This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: EG6ycLDG/eUlGnWmXGNSN31g05cuYVNBsVqgRUtKudE= Subject key identifier: EC:AA:37:B1:4E:53:E9:4A:74:70:B2:BA:41:55:AF:60:3B:28:0D:86 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4984 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48D2 Signing time: Tue 23 Dec 2025 02:50:11 +0000 Manifest this update: Tue 23 Dec 2025 02:50:11 +0000 Manifest next update: Tue 30 Dec 2025 02:50:11 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: HP8nreNrON3Dsq1JWSVt5PSbQdEBMAQzoVYFHdiEYYk=) 2: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 6: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 7: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 10: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18820 (0x4984) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 23 02:50:11 2025 GMT Not After : Dec 30 02:50:11 2025 GMT Subject: CN=694a0363-02f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:bf:40:f8:f3:80:3d:11:b1:63:ba:c8:41:5b: 77:a0:ba:59:07:db:84:e8:3a:49:45:13:9b:ce:47: 13:79:33:9c:f3:ac:aa:3e:b6:9f:f4:31:5c:c9:dd: 80:09:54:b5:58:f1:e8:76:ec:93:0a:90:05:b4:c6: 40:0d:45:8d:fd:54:1d:b7:cb:ae:b7:00:11:b2:9e: 9e:13:e4:d2:86:8d:4a:78:5f:e5:73:74:b0:d7:99: 57:89:fe:df:56:93:e7:9e:e3:01:88:c4:93:8e:ca: d1:86:d1:54:16:92:a0:37:45:8e:52:0e:ed:7f:bf: 15:e7:ce:40:a3:00:cb:87:9d:d0:55:a0:65:02:47: 93:7b:d4:64:42:f1:6c:24:8b:11:26:8c:e7:b7:4c: e0:b1:d5:c4:84:2b:61:69:fb:3e:86:33:7d:fe:4b: 36:91:3f:85:a8:e7:cb:aa:d6:15:48:ae:9e:c4:c6: d5:fa:8b:14:20:a8:70:17:b4:b3:2e:ea:d6:d7:bc: ac:13:59:c3:e3:a6:60:ff:54:28:e6:19:89:b6:77: fd:09:8e:61:9c:c9:07:d3:ad:36:68:2c:ca:42:0e: ba:0d:d6:41:f2:fc:51:2a:af:e8:75:56:3f:4a:92: 7b:3d:f2:ee:0d:29:c7:73:63:0d:7a:7e:ad:0c:92: ac:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:AA:37:B1:4E:53:E9:4A:74:70:B2:BA:41:55:AF:60:3B:28:0D:86 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:e1:cd:36:7f:47:52:9d:82:96:27:7a:cd:74:6a:09:e9:4f: 3d:35:7b:01:cd:b5:73:9d:e2:31:20:f0:af:b3:25:6b:eb:6a: d9:f1:da:f6:8f:88:c7:83:b3:55:f2:2c:bf:27:e0:10:f8:16: 98:07:7c:0c:72:3b:c2:ab:ae:10:49:a7:eb:68:0b:1e:29:88: 33:f3:52:48:66:e6:87:80:a3:37:98:12:3c:b9:c3:28:13:dd: db:9e:e4:51:57:c8:e6:03:f0:8f:46:51:95:b5:86:40:32:db: a4:5b:41:aa:44:20:e5:94:53:83:c1:7e:b5:33:7e:f3:b6:93: 19:d9:04:cf:5a:15:91:5d:76:1b:e7:8d:a3:15:be:8f:46:9c: 6b:ae:59:93:ba:71:b4:02:23:25:cf:b0:69:17:64:17:45:21: 69:eb:86:80:17:44:67:4a:6f:3c:e2:9b:85:aa:96:a1:46:7a: e4:ea:76:f8:e5:3f:f5:16:d6:1a:eb:af:98:04:cc:72:18:40: a4:dd:5c:8c:dd:1f:22:4f:fc:c6:58:8e:ff:5d:82:ac:d2:38: 0c:07:1f:a6:b7:2d:ab:44:a4:4b:7e:d0:74:bf:14:f9:2a:b0: 44:4c:f9:69:fd:e7:0b:4e:1b:7c:20:b3:cf:ae:37:aa:e8:c9: 89:b9:1b:c2 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjIzMDI1MDExWhcNMjUxMjMwMDI1MDExWjAYMRYwFAYD VQQDDA02OTRhMDM2My0wMmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuL9A+POAPRGxY7rIQVt3oLpZB9uE6DpJRRObzkcTeTOc86yqPraf9DFcyd2A CVS1WPHoduyTCpAFtMZADUWN/VQdt8uutwARsp6eE+TSho1KeF/lc3Sw15lXif7f VpPnnuMBiMSTjsrRhtFUFpKgN0WOUg7tf78V585AowDLh53QVaBlAkeTe9RkQvFs JIsRJoznt0zgsdXEhCthafs+hjN9/ks2kT+FqOfLqtYVSK6exMbV+osUIKhwF7Sz LurW17ysE1nD46Zg/1Qo5hmJtnf9CY5hnMkH0602aCzKQg66DdZB8vxRKq/odVY/ SpJ7PfLuDSnHc2MNen6tDJKslQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFOyqN7FO U+lKdHCyukFVr2A7KA2GMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCT4c02f0dSnYKWJ3rNdGoJ6U89NXsBzbVz neIxIPCvsyVr62rZ8dr2j4jHg7NV8iy/J+AQ+BaYB3wMcjvCq64QSafraAseKYgz 81JIZuaHgKM3mBI8ucMoE93bnuRRV8jmA/CPRlGVtYZAMtukW0GqRCDllFODwX61 M37ztpMZ2QTPWhWRXXYb542jFb6PRpxrrlmTunG0AiMlz7BpF2QXRSFp64aAF0Rn Sm884puFqpahRnrk6nb45T/1FtYa66+YBMxyGECk3VyM3R8iT/zGWI7/XYKs0jgM Bx+mty2rRKRLftB0vxT5KrBETPlp/ecLTht8ILPPrjeq6MmJuRvC -----END CERTIFICATE-----Generated at Tue Dec 23 14:54:39 2025 by rpki-client