This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: ckcdKHCfAIe12zxCHh+6MUexLS3rFkg6bvdV4fM3oRw= Subject key identifier: 56:47:F3:92:3E:59:0F:1B:1A:94:09:2C:2B:0A:DF:C6:5D:63:9E:72 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 494D Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 489C Signing time: Sat 06 Dec 2025 02:50:10 +0000 Manifest this update: Sat 06 Dec 2025 02:50:09 +0000 Manifest next update: Sat 13 Dec 2025 02:50:09 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: nkoT/PQ54GHco9DXobVo8sqmsBNndEddzmWJPK/U6Bc=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 02:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18765 (0x494d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 6 02:50:09 2025 GMT Not After : Dec 13 02:50:09 2025 GMT Subject: CN=693399e2-1cf2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d6:e8:ae:3c:e3:72:1a:6e:e6:70:13:c7:de: 78:b8:f2:ae:83:d5:6e:15:62:02:d4:dd:fb:fd:9f: bb:4d:ea:f0:5b:df:80:de:d1:56:33:d4:62:1a:85: b4:34:11:60:10:a0:49:41:52:af:46:3d:20:49:1f: e7:9e:f7:f1:2e:c5:cf:bc:6f:f7:79:1e:e6:a7:28: 8c:3c:1f:30:05:79:f9:db:de:0a:f9:33:82:66:1b: 51:6f:d2:b2:50:e1:bb:0f:b2:58:96:4a:a5:c0:bc: 3b:be:8b:e1:b4:19:53:61:eb:ad:fa:e0:e0:8a:8a: df:c6:f9:b5:b5:ae:10:63:6e:3c:06:70:47:43:43: d6:3d:27:33:0b:53:3b:f6:2e:3a:53:04:e2:16:ed: 59:43:cd:ab:1e:ba:d9:7c:bb:32:9f:7f:65:bd:4a: 1f:b2:23:1c:83:fa:66:36:01:4d:f2:46:f0:c0:51: 7c:40:5f:4e:0d:9e:53:76:a9:67:55:42:0c:a4:75: bf:ad:6c:e2:8a:b8:11:1b:a5:aa:57:4e:b2:fa:09: fb:b4:6d:21:35:6e:0f:b8:25:77:57:aa:44:61:89: 8e:15:ff:d7:84:71:00:64:e5:18:eb:28:c2:f4:42: ae:c9:24:dc:0f:e6:07:b9:a4:b3:d0:b6:cc:45:5e: fd:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:47:F3:92:3E:59:0F:1B:1A:94:09:2C:2B:0A:DF:C6:5D:63:9E:72 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:84:4c:1d:67:ff:72:44:81:03:9e:b2:64:96:c6:86:cc:b4: 7b:49:ef:82:b1:a6:99:23:f5:f9:60:3c:c2:22:0b:f8:6e:a0: 68:4d:22:19:e7:c7:35:ca:c3:0e:55:fd:38:73:bf:e2:c5:6d: aa:cb:09:f5:85:72:d6:a1:a7:54:a5:23:b0:4e:96:8a:60:d0: 56:9b:a9:10:67:05:d4:c8:be:a0:55:98:c6:6f:bd:53:7f:0a: 59:bb:fb:2a:26:ec:ee:fd:78:e9:06:be:26:b4:dd:5a:13:38: a4:9e:f8:35:4e:d4:85:81:a7:41:30:26:64:34:10:09:ef:fe: 4f:0a:b4:75:aa:00:c6:8d:74:2b:d6:64:1a:f6:1a:8d:ec:50: 84:83:e3:f0:9a:07:35:99:27:b1:3c:70:f0:b5:40:67:98:14: 2a:a9:0f:8c:a5:e5:40:93:c0:3b:34:81:9c:ca:bf:6b:a4:8f: 25:f9:33:8a:2c:4a:f6:dd:34:62:f6:d3:d6:8e:c7:39:b8:38: 1c:32:8b:88:1f:14:cb:72:11:cb:e4:db:06:e5:be:4d:d1:3e: fc:ce:4d:d1:ec:35:10:75:ce:9f:08:c2:1e:6b:24:75:2e:b8: 32:d3:e1:ce:16:cd:47:26:b4:f8:00:c3:90:69:5e:cd:45:4f: 05:78:b8:ba -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjA2MDI1MDA5WhcNMjUxMjEzMDI1MDA5WjAYMRYwFAYD VQQDEw02OTMzOTllMi0xY2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvdborjzjchpu5nATx954uPKug9VuFWIC1N37/Z+7TerwW9+A3tFWM9RiGoW0 NBFgEKBJQVKvRj0gSR/nnvfxLsXPvG/3eR7mpyiMPB8wBXn5294K+TOCZhtRb9Ky UOG7D7JYlkqlwLw7vovhtBlTYeut+uDgiorfxvm1ta4QY248BnBHQ0PWPSczC1M7 9i46UwTiFu1ZQ82rHrrZfLsyn39lvUofsiMcg/pmNgFN8kbwwFF8QF9ODZ5Tdqln VUIMpHW/rWziirgRG6WqV06y+gn7tG0hNW4PuCV3V6pEYYmOFf/XhHEAZOUY6yjC 9EKuySTcD+YHuaSz0LbMRV79XQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFFZH85I+ WQ8bGpQJLCsK38ZdY55yMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA1hEwdZ/9yRIEDnrJklsaGzLR7Se+CsaaZ I/X5YDzCIgv4bqBoTSIZ58c1ysMOVf04c7/ixW2qywn1hXLWoadUpSOwTpaKYNBW m6kQZwXUyL6gVZjGb71TfwpZu/sqJuzu/XjpBr4mtN1aEziknvg1TtSFgadBMCZk NBAJ7/5PCrR1qgDGjXQr1mQa9hqN7FCEg+Pwmgc1mSexPHDwtUBnmBQqqQ+MpeVA k8A7NIGcyr9rpI8l+TOKLEr23TRi9tPWjsc5uDgcMouIHxTLchHL5NsG5b5N0T78 zk3R7DUQdc6fCMIeayR1Lrgy0+HOFs1HJrT4AMOQaV7NRU8FeLi6 -----END CERTIFICATE-----Generated at Sat Dec 6 16:14:54 2025 by rpki-client