This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json) Hash identifier: 8wOSAtntPnntMfQ1S4r5rA0wKTHN6mROM3nAUsxjzDQ= Subject key identifier: 10:6D:BC:4A:31:FA:E4:BA:89:00:13:21:0C:58:E1:50:46:A1:82:C9 Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24 Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924 Certificate serial: 03E7 Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft Manifest number: 01EE Signing time: Wed 12 Nov 2025 23:14:26 +0000 Manifest this update: Wed 12 Nov 2025 23:14:26 +0000 Manifest next update: Fri 19 Dec 2025 23:14:26 +0000 Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: YabE9pF3t4egkpec+YXMezhOxuJhRGS5dk+cgv7gRB8=) 2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: Fxa1FPCYhxgUDYJ5Yt/n5hBb+t3vszGQLhBJBD7mecg=) 3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: mHv6iTALxe7c2xf31EqUUzFbqznwEXc4amWj+lViTOA=) 4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: NNRmCkUau9X02u79Px3QwcTodHbkWW+WmHkQngETnp4=) 5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: zvOwhk1RTohB+c6D8dIezG1V7hqpiAHugBxb8no96A8=) 6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: QLuyYGFjHOfjGkdX50x1QKWUDmxdxeES20sT+ydLol4=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 23:14:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 999 (0x3e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924 Validity Not Before: Nov 12 23:14:26 2025 GMT Not After : Dec 19 23:14:26 2025 GMT Subject: CN=691514d2-e54c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:16:e9:da:10:1b:02:1e:b3:04:8d:57:8f:c3: 7d:a3:aa:be:80:a2:be:04:ca:46:98:28:74:6e:b8: 32:d9:fc:bf:a0:f8:05:94:8c:cb:a2:f7:ec:b5:a1: 90:6b:00:62:5d:bd:d2:5c:b1:7a:ee:d3:ef:58:38: 3e:94:cb:5d:35:c9:2d:4e:05:4e:0b:de:ce:90:90: 73:b7:79:41:72:f6:22:dd:fd:53:ef:f1:98:c9:25: 09:7f:46:ff:05:34:34:86:b3:9b:35:5f:58:27:d7: 8b:b9:ee:a3:27:60:42:85:90:18:bc:86:6e:e4:4b: 32:97:b8:8c:ea:5a:e4:94:cd:88:8d:7c:92:87:43: 5e:9d:1b:54:39:9c:b5:83:50:4c:1b:23:13:8c:58: ab:b4:36:3b:48:db:5c:09:7e:0d:c2:27:5f:bd:85: f9:e1:0e:6b:58:9e:5c:46:f1:4e:94:f5:78:bc:c9: cb:29:44:75:9f:87:45:f1:fd:ca:ec:30:ea:90:7e: c7:f3:05:15:f3:5a:e1:37:80:60:58:a0:8c:1e:21: 73:5f:8b:80:e6:89:f6:1a:d9:40:bc:df:b5:28:ac: cc:38:29:da:cb:43:51:f6:02:4c:2f:2d:a2:93:f8: bd:e2:f1:99:1e:c4:71:97:fe:c0:ea:d8:82:bd:a9: 3a:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:6D:BC:4A:31:FA:E4:BA:89:00:13:21:0C:58:E1:50:46:A1:82:C9 X509v3 Authority Key Identifier: keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:43:78:de:e8:bf:1f:ef:7e:c1:bf:63:f5:60:76:12:a5:d3: b7:ff:99:cf:dc:c3:09:1a:94:0e:46:2c:5d:06:cf:9f:ed:d6: 56:85:f6:f0:fe:58:9e:6a:a5:ee:93:84:28:12:cd:2e:13:fc: be:51:ea:bb:5c:f2:ba:37:da:bf:af:1b:68:6e:6d:3f:a5:5b: 4c:ae:83:8a:82:eb:bb:02:3a:0e:c5:8d:cb:84:45:84:40:19: 90:0e:e3:65:2a:f7:6d:8a:91:75:87:b0:66:a3:67:94:bf:c5: b9:e4:63:f2:e9:ae:34:ad:c3:07:d7:b2:ba:f0:56:07:56:d0: ef:f9:df:00:05:75:53:8a:85:b6:7e:1c:0a:2a:89:7c:ca:56: 93:9b:a6:3a:7f:f9:62:a0:93:70:24:1a:45:71:c7:77:86:b3: b9:35:68:e6:b4:8b:69:ac:10:9b:18:92:a3:f7:5a:af:c2:69: 54:e2:29:da:59:31:fe:6b:00:2c:f2:ed:0b:d2:0a:1e:09:35: e6:aa:93:d9:2f:36:b9:39:ce:c4:f3:ba:ff:43:43:2d:35:d0: d0:59:90:a6:86:b9:80:99:10:dc:5e:91:59:f1:26:53:1e:0e: ef:69:5d:bc:d3:c9:97:c3:00:f9:92:ae:8d:0a:62:32:a3:ee: cc:d2:a6:c9 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgICA+cwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTExMTIyMzE0MjZaFw0y NTEyMTkyMzE0MjZaMBgxFjAUBgNVBAMTDTY5MTUxNGQyLWU1NGMwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWFunaEBsCHrMEjVePw32jqr6Aor4EykaY KHRuuDLZ/L+g+AWUjMui9+y1oZBrAGJdvdJcsXru0+9YOD6Uy101yS1OBU4L3s6Q kHO3eUFy9iLd/VPv8ZjJJQl/Rv8FNDSGs5s1X1gn14u57qMnYEKFkBi8hm7kSzKX uIzqWuSUzYiNfJKHQ16dG1Q5nLWDUEwbIxOMWKu0NjtI21wJfg3CJ1+9hfnhDmtY nlxG8U6U9Xi8ycspRHWfh0Xx/crsMOqQfsfzBRXzWuE3gGBYoIweIXNfi4DmifYa 2UC837UorMw4KdrLQ1H2AkwvLaKT+L3i8ZkexHGX/sDq2IK9qTrhAgMBAAGjggJP MIICSzAdBgNVHQ4EFgQUEG28SjH65LqJABMhDFjhUEahgskwHwYDVR0jBBgwFoAU mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5 SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2 MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3 RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBvQ3je6L8f737Bv2P1 YHYSpdO3/5nP3MMJGpQORixdBs+f7dZWhfbw/lieaqXuk4QoEs0uE/y+Ueq7XPK6 N9q/rxtobm0/pVtMroOKguu7AjoOxY3LhEWEQBmQDuNlKvdtipF1h7Bmo2eUv8W5 5GPy6a40rcMH17K68FYHVtDv+d8ABXVTioW2fhwKKol8ylaTm6Y6f/lioJNwJBpF ccd3hrO5NWjmtItprBCbGJKj91qvwmlU4inaWTH+awAs8u0L0goeCTXmqpPZLza5 Oc7E87r/Q0MtNdDQWZCmhrmAmRDcXpFZ8SZTHg7vaV2808mXwwD5kq6NCmIyo+7M 0qbJ -----END CERTIFICATE-----Generated at Wed Nov 19 03:17:53 2025 by rpki-client