This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: dhCwDP1izjdHHBL80MJDCOp2LCbmPh0wsz/UxoZyl7A= Subject key identifier: AF:68:51:B0:FF:4D:3E:68:60:B4:87:A9:F7:88:3D:78:40:01:8C:27 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 494C Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 489B Signing time: Fri 05 Dec 2025 23:29:56 +0000 Manifest this update: Fri 05 Dec 2025 23:29:55 +0000 Manifest next update: Fri 12 Dec 2025 23:29:55 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: N8qoO7aQpP1r2f/gXbPUPFO8F7MKYRHXc3SCZB//GhQ=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 23:29:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18764 (0x494c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 5 23:29:55 2025 GMT Not After : Dec 12 23:29:55 2025 GMT Subject: CN=69336af3-f4e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ed:cd:95:98:e4:99:05:68:b4:2e:4a:16:e3: 41:52:f4:d3:96:20:2f:6a:13:db:b7:b9:3d:af:b5: 41:28:26:7d:d1:31:15:70:ce:78:d5:e6:f1:ae:4b: 66:0a:0a:10:59:35:c7:d5:87:bf:66:ef:d3:da:42: a4:72:11:32:8f:66:66:14:d1:22:7e:62:34:6b:0d: 11:93:52:c6:63:93:f7:b3:87:26:aa:48:f5:ae:ac: a3:12:17:6c:6e:a9:e0:76:76:3a:3a:4c:13:44:bb: 4e:92:b8:01:66:8c:83:c2:e7:b9:d7:ce:64:a2:a2: f1:49:94:72:27:59:47:4a:ed:17:5e:38:04:c8:a5: 71:ab:f4:36:d9:50:29:68:b3:1a:c8:2a:10:b1:dc: 7c:5d:db:49:46:e5:83:98:38:00:25:a1:5e:90:13: b1:72:fd:e7:2d:fd:05:94:6e:e3:5b:67:66:8a:52: 02:2d:07:db:e1:2d:55:4c:3e:9a:d2:9a:52:37:20: 5c:e5:4b:75:f6:35:d6:9e:11:20:6e:f0:a9:5b:12: 64:65:bf:e8:71:8c:d6:2b:c0:1c:0d:f4:5d:f3:b1: 9e:6d:c4:e3:f5:2f:8b:70:4a:72:a3:6f:13:1f:ba: 3a:d7:5d:3d:31:4d:30:a5:26:2f:e3:7e:e8:07:f7: 83:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:68:51:B0:FF:4D:3E:68:60:B4:87:A9:F7:88:3D:78:40:01:8C:27 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:57:ae:41:d0:c8:68:98:8a:38:b4:94:15:7e:6a:0f:26:23: a0:bb:c4:d0:f3:30:a7:02:af:21:c5:68:53:12:5e:1d:97:c5: 61:71:1e:66:f9:30:f6:e0:b6:fd:25:ad:82:77:2c:f6:05:6a: d7:92:6b:10:b7:21:5f:7d:b4:47:5d:fd:98:8d:c0:b6:72:d6: 56:b9:cb:d6:93:07:4c:a4:37:08:0a:f8:ea:48:1d:fd:81:f9: fb:04:b5:41:2b:ed:7a:e0:23:10:34:87:4f:b3:ad:91:80:f1: d5:1d:0f:da:8d:32:65:08:27:ed:3e:10:2d:66:13:c3:d3:43: c0:6b:df:8c:60:00:a9:9b:6c:ec:cf:14:69:32:30:d2:ee:a1: d9:e1:d0:5f:b6:be:5b:14:2e:45:e7:1f:39:e8:e7:1b:be:3f: 9c:db:78:e5:5b:24:6f:90:91:ea:e2:6f:a2:02:77:1f:4d:17: 08:87:df:9d:32:40:c3:55:2d:da:02:a4:b9:8e:0b:03:da:68: fd:94:74:17:bf:7a:ee:5e:56:85:4d:57:89:a8:d7:da:88:14: cc:68:6e:0e:cd:23:06:f4:c0:49:ae:58:c7:40:19:2b:2c:63: a7:27:cd:b3:08:65:19:a6:af:c9:15:d9:f2:63:34:21:1f:d2: eb:69:6f:d0 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSUwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjA1MjMyOTU1WhcNMjUxMjEyMjMyOTU1WjAYMRYwFAYD VQQDEw02OTMzNmFmMy1mNGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu+3NlZjkmQVotC5KFuNBUvTTliAvahPbt7k9r7VBKCZ90TEVcM541ebxrktm CgoQWTXH1Ye/Zu/T2kKkchEyj2ZmFNEifmI0aw0Rk1LGY5P3s4cmqkj1rqyjEhds bqngdnY6OkwTRLtOkrgBZoyDwue5185koqLxSZRyJ1lHSu0XXjgEyKVxq/Q22VAp aLMayCoQsdx8XdtJRuWDmDgAJaFekBOxcv3nLf0FlG7jW2dmilICLQfb4S1VTD6a 0ppSNyBc5Ut19jXWnhEgbvCpWxJkZb/ocYzWK8AcDfRd87GebcTj9S+LcEpyo28T H7o61109MU0wpSYv437oB/eDNwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFK9oUbD/ TT5oYLSHqfeIPXhAAYwnMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBgV65B0MhomIo4tJQVfmoPJiOgu8TQ8zCn Aq8hxWhTEl4dl8VhcR5m+TD24Lb9Ja2Cdyz2BWrXkmsQtyFffbRHXf2YjcC2ctZW ucvWkwdMpDcICvjqSB39gfn7BLVBK+164CMQNIdPs62RgPHVHQ/ajTJlCCftPhAt ZhPD00PAa9+MYACpm2zszxRpMjDS7qHZ4dBftr5bFC5F5x856Ocbvj+c23jlWyRv kJHq4m+iAncfTRcIh9+dMkDDVS3aAqS5jgsD2mj9lHQXv3ruXlaFTVeJqNfaiBTM aG4OzSMG9MBJrljHQBkrLGOnJ82zCGUZpq/JFdnyYzQhH9LraW/Q -----END CERTIFICATE-----Generated at Sat Dec 6 02:59:08 2025 by rpki-client