This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: OQ30zYy3cu34JgzpQk0lUSOvyiT2YCaK1q7I7yCzf3g= Subject key identifier: B4:FF:C1:C3:E2:6B:0B:1E:D3:50:81:AC:B6:C3:AA:CB:36:6D:BD:D5 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 49A4 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48F2 Signing time: Fri 02 Jan 2026 14:50:11 +0000 Manifest this update: Fri 02 Jan 2026 14:50:11 +0000 Manifest next update: Fri 09 Jan 2026 14:50:11 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: /ul0zU4AP/ullp6XVnxydpjLWCxp7fRn9NyAvnL4Uro=) 2: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 3: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 4: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 5: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 7: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 8: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 9: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 10: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 Jan 2026 14:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18852 (0x49a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Jan 2 14:50:11 2026 GMT Not After : Jan 9 14:50:11 2026 GMT Subject: CN=6957db23-63f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:9e:23:5c:f4:96:ef:41:84:8e:5e:f4:d2:99: 81:db:2b:a8:24:35:83:db:70:5a:d5:45:bc:73:34: 8e:09:73:fd:41:7b:f2:ca:9a:b4:2e:21:8c:a7:76: 42:27:e9:8e:87:67:ad:d0:72:1f:89:42:6c:f7:3c: cb:21:c0:94:44:bb:cf:ea:6a:dc:73:5e:f6:95:c7: 41:1b:05:7d:28:13:aa:f4:17:a3:d1:35:51:b2:ce: 19:9b:cc:e7:9d:16:f2:33:07:93:74:d2:29:8c:58: 4a:e7:94:b9:86:d8:ce:9d:53:56:0b:aa:8d:16:1e: 7b:58:a3:d2:2a:c9:32:08:39:03:ea:e7:a6:b0:4b: 09:58:2b:e0:89:2b:67:be:66:1e:b4:8c:d3:16:de: 35:92:d6:83:fc:7b:41:28:d4:77:76:c9:00:c0:24: 90:b6:75:65:b9:74:be:1c:3b:92:b6:3d:b1:79:4a: 92:05:e9:ae:62:86:47:66:5c:62:1c:18:7a:69:ac: 8f:39:3a:ad:8b:e2:73:40:2b:be:aa:8a:e5:e8:1c: 9b:f8:06:b8:d3:87:c0:c8:c1:83:5b:00:ef:cc:98: ad:f7:6f:95:ba:57:15:ee:f3:b6:a0:70:b5:91:1e: 4b:ed:a8:a7:3d:a8:02:79:f0:8e:74:8d:a2:96:0e: c5:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:FF:C1:C3:E2:6B:0B:1E:D3:50:81:AC:B6:C3:AA:CB:36:6D:BD:D5 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:bf:4e:9c:2f:1b:5b:3a:78:aa:9f:a4:10:9f:5e:9b:c6:0e: e2:2c:b0:26:e5:82:fa:c9:af:11:d5:c6:3c:33:e8:94:7c:7b: 62:15:de:7d:a1:74:7e:a7:b0:0a:1f:e1:42:5b:a7:af:d2:22: 54:08:d2:f9:99:62:b4:28:be:20:cb:3b:b1:88:df:8d:bf:8d: 0b:80:6d:fa:3e:83:9a:0a:97:7c:65:f9:bc:81:32:c9:06:8a: 0d:20:bd:41:a0:30:c3:90:24:4e:30:b0:a6:e0:44:38:2e:a6: d6:a3:53:7e:e0:7c:a6:1d:5e:2d:dd:91:8b:69:b4:a3:db:c6: ea:35:36:4a:d6:27:97:e1:88:b9:cf:7e:ff:91:09:66:ee:b6: cc:fb:a3:fe:e8:cf:f8:a0:3a:f9:83:aa:35:c2:8d:5a:5b:57: 9f:41:72:66:99:a6:f9:9a:c8:03:1b:9b:fd:fe:c4:1d:bd:2a: 70:66:2a:0e:82:58:11:4c:f0:7d:7d:a7:e6:44:22:58:ca:36: 75:ca:7f:17:18:e0:fa:7d:a6:9f:0e:b2:cf:af:b7:2c:f4:52: a3:3e:0e:44:08:ed:9e:86:e7:07:6d:72:df:47:ce:db:fa:38: f4:83:5e:55:14:68:11:20:56:9b:eb:42:16:4b:af:69:93:38: 78:d7:f2:b4 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSaQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjYwMTAyMTQ1MDExWhcNMjYwMTA5MTQ1MDExWjAYMRYwFAYD VQQDDA02OTU3ZGIyMy02M2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyJ4jXPSW70GEjl700pmB2yuoJDWD23Ba1UW8czSOCXP9QXvyypq0LiGMp3ZC J+mOh2et0HIfiUJs9zzLIcCURLvP6mrcc172lcdBGwV9KBOq9Bej0TVRss4Zm8zn nRbyMweTdNIpjFhK55S5htjOnVNWC6qNFh57WKPSKskyCDkD6uemsEsJWCvgiStn vmYetIzTFt41ktaD/HtBKNR3dskAwCSQtnVluXS+HDuStj2xeUqSBemuYoZHZlxi HBh6aayPOTqti+JzQCu+qorl6Byb+Aa404fAyMGDWwDvzJit92+VulcV7vO2oHC1 kR5L7ainPagCefCOdI2ilg7FoQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFLT/wcPi awse01CBrLbDqss2bb3VMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQByv06cLxtbOniqn6QQn16bxg7iLLAm5YL6 ya8R1cY8M+iUfHtiFd59oXR+p7AKH+FCW6ev0iJUCNL5mWK0KL4gyzuxiN+Nv40L gG36PoOaCpd8Zfm8gTLJBooNIL1BoDDDkCROMLCm4EQ4LqbWo1N+4HymHV4t3ZGL abSj28bqNTZK1ieX4Yi5z37/kQlm7rbM+6P+6M/4oDr5g6o1wo1aW1efQXJmmab5 msgDG5v9/sQdvSpwZioOglgRTPB9fafmRCJYyjZ1yn8XGOD6faafDrLPr7cs9FKj Pg5ECO2ehucHbXLfR87b+jj0g15VFGgRIFab60IWS69pkzh41/K0 -----END CERTIFICATE-----Generated at Sat Jan 3 02:32:05 2026 by rpki-client