This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: l5zWNj1DDkbAIEzCP/FJV0F0kD1j71w54njKH2aD+Iw= Subject key identifier: 20:BE:94:EE:D0:3E:A7:6F:AB:40:9B:8D:FB:83:8C:B0:9F:24:9D:42 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 495C Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48AA Signing time: Wed 10 Dec 2025 14:50:11 +0000 Manifest this update: Wed 10 Dec 2025 14:50:11 +0000 Manifest next update: Wed 17 Dec 2025 14:50:11 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: DP8dDHJS4xDYOgIPTcLWub7U75JuOfhBWqVwc0oWCIo=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Dec 2025 14:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18780 (0x495c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 10 14:50:11 2025 GMT Not After : Dec 17 14:50:11 2025 GMT Subject: CN=693988a3-7a73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:3c:24:d8:dd:82:41:8c:f9:b9:1a:e8:36:42: 2b:e2:8a:41:e5:f9:9d:07:1d:3e:a4:32:1f:8d:46: d7:51:a1:46:96:4c:e7:b9:1e:8d:dc:f2:e8:f0:20: 3d:8f:f3:53:90:9e:c7:c8:67:1f:91:13:34:04:9f: 20:d4:82:0e:ab:b8:95:8d:aa:7c:f4:8e:f4:8f:ea: 22:5a:fd:93:0b:fb:b0:3c:b7:8b:52:28:71:ba:ec: df:0b:12:83:f3:0b:7c:14:16:55:b4:56:1d:7b:19: b9:aa:c6:cf:4a:0d:73:a4:8d:1e:63:23:cf:3f:53: cc:08:19:81:e0:17:ad:71:9e:42:5e:6c:50:de:05: 19:c5:0c:bf:4d:aa:16:fc:d9:88:ef:fc:ee:99:bb: 77:13:15:49:06:11:22:7c:bf:ee:97:2d:75:53:59: c1:9b:79:7d:da:b5:d2:74:31:28:ed:ca:34:50:2e: 46:38:4b:dd:07:12:91:ce:d9:ab:a8:e9:e3:62:c7: 9c:8d:09:91:24:fe:ab:24:57:d3:12:59:4b:81:b1: 29:dd:33:a1:a2:84:6c:3a:cd:84:58:32:69:aa:50: ba:1f:58:66:cc:f1:5f:d8:54:0a:f2:7f:97:d3:d2: a8:52:e4:0e:44:d1:8a:f6:a5:ee:63:d5:c6:1b:f9: de:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:BE:94:EE:D0:3E:A7:6F:AB:40:9B:8D:FB:83:8C:B0:9F:24:9D:42 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:6b:8d:1d:cb:30:87:41:f5:b3:4b:bc:99:35:fd:f7:e0:03: 33:1a:9e:af:b6:51:3b:c9:06:73:82:23:a0:b3:56:44:00:12: e0:2e:b6:52:2e:90:a6:fa:62:46:d4:78:9b:c4:3c:34:ee:8d: e9:bb:58:13:80:5e:bb:f7:55:de:d0:8e:35:12:89:a0:fb:28: d7:06:6a:b0:22:e7:ad:d6:4b:11:05:bc:d3:0e:27:3a:f1:c4: bc:b8:b4:33:44:04:b7:fe:db:3b:0e:e4:14:57:d0:cc:cc:5f: 96:be:57:a1:3f:9a:74:fb:6f:22:1e:6c:12:f2:e0:58:8d:c6: 83:b2:94:92:37:86:af:92:2d:05:86:a7:78:d1:23:93:7b:f7: e2:f8:58:50:08:3d:7e:32:b1:19:2d:95:9b:c7:d6:c2:ce:63: 7b:e4:44:16:21:de:82:64:3e:f7:42:12:5b:4c:f0:e6:03:b6: 7c:a1:63:87:cb:b1:e6:98:68:0f:62:5b:6f:ab:dd:65:02:1c: 1c:3a:6d:18:55:4f:dd:70:38:d8:da:d3:e5:62:d1:0a:92:1a: 69:da:e5:6c:7b:67:fa:89:72:15:b2:2e:f6:d8:c5:d2:61:ac: db:87:71:12:24:4d:de:e5:91:e8:ce:4d:f4:ef:08:82:c3:10: c4:42:56:58 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjEwMTQ1MDExWhcNMjUxMjE3MTQ1MDExWjAYMRYwFAYD VQQDEw02OTM5ODhhMy03YTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5zwk2N2CQYz5uRroNkIr4opB5fmdBx0+pDIfjUbXUaFGlkznuR6N3PLo8CA9 j/NTkJ7HyGcfkRM0BJ8g1IIOq7iVjap89I70j+oiWv2TC/uwPLeLUihxuuzfCxKD 8wt8FBZVtFYdexm5qsbPSg1zpI0eYyPPP1PMCBmB4BetcZ5CXmxQ3gUZxQy/TaoW /NmI7/zumbt3ExVJBhEifL/uly11U1nBm3l92rXSdDEo7co0UC5GOEvdBxKRztmr qOnjYsecjQmRJP6rJFfTEllLgbEp3TOhooRsOs2EWDJpqlC6H1hmzPFf2FQK8n+X 09KoUuQORNGK9qXuY9XGG/neywIDAQABo4IChzCCAoMwHQYDVR0OBBYEFCC+lO7Q Pqdvq0CbjfuDjLCfJJ1CMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBxa40dyzCHQfWzS7yZNf334AMzGp6vtlE7 yQZzgiOgs1ZEABLgLrZSLpCm+mJG1HibxDw07o3pu1gTgF6791Xe0I41Eomg+yjX BmqwIuet1ksRBbzTDic68cS8uLQzRAS3/ts7DuQUV9DMzF+WvlehP5p0+28iHmwS 8uBYjcaDspSSN4avki0Fhqd40SOTe/fi+FhQCD1+MrEZLZWbx9bCzmN75EQWId6C ZD73QhJbTPDmA7Z8oWOHy7HmmGgPYltvq91lAhwcOm0YVU/dcDjY2tPlYtEKkhpp 2uVse2f6iXIVsi722MXSYazbh3ESJE3e5ZHozk307wiCwxDEQlZY -----END CERTIFICATE-----Generated at Wed Dec 10 16:57:50 2025 by rpki-client