This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: h3XNJqi+tm9ZjTPaV/3dkiraI8bnU1611qJeC9XtGKA= Subject key identifier: 4F:B2:C1:94:82:9E:B7:5A:5F:52:71:88:D9:1C:F9:8E:65:BB:27:89 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4960 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48AE Signing time: Thu 11 Dec 2025 14:50:10 +0000 Manifest this update: Thu 11 Dec 2025 14:50:09 +0000 Manifest next update: Thu 18 Dec 2025 14:50:09 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: NXQ1oHcXqZSOG9vEEx1itAEdvB+X4Rj/rX6l3JGpNtE=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Dec 2025 14:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18784 (0x4960) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 11 14:50:09 2025 GMT Not After : Dec 18 14:50:09 2025 GMT Subject: CN=693ada21-796a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:8a:86:23:3c:09:b2:93:f3:89:1c:76:d7:f2: 5a:eb:ba:f1:85:e3:26:2c:e3:f4:c5:8c:43:92:0a: 35:9e:ae:69:ee:90:9b:ab:d2:c3:3c:c0:f8:8a:ee: 48:9e:af:b6:0c:df:54:da:59:6e:6d:04:8c:7f:08: 8f:81:18:e7:f1:2c:8b:6d:a2:0d:5d:12:30:ef:da: 17:0b:bb:44:e3:01:e3:18:70:c0:19:57:36:9f:5f: d3:26:de:2d:cd:38:5b:26:a6:e1:6a:79:cb:d8:6f: 6c:39:d5:e9:57:b0:ad:72:48:37:a9:cf:51:55:3a: 33:aa:0b:a3:53:11:72:51:a4:27:2a:c9:04:ca:8f: 3a:89:31:99:ad:bb:c9:2a:21:99:f5:b7:75:e3:e4: 3c:91:d1:dd:5f:58:2f:2c:ca:fc:1d:73:37:a6:61: a1:f2:0a:69:33:c6:5d:f7:31:66:c3:e5:2d:d2:45: 90:8b:2d:fc:e2:5b:74:dd:d2:1c:e3:ec:8d:bf:6b: 6e:e9:cc:19:7f:70:71:db:ad:70:83:bd:ce:b5:3b: 30:a0:92:51:ce:67:28:e0:49:5f:93:4a:45:8b:ce: 2b:76:9d:d9:a4:f6:24:e2:dc:bd:03:3f:d8:0a:75: bd:27:56:37:24:fe:7e:0b:0d:b2:03:af:6f:00:23: 21:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:B2:C1:94:82:9E:B7:5A:5F:52:71:88:D9:1C:F9:8E:65:BB:27:89 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:7a:0d:40:23:e1:b7:90:0e:e9:d9:0a:16:21:05:b7:12:76: 05:11:d8:e0:71:7c:ec:29:0f:ce:a9:f2:b9:03:f6:6a:86:e0: 3d:2b:e8:e0:73:b4:db:60:c8:40:4c:c4:78:5b:3d:94:4c:26: 24:7b:05:bd:6c:f4:3e:15:0e:c0:fa:3a:d3:aa:60:5c:5f:e6: 14:c7:d9:39:48:47:39:2e:af:04:24:7c:19:fc:a7:25:ee:7a: ce:89:1a:57:18:7c:03:cd:06:49:1e:3d:75:56:24:6b:4c:f5: cc:c3:f4:17:8e:91:ca:03:a2:45:d4:d8:6f:a7:89:c4:f2:93: 3c:71:73:66:56:c2:21:62:4d:eb:c6:3d:71:6c:0d:16:df:03: bf:76:8d:47:38:b9:57:cd:12:c0:49:c6:c9:46:52:fc:05:d2: 9d:bd:ba:1f:4b:d1:ae:e5:3e:27:7e:2b:ab:ef:f2:c2:6c:77: 26:97:94:96:3b:bd:ca:1b:5d:1d:29:3b:62:a2:16:f8:ce:87: f5:eb:17:eb:7c:e2:c1:ff:80:da:0d:78:13:02:13:dd:05:79: c6:d4:cd:89:33:89:2f:ae:ed:8c:9b:04:a0:28:77:2d:5c:b8: 5c:b0:ea:a5:b8:55:11:f3:b9:23:75:96:a3:69:4a:8d:83:b1: 3b:8d:14:a0 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjExMTQ1MDA5WhcNMjUxMjE4MTQ1MDA5WjAYMRYwFAYD VQQDEw02OTNhZGEyMS03OTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5YqGIzwJspPziRx21/Ja67rxheMmLOP0xYxDkgo1nq5p7pCbq9LDPMD4iu5I nq+2DN9U2llubQSMfwiPgRjn8SyLbaINXRIw79oXC7tE4wHjGHDAGVc2n1/TJt4t zThbJqbhannL2G9sOdXpV7Ctckg3qc9RVTozqgujUxFyUaQnKskEyo86iTGZrbvJ KiGZ9bd14+Q8kdHdX1gvLMr8HXM3pmGh8gppM8Zd9zFmw+Ut0kWQiy384lt03dIc 4+yNv2tu6cwZf3Bx261wg73OtTswoJJRzmco4Elfk0pFi84rdp3ZpPYk4ty9Az/Y CnW9J1Y3JP5+Cw2yA69vACMhbwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFE+ywZSC nrdaX1JxiNkc+Y5luyeJMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA1eg1AI+G3kA7p2QoWIQW3EnYFEdjgcXzs KQ/OqfK5A/ZqhuA9K+jgc7TbYMhATMR4Wz2UTCYkewW9bPQ+FQ7A+jrTqmBcX+YU x9k5SEc5Lq8EJHwZ/Kcl7nrOiRpXGHwDzQZJHj11ViRrTPXMw/QXjpHKA6JF1Nhv p4nE8pM8cXNmVsIhYk3rxj1xbA0W3wO/do1HOLlXzRLAScbJRlL8BdKdvbofS9Gu 5T4nfiur7/LCbHcml5SWO73KG10dKTtiohb4zof16xfrfOLB/4DaDXgTAhPdBXnG 1M2JM4kvru2MmwSgKHctXLhcsOqluFUR87kjdZajaUqNg7E7jRSg -----END CERTIFICATE-----Generated at Thu Dec 11 19:33:32 2025 by rpki-client