This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: EfomfPeT0oAb1gqycqYjM1kbNV2xhHHj93e/OZgt7Gw= Subject key identifier: 87:55:E5:A8:23:DE:A0:F2:74:59:1C:E2:E3:E6:52:AF:51:EE:E1:EA Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4965 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 48B3 Signing time: Sat 13 Dec 2025 02:50:10 +0000 Manifest this update: Sat 13 Dec 2025 02:50:09 +0000 Manifest next update: Sat 20 Dec 2025 02:50:09 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: vZ0Z+pkRj/SK9B7gQyI5+kWSuWcF2P0uPuTvCoRYKV0=) 2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 4: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: dEN04Vh3/XJUtldGAQqecGT8RVXi/7/2tEH5QIpc0iQ=) 5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: 7cJnEBVLmqaTtSBdj3Qn+bODYO9Cd6sZH5D2PaBPTpY=) 7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=) 8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 9: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 10: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 02:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18789 (0x4965) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Dec 13 02:50:09 2025 GMT Not After : Dec 20 02:50:09 2025 GMT Subject: CN=693cd462-b229 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:01:88:d2:1d:ad:74:08:3a:43:55:af:7a:d1: 37:0e:09:f8:5e:34:98:15:10:a5:29:af:52:2d:9a: 3a:3e:6c:0a:9d:da:44:b9:3c:db:cb:60:2f:ea:1f: b5:7a:38:ff:9e:3e:fb:e5:ac:f2:5e:eb:3c:9d:85: 8f:60:68:78:02:e3:dd:84:3e:6a:dd:4a:1b:35:38: 3a:61:ac:0f:59:08:2b:e5:41:7f:38:9c:0d:ce:41: bd:f2:81:f3:43:d6:28:43:6a:73:71:7e:4b:9c:87: 7c:1b:b6:36:36:98:86:c1:72:2b:1a:ba:b8:30:aa: 8b:d3:f5:82:5a:5e:ae:b1:3f:a4:9b:15:fb:d7:ee: 6f:eb:f4:49:ce:ed:29:50:bc:c2:02:69:2a:ff:8a: 95:52:d5:d4:d8:39:b2:02:e4:f6:5e:65:d5:41:a5: fa:c3:d2:13:85:a8:6e:72:18:51:bb:64:ea:92:43: 19:2d:7d:45:ee:b9:ed:2a:1a:0e:0d:3b:05:4a:75: 25:32:b9:25:c2:e3:8c:cb:64:ee:0a:47:fe:dc:63: bd:59:e1:2d:9b:c4:d8:bd:37:7c:45:b5:69:f1:40: b2:ce:d6:21:5f:60:b4:c8:16:66:b1:51:bc:b8:d8: 5f:4f:13:cf:e5:8a:c7:60:23:3f:74:58:cb:d8:e7: ca:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:55:E5:A8:23:DE:A0:F2:74:59:1C:E2:E3:E6:52:AF:51:EE:E1:EA X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:26:a0:e3:c1:c7:7a:49:b0:bf:11:12:4d:5e:72:22:ed:57: c3:a2:a2:42:df:a9:e1:28:f5:c7:26:b8:43:36:8f:be:8a:48: 2f:d7:b5:6b:18:25:78:aa:30:61:17:68:7e:cc:3c:a3:9f:9c: 79:71:63:08:56:ab:ae:9c:13:9a:c8:69:d5:0d:c0:96:ec:d8: 1f:ef:c7:bc:b2:a1:3c:39:21:06:21:5c:2a:69:45:83:bc:f9: 02:a0:27:a7:81:ae:73:67:ab:0d:f8:32:9d:c2:27:82:10:61: 4e:59:98:24:b0:ed:d7:27:09:a1:6f:21:03:c0:64:02:c1:f7: 0f:2b:cf:0c:ee:8c:c3:85:98:8e:4c:eb:29:3d:bb:f2:f6:b3: af:7c:5d:08:58:d9:22:f0:8c:13:65:df:75:54:aa:f5:e6:20: 6e:7c:7a:ca:a8:c7:1c:4a:54:19:2e:c8:f8:bd:22:65:08:81: 04:2f:d1:48:f8:8b:96:91:28:0d:3f:92:2e:41:7c:dd:34:83: d2:98:1f:0b:f0:20:15:8b:31:1b:a9:79:99:84:6b:5f:d7:ec: ee:a5:44:1c:aa:9e:a7:80:9b:cb:94:17:f1:32:c9:21:30:32: af:fd:ad:a3:d5:6a:71:fb:84:10:4e:db:2a:cf:b6:21:a5:48: 16:e5:90:93 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICSWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjUxMjEzMDI1MDA5WhcNMjUxMjIwMDI1MDA5WjAYMRYwFAYD VQQDEw02OTNjZDQ2Mi1iMjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvAGI0h2tdAg6Q1WvetE3Dgn4XjSYFRClKa9SLZo6PmwKndpEuTzby2Av6h+1 ejj/nj775azyXus8nYWPYGh4AuPdhD5q3UobNTg6YawPWQgr5UF/OJwNzkG98oHz Q9YoQ2pzcX5LnId8G7Y2NpiGwXIrGrq4MKqL0/WCWl6usT+kmxX71+5v6/RJzu0p ULzCAmkq/4qVUtXU2DmyAuT2XmXVQaX6w9IThahuchhRu2TqkkMZLX1F7rntKhoO DTsFSnUlMrklwuOMy2TuCkf+3GO9WeEtm8TYvTd8RbVp8UCyztYhX2C0yBZmsVG8 uNhfTxPP5YrHYCM/dFjL2OfKjQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFIdV5agj 3qDydFkc4uPmUq9R7uHqMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCVJqDjwcd6SbC/ERJNXnIi7VfDoqJC36nh KPXHJrhDNo++ikgv17VrGCV4qjBhF2h+zDyjn5x5cWMIVquunBOayGnVDcCW7Ngf 78e8sqE8OSEGIVwqaUWDvPkCoCenga5zZ6sN+DKdwieCEGFOWZgksO3XJwmhbyED wGQCwfcPK88M7ozDhZiOTOspPbvy9rOvfF0IWNki8IwTZd91VKr15iBufHrKqMcc SlQZLsj4vSJlCIEEL9FI+IuWkSgNP5IuQXzdNIPSmB8L8CAVizEbqXmZhGtf1+zu pUQcqp6ngJvLlBfxMskhMDKv/a2j1Wpx+4QQTtsqz7YhpUgW5ZCT -----END CERTIFICATE-----Generated at Sat Dec 13 11:48:53 2025 by rpki-client