This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: zwjfGZJ6dYFK3jsnliYAdScF7SuHMw0Fxo4DujQK31g=
Subject key identifier: 29:94:09:7F:01:FB:6B:14:C6:00:16:E3:80:5D:F6:5F:6C:40:43:31
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4992
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 48E0
Signing time: Sat 27 Dec 2025 14:50:11 +0000
Manifest this update: Sat 27 Dec 2025 14:50:10 +0000
Manifest next update: Sat 03 Jan 2026 14:50:10 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: 4X6yzh4ZSTABpuk1LoDh3t30l7la4xhN4pcNWqCY8NY=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
3: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=)
4: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
6: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
7: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=)
8: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
10: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 Jan 2026 14:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18834 (0x4992)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Dec 27 14:50:10 2025 GMT
Not After : Jan 3 14:50:10 2026 GMT
Subject: CN=694ff222-34ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:38:c2:33:96:67:6d:f6:ca:66:b3:19:51:de:
bb:51:5c:e1:5d:bb:a0:b5:6e:3b:13:b4:52:61:fb:
c4:ef:48:2f:35:dc:82:b9:a9:45:aa:df:96:d8:50:
ce:ee:33:ac:46:d8:16:96:18:cf:6c:90:f0:4b:11:
dc:06:55:c2:f2:5e:4a:37:2d:65:73:f3:bd:66:db:
18:0d:80:5c:b4:95:52:f5:24:7f:2c:a3:2f:dc:e1:
4a:aa:d6:a5:10:11:e6:3f:87:40:55:ec:54:5b:53:
96:42:45:0b:21:fc:3d:9b:5d:4d:3b:c3:cb:33:ef:
39:db:76:0a:01:48:38:71:c0:6b:13:d4:d6:ef:d8:
fe:6b:c5:24:8a:f9:75:f7:23:d3:08:13:7a:8d:3e:
cc:3d:f8:c1:23:4a:00:4c:63:5c:0f:27:e0:da:94:
0d:6e:31:4a:fc:c7:40:4b:8e:18:7b:67:11:79:ef:
50:bc:7a:e3:00:da:09:3b:89:fa:3e:b5:ef:32:93:
aa:af:e0:ac:2e:24:f1:ed:8d:9e:e5:56:e6:4e:07:
5d:93:c9:e5:bc:e6:8f:fd:82:88:db:77:2a:6b:75:
27:f7:58:a1:c0:59:91:c7:4b:01:8d:20:ee:aa:8e:
c6:d5:10:97:df:43:22:93:5f:53:eb:fa:e4:9f:e0:
eb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:94:09:7F:01:FB:6B:14:C6:00:16:E3:80:5D:F6:5F:6C:40:43:31
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a6:76:cf:ec:3f:67:5c:83:85:07:29:37:3d:fa:d4:74:bc:d0:
37:9c:ae:1a:cb:18:79:cb:21:ea:c7:db:56:17:96:26:6a:a7:
be:08:bb:7a:d0:ff:f2:73:a0:29:8b:e3:e0:de:91:b6:4c:3b:
09:c1:93:52:f5:35:ad:1d:fc:d9:eb:c5:28:36:ea:db:1d:41:
ab:22:41:be:da:ad:6a:21:58:bc:a3:1f:78:66:5d:cb:32:57:
fa:48:8d:11:c7:2b:45:b7:23:a5:cf:b7:14:c6:48:dc:29:a9:
8e:ac:9f:bf:e0:76:30:e0:f9:c0:43:76:28:8f:c9:b6:9e:a8:
55:51:71:f2:ba:54:9e:73:4c:57:1e:5f:a7:8a:ae:05:e8:30:
34:ae:a3:12:c1:21:cf:60:ae:f6:80:fc:6d:32:29:78:11:35:
10:0f:a6:98:cf:a8:df:f1:88:78:77:4e:11:e4:f3:6a:96:eb:
06:f3:ae:8d:b8:90:f5:70:c5:84:f1:53:78:ed:19:50:9d:a0:
b3:61:6f:e4:4f:d5:1b:dc:4d:c3:2f:5c:57:71:5e:63:26:b3:
58:32:6c:37:49:fd:65:cf:2f:fa:9e:98:b2:00:b8:ca:2a:f6:
dc:9c:c4:b3:ad:03:17:13:16:88:1d:e8:89:13:54:ab:0e:7c:
f0:0f:e7:eb
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICSZIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUxMjI3MTQ1MDEwWhcNMjYwMTAzMTQ1MDEwWjAYMRYwFAYD
VQQDDA02OTRmZjIyMi0zNGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmjjCM5ZnbfbKZrMZUd67UVzhXbugtW47E7RSYfvE70gvNdyCualFqt+W2FDO
7jOsRtgWlhjPbJDwSxHcBlXC8l5KNy1lc/O9ZtsYDYBctJVS9SR/LKMv3OFKqtal
EBHmP4dAVexUW1OWQkULIfw9m11NO8PLM+8523YKAUg4ccBrE9TW79j+a8Ukivl1
9yPTCBN6jT7MPfjBI0oATGNcDyfg2pQNbjFK/MdAS44Ye2cRee9QvHrjANoJO4n6
PrXvMpOqr+CsLiTx7Y2e5VbmTgddk8nlvOaP/YKI23cqa3Un91ihwFmRx0sBjSDu
qo7G1RCX30Mik19T6/rkn+Dr3wIDAQABo4IChzCCAoMwHQYDVR0OBBYEFCmUCX8B
+2sUxgAW44Bd9l9sQEMxMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCmds/sP2dcg4UHKTc9+tR0vNA3nK4ayxh5
yyHqx9tWF5Ymaqe+CLt60P/yc6Api+Pg3pG2TDsJwZNS9TWtHfzZ68UoNurbHUGr
IkG+2q1qIVi8ox94Zl3LMlf6SI0RxytFtyOlz7cUxkjcKamOrJ+/4HYw4PnAQ3Yo
j8m2nqhVUXHyulSec0xXHl+niq4F6DA0rqMSwSHPYK72gPxtMil4ETUQD6aYz6jf
8Yh4d04R5PNqlusG866NuJD1cMWE8VN47RlQnaCzYW/kT9Ub3E3DL1xXcV5jJrNY
Mmw3Sf1lzy/6npiyALjKKvbcnMSzrQMXExaIHeiJE1SrDnzwD+fr
-----END CERTIFICATE-----
Generated at Sat Dec 27 21:36:18 2025 by rpki-client