This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: HOMN7NGWLKZLFIv08nlseZmptr+HnfUn71x9GKbxAAM= Subject key identifier: 7E:E8:CF:76:EB:60:D5:07:41:E6:E0:DE:0D:53:C1:A6:AF:B7:DB:BF Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 49B6 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 4904 Signing time: Thu 08 Jan 2026 14:50:11 +0000 Manifest this update: Thu 08 Jan 2026 14:50:10 +0000 Manifest next update: Thu 15 Jan 2026 14:50:10 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: 2+MnKs/koI3mzsQNOb7t2+i6nw4VtSRnV7rzNnR5qiQ=) 2: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 3: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 4: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 7: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 8: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 9: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 10: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 Jan 2026 14:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18870 (0x49b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Jan 8 14:50:10 2026 GMT Not After : Jan 15 14:50:10 2026 GMT Subject: CN=695fc422-0918 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:87:51:57:28:89:90:63:77:71:a8:ea:b9:f4: 3d:4d:52:31:00:05:06:0d:1f:96:f3:a1:bd:ee:8d: cd:69:1f:83:b0:dc:a8:e4:62:53:d8:ac:9b:f1:8e: 6f:52:1c:40:f2:f1:9d:fc:6d:cf:6b:e3:fb:e7:fb: 99:1d:59:a7:26:93:38:e4:ef:a7:f5:73:0a:17:06: b0:15:c3:16:fb:79:0a:9d:01:04:f0:7f:13:c4:1f: 32:e6:86:7c:95:55:dc:38:47:ee:c0:6b:11:e6:7a: 3a:56:92:27:59:09:d2:72:39:e7:35:d1:6e:41:c6: 8b:c2:55:5d:65:ec:29:a9:0e:c5:74:0f:d0:fc:06: 90:50:a0:67:a6:82:bf:93:4d:21:7b:1c:fc:ba:39: 65:1d:58:75:15:66:f3:09:20:97:99:44:31:cc:e3: b0:1a:6d:f2:a9:01:6c:c6:c2:a0:66:93:ed:0a:1b: aa:59:69:9b:36:48:44:55:c8:e3:fc:55:6c:0a:b9: 4e:2c:31:ab:09:85:da:ee:8b:62:c8:c1:30:c6:46: f8:d7:e5:01:96:80:c1:c8:8f:1a:b7:49:f4:3d:ab: 11:be:f2:ea:cc:8c:c3:34:f4:f2:98:b3:e3:27:a7: 20:f8:75:9a:21:41:ed:c0:54:7d:86:44:ae:40:cd: a5:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:E8:CF:76:EB:60:D5:07:41:E6:E0:DE:0D:53:C1:A6:AF:B7:DB:BF X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:f3:cb:d7:01:a6:47:d6:46:58:f7:d3:d2:ab:2b:35:80:10: ca:de:0c:72:53:62:cf:83:d6:9d:c4:3e:b6:29:42:28:b0:c9: fa:45:2f:b9:6b:a3:e0:81:f7:c9:75:c7:f0:4f:1a:c8:bc:1f: ff:18:79:e4:8f:74:ef:58:c0:af:43:cf:12:63:af:13:a3:25: 4f:78:c1:8f:8b:a3:5c:20:22:dd:05:b5:ae:e9:11:be:91:6e: f6:36:da:7c:da:5e:1f:47:e8:42:02:6c:48:5c:a6:96:f0:ac: 7a:24:f2:95:a8:7c:5b:4f:cb:bd:f2:86:e7:8d:35:3a:e9:51: 8e:43:7e:18:d0:1e:16:57:66:b9:4d:30:35:11:25:43:87:0b: 04:2a:ec:0e:5e:ec:21:78:73:57:a9:bf:2b:6c:1f:e3:e3:13: a9:a2:1b:fe:38:b1:98:ad:27:78:67:5d:ba:5e:3e:06:c6:c7: e9:5c:43:62:36:3e:d2:91:c5:b3:5d:17:51:77:a7:81:25:cb: 52:c0:75:7f:b7:28:c5:be:ff:5c:71:e3:14:b7:6e:b0:49:94: a0:9d:3c:e5:d7:d7:f5:97:d6:d5:6c:98:1c:82:6f:c6:29:bb: 00:fb:06:0f:fd:68:39:68:98:60:bb:63:e6:19:b7:a7:1a:a5: 2f:e6:20:93 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjYwMTA4MTQ1MDEwWhcNMjYwMTE1MTQ1MDEwWjAYMRYwFAYD VQQDDA02OTVmYzQyMi0wOTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoIdRVyiJkGN3cajqufQ9TVIxAAUGDR+W86G97o3NaR+DsNyo5GJT2Kyb8Y5v UhxA8vGd/G3Pa+P75/uZHVmnJpM45O+n9XMKFwawFcMW+3kKnQEE8H8TxB8y5oZ8 lVXcOEfuwGsR5no6VpInWQnScjnnNdFuQcaLwlVdZewpqQ7FdA/Q/AaQUKBnpoK/ k00hexz8ujllHVh1FWbzCSCXmUQxzOOwGm3yqQFsxsKgZpPtChuqWWmbNkhEVcjj /FVsCrlOLDGrCYXa7otiyMEwxkb41+UBloDByI8at0n0PasRvvLqzIzDNPTymLPj J6cg+HWaIUHtwFR9hkSuQM2l5wIDAQABo4IChzCCAoMwHQYDVR0OBBYEFH7oz3br YNUHQebg3g1Twaavt9u/MB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA688vXAaZH1kZY99PSqys1gBDK3gxyU2LP g9adxD62KUIosMn6RS+5a6PggffJdcfwTxrIvB//GHnkj3TvWMCvQ88SY68ToyVP eMGPi6NcICLdBbWu6RG+kW72Ntp82l4fR+hCAmxIXKaW8Kx6JPKVqHxbT8u98obn jTU66VGOQ34Y0B4WV2a5TTA1ESVDhwsEKuwOXuwheHNXqb8rbB/j4xOpohv+OLGY rSd4Z126Xj4GxsfpXENiNj7SkcWzXRdRd6eBJctSwHV/tyjFvv9cceMUt26wSZSg nTzl19f1l9bVbJgcgm/GKbsA+wYP/Wg5aJhgu2PmGbenGqUv5iCT -----END CERTIFICATE-----Generated at Fri Jan 9 00:53:19 2026 by rpki-client