This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: uB8YXeN5uKbpuTUNacbAapglo8NCNA+Q1rfRW8gM4/A= Subject key identifier: 42:67:63:57:FA:E1:65:E9:1A:ED:8E:1A:F6:12:F2:ED:90:93:96:AD Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4990 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48DE Signing time: Sat 27 Dec 2025 02:50:10 +0000 Manifest this update: Sat 27 Dec 2025 02:50:09 +0000 Manifest next update: Sat 03 Jan 2026 02:50:09 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: o8l2eCE6svhzIQEoLb7f8UjjnnccUqjiaeDsqSC42Bs=) 2: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 3: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 4: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 9: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 10: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 Jan 2026 02:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18832 (0x4990) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 27 02:50:09 2025 GMT Not After : Jan 3 02:50:09 2026 GMT Subject: CN=694f4962-5a35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:1b:12:3b:c4:b3:e3:c4:25:72:f9:ce:40:b5: e6:62:ae:ae:67:64:20:5e:47:ad:b7:bd:ea:bf:fd: 1c:65:4c:36:0a:cd:21:20:97:02:79:30:94:2b:de: d7:bb:90:d3:6d:95:35:8b:4c:02:ad:3a:a1:9d:1a: de:ff:33:0e:8f:8b:77:57:1f:f8:42:38:7c:c1:d6: e5:c2:6d:36:bf:a4:15:16:b6:9a:d2:c5:40:5b:c1: 20:87:eb:a8:2e:cf:81:25:a7:50:b5:cf:5c:d4:43: c9:03:17:be:7e:ee:1c:a7:a7:23:a5:5f:21:47:8f: b2:c5:78:1c:af:a4:a4:ad:4c:06:a8:c9:1b:5e:e8: 89:48:e4:19:6c:fa:93:a3:3c:ca:32:be:ca:26:05: bc:43:1c:f3:5b:47:e0:53:13:ad:dd:df:a1:28:dd: 9c:bf:25:4a:de:a0:05:c9:1c:f7:9e:b4:2a:f0:d4: 36:da:3f:b0:4b:ab:18:80:06:8c:ad:2a:25:bb:a1: 6c:fe:fb:b6:b7:67:0b:58:ad:e8:e8:f2:8e:d0:ca: c8:66:56:cd:74:65:c1:f9:3b:90:47:cf:4e:54:95: 39:69:3c:39:82:80:85:c0:01:67:ac:15:1d:1d:f0: 66:53:a7:97:e2:3d:7d:02:b4:8b:19:a9:23:70:17: d5:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:67:63:57:FA:E1:65:E9:1A:ED:8E:1A:F6:12:F2:ED:90:93:96:AD X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:30:e6:e6:65:f0:a4:66:2a:e4:2c:a4:ac:bc:89:32:5c:de: 40:72:1f:8a:c3:06:c0:72:4d:5a:75:c4:ae:9d:61:a8:14:0c: 90:7f:1f:41:bf:1e:5a:8b:b8:b9:cb:fb:82:8e:b8:eb:69:80: 66:8e:92:86:a8:35:e6:42:7e:bf:ba:8a:6a:2a:d7:ed:32:6c: 38:ce:78:39:31:1a:d6:e0:3e:b2:22:29:f8:64:44:a9:c4:d8: b7:cc:04:2f:d0:c5:92:f7:4e:2e:19:d2:40:ae:ab:07:4e:4a: bf:85:91:5a:43:29:43:2c:43:fd:4c:b9:6e:59:41:bb:6f:40: 82:02:5d:8e:a8:7b:15:60:c8:de:93:30:f2:61:33:81:fd:22: 11:11:24:96:5e:9a:00:92:ae:0a:88:9d:3a:8a:5f:88:70:c5: 97:23:f9:2c:1e:7e:16:49:50:91:0d:2e:91:96:34:61:15:57: 04:5c:14:1c:74:94:8e:f7:2b:b5:2f:6e:a8:80:68:46:b6:99: 33:2a:82:bf:84:a0:87:2c:41:b1:0a:5b:74:e6:bd:d0:1f:65: 59:c9:cd:40:88:ec:d1:74:eb:0b:2b:0d:93:e9:05:f2:59:40: 54:39:e3:6f:03:a4:99:a6:3a:da:ed:e1:b9:69:69:16:43:e3: 1d:a6:85:c7 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjI3MDI1MDA5WhcNMjYwMTAzMDI1MDA5WjAYMRYwFAYD VQQDDA02OTRmNDk2Mi01YTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2BsSO8Sz48QlcvnOQLXmYq6uZ2QgXkett73qv/0cZUw2Cs0hIJcCeTCUK97X u5DTbZU1i0wCrTqhnRre/zMOj4t3Vx/4Qjh8wdblwm02v6QVFraa0sVAW8Egh+uo Ls+BJadQtc9c1EPJAxe+fu4cp6cjpV8hR4+yxXgcr6SkrUwGqMkbXuiJSOQZbPqT ozzKMr7KJgW8QxzzW0fgUxOt3d+hKN2cvyVK3qAFyRz3nrQq8NQ22j+wS6sYgAaM rSolu6Fs/vu2t2cLWK3o6PKO0MrIZlbNdGXB+TuQR89OVJU5aTw5goCFwAFnrBUd HfBmU6eX4j19ArSLGakjcBfVPwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFEJnY1f6 4WXpGu2OGvYS8u2Qk5atMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAWMObmZfCkZirkLKSsvIkyXN5Ach+KwwbA ck1adcSunWGoFAyQfx9Bvx5ai7i5y/uCjrjraYBmjpKGqDXmQn6/uopqKtftMmw4 zng5MRrW4D6yIin4ZESpxNi3zAQv0MWS904uGdJArqsHTkq/hZFaQylDLEP9TLlu WUG7b0CCAl2OqHsVYMjekzDyYTOB/SIRESSWXpoAkq4KiJ06il+IcMWXI/ksHn4W SVCRDS6RljRhFVcEXBQcdJSO9yu1L26ogGhGtpkzKoK/hKCHLEGxClt05r3QH2VZ yc1AiOzRdOsLKw2T6QXyWUBUOeNvA6SZpjra7eG5aWkWQ+MdpoXH -----END CERTIFICATE-----Generated at Sat Dec 27 06:35:43 2025 by rpki-client