This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: CqobKv7Fqhcb/BhC2lmBmCI6QdTnRQbV2y1K2lzkbZM= Subject key identifier: 40:01:89:8B:C4:74:3A:BE:2C:52:41:6A:8F:60:79:1D:B6:91:12:90 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4989 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48D7 Signing time: Wed 24 Dec 2025 14:50:10 +0000 Manifest this update: Wed 24 Dec 2025 14:50:10 +0000 Manifest next update: Wed 31 Dec 2025 14:50:10 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: oZCbYRcj9X7W+ijPB1SM/AVy/d5RHrEYX0bDayyrSOY=) 2: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 3: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 4: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 7: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 8: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 9: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 10: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Dec 2025 14:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18825 (0x4989) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 24 14:50:10 2025 GMT Not After : Dec 31 14:50:10 2025 GMT Subject: CN=694bfda2-7404 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:47:b6:a8:f0:a4:e8:f5:93:22:fe:dc:b4:6a: 53:58:d0:a3:82:32:50:3f:4e:13:12:14:81:ca:74: a2:48:5d:51:51:67:d4:57:fb:3e:d5:51:b3:1c:d7: e2:2c:81:c1:2c:2f:cc:8c:0e:08:f9:aa:a8:09:be: 44:bc:84:d0:d2:28:96:6c:d4:7c:8a:a0:12:c4:42: 14:b0:78:bb:28:51:ba:69:8d:24:89:74:1e:7b:c3: ef:1b:16:8d:c5:32:75:71:97:e0:20:7f:b9:5a:b5: eb:33:6b:6e:c7:89:87:90:af:67:0e:ee:c2:fd:e9: 2d:3b:e2:96:d6:56:6c:f8:cf:c0:c8:d7:8e:d1:97: 02:ae:2f:2d:c3:eb:b2:46:a2:61:64:9f:d3:64:0b: 5c:9c:34:f0:fe:83:8c:d1:e6:82:b0:63:06:e8:54: 66:4b:1c:9e:f5:76:c1:c9:87:77:e3:95:e8:18:86: 40:bf:77:9f:02:0e:1a:54:91:20:0c:d9:86:b6:55: 7f:bb:da:e1:76:d6:b9:fb:49:96:56:f4:59:51:01: 75:f8:1e:07:93:5e:07:44:50:e5:a6:75:33:72:38: cd:d5:f6:e7:22:43:06:cd:d1:4b:a3:0f:11:dd:03: 1c:05:30:de:4d:bf:01:35:49:5b:77:dd:40:3f:5c: 83:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:01:89:8B:C4:74:3A:BE:2C:52:41:6A:8F:60:79:1D:B6:91:12:90 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:e3:01:5b:25:47:c4:a9:dc:bf:6f:c5:ff:65:1f:b3:6e:3c: ec:30:79:b5:6f:52:c2:53:52:73:15:da:6b:e5:2c:39:e4:2a: 57:5f:c1:a3:3e:30:b4:f4:af:1b:d5:bf:ba:e2:64:13:88:a7: 50:62:f1:c3:5c:6d:00:44:bf:b8:0f:59:da:5a:f3:39:e2:05: d6:4d:ce:ba:7b:6a:c2:4e:97:4a:a6:7c:24:12:19:56:b4:0b: ff:ce:67:1a:fd:c4:8b:a6:52:c4:96:41:7e:c6:49:8e:24:ca: 57:fb:e1:49:18:09:38:43:52:f6:11:a3:35:a2:a1:1a:ea:18: 1f:c8:6f:f2:27:40:72:f0:2a:50:81:19:d0:b8:b0:0e:e3:f0: 03:35:f0:b9:4f:b1:d7:64:36:5c:de:9f:57:2e:c2:46:a3:23: 01:ed:d5:f6:e5:79:be:93:d7:2f:65:d8:f9:f2:7e:4f:e1:34: 45:d1:da:70:c9:a0:d4:a9:e9:8c:e2:e6:85:66:dc:8d:44:ed: 43:6c:9c:a9:3d:1f:64:e0:17:da:b6:8b:03:08:57:6c:b4:4b: 83:92:fa:7a:af:0e:a5:77:7f:e9:be:7d:e4:8f:f2:8c:88:06: f5:f0:fc:53:a0:37:8a:2f:96:7e:82:60:56:ef:65:cc:eb:0b: 2f:ce:ae:a8 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjI0MTQ1MDEwWhcNMjUxMjMxMTQ1MDEwWjAYMRYwFAYD VQQDDA02OTRiZmRhMi03NDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApUe2qPCk6PWTIv7ctGpTWNCjgjJQP04TEhSBynSiSF1RUWfUV/s+1VGzHNfi LIHBLC/MjA4I+aqoCb5EvITQ0iiWbNR8iqASxEIUsHi7KFG6aY0kiXQee8PvGxaN xTJ1cZfgIH+5WrXrM2tux4mHkK9nDu7C/ektO+KW1lZs+M/AyNeO0ZcCri8tw+uy RqJhZJ/TZAtcnDTw/oOM0eaCsGMG6FRmSxye9XbByYd345XoGIZAv3efAg4aVJEg DNmGtlV/u9rhdta5+0mWVvRZUQF1+B4Hk14HRFDlpnUzcjjN1fbnIkMGzdFLow8R 3QMcBTDeTb8BNUlbd91AP1yDuQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFEABiYvE dDq+LFJBao9geR22kRKQMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAo4wFbJUfEqdy/b8X/ZR+zbjzsMHm1b1LC U1JzFdpr5Sw55CpXX8GjPjC09K8b1b+64mQTiKdQYvHDXG0ARL+4D1naWvM54gXW Tc66e2rCTpdKpnwkEhlWtAv/zmca/cSLplLElkF+xkmOJMpX++FJGAk4Q1L2EaM1 oqEa6hgfyG/yJ0By8CpQgRnQuLAO4/ADNfC5T7HXZDZc3p9XLsJGoyMB7dX25Xm+ k9cvZdj58n5P4TRF0dpwyaDUqemM4uaFZtyNRO1DbJypPR9k4BfatosDCFdstEuD kvp6rw6ld3/pvn3kj/KMiAb18PxToDeKL5Z+gmBW72XM6wsvzq6o -----END CERTIFICATE-----Generated at Thu Dec 25 03:20:22 2025 by rpki-client