This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: 9cdr3qHFZJgw3sRlnvZ+m07ui3iw6DZluQe9tfG0mXY= Subject key identifier: E0:B1:2E:65:15:04:E1:F9:42:B9:0A:F0:74:FE:80:11:18:D2:0F:63 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 493C Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 488B Signing time: Sun 30 Nov 2025 14:50:10 +0000 Manifest this update: Sun 30 Nov 2025 14:50:10 +0000 Manifest next update: Sun 07 Dec 2025 14:50:10 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: 7OqOjtBUV3QeFSf5jwBL71j+7ISwObqivNk7RBoVblk=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 14:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18748 (0x493c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Nov 30 14:50:10 2025 GMT Not After : Dec 7 14:50:10 2025 GMT Subject: CN=692c59a2-e45b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:4a:8c:20:19:02:e0:35:10:46:0e:50:da:66: 0a:9a:55:94:ed:5e:be:6b:c3:f3:ca:6d:98:6a:4d: 97:5f:d2:75:58:27:8e:cf:1b:e2:39:6e:7e:19:54: 6b:2c:7c:9e:28:67:24:8b:76:cb:8f:f3:13:9d:a4: af:c6:b1:91:00:87:58:3f:d5:bd:f4:87:bb:21:af: db:2b:46:8c:f3:47:76:2e:24:ee:cf:f7:b1:55:10: 85:a1:1c:0b:32:a1:80:e0:7c:1f:25:d9:04:89:2f: 20:1e:f7:05:53:7a:e8:51:9c:ac:04:5f:2e:6f:53: 6b:6c:5a:ba:26:ef:51:07:e9:4a:ec:b6:fc:74:19: 48:31:6c:7f:6a:b1:dd:0c:75:99:05:98:16:7c:a3: 01:49:6e:b4:66:51:fb:5e:28:2a:09:97:c5:84:b4: 68:11:6f:62:30:be:4d:80:c2:a6:d4:fc:d7:9f:b1: 78:5e:2b:d0:a7:ee:16:e4:f1:99:20:f4:8e:f8:0e: 80:91:a7:09:57:6a:49:a1:11:b3:19:74:4a:a4:fe: 1d:bc:86:87:56:52:ba:df:3f:a0:6d:57:22:54:0e: 96:de:52:ce:60:db:2e:3d:d6:94:76:50:65:70:16: 25:8b:d3:44:38:c2:1d:fd:23:6f:dc:fc:db:53:6e: 4c:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:B1:2E:65:15:04:E1:F9:42:B9:0A:F0:74:FE:80:11:18:D2:0F:63 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:45:77:54:52:ac:9f:20:60:b8:e9:cf:86:a6:1b:77:b6:52: ad:f7:7b:6f:c1:f7:8f:ca:1d:75:73:5e:5f:d1:2a:60:ce:7e: d7:14:c1:d9:45:92:0c:25:73:36:a7:3d:b3:36:4d:ff:5a:7e: 39:d6:8f:73:d7:2e:af:ac:b0:54:b8:8a:00:32:82:b8:a7:c4: 1d:20:70:4d:aa:f8:a0:e3:e5:e9:c9:84:8f:96:57:74:be:6e: 1c:e1:e5:27:99:3d:e2:ef:c7:ce:20:38:0d:5a:02:2e:e7:1c: f1:e0:13:57:63:a3:7e:06:ad:b0:a6:6a:91:96:91:66:e7:5c: 1f:d0:b0:71:e4:69:6a:9f:cc:cd:8f:fd:e7:d3:bf:32:35:f1: f0:f6:2a:9d:91:22:69:01:32:10:3b:27:62:ab:5f:68:ee:af: 37:46:52:ae:aa:2a:97:02:46:21:8e:74:94:c3:34:9e:42:5d: a7:ae:6a:4e:09:7d:ed:e7:86:84:2a:89:92:73:4a:92:d9:30: 67:c4:a7:8a:88:89:4b:49:4b:0c:5c:08:cb:2f:81:09:76:ad: 70:0d:42:79:76:ac:0b:cb:ac:ae:37:f6:c4:4a:bc:79:8d:cc: 0d:f1:67:cc:51:d9:9f:02:f3:a6:d7:4d:3b:57:fa:f3:ad:c4: f3:d5:dd:f1 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSTwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMTMwMTQ1MDEwWhcNMjUxMjA3MTQ1MDEwWjAYMRYwFAYD VQQDEw02OTJjNTlhMi1lNDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs0qMIBkC4DUQRg5Q2mYKmlWU7V6+a8Pzym2Yak2XX9J1WCeOzxviOW5+GVRr LHyeKGcki3bLj/MTnaSvxrGRAIdYP9W99Ie7Ia/bK0aM80d2LiTuz/exVRCFoRwL MqGA4HwfJdkEiS8gHvcFU3roUZysBF8ub1NrbFq6Ju9RB+lK7Lb8dBlIMWx/arHd DHWZBZgWfKMBSW60ZlH7XigqCZfFhLRoEW9iML5NgMKm1PzXn7F4XivQp+4W5PGZ IPSO+A6AkacJV2pJoRGzGXRKpP4dvIaHVlK63z+gbVciVA6W3lLOYNsuPdaUdlBl cBYli9NEOMId/SNv3PzbU25MwQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFOCxLmUV BOH5QrkK8HT+gBEY0g9jMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAjRXdUUqyfIGC46c+Gpht3tlKt93tvwfeP yh11c15f0Spgzn7XFMHZRZIMJXM2pz2zNk3/Wn451o9z1y6vrLBUuIoAMoK4p8Qd IHBNqvig4+XpyYSPlld0vm4c4eUnmT3i78fOIDgNWgIu5xzx4BNXY6N+Bq2wpmqR lpFm51wf0LBx5Glqn8zNj/3n078yNfHw9iqdkSJpATIQOydiq19o7q83RlKuqiqX AkYhjnSUwzSeQl2nrmpOCX3t54aEKomSc0qS2TBnxKeKiIlLSUsMXAjLL4EJdq1w DUJ5dqwLy6yuN/bESrx5jcwN8WfMUdmfAvOm1007V/rzrcTz1d3x -----END CERTIFICATE-----Generated at Mon Dec 1 00:23:21 2025 by rpki-client