This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: kGQif1Q7nCaGvLi+vXrTeoj8i9lsNYWClpOJXZL8uiA= Subject key identifier: 5C:1C:2F:D7:1A:CB:A0:16:39:18:63:B7:2B:D4:B9:9A:B4:F9:AF:D2 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 493B Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 488A Signing time: Sun 30 Nov 2025 02:50:10 +0000 Manifest this update: Sun 30 Nov 2025 02:50:09 +0000 Manifest next update: Sun 07 Dec 2025 02:50:09 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: ZZNLHE1rCzhhneZtRE8z7blMkqQpxO2Cf65hlxI2wQs=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 02:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18747 (0x493b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Nov 30 02:50:09 2025 GMT Not After : Dec 7 02:50:09 2025 GMT Subject: CN=692bb0e2-ffd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a0:fd:47:ad:ff:d6:24:e6:a9:de:83:f6:18: 7a:75:a3:29:3a:ef:89:92:21:c6:5d:4d:97:59:c1: 0f:41:37:d7:9c:15:d7:d6:58:ee:1f:1c:2d:13:54: c7:98:4a:7c:c7:e3:53:4d:55:45:bf:da:fb:ab:e2: 5e:bb:1b:9c:67:8f:3e:11:82:8a:d7:14:e8:92:87: 1b:46:8a:4f:1b:84:66:23:86:db:01:43:c0:b5:8f: da:5c:7d:f2:83:db:0a:7f:13:5c:ae:1e:fe:35:e3: 43:a9:5c:27:da:09:8f:0a:7a:b1:e1:b6:96:1a:ea: f1:e9:d0:c2:e9:92:e1:34:df:dd:5c:03:2f:89:cc: 6b:52:08:20:ca:66:f1:d5:82:78:df:f4:62:8c:ae: 06:d1:5a:7f:7a:9a:27:15:06:28:96:06:75:14:5a: ee:90:e2:d0:2d:9c:00:2c:a3:99:4c:3b:fc:e8:fb: 2f:f5:ce:82:27:67:91:b3:2e:f6:88:cd:2b:70:13: 02:b7:80:b3:89:d0:e9:a3:4a:2e:37:e7:ee:ea:44: 5f:f7:f3:6b:cd:de:64:57:b8:47:b9:c8:62:28:8d: 45:37:a8:a3:ee:cf:c5:61:13:7a:47:65:a9:a3:c7: ac:f5:5f:fb:00:7e:06:e6:c5:24:65:e0:f5:ba:6c: a8:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:1C:2F:D7:1A:CB:A0:16:39:18:63:B7:2B:D4:B9:9A:B4:F9:AF:D2 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:16:13:f8:06:0e:e4:96:ce:ff:43:e4:d1:9f:cd:b9:e8:21: 0d:fb:03:fb:72:0b:e8:cd:3b:91:9e:ce:67:db:b3:f6:8b:a2: d0:1b:f9:97:5b:ec:73:3c:44:48:50:ad:4b:6a:73:4f:fb:99: a1:74:87:a6:78:40:19:40:68:6d:7c:27:4c:e0:58:ce:e4:8c: 9c:c3:d7:f7:a4:43:7b:a8:07:0e:30:d4:5d:07:5f:c8:bf:00: 37:83:20:17:2e:77:ef:e7:0c:1a:3e:ec:62:37:8d:ce:92:bd: 2d:44:a7:e1:08:1a:e2:55:10:45:b3:3e:b8:d6:de:18:11:2b: 8a:be:63:44:06:e0:77:2b:97:dc:57:16:ea:78:47:af:f1:4c: 97:aa:60:7c:6f:51:e5:b6:6b:91:9f:be:2c:7b:f7:65:07:0d: 2e:7f:23:b6:76:1d:4f:e3:64:99:4a:54:18:78:1f:77:af:f3: 3a:ce:a9:0f:08:67:7f:b5:45:23:51:92:c5:73:af:b6:dc:58: c7:03:99:ce:84:3e:4c:29:00:2d:bd:00:b4:cd:ef:53:13:b2: 22:ad:5f:22:ca:eb:4c:f6:9e:ac:91:48:2a:80:b0:93:64:90: 40:21:3b:d2:c7:75:7d:bc:78:54:8a:ad:0a:ba:87:7d:75:fd: cf:3b:02:c9 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSTswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMTMwMDI1MDA5WhcNMjUxMjA3MDI1MDA5WjAYMRYwFAYD VQQDEw02OTJiYjBlMi1mZmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvKD9R63/1iTmqd6D9hh6daMpOu+JkiHGXU2XWcEPQTfXnBXX1ljuHxwtE1TH mEp8x+NTTVVFv9r7q+JeuxucZ48+EYKK1xTokocbRopPG4RmI4bbAUPAtY/aXH3y g9sKfxNcrh7+NeNDqVwn2gmPCnqx4baWGurx6dDC6ZLhNN/dXAMvicxrUgggymbx 1YJ43/RijK4G0Vp/eponFQYolgZ1FFrukOLQLZwALKOZTDv86Psv9c6CJ2eRsy72 iM0rcBMCt4CzidDpo0ouN+fu6kRf9/Nrzd5kV7hHuchiKI1FN6ij7s/FYRN6R2Wp o8es9V/7AH4G5sUkZeD1umyoKwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFFwcL9ca y6AWORhjtyvUuZq0+a/SMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCIFhP4Bg7kls7/Q+TRn8256CEN+wP7cgvo zTuRns5n27P2i6LQG/mXW+xzPERIUK1LanNP+5mhdIemeEAZQGhtfCdM4FjO5Iyc w9f3pEN7qAcOMNRdB1/IvwA3gyAXLnfv5wwaPuxiN43Okr0tRKfhCBriVRBFsz64 1t4YESuKvmNEBuB3K5fcVxbqeEev8UyXqmB8b1HltmuRn74se/dlBw0ufyO2dh1P 42SZSlQYeB93r/M6zqkPCGd/tUUjUZLFc6+23FjHA5nOhD5MKQAtvQC0ze9TE7Ii rV8iyutM9p6skUgqgLCTZJBAITvSx3V9vHhUiq0Kuod9df3POwLJ -----END CERTIFICATE-----Generated at Sun Nov 30 11:05:56 2025 by rpki-client