This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: Sv0QAV8eCxHQWb0Jz0WsCkuPhyuOFOtcd94XT1U9Xp4= Subject key identifier: 5A:7F:64:05:57:1C:2A:82:CB:C7:DA:6B:61:6D:A4:F0:7A:BF:D3:3C Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4938 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 4887 Signing time: Sat 29 Nov 2025 02:50:10 +0000 Manifest this update: Sat 29 Nov 2025 02:50:09 +0000 Manifest next update: Sat 06 Dec 2025 02:50:09 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: N4f/0J4J1LYulFaIaNnoEftmMoQORjjFBtDb7evbcrE=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 02:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18744 (0x4938) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Nov 29 02:50:09 2025 GMT Not After : Dec 6 02:50:09 2025 GMT Subject: CN=692a5f62-d218 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:86:d7:8f:af:c4:4c:55:67:07:9c:91:32:b8: e9:c3:34:3d:2c:8a:91:ce:e1:57:5e:0a:c2:27:a1: 14:10:e5:a1:57:5f:c2:59:59:20:71:5d:5c:36:c7: b6:df:ed:30:ed:cb:ab:e5:00:78:f0:8f:db:76:c8: 7b:08:b8:c4:d5:11:8a:c0:9f:78:be:92:91:cc:44: 58:37:0a:a8:01:82:19:d8:ea:f7:9f:bc:9a:38:da: 8c:ac:ee:99:b9:a8:10:cf:1d:46:2e:2d:fe:51:5e: 58:e8:5a:17:57:94:5e:a1:03:82:ff:5e:f1:0e:93: f1:41:ef:69:14:85:c7:fa:29:4e:c7:2c:15:dc:70: 2b:c9:a1:e2:cc:1d:8d:a1:9a:e7:b2:46:e6:1e:e6: e8:16:92:ae:44:c1:4b:ae:53:14:9b:d1:e8:06:94: 55:18:b2:fe:3d:60:66:b7:c3:8a:8e:13:39:79:f6: 94:04:a6:7e:b9:b0:2e:ca:c7:f8:4c:54:98:8b:02: 92:0d:a5:c9:c1:17:9c:b6:70:c8:1f:03:23:b6:85: 9c:14:d0:cb:67:da:0f:e3:6a:2a:10:d7:73:d2:06: cd:c5:c7:ac:dd:de:08:ea:db:77:56:95:9b:0f:4b: 8a:9d:ee:b9:8c:45:43:c6:5e:51:d4:84:a2:70:17: a0:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:7F:64:05:57:1C:2A:82:CB:C7:DA:6B:61:6D:A4:F0:7A:BF:D3:3C X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:8b:af:b4:1f:e8:c2:c4:e1:68:4e:84:a2:1f:8f:72:2f:b9: 0f:4a:4e:5b:48:8c:17:02:1b:f1:44:c6:fd:df:96:ec:4c:61: 51:56:5c:04:18:df:6d:46:15:e9:68:36:c7:2f:97:12:9f:f3: 5d:76:e8:9e:df:c6:2b:ed:3a:22:0c:10:35:14:c8:f8:54:61: ec:43:f2:1f:41:9c:96:c3:b1:25:b8:b3:03:1c:dd:79:72:49: 6a:0f:7c:21:20:09:cf:f9:10:97:3e:c4:b6:91:ee:3f:0d:69: f7:08:02:3a:3f:f8:65:96:bb:aa:24:67:f5:b4:4c:99:d4:0e: 31:a2:40:ee:97:b6:a8:32:54:41:ee:86:06:8b:82:4d:0a:68: d2:a3:3d:00:b5:c8:ce:15:ff:f1:69:30:da:2f:27:73:f9:f8: df:b0:67:ec:7f:a3:5c:36:10:91:2f:08:4b:d2:27:a1:89:46: 0d:a6:d5:de:70:80:de:25:9f:65:cc:04:41:90:49:69:51:8c: 27:ab:4c:88:de:ba:0b:cb:15:75:1d:00:ab:50:c3:5c:78:d3: 63:de:fc:be:21:60:ab:0e:98:50:3a:1c:31:39:b1:e7:f7:90: 1e:7b:6a:df:a6:4b:cb:6d:a7:2f:27:f8:28:94:27:81:79:c7: 59:25:17:9e -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSTgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMTI5MDI1MDA5WhcNMjUxMjA2MDI1MDA5WjAYMRYwFAYD VQQDEw02OTJhNWY2Mi1kMjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4obXj6/ETFVnB5yRMrjpwzQ9LIqRzuFXXgrCJ6EUEOWhV1/CWVkgcV1cNse2 3+0w7cur5QB48I/bdsh7CLjE1RGKwJ94vpKRzERYNwqoAYIZ2Or3n7yaONqMrO6Z uagQzx1GLi3+UV5Y6FoXV5ReoQOC/17xDpPxQe9pFIXH+ilOxywV3HAryaHizB2N oZrnskbmHuboFpKuRMFLrlMUm9HoBpRVGLL+PWBmt8OKjhM5efaUBKZ+ubAuysf4 TFSYiwKSDaXJwRectnDIHwMjtoWcFNDLZ9oP42oqENdz0gbNxces3d4I6tt3VpWb D0uKne65jEVDxl5R1ISicBegJQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFFp/ZAVX HCqCy8faa2FtpPB6v9M8MB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBwi6+0H+jCxOFoToSiH49yL7kPSk5bSIwX AhvxRMb935bsTGFRVlwEGN9tRhXpaDbHL5cSn/Ndduie38Yr7ToiDBA1FMj4VGHs Q/IfQZyWw7EluLMDHN15cklqD3whIAnP+RCXPsS2ke4/DWn3CAI6P/hllruqJGf1 tEyZ1A4xokDul7aoMlRB7oYGi4JNCmjSoz0AtcjOFf/xaTDaLydz+fjfsGfsf6Nc NhCRLwhL0iehiUYNptXecIDeJZ9lzARBkElpUYwnq0yI3roLyxV1HQCrUMNceNNj 3vy+IWCrDphQOhwxObHn95Aee2rfpkvLbacvJ/golCeBecdZJRee -----END CERTIFICATE-----Generated at Sat Nov 29 10:17:05 2025 by rpki-client