This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: fekqYXVbHV1lBRJji51I/2N5wwxtGMq/tpn1Se35t2k= Subject key identifier: A9:04:D7:D0:A8:55:25:34:0E:B5:74:1B:34:A9:22:72:F5:F6:BF:3E Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4996 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48E4 Signing time: Mon 29 Dec 2025 02:50:11 +0000 Manifest this update: Mon 29 Dec 2025 02:50:10 +0000 Manifest next update: Mon 05 Jan 2026 02:50:10 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: 9Lb3zfpqRtT9oF+4XH7v+ZxxCSpibnDTMr++x+hUdSQ=) 2: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 3: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 4: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 5: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 6: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 9: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 10: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 Jan 2026 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18838 (0x4996) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 29 02:50:10 2025 GMT Not After : Jan 5 02:50:10 2026 GMT Subject: CN=6951ec63-52ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:22:5f:7c:e5:4e:98:8a:3e:65:ed:03:71:2f: 90:61:f4:9f:84:54:95:0a:97:99:8b:ea:d9:a3:8c: 5a:16:72:9c:a1:13:c1:81:cc:4f:ff:35:c3:11:2b: ab:18:7c:82:3e:b0:55:1f:a1:d6:fb:c4:77:b4:3e: 7e:7e:f9:40:13:8d:c2:f4:c7:4b:42:62:4e:5f:ea: e1:bd:61:d6:19:96:ee:2f:91:a0:60:59:4c:89:96: d1:f2:b8:87:3c:2d:1f:e9:81:d5:58:f2:ca:dc:d5: 6f:47:26:c2:cd:88:ae:4b:fe:2a:36:67:44:f5:5e: 9b:bf:ed:2b:9d:e5:f7:6e:54:72:eb:9c:53:6a:6b: 53:83:f0:5b:c4:a2:64:04:4b:de:b8:1e:e4:6a:f9: 8a:1a:61:d3:f4:d8:a3:f2:1b:ad:93:c8:e0:a6:f3: 09:b7:33:9b:65:9c:10:91:74:ce:2e:07:fb:fb:9f: 03:2b:b5:4e:07:5f:56:94:3a:7b:ce:86:04:71:30: d7:b0:c8:e8:de:04:8b:fa:47:45:89:ad:0a:fa:a7: f2:f9:e0:37:41:ee:75:82:71:52:80:1b:8b:63:3a: 7e:b1:8a:9e:4f:7f:13:94:34:7a:4b:7d:71:1e:2c: 8a:9f:6b:86:73:f0:e9:56:e6:0e:79:27:e0:1b:0f: 01:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:04:D7:D0:A8:55:25:34:0E:B5:74:1B:34:A9:22:72:F5:F6:BF:3E X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:ef:02:52:3a:1b:c1:13:13:37:e0:52:4d:ca:51:68:79:d1: b3:9d:3c:38:68:28:79:a7:6d:48:e6:11:d7:18:fa:47:99:f3: 89:0b:01:d8:7b:61:d9:98:5e:50:9c:06:11:64:4c:37:30:60: 3e:e0:a6:40:e6:43:93:98:03:84:ba:46:19:c8:25:63:78:05: 79:a2:60:f1:ae:a9:27:b3:21:e8:e8:6a:1e:6f:b3:17:86:ab: ec:9d:be:9c:45:87:d6:6c:60:97:7d:c6:a0:f5:ef:5b:a0:ff: 81:26:96:11:98:46:69:68:dd:c0:44:d1:45:ee:0e:75:c8:82: 00:09:a4:50:5e:ba:38:39:be:6f:8a:e0:5a:ac:01:6b:e0:e9: 1b:76:46:cf:ce:f7:0d:94:59:4f:67:e9:8e:1e:47:32:31:5a: 17:53:7e:30:28:58:28:3b:9c:8b:10:8a:18:90:d5:92:d2:7a: c6:8c:d0:ea:eb:bc:06:f3:9c:08:f4:08:5a:4b:a0:3c:d8:92: ee:24:a1:5d:05:f6:d5:42:bf:34:62:77:a3:7a:3d:a6:3c:5f: b4:c5:7d:63:fc:aa:24:15:bb:45:f7:ca:00:1d:65:d1:d3:00: 51:12:1a:1c:d8:b8:31:aa:08:3f:db:ee:91:21:12:99:a0:69: 9e:65:fc:2b -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjI5MDI1MDEwWhcNMjYwMTA1MDI1MDEwWjAYMRYwFAYD VQQDDA02OTUxZWM2My01MmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjiJffOVOmIo+Ze0DcS+QYfSfhFSVCpeZi+rZo4xaFnKcoRPBgcxP/zXDESur GHyCPrBVH6HW+8R3tD5+fvlAE43C9MdLQmJOX+rhvWHWGZbuL5GgYFlMiZbR8riH PC0f6YHVWPLK3NVvRybCzYiuS/4qNmdE9V6bv+0rneX3blRy65xTamtTg/BbxKJk BEveuB7kavmKGmHT9Nij8hutk8jgpvMJtzObZZwQkXTOLgf7+58DK7VOB19WlDp7 zoYEcTDXsMjo3gSL+kdFia0K+qfy+eA3Qe51gnFSgBuLYzp+sYqeT38TlDR6S31x HiyKn2uGc/DpVuYOeSfgGw8BHwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFKkE19Co VSU0DrV0GzSpInL19r8+MB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAo7wJSOhvBExM34FJNylFoedGznTw4aCh5 p21I5hHXGPpHmfOJCwHYe2HZmF5QnAYRZEw3MGA+4KZA5kOTmAOEukYZyCVjeAV5 omDxrqknsyHo6Goeb7MXhqvsnb6cRYfWbGCXfcag9e9boP+BJpYRmEZpaN3ARNFF 7g51yIIACaRQXro4Ob5viuBarAFr4OkbdkbPzvcNlFlPZ+mOHkcyMVoXU34wKFgo O5yLEIoYkNWS0nrGjNDq67wG85wI9AhaS6A82JLuJKFdBfbVQr80Ynejej2mPF+0 xX1j/KokFbtF98oAHWXR0wBREhoc2Lgxqgg/2+6RIRKZoGmeZfwr -----END CERTIFICATE-----Generated at Mon Dec 29 11:25:10 2025 by rpki-client