This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: +pBPUYR6h0bIBEj3R/4gx3TpmGEnzbtnilrUhK+ACZc= Subject key identifier: 6D:80:E3:82:89:1D:29:27:BD:1A:11:50:EF:0B:91:F1:E4:94:B6:E1 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4929 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 4879 Signing time: Tue 25 Nov 2025 02:50:09 +0000 Manifest this update: Tue 25 Nov 2025 02:50:09 +0000 Manifest next update: Tue 02 Dec 2025 02:50:09 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: XlHrQ/Rs8mND1QktSEWMecqPDWT04i4cuW2tB25hNPY=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 02 Dec 2025 02:50:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18729 (0x4929) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Nov 25 02:50:09 2025 GMT Not After : Dec 2 02:50:09 2025 GMT Subject: CN=69251961-8eef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:04:43:65:6b:14:05:18:ff:1b:f5:c4:aa:6c: 64:6f:78:75:6a:66:62:4f:84:af:fb:d3:6e:81:0b: 14:b6:2f:09:ca:8f:f8:6a:78:6b:aa:16:54:4d:84: 2f:de:cc:f9:24:b3:8a:b1:ec:04:da:5b:3a:f6:3d: 13:e4:f2:15:b2:b5:c0:b8:cd:01:68:a8:1b:b2:88: 71:c4:d2:53:a6:31:6e:9d:91:ad:45:d8:ce:cb:7c: 96:2b:ba:81:4a:41:a5:5f:61:70:f5:86:22:60:9c: 61:2f:3f:fa:45:83:6a:d8:e7:42:64:5d:f7:d0:d2: 1d:f1:aa:49:9d:31:84:ff:15:e3:89:d2:e2:fd:2d: eb:b3:06:67:1a:df:69:97:12:d7:56:76:e9:ba:54: ae:9e:de:c6:be:45:da:53:49:2e:55:5f:fe:4c:bb: af:dd:c9:3d:5c:db:7a:c8:53:51:3f:c2:96:0e:5a: 68:fd:1d:1f:f9:82:b0:38:aa:83:82:59:6e:26:37: cc:b4:14:ae:4d:7d:7c:3b:c6:b6:1c:b9:c9:d5:df: 07:a2:f3:0d:6b:39:80:fb:a4:46:d8:e9:ab:c2:79: 2c:c6:7c:79:2f:77:58:b2:01:93:49:95:95:3e:bd: 02:5a:e7:c2:64:be:d5:d9:6a:31:e8:24:e0:6a:a1: d6:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:80:E3:82:89:1D:29:27:BD:1A:11:50:EF:0B:91:F1:E4:94:B6:E1 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:cb:5b:2b:f9:e5:e3:ad:8c:06:7d:aa:e6:df:0c:46:00:1c: 4e:8e:d5:ce:97:6c:5a:fd:aa:67:86:4b:47:ac:45:6f:3c:02: 71:3a:ae:2a:47:06:7c:4a:a4:e0:39:ee:91:9d:4f:da:71:3b: b9:d7:21:2d:3f:2c:4b:bc:3d:b9:9f:13:f5:ed:9b:23:6b:c8: 50:c9:b1:b5:d4:fb:2b:a1:87:0c:40:8c:bc:62:06:81:93:9d: 4b:53:25:ab:a9:89:8e:23:2b:22:a2:18:4f:bc:1b:50:35:72: a6:49:9e:ac:a2:a2:ae:20:5a:42:19:7e:47:f4:ad:0a:cb:79: 8f:0e:85:90:ac:30:cc:77:44:6a:d4:1d:1b:b2:d2:2a:79:ab: ca:4f:f2:83:0a:8d:5a:fc:f7:41:dc:5f:6c:cb:64:8c:38:cf: da:ab:f6:c6:58:90:7b:46:c6:d9:76:39:67:02:7d:b5:38:3c: 0c:6f:c1:33:82:65:73:9b:b3:ab:0b:b7:94:cd:e5:f7:f2:69: d5:ae:cf:7b:75:0b:97:0f:8c:42:68:85:83:25:3b:06:42:2f: a4:c3:09:b5:75:38:66:74:b0:db:57:16:dc:f2:13:d6:e9:0b: da:4f:a0:a8:b3:cc:5d:9a:a6:99:c9:e3:15:14:5c:a2:a7:18: a6:6a:0e:01 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSSkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMTI1MDI1MDA5WhcNMjUxMjAyMDI1MDA5WjAYMRYwFAYD VQQDEw02OTI1MTk2MS04ZWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2gRDZWsUBRj/G/XEqmxkb3h1amZiT4Sv+9NugQsUti8Jyo/4anhrqhZUTYQv 3sz5JLOKsewE2ls69j0T5PIVsrXAuM0BaKgbsohxxNJTpjFunZGtRdjOy3yWK7qB SkGlX2Fw9YYiYJxhLz/6RYNq2OdCZF330NId8apJnTGE/xXjidLi/S3rswZnGt9p lxLXVnbpulSunt7GvkXaU0kuVV/+TLuv3ck9XNt6yFNRP8KWDlpo/R0f+YKwOKqD glluJjfMtBSuTX18O8a2HLnJ1d8HovMNazmA+6RG2Omrwnksxnx5L3dYsgGTSZWV Pr0CWufCZL7V2Wox6CTgaqHWeQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFG2A44KJ HSknvRoRUO8LkfHklLbhMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAny1sr+eXjrYwGfarm3wxGABxOjtXOl2xa /apnhktHrEVvPAJxOq4qRwZ8SqTgOe6RnU/acTu51yEtPyxLvD25nxP17Zsja8hQ ybG11PsroYcMQIy8YgaBk51LUyWrqYmOIysiohhPvBtQNXKmSZ6soqKuIFpCGX5H 9K0Ky3mPDoWQrDDMd0Rq1B0bstIqeavKT/KDCo1a/PdB3F9sy2SMOM/aq/bGWJB7 RsbZdjlnAn21ODwMb8EzgmVzm7OrC7eUzeX38mnVrs97dQuXD4xCaIWDJTsGQi+k wwm1dThmdLDbVxbc8hPW6QvaT6Cos8xdmqaZyeMVFFyipximag4B -----END CERTIFICATE-----Generated at Tue Nov 25 08:35:02 2025 by rpki-client