This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: 5/+QAQomYXaBVlieZwA9qFkDqQqubne+Kknnl3087X8= Subject key identifier: D5:5F:04:BF:B3:74:D4:C4:40:55:C7:59:56:B7:22:D8:BB:7E:4E:C7 Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4983 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48D1 Signing time: Mon 22 Dec 2025 14:50:11 +0000 Manifest this update: Mon 22 Dec 2025 14:50:11 +0000 Manifest next update: Mon 29 Dec 2025 14:50:11 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: bcumIlaage8W+hEN98ylMWQ9OPBhIAZmPxMDZqyV3ZU=) 2: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 3: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 4: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 5: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 6: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 7: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 8: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 9: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 10: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 14:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18819 (0x4983) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 22 14:50:11 2025 GMT Not After : Dec 29 14:50:11 2025 GMT Subject: CN=69495aa3-bfcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ab:c0:82:d1:e4:19:2a:d3:67:be:c0:95:d5: d0:19:a8:91:46:f5:ec:11:6c:ff:c2:0e:51:7e:4e: 05:ac:1c:fa:e8:32:0c:43:00:03:e4:b9:3f:a0:97: ae:5d:0e:46:92:ba:6e:d3:78:3e:8f:92:bf:ad:0f: 53:1f:4c:30:60:16:53:07:e5:3a:00:27:02:99:ed: 87:ad:99:e8:65:d3:e5:9e:f9:1b:f3:87:2c:28:0e: 7b:4f:17:02:6a:2e:25:0a:f2:85:28:47:31:5f:12: fe:83:03:87:29:a2:69:6e:94:25:5f:72:23:40:b3: 3a:32:b4:f8:3e:af:57:93:45:a9:b3:80:62:e1:dd: b8:8e:81:07:49:be:ac:b6:89:b3:f0:2a:a2:65:1b: 7d:ac:2c:14:7d:c5:e0:bb:18:87:d4:0c:b7:40:b7: f3:2c:33:32:53:bc:b7:53:6d:f6:e6:25:2a:95:47: a4:31:18:fe:b3:ed:89:a9:39:09:68:a5:6d:96:44: 6f:99:55:bf:51:3a:07:e6:a2:45:6e:d8:fe:61:a6: 86:80:84:19:e5:1a:37:6d:21:54:6a:7e:e5:51:77: 0e:d9:52:ac:39:bd:49:f9:4c:9b:eb:43:70:de:4d: 65:70:d7:5d:54:eb:02:7b:dd:84:e6:2c:44:e3:a8: fd:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:5F:04:BF:B3:74:D4:C4:40:55:C7:59:56:B7:22:D8:BB:7E:4E:C7 X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:1c:9a:70:dd:dc:d6:e0:f0:44:3e:e4:c2:4f:f6:63:a0:67: ef:f6:07:57:ab:b6:04:96:67:dc:34:8d:48:24:60:fd:35:4d: de:39:9c:f9:da:2a:00:bc:6b:74:36:8f:0f:7d:06:dd:e3:f5: f3:8d:d0:0e:c4:0a:51:3a:ef:de:80:7f:2a:63:70:54:f6:cc: a4:f9:5a:d9:df:86:ab:f8:69:32:05:fa:e6:5f:a3:28:6c:80: 51:2b:33:dd:cc:b6:16:86:1f:3d:26:35:23:7c:02:1f:1b:ab: 61:4f:10:eb:de:8e:e8:eb:49:5b:27:98:f7:74:81:d0:01:ee: 3d:00:60:fe:bd:a2:52:0c:0a:07:ef:55:96:5b:8b:94:9a:e7: 31:6b:6e:e3:84:e7:3e:9b:fd:6b:7e:02:96:7b:87:f9:0d:4b: e6:19:de:5b:b5:e1:a9:44:b8:e0:0a:dc:45:d2:23:ce:d2:37: fd:52:a5:e4:6d:e0:b3:ca:77:1d:aa:d1:a9:a3:58:56:ee:83: d7:33:15:6f:88:2d:f9:3e:ce:d5:31:e9:fb:3a:d3:0b:10:5c: 72:bd:5b:20:7c:c5:41:d4:64:af:d2:c2:b7:b2:77:4b:50:35: cb:c2:a2:4b:43:42:24:68:9d:76:54:6b:b0:09:e7:4d:a6:a6: be:04:d2:9a -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSYMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjIyMTQ1MDExWhcNMjUxMjI5MTQ1MDExWjAYMRYwFAYD VQQDDA02OTQ5NWFhMy1iZmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwavAgtHkGSrTZ77AldXQGaiRRvXsEWz/wg5Rfk4FrBz66DIMQwAD5Lk/oJeu XQ5Gkrpu03g+j5K/rQ9TH0wwYBZTB+U6ACcCme2HrZnoZdPlnvkb84csKA57TxcC ai4lCvKFKEcxXxL+gwOHKaJpbpQlX3IjQLM6MrT4Pq9Xk0Wps4Bi4d24joEHSb6s tomz8CqiZRt9rCwUfcXguxiH1Ay3QLfzLDMyU7y3U2325iUqlUekMRj+s+2JqTkJ aKVtlkRvmVW/UToH5qJFbtj+YaaGgIQZ5Ro3bSFUan7lUXcO2VKsOb1J+Uyb60Nw 3k1lcNddVOsCe92E5ixE46j9FQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFNVfBL+z dNTEQFXHWVa3Iti7fk7HMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBMHJpw3dzW4PBEPuTCT/ZjoGfv9gdXq7YE lmfcNI1IJGD9NU3eOZz52ioAvGt0No8PfQbd4/XzjdAOxApROu/egH8qY3BU9syk +VrZ34ar+GkyBfrmX6MobIBRKzPdzLYWhh89JjUjfAIfG6thTxDr3o7o60lbJ5j3 dIHQAe49AGD+vaJSDAoH71WWW4uUmucxa27jhOc+m/1rfgKWe4f5DUvmGd5bteGp RLjgCtxF0iPO0jf9UqXkbeCzyncdqtGpo1hW7oPXMxVviC35Ps7VMen7OtMLEFxy vVsgfMVB1GSv0sK3sndLUDXLwqJLQ0IkaJ12VGuwCedNpqa+BNKa -----END CERTIFICATE-----Generated at Tue Dec 23 02:12:24 2025 by rpki-client