: keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:05:f9:c6:06:00:7a:64:88:64:f5:87:d5:6e:41:12:19:c3: d3:bf:8d:70:38:fd:81:78:31:14:83:91:a9:20:57:63:ad:6e: ba:75:64:56:ce:81:fd:b3:31:69:d9:d9:78:5f:b2:cb:58:c9: 99:d2:3b:82:e7:6d:a2:c8:96:9d:26:50:97:04:48:c2:9d:7d: 25:a9:59:2f:d6:6e:18:c7:8b:4e:6e:16:d6:59:7d:07:e7:8b: 08:c7:1b:4e:06:2f:6f:67:03:33:2c:7a:3b:14:de:0e:4f:d7: d0:d7:d0:b7:41:e6:1a:b3:59:c4:04:46:03:70:87:4e:66:8d: e4:a7:bd:4d:08:85:79:cf:49:e1:56:e1:27:75:0d:5d:b8:aa: 62:3b:b9:00:12:07:58:e2:2f:34:e5:d6:fe:a8:09:8b:3f:59: a4:d7:f9:39:23:fe:9e:39:ec:5b:39:2b:5f:c2:2e:43:04:0e: f3:a9:c7:b9:f6:27:82:b2:b4:e1:77:0a:2e:56:06:c5:b3:c7: 41:4a:33:26:fa:38:3b:64:68:76:9f:26:17:36:41:36:4a:4b: 46:a7:40:63:c9:f4:6d:e0:82:27:47:9c:a9:4f:d3:ae:59:87: 6a:eb:14:e7:27:a9:93:48:0a:1e:d8:f4:98:7f:95:81:4a:66: 2a:eb:a0:5b -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgICAQwwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MTIxODIzNTc0OVoXDTI2MDEy NTIzNTc0OVowGDEWMBQGA1UEAxMNNjk0NDk0ZmUtOWVkNzCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAOZZH13eJ4U+zJMsJP5+9EQ/XtLk4eR6TBy/Nc73 tkmTcYQ5ZE5YjysK9buiTIQjsi3CqEog5KQCXSMz+basdBBfoZ0AkmwEGsDY9lUU e4i+w+hyUnmE6gMW/B6LhC+y5E1BPGNlfJxG3gYdZ6bvZTYLtafLhktvCP93t4kq AwXu7SI1w3HFNUT6qjzyVUgAt3SJBft3JmeaNPUM83kOLKdTpEu6vAyyxfJouM1O SDBq533U4LxLZdwppxhaCnUVxGzrCqDFRcwTeulpxUYzVcdapWXF6RCdTIj1NsB5 62eoyBpOhhwuuQFyXmQkNHwisKC/1updXMj7+klUvM6Lv80CAwEAAaOCAi4wggIq MB0GA1UdDgQWBBTq4116FVUlf34dc/V7oXk2z+dE4DAfBgNVHSMEGDAWgBQLnMqQ 3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2 NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2 SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0 dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAEEF +cYGAHpkiGT1h9VuQRIZw9O/jXA4/YF4MRSDkakgV2Otbrp1ZFbOgf2zMWnZ2Xhf sstYyZnSO4LnbaLIlp0mUJcESMKdfSWpWS/WbhjHi05uFtZZfQfniwjHG04GL29n AzMsejsU3g5P19DX0LdB5hqzWcQERgNwh05mjeSnvU0IhXnPSeFW4Sd1DV24qmI7 uQASB1jiLzTl1v6oCYs/WaTX+Tkj/p457Fs5K1/CLkMEDvOpx7n2J4KytOF3Ci5W BsWzx0FKMyb6ODtkaHafJhc2QTZKS0anQGPJ9G3ggidHnKlP065Zh2rrFOcnqZNI Ch7Y9Jh/lYFKZirroFs= -----END CERTIFICATE-----Generated at Sat Jan 17 04:50:40 2026 by rpki-client