This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: cot2zIUQSmaOPXIt5RcrAby0K0K2U6a0XsGaWSz7cuw= Subject key identifier: 5D:8D:7F:D6:07:AB:A8:46:34:FF:E6:B8:A1:1E:35:7A:55:22:6A:AD Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4949 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 4898 Signing time: Thu 04 Dec 2025 21:04:02 +0000 Manifest this update: Thu 04 Dec 2025 21:04:02 +0000 Manifest next update: Thu 11 Dec 2025 21:04:02 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: St7l6tkXmFTwYoaz+dkOtYBP9lGCStitKw3bwo5PiMI=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 21:04:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18761 (0x4949) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 4 21:04:02 2025 GMT Not After : Dec 11 21:04:02 2025 GMT Subject: CN=6931f742-95ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:76:e6:79:b3:d1:9a:b2:f9:97:0a:e5:f1:4e: 4a:b9:e9:5b:a4:04:f0:4e:cc:df:ce:c4:11:ee:af: 45:85:d3:af:7e:a2:0a:cc:aa:77:d6:d4:0a:9c:d1: b3:a4:ff:9f:35:d1:90:d7:a0:41:4d:84:39:20:b7: 10:68:83:06:52:70:09:bf:51:39:42:2e:b6:87:8b: bb:f9:7f:3b:37:f1:ec:19:10:fc:c6:f4:7f:3a:a9: 27:76:59:7e:d8:5d:86:ec:e1:b7:90:20:e3:e3:4a: 6b:1d:c3:a4:84:cd:3f:8e:da:22:2a:62:fa:ba:70: c2:f1:00:a7:e0:9d:5e:f5:c7:07:e6:da:20:05:d4: 7c:8b:cb:cb:d5:2d:52:29:03:6a:76:1e:95:ac:b7: 13:40:bb:a3:ba:0c:d6:8a:d3:54:e8:28:42:be:fd: 65:21:e3:b1:59:b0:3f:60:53:b0:1c:c8:ee:38:45: 2f:fe:2c:61:c7:49:1e:b2:c2:c2:03:bf:2b:2f:25: a3:b0:5a:5a:55:41:72:ac:ce:21:2f:3c:82:0a:09: 03:4e:35:f6:20:64:ca:29:4b:b8:0c:e5:71:24:86: fd:7b:5d:35:2a:25:1b:97:e4:19:b4:3d:0f:b2:37: b5:3b:ed:ed:49:38:e6:28:b4:9d:9c:08:9a:a0:56: 34:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:8D:7F:D6:07:AB:A8:46:34:FF:E6:B8:A1:1E:35:7A:55:22:6A:AD X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:18:22:22:d1:17:1d:1f:cd:c6:8b:4d:62:75:c9:2b:bd:d1: c0:55:17:ee:ca:91:d0:a1:04:d9:50:d3:b8:d4:ce:e2:3b:71: 44:4e:ee:43:d9:d7:e2:df:98:ab:9f:6f:2a:55:20:0d:53:cd: c9:1f:d9:ce:2e:bf:b8:56:91:21:28:f3:1b:ce:45:28:49:82: 9d:7c:fe:0c:9d:63:3c:27:07:21:80:49:4c:ab:64:12:1a:5c: 65:06:da:dc:32:0d:3a:63:62:f7:dd:c4:44:65:4c:4b:12:39: 68:d2:df:b6:de:c8:1c:6b:22:5e:2b:19:99:76:d9:ca:a3:4c: ea:6e:8e:77:e9:05:b6:45:08:f1:f8:d1:33:4a:61:d2:43:e3: 1e:5c:3d:fe:69:a4:41:ac:60:a5:a9:df:7f:b5:65:0f:95:8f: 57:34:73:57:45:3d:ed:30:71:8b:4d:41:c8:44:fd:8a:cf:f0: 65:ee:76:f3:de:f6:9b:d1:7b:c3:e3:84:f1:3b:90:96:30:33: 87:4d:9d:3e:b0:5e:84:04:5f:bf:53:05:7b:f9:7a:22:35:41: c2:65:7a:5d:a9:08:83:de:49:0a:87:62:49:99:4b:6c:de:f5: 02:1f:25:dd:ff:f3:e3:e7:d1:73:78:9c:b7:73:ca:15:08:8f: ea:18:57:5d -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjA0MjEwNDAyWhcNMjUxMjExMjEwNDAyWjAYMRYwFAYD VQQDEw02OTMxZjc0Mi05NWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyXbmebPRmrL5lwrl8U5KuelbpATwTszfzsQR7q9FhdOvfqIKzKp31tQKnNGz pP+fNdGQ16BBTYQ5ILcQaIMGUnAJv1E5Qi62h4u7+X87N/HsGRD8xvR/Oqkndll+ 2F2G7OG3kCDj40prHcOkhM0/jtoiKmL6unDC8QCn4J1e9ccH5togBdR8i8vL1S1S KQNqdh6VrLcTQLujugzWitNU6ChCvv1lIeOxWbA/YFOwHMjuOEUv/ixhx0kessLC A78rLyWjsFpaVUFyrM4hLzyCCgkDTjX2IGTKKUu4DOVxJIb9e101KiUbl+QZtD0P sje1O+3tSTjmKLSdnAiaoFY00wIDAQABo4IChzCCAoMwHQYDVR0OBBYEFF2Nf9YH q6hGNP/muKEeNXpVImqtMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBtGCIi0RcdH83Gi01idckrvdHAVRfuypHQ oQTZUNO41M7iO3FETu5D2dfi35irn28qVSANU83JH9nOLr+4VpEhKPMbzkUoSYKd fP4MnWM8JwchgElMq2QSGlxlBtrcMg06Y2L33cREZUxLEjlo0t+23sgcayJeKxmZ dtnKo0zqbo536QW2RQjx+NEzSmHSQ+MeXD3+aaRBrGClqd9/tWUPlY9XNHNXRT3t MHGLTUHIRP2Kz/Bl7nbz3vab0XvD44TxO5CWMDOHTZ0+sF6EBF+/UwV7+XoiNUHC ZXpdqQiD3kkKh2JJmUts3vUCHyXd//Pj59FzeJy3c8oVCI/qGFdd -----END CERTIFICATE-----Generated at Fri Dec 5 02:10:50 2025 by rpki-client