This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: aie+9D6E32kKaUqB/9LCRVFZIiTeWNibAY5Yr7Ars+4=
Subject key identifier: 98:9B:D5:D9:C1:6A:B8:AF:DF:2D:E3:4F:A0:0C:BA:E1:70:97:AC:5D
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 49CC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 491A
Signing time: Fri 16 Jan 2026 02:50:10 +0000
Manifest this update: Fri 16 Jan 2026 02:50:10 +0000
Manifest next update: Fri 23 Jan 2026 02:50:10 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: ljUS/AncFdnU4LbKmsNItm2DC+J2d56NQVEwALHRRWY=)
2: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=)
3: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
4: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
5: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
6: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
7: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=)
8: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
9: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=)
10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 23 Jan 2026 02:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18892 (0x49cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jan 16 02:50:10 2026 GMT
Not After : Jan 23 02:50:10 2026 GMT
Subject: CN=6969a762-46fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:33:d5:4a:de:54:8e:d9:62:36:bb:18:3e:28:
f3:81:4f:33:1e:65:a0:e3:e1:88:5a:9f:b0:4a:00:
2e:00:b8:00:38:19:8f:89:25:50:50:8a:06:03:ed:
1e:87:df:68:17:0c:b3:d7:47:4b:79:2d:1a:d8:11:
86:1d:b5:8a:1a:60:09:4f:b1:ea:ee:24:73:f4:19:
2f:fa:ea:7c:73:e9:6c:f6:03:c2:98:b3:4e:16:c8:
8c:bf:31:04:63:33:37:7b:ec:db:61:7e:94:a7:79:
3b:51:fb:c1:22:e2:78:de:b7:2f:2b:34:16:00:0c:
03:39:ac:7f:68:00:51:67:82:5b:f8:a4:f6:45:e8:
bb:8a:52:fb:0f:25:6c:41:85:39:25:ce:16:08:55:
ce:6e:bc:a1:1f:b5:f7:8e:cb:8c:4f:43:f6:03:0a:
16:0a:96:4f:3f:24:cd:28:d0:91:87:93:02:8a:cd:
91:6d:01:b8:81:5f:f7:a9:75:7b:a7:b0:6f:c3:94:
ca:1c:69:5a:55:39:40:41:4b:96:fa:25:a3:55:4c:
58:ac:90:42:96:ab:2d:e3:85:e0:65:c1:4c:94:2b:
d5:a2:cb:a5:51:68:a9:bc:f5:aa:bc:d5:e4:b3:c4:
82:20:e8:9d:e4:ee:e5:87:a8:7f:f2:41:8a:43:14:
4c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9B:D5:D9:C1:6A:B8:AF:DF:2D:E3:4F:A0:0C:BA:E1:70:97:AC:5D
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
46:86:f7:f8:81:03:40:74:24:c8:6e:fd:49:2e:dd:dc:32:3c:
d0:76:1c:b9:e0:92:ad:85:10:2a:62:20:4b:b2:87:d7:e2:00:
ac:ea:5f:30:56:90:c4:d9:43:69:e3:7c:1c:1e:03:b6:de:c7:
f6:bd:26:a1:cb:36:2f:15:c0:78:2b:14:6c:5a:52:d9:a3:de:
81:f4:b9:c4:5f:75:b6:67:3b:03:e3:67:de:b7:0b:9e:7d:16:
2a:74:c3:35:9b:e4:d6:15:da:8d:20:10:fd:18:90:47:0c:21:
39:bf:71:77:d7:a7:aa:71:9a:71:83:39:81:31:92:37:05:20:
6e:e6:01:b1:80:55:63:d2:c7:63:8e:74:a7:8c:19:e2:14:7d:
a5:42:82:ac:33:82:70:f8:e0:bb:31:aa:81:07:f5:1b:8b:e1:
af:ae:b9:26:80:97:39:18:a6:fb:cb:4a:cd:59:8b:e2:3c:d1:
d9:52:f3:d2:d6:88:fd:fc:84:14:2f:1c:f8:89:96:9d:18:a3:
10:6c:be:c4:e4:f0:fa:9a:ff:74:69:4a:f9:19:19:42:a6:65:
31:30:f9:96:5d:d0:d4:f7:2f:6d:21:f8:2a:7f:78:f4:b9:5b:
e5:21:b3:0c:6a:ef:73:f3:ca:bb:00:4e:54:5a:45:2e:48:c8:
69:c2:5c:39
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICScwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwMTE2MDI1MDEwWhcNMjYwMTIzMDI1MDEwWjAYMRYwFAYD
VQQDDA02OTY5YTc2Mi00NmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkTPVSt5UjtliNrsYPijzgU8zHmWg4+GIWp+wSgAuALgAOBmPiSVQUIoGA+0e
h99oFwyz10dLeS0a2BGGHbWKGmAJT7Hq7iRz9Bkv+up8c+ls9gPCmLNOFsiMvzEE
YzM3e+zbYX6Up3k7UfvBIuJ43rcvKzQWAAwDOax/aABRZ4Jb+KT2Rei7ilL7DyVs
QYU5Jc4WCFXObryhH7X3jsuMT0P2AwoWCpZPPyTNKNCRh5MCis2RbQG4gV/3qXV7
p7Bvw5TKHGlaVTlAQUuW+iWjVUxYrJBClqst44XgZcFMlCvVosulUWipvPWqvNXk
s8SCIOid5O7lh6h/8kGKQxRMhQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFJib1dnB
ariv3y3jT6AMuuFwl6xdMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBGhvf4gQNAdCTIbv1JLt3cMjzQdhy54JKt
hRAqYiBLsofX4gCs6l8wVpDE2UNp43wcHgO23sf2vSahyzYvFcB4KxRsWlLZo96B
9LnEX3W2ZzsD42fetwuefRYqdMM1m+TWFdqNIBD9GJBHDCE5v3F316eqcZpxgzmB
MZI3BSBu5gGxgFVj0sdjjnSnjBniFH2lQoKsM4Jw+OC7MaqBB/Ubi+GvrrkmgJc5
GKb7y0rNWYviPNHZUvPS1oj9/IQULxz4iZadGKMQbL7E5PD6mv90aUr5GRlCpmUx
MPmWXdDU9y9tIfgqf3j0uVvlIbMMau9z88q7AE5UWkUuSMhpwlw5
-----END CERTIFICATE-----
Generated at Fri Jan 16 11:44:02 2026 by rpki-client