This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: zwjfGZJ6dYFK3jsnliYAdScF7SuHMw0Fxo4DujQK31g= Subject key identifier: 29:94:09:7F:01:FB:6B:14:C6:00:16:E3:80:5D:F6:5F:6C:40:43:31 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4992 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48E0 Signing time: Sat 27 Dec 2025 14:50:11 +0000 Manifest this update: Sat 27 Dec 2025 14:50:10 +0000 Manifest next update: Sat 03 Jan 2026 14:50:10 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: 4X6yzh4ZSTABpuk1LoDh3t30l7la4xhN4pcNWqCY8NY=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 4: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 7: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 8: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 10: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 Jan 2026 14:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18834 (0x4992) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 27 14:50:10 2025 GMT Not After : Jan 3 14:50:10 2026 GMT Subject: CN=694ff222-34ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:38:c2:33:96:67:6d:f6:ca:66:b3:19:51:de: bb:51:5c:e1:5d:bb:a0:b5:6e:3b:13:b4:52:61:fb: c4:ef:48:2f:35:dc:82:b9:a9:45:aa:df:96:d8:50: ce:ee:33:ac:46:d8:16:96:18:cf:6c:90:f0:4b:11: dc:06:55:c2:f2:5e:4a:37:2d:65:73:f3:bd:66:db: 18:0d:80:5c:b4:95:52:f5:24:7f:2c:a3:2f:dc:e1: 4a:aa:d6:a5:10:11:e6:3f:87:40:55:ec:54:5b:53: 96:42:45:0b:21:fc:3d:9b:5d:4d:3b:c3:cb:33:ef: 39:db:76:0a:01:48:38:71:c0:6b:13:d4:d6:ef:d8: fe:6b:c5:24:8a:f9:75:f7:23:d3:08:13:7a:8d:3e: cc:3d:f8:c1:23:4a:00:4c:63:5c:0f:27:e0:da:94: 0d:6e:31:4a:fc:c7:40:4b:8e:18:7b:67:11:79:ef: 50:bc:7a:e3:00:da:09:3b:89:fa:3e:b5:ef:32:93: aa:af:e0:ac:2e:24:f1:ed:8d:9e:e5:56:e6:4e:07: 5d:93:c9:e5:bc:e6:8f:fd:82:88:db:77:2a:6b:75: 27:f7:58:a1:c0:59:91:c7:4b:01:8d:20:ee:aa:8e: c6:d5:10:97:df:43:22:93:5f:53:eb:fa:e4:9f:e0: eb:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:94:09:7F:01:FB:6B:14:C6:00:16:E3:80:5D:F6:5F:6C:40:43:31 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:76:cf:ec:3f:67:5c:83:85:07:29:37:3d:fa:d4:74:bc:d0: 37:9c:ae:1a:cb:18:79:cb:21:ea:c7:db:56:17:96:26:6a:a7: be:08:bb:7a:d0:ff:f2:73:a0:29:8b:e3:e0:de:91:b6:4c:3b: 09:c1:93:52:f5:35:ad:1d:fc:d9:eb:c5:28:36:ea:db:1d:41: ab:22:41:be:da:ad:6a:21:58:bc:a3:1f:78:66:5d:cb:32:57: fa:48:8d:11:c7:2b:45:b7:23:a5:cf:b7:14:c6:48:dc:29:a9: 8e:ac:9f:bf:e0:76:30:e0:f9:c0:43:76:28:8f:c9:b6:9e:a8: 55:51:71:f2:ba:54:9e:73:4c:57:1e:5f:a7:8a:ae:05:e8:30: 34:ae:a3:12:c1:21:cf:60:ae:f6:80:fc:6d:32:29:78:11:35: 10:0f:a6:98:cf:a8:df:f1:88:78:77:4e:11:e4:f3:6a:96:eb: 06:f3:ae:8d:b8:90:f5:70:c5:84:f1:53:78:ed:19:50:9d:a0: b3:61:6f:e4:4f:d5:1b:dc:4d:c3:2f:5c:57:71:5e:63:26:b3: 58:32:6c:37:49:fd:65:cf:2f:fa:9e:98:b2:00:b8:ca:2a:f6: dc:9c:c4:b3:ad:03:17:13:16:88:1d:e8:89:13:54:ab:0e:7c: f0:0f:e7:eb -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSZIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjI3MTQ1MDEwWhcNMjYwMTAzMTQ1MDEwWjAYMRYwFAYD VQQDDA02OTRmZjIyMi0zNGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmjjCM5ZnbfbKZrMZUd67UVzhXbugtW47E7RSYfvE70gvNdyCualFqt+W2FDO 7jOsRtgWlhjPbJDwSxHcBlXC8l5KNy1lc/O9ZtsYDYBctJVS9SR/LKMv3OFKqtal EBHmP4dAVexUW1OWQkULIfw9m11NO8PLM+8523YKAUg4ccBrE9TW79j+a8Ukivl1 9yPTCBN6jT7MPfjBI0oATGNcDyfg2pQNbjFK/MdAS44Ye2cRee9QvHrjANoJO4n6 PrXvMpOqr+CsLiTx7Y2e5VbmTgddk8nlvOaP/YKI23cqa3Un91ihwFmRx0sBjSDu qo7G1RCX30Mik19T6/rkn+Dr3wIDAQABo4IChzCCAoMwHQYDVR0OBBYEFCmUCX8B +2sUxgAW44Bd9l9sQEMxMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCmds/sP2dcg4UHKTc9+tR0vNA3nK4ayxh5 yyHqx9tWF5Ymaqe+CLt60P/yc6Api+Pg3pG2TDsJwZNS9TWtHfzZ68UoNurbHUGr IkG+2q1qIVi8ox94Zl3LMlf6SI0RxytFtyOlz7cUxkjcKamOrJ+/4HYw4PnAQ3Yo j8m2nqhVUXHyulSec0xXHl+niq4F6DA0rqMSwSHPYK72gPxtMil4ETUQD6aYz6jf 8Yh4d04R5PNqlusG866NuJD1cMWE8VN47RlQnaCzYW/kT9Ub3E3DL1xXcV5jJrNY Mmw3Sf1lzy/6npiyALjKKvbcnMSzrQMXExaIHeiJE1SrDnzwD+fr -----END CERTIFICATE-----Generated at Sat Dec 27 21:36:18 2025 by rpki-client