This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: ns+Fc+Nll0lHnvPN6ZiTE5PoqVTVry5uJUAS7ET+FmU= Subject key identifier: 80:6E:3D:30:97:CD:BA:22:67:5E:76:0D:27:6E:8D:94:12:B4:A5:99 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 493F Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 488E Signing time: Mon 01 Dec 2025 14:50:11 +0000 Manifest this update: Mon 01 Dec 2025 14:50:10 +0000 Manifest next update: Mon 08 Dec 2025 14:50:10 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: Nxtx5/zxOcdp4b/R1hVy86hlbkdX40z1cxNMpT3X80k=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Dec 2025 14:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18751 (0x493f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 1 14:50:10 2025 GMT Not After : Dec 8 14:50:10 2025 GMT Subject: CN=692dab22-bf04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:e3:68:bc:62:c7:b7:50:69:2d:cf:28:6d:bc: 58:c0:93:05:07:ca:7d:ba:94:2f:f4:7e:c8:93:b9: 66:75:5d:62:e1:f6:97:11:4b:01:4b:96:ea:a2:b6: 18:99:28:aa:54:a3:3b:17:4e:b9:29:64:15:f1:9c: fc:74:32:cd:90:12:39:34:d4:f5:b8:06:18:67:f3: 5d:b5:03:0d:da:4e:1a:2d:3e:09:d5:e5:14:ba:f7: 01:9c:95:57:07:b8:ed:b7:1c:0b:9e:5c:2d:2a:1e: f9:7d:ca:03:19:6a:03:2a:7a:96:b2:0f:57:db:0f: d6:7f:07:35:0c:da:b5:52:3f:84:18:47:b9:04:7e: 21:f6:ef:82:33:83:58:e5:fb:f6:7e:ba:50:ee:1f: 7e:de:9e:e6:8c:be:5e:43:27:4a:5d:70:8f:6b:15: 2e:87:1f:ed:bb:93:cd:82:c6:32:8d:bf:cf:e1:47: 82:a6:0b:10:1a:9a:6f:49:2d:7f:4c:65:d1:ae:45: f9:97:dc:55:59:75:a3:ce:f0:ee:5c:b0:f0:e7:2b: 5f:57:bf:31:c2:66:37:d9:97:d3:0c:a4:bf:cb:77: 16:78:79:81:78:e9:4e:cb:37:4c:46:e0:05:5b:09: 72:2b:cc:c5:59:61:e6:f5:59:0b:5e:8f:f6:d5:c6: 31:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:6E:3D:30:97:CD:BA:22:67:5E:76:0D:27:6E:8D:94:12:B4:A5:99 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:40:a5:28:ef:18:72:e1:2b:06:70:be:8c:44:fd:ec:50:ac: 18:68:b2:d4:eb:26:48:88:c8:13:1b:bf:39:ba:94:3a:f2:f6: b9:8f:d7:f5:1f:f1:7b:e1:46:88:93:56:45:d2:fb:de:25:1d: bd:5d:6f:90:77:03:86:5e:27:37:81:d6:a9:53:f9:0b:33:42: d3:70:17:c1:24:21:82:e4:cf:45:db:2b:d0:ea:b7:69:99:c7: 1f:ca:fc:50:fb:26:4e:e8:4b:fa:25:0f:4f:94:15:af:6d:77: 2e:84:d3:3c:fb:a0:38:d2:ad:df:71:3f:3a:e5:75:e5:de:03: a5:0f:76:38:c3:61:78:da:4b:88:48:66:28:97:69:9f:01:92: ff:49:41:90:a1:f5:87:d0:c4:0d:f4:95:3d:55:47:43:1e:cc: ac:15:1e:c4:67:50:08:d1:22:2b:9e:65:e9:6f:6e:ce:17:bc: 0d:b3:b1:85:0b:cf:1c:6d:4e:01:05:9c:d3:6a:db:f5:da:d5: 02:c2:9a:b0:d2:0f:ad:3a:fb:e8:84:98:42:c8:79:6a:21:72: 8d:5a:13:7a:9d:11:01:ae:ff:a7:68:8a:49:32:dc:18:f2:64: a8:e1:ec:52:ad:4f:bb:58:11:7e:4f:32:33:a6:cd:df:f8:8b: d5:e4:92:f3 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICST8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjAxMTQ1MDEwWhcNMjUxMjA4MTQ1MDEwWjAYMRYwFAYD VQQDEw02OTJkYWIyMi1iZjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAruNovGLHt1BpLc8obbxYwJMFB8p9upQv9H7Ik7lmdV1i4faXEUsBS5bqorYY mSiqVKM7F065KWQV8Zz8dDLNkBI5NNT1uAYYZ/NdtQMN2k4aLT4J1eUUuvcBnJVX B7jttxwLnlwtKh75fcoDGWoDKnqWsg9X2w/Wfwc1DNq1Uj+EGEe5BH4h9u+CM4NY 5fv2frpQ7h9+3p7mjL5eQydKXXCPaxUuhx/tu5PNgsYyjb/P4UeCpgsQGppvSS1/ TGXRrkX5l9xVWXWjzvDuXLDw5ytfV78xwmY32ZfTDKS/y3cWeHmBeOlOyzdMRuAF WwlyK8zFWWHm9VkLXo/21cYxjwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFIBuPTCX zboiZ152DSdujZQStKWZMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQB4QKUo7xhy4SsGcL6MRP3sUKwYaLLU6yZI iMgTG785upQ68va5j9f1H/F74UaIk1ZF0vveJR29XW+QdwOGXic3gdapU/kLM0LT cBfBJCGC5M9F2yvQ6rdpmccfyvxQ+yZO6Ev6JQ9PlBWvbXcuhNM8+6A40q3fcT86 5XXl3gOlD3Y4w2F42kuISGYol2mfAZL/SUGQofWH0MQN9JU9VUdDHsysFR7EZ1AI 0SIrnmXpb27OF7wNs7GFC88cbU4BBZzTatv12tUCwpqw0g+tOvvohJhCyHlqIXKN WhN6nREBrv+naIpJMtwY8mSo4exSrU+7WBF+TzIzps3f+IvV5JLz -----END CERTIFICATE-----Generated at Tue Dec 2 00:28:59 2025 by rpki-client