This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json) Hash identifier: ns8MNHqGx8xd3v9Y0cfFb6jshfD7r1CGJMFNxZuK5+k= Subject key identifier: 97:32:0B:84:70:CF:5C:F1:DA:FB:D2:4D:E2:F5:42:57:2E:3C:A5:6C Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2 Certificate issuer: /CN=apnic-rpki-root-iana-origin Certificate serial: 010B Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft Manifest number: D4 Signing time: Tue 18 Nov 2025 23:12:22 +0000 Manifest this update: Tue 18 Nov 2025 23:12:21 +0000 Manifest next update: Thu 25 Dec 2025 23:12:21 +0000 Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: cXY7J/f9U4d88gwns8+GX0mhhJlkickz0Q2z2GgUgN4=) 2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: ahHgYHJpPQeo+cEhGy/tSNz0120m2CdyQeEG6CiAs50=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 23:12:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 267 (0x10b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=apnic-rpki-root-iana-origin Validity Not Before: Nov 18 23:12:21 2025 GMT Not After : Dec 25 23:12:21 2025 GMT Subject: CN=691cfd56-83fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c0:2c:3c:db:6d:15:2f:04:50:8a:ea:0a:88: 8b:57:a7:37:9b:97:97:95:f6:84:c2:b9:04:1d:fc: e1:92:89:93:b6:f3:90:f5:8a:43:46:ff:3e:1e:af: 33:32:dc:5b:a9:d3:fd:9a:36:4d:c5:41:7e:d3:fb: bf:ff:8c:91:39:79:36:83:e4:3f:58:66:e2:a8:2c: a0:44:97:3f:2b:c4:59:c7:81:3e:94:96:8b:58:5e: fb:6b:68:26:99:c9:51:46:0a:65:e0:39:8e:82:b2: 59:6f:5e:1b:7a:58:83:7d:3b:4c:c9:24:f3:b7:59: a1:71:85:73:f2:08:72:f2:d4:ff:7c:fb:47:de:36: a4:63:52:c1:cf:7e:83:8e:55:cd:25:d6:e0:1a:84: 3a:c6:df:6b:fc:c3:16:09:b9:08:57:df:c3:2a:ff: 54:30:09:c8:c3:7e:23:bb:bc:8e:30:b9:e5:9a:1b: 2f:4d:2e:2e:f8:41:3b:20:cb:0f:b0:d1:80:ec:24: fc:ee:aa:2f:70:fa:49:dd:23:20:84:c4:0b:3e:b2: ae:0d:5c:93:97:d6:0e:cb:1d:fd:58:17:09:ef:c6: ef:de:9f:ef:01:d5:ca:b4:fb:f2:e8:f5:dc:62:e5: 7b:d6:71:a5:01:aa:fe:2b:55:4b:ee:af:69:03:36: f2:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:32:0B:84:70:CF:5C:F1:DA:FB:D2:4D:E2:F5:42:57:2E:3C:A5:6C X509v3 Authority Key Identifier: keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:5a:03:a5:35:fe:4b:8b:79:a0:d7:4e:f8:ed:7e:29:09:ae: 2e:35:8d:7d:df:d8:c3:18:44:74:c0:8d:e4:bb:ae:33:0c:89: 31:ad:58:1c:e5:4b:f5:fc:7a:19:0d:e2:5a:9e:57:ea:e4:d6: 0e:ca:ad:f8:56:b0:30:cf:05:49:cb:22:f8:5d:55:1e:40:30: 22:d1:4a:24:33:ed:96:92:23:28:e5:d6:14:3a:68:3e:a8:7c: 3d:35:ff:12:2b:60:ae:76:40:0a:06:08:4e:24:79:89:1c:3f: f3:d1:61:35:75:ed:e1:9a:23:39:ac:5e:7c:fd:9f:b9:f9:0e: 67:97:74:a2:b7:20:a8:03:6a:8e:8c:bc:0c:ff:5e:7b:be:59: 2e:d2:8c:4e:89:9a:3d:da:e1:b6:de:50:97:d2:8c:d9:98:17: ac:c9:9a:b8:62:34:49:bc:b5:49:c5:63:8d:6f:13:69:71:e5: c8:43:8f:65:ad:10:64:b4:e6:e6:c6:43:79:02:ff:34:91:dc: 40:42:b6:fa:6a:d5:71:9d:fb:73:5e:ae:75:91:a2:0c:20:54: 73:ab:db:b3:86:d5:6f:4f:5f:ab:bf:62:7a:29:48:d7:f1:da: 58:22:6a:ae:0d:41:68:40:bd:8c:4e:ac:48:65:08:a5:9b:99: 23:f2:84:d9 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgICAQswDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MTExODIzMTIyMVoXDTI1MTIy NTIzMTIyMVowGDEWMBQGA1UEAxMNNjkxY2ZkNTYtODNmYjCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALvALDzbbRUvBFCK6gqIi1enN5uXl5X2hMK5BB38 4ZKJk7bzkPWKQ0b/Ph6vMzLcW6nT/Zo2TcVBftP7v/+MkTl5NoPkP1hm4qgsoESX PyvEWceBPpSWi1he+2toJpnJUUYKZeA5joKyWW9eG3pYg307TMkk87dZoXGFc/II cvLU/3z7R942pGNSwc9+g45VzSXW4BqEOsbfa/zDFgm5CFffwyr/VDAJyMN+I7u8 jjC55ZobL00uLvhBOyDLD7DRgOwk/O6qL3D6Sd0jIITECz6yrg1ck5fWDssd/VgX Ce/G796f7wHVyrT78uj13GLle9ZxpQGq/itVS+6vaQM28tsCAwEAAaOCAi4wggIq MB0GA1UdDgQWBBSXMguEcM9c8dr70k3i9UJXLjylbDAfBgNVHSMEGDAWgBQLnMqQ 3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2 NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2 SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0 dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBACZa A6U1/kuLeaDXTvjtfikJri41jX3f2MMYRHTAjeS7rjMMiTGtWBzlS/X8ehkN4lqe V+rk1g7KrfhWsDDPBUnLIvhdVR5AMCLRSiQz7ZaSIyjl1hQ6aD6ofD01/xIrYK52 QAoGCE4keYkcP/PRYTV17eGaIzmsXnz9n7n5DmeXdKK3IKgDao6MvAz/Xnu+WS7S jE6Jmj3a4bbeUJfSjNmYF6zJmrhiNEm8tUnFY41vE2lx5chDj2WtEGS05ubGQ3kC /zSR3EBCtvpq1XGd+3NernWRogwgVHOr27OG1W9PX6u/YnopSNfx2lgiaq4NQWhA vYxOrEhlCKWbmSPyhNk= -----END CERTIFICATE-----Generated at Fri Dec 5 15:40:34 2025 by rpki-client