This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: KfBdnlvWzLbzIpcpKPB5i9SNbSzMeyctuCAqxSsZx2g= Subject key identifier: 31:C5:1C:DE:EA:62:68:E3:A1:ED:9D:BF:7E:C2:84:A3:CF:86:BB:7E Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4962 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48B0 Signing time: Fri 12 Dec 2025 02:50:10 +0000 Manifest this update: Fri 12 Dec 2025 02:50:10 +0000 Manifest next update: Fri 19 Dec 2025 02:50:10 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: uHJry7Jn1hPN+xwP74SE0kbbboQQcn6MWlL9f0BnFoI=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 02:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18786 (0x4962) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 12 02:50:10 2025 GMT Not After : Dec 19 02:50:10 2025 GMT Subject: CN=693b82e2-da48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:1c:6a:d4:51:a4:2f:52:95:a8:35:35:5d:63: 4c:04:86:8d:62:e1:4d:98:28:19:80:61:05:91:3e: df:20:a9:5b:b3:68:ae:9d:88:f0:f8:da:e6:9a:88: 3a:54:2c:98:af:04:e8:5a:2f:c7:53:79:70:2b:6d: 54:ef:52:24:67:5e:35:8c:72:df:63:db:58:ad:1e: ba:a2:81:0d:c2:07:6b:18:3b:f5:0e:5c:73:0a:c6: 17:84:21:50:f6:46:63:41:7f:7f:bd:dd:2f:26:0f: f7:20:00:67:05:53:8a:32:fe:97:ef:e4:a8:22:67: 73:83:ef:26:64:0f:f9:30:f0:bf:39:24:f0:0a:1d: 1a:8b:54:5c:a4:0d:34:a5:52:72:7d:8b:1d:f8:e5: c0:1e:30:00:bf:69:14:0e:bf:bb:19:8d:b6:49:e1: b1:a6:34:6f:74:32:9a:32:45:ad:72:6c:93:61:3f: 6a:7c:20:f8:25:8b:e3:df:8e:ce:88:c1:1b:24:3e: 4f:24:94:cf:67:26:36:2d:2e:77:ce:16:29:9f:17: 7b:fe:de:e3:0d:df:74:94:5f:c2:6d:29:0a:57:d6: 80:50:6b:db:1c:f4:b7:33:7d:06:ce:1a:b2:ea:38: 24:40:11:52:81:56:32:26:4d:f5:55:cf:f1:27:4f: 6f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C5:1C:DE:EA:62:68:E3:A1:ED:9D:BF:7E:C2:84:A3:CF:86:BB:7E X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:98:b8:aa:58:42:bf:2b:49:a3:58:be:ce:ce:df:96:95:9d: b0:98:05:56:94:13:89:aa:b3:0b:5a:85:77:18:e7:74:98:be: d3:99:92:a0:55:c2:59:eb:fc:93:a6:19:43:0f:f8:32:ec:e1: 9d:85:42:2c:41:9a:26:e5:37:2f:a8:4f:73:06:20:bb:67:ba: a2:62:3f:18:40:90:c0:7f:7d:86:cf:0a:81:5b:5f:89:1a:18: 38:c3:76:a3:2e:e4:17:07:3d:84:c9:f6:93:a0:68:28:be:bc: cf:bc:8d:e7:85:0d:40:b2:fe:a7:5f:21:4f:cf:a9:4c:0f:ef: 25:f3:a3:a8:56:62:d4:fe:50:a3:4f:5d:f6:fe:ce:a9:75:8f: 4c:52:b6:9c:7f:09:72:9a:f5:1c:a2:49:3b:07:70:df:6a:e1: 28:f6:5e:3d:32:7f:65:39:5a:b9:4d:cd:e9:89:28:d2:b4:5f: 64:3c:da:54:8c:45:d2:90:de:1b:01:44:45:fc:35:27:59:bb: 99:73:16:32:35:98:3a:48:a6:41:73:54:f2:ea:9f:30:ae:fd: d1:31:30:e0:ee:5e:13:f4:1e:90:51:92:c7:42:0c:3d:38:e0: 49:c4:d5:4d:32:08:b6:0e:c2:58:71:52:c2:90:dc:a1:98:f1: 05:72:56:3a -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjEyMDI1MDEwWhcNMjUxMjE5MDI1MDEwWjAYMRYwFAYD VQQDEw02OTNiODJlMi1kYTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6Bxq1FGkL1KVqDU1XWNMBIaNYuFNmCgZgGEFkT7fIKlbs2iunYjw+Nrmmog6 VCyYrwToWi/HU3lwK21U71IkZ141jHLfY9tYrR66ooENwgdrGDv1DlxzCsYXhCFQ 9kZjQX9/vd0vJg/3IABnBVOKMv6X7+SoImdzg+8mZA/5MPC/OSTwCh0ai1RcpA00 pVJyfYsd+OXAHjAAv2kUDr+7GY22SeGxpjRvdDKaMkWtcmyTYT9qfCD4JYvj347O iMEbJD5PJJTPZyY2LS53zhYpnxd7/t7jDd90lF/CbSkKV9aAUGvbHPS3M30Gzhqy 6jgkQBFSgVYyJk31Vc/xJ09vVwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFDHFHN7q Ymjjoe2dv37ChKPPhrt+MB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA9mLiqWEK/K0mjWL7Ozt+WlZ2wmAVWlBOJ qrMLWoV3GOd0mL7TmZKgVcJZ6/yTphlDD/gy7OGdhUIsQZom5TcvqE9zBiC7Z7qi Yj8YQJDAf32GzwqBW1+JGhg4w3ajLuQXBz2EyfaToGgovrzPvI3nhQ1Asv6nXyFP z6lMD+8l86OoVmLU/lCjT132/s6pdY9MUracfwlymvUcokk7B3DfauEo9l49Mn9l OVq5Tc3piSjStF9kPNpUjEXSkN4bAURF/DUnWbuZcxYyNZg6SKZBc1Ty6p8wrv3R MTDg7l4T9B6QUZLHQgw9OOBJxNVNMgi2DsJYcVLCkNyhmPEFclY6 -----END CERTIFICATE-----Generated at Fri Dec 12 09:48:09 2025 by rpki-client