This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: 1q9qfuHcK9fUe2etlyMsAT/PnN3gbkGZKLSgGWxzUuI= Subject key identifier: 44:5F:22:1A:82:96:5B:D8:31:EC:62:6B:62:07:C1:D1:AD:9A:C7:0E Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4920 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 4870 Signing time: Sat 22 Nov 2025 02:50:10 +0000 Manifest this update: Sat 22 Nov 2025 02:50:09 +0000 Manifest next update: Sat 29 Nov 2025 02:50:09 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: e1Ep0hgnv9uyGdl9NWoPJm0gc9fiLpeRld2M/ZxA5eI=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 29 Nov 2025 02:50:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18720 (0x4920) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Nov 22 02:50:09 2025 GMT Not After : Nov 29 02:50:09 2025 GMT Subject: CN=692124e1-b18d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:28:d7:89:7f:12:34:19:4e:9c:59:88:83:f4: a1:0a:ee:e2:96:c2:3d:e1:56:18:4e:e1:b4:c5:6c: d9:f4:27:99:2c:14:9f:34:c7:31:20:39:a2:e7:16: a8:2a:f1:e2:3d:23:07:15:6d:d0:fb:06:7b:f7:86: 83:4c:29:90:8b:a4:33:2d:23:7e:47:8c:15:d4:3f: d4:9b:73:36:ad:f9:9c:8f:d7:14:aa:e9:ad:7a:fc: 22:59:ac:d7:7c:f4:1e:99:fc:7e:1a:87:ef:bb:55: b4:52:91:67:c3:08:3f:cc:d4:71:ed:8d:de:80:fd: 9a:79:d2:5e:32:bc:90:3d:40:f8:e1:60:d9:3e:ba: 4e:2a:c7:2e:b8:a3:aa:bd:ee:0b:34:14:4f:28:8a: 93:91:29:ef:b8:41:63:70:1f:85:7a:ee:50:3e:20: 44:47:c7:ec:9d:7f:29:df:c2:17:c8:e9:a9:6c:c2: 8d:59:5e:01:2b:e1:51:72:d6:d4:f0:75:ec:ff:c6: 23:61:64:99:48:cf:94:73:73:46:96:32:65:e6:93: 0e:47:34:66:b2:34:ea:63:14:db:f6:eb:5e:98:ff: 31:ed:d8:88:8e:1c:4c:fd:5a:72:6f:a5:a5:e1:9e: d5:39:ad:5a:d1:ee:3f:5e:1c:7c:79:9e:cf:b3:8a: 62:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:5F:22:1A:82:96:5B:D8:31:EC:62:6B:62:07:C1:D1:AD:9A:C7:0E X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:0f:0d:24:30:52:a6:c0:42:6a:a6:e3:e0:b0:f7:f0:da:44: cb:92:ad:87:23:3c:76:4e:ea:9b:65:5b:a4:5b:35:87:df:e9: ec:f4:f9:9d:a8:de:a0:5d:70:4b:70:49:f3:ec:ca:b3:cd:a9: d8:e0:90:65:3d:b9:7e:f9:5e:d3:82:55:72:7a:e3:60:e9:5c: 26:44:e6:26:78:a0:30:5b:f6:98:87:9d:6a:8d:03:d4:28:07: ff:51:e3:7d:fc:e5:80:f9:ca:c7:da:2b:06:b6:f6:29:65:ce: f3:0a:52:73:50:53:7e:c2:0e:e7:ed:56:6a:d6:9f:82:32:8c: 18:ae:7d:04:87:72:d0:a6:df:2b:49:da:32:28:fb:ab:21:3d: 4e:4e:fe:b1:b0:bb:55:33:5d:ea:32:c1:c2:22:28:e0:00:60: 18:6a:46:aa:dd:4f:7f:7b:32:5f:20:7c:f4:99:60:24:ae:59: d2:8a:7f:2e:04:f0:b6:85:81:32:5c:fb:21:f7:09:66:67:84: 88:fd:15:ad:00:37:18:0d:83:2c:51:3a:2e:b9:54:7f:a6:8b: a1:1b:ec:46:7a:24:70:5f:9a:21:67:17:84:ca:48:e4:33:53: c6:18:df:d5:ed:16:cb:84:9a:41:ce:21:03:0f:7a:1f:3a:67: c1:7e:73:52 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMTIyMDI1MDA5WhcNMjUxMTI5MDI1MDA5WjAYMRYwFAYD VQQDEw02OTIxMjRlMS1iMThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwCjXiX8SNBlOnFmIg/ShCu7ilsI94VYYTuG0xWzZ9CeZLBSfNMcxIDmi5xao KvHiPSMHFW3Q+wZ794aDTCmQi6QzLSN+R4wV1D/Um3M2rfmcj9cUqumtevwiWazX fPQemfx+Gofvu1W0UpFnwwg/zNRx7Y3egP2aedJeMryQPUD44WDZPrpOKscuuKOq ve4LNBRPKIqTkSnvuEFjcB+Feu5QPiBER8fsnX8p38IXyOmpbMKNWV4BK+FRctbU 8HXs/8YjYWSZSM+Uc3NGljJl5pMORzRmsjTqYxTb9utemP8x7diIjhxM/Vpyb6Wl 4Z7VOa1a0e4/Xhx8eZ7Ps4piCwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFERfIhqC llvYMexia2IHwdGtmscOMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBfDw0kMFKmwEJqpuPgsPfw2kTLkq2HIzx2 TuqbZVukWzWH3+ns9PmdqN6gXXBLcEnz7MqzzanY4JBlPbl++V7TglVyeuNg6Vwm ROYmeKAwW/aYh51qjQPUKAf/UeN9/OWA+crH2isGtvYpZc7zClJzUFN+wg7n7VZq 1p+CMowYrn0Eh3LQpt8rSdoyKPurIT1OTv6xsLtVM13qMsHCIijgAGAYakaq3U9/ ezJfIHz0mWAkrlnSin8uBPC2hYEyXPsh9wlmZ4SI/RWtADcYDYMsUTouuVR/pouh G+xGeiRwX5ohZxeEykjkM1PGGN/V7RbLhJpBziEDD3ofOmfBfnNS -----END CERTIFICATE-----Generated at Sat Nov 22 04:50:24 2025 by rpki-client