$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: H0pngy90b70M2Yu/U9nuTw70s3k8KFrAFQ7GiH0ZNMQ= Subject key identifier: CB:C6:8E:79:9F:A9:45:D9:61:27:07:5F:A6:A3:13:D6:CD:1A:69:BB Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0AFA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0AA9 Signing time: Sat 18 Oct 2025 20:36:47 +0000 Manifest this update: Sat 18 Oct 2025 20:36:47 +0000 Manifest next update: Sat 25 Oct 2025 20:36:47 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: aNnPePRgAyGhpeGO7AfpEsDAmBo/yWIaRhcX9gZ1Jdg=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: GD8TE1iM2Ym7f93p/1VYDkqCG50V4KFtJCkioUpH7AI=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: 34aVw5Rt72hNPVd0d/UxB/shSl9fnFPWjJTO5/uz5ZU=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: 5hsatirdoTAMt8sVP/32NV6rGnCIOasP2d6dKTsMLr4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:36:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2810 (0xafa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Oct 18 20:36:47 2025 GMT Not After : Oct 25 20:36:47 2025 GMT Subject: CN=68f3fa5f-fa20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:8f:bf:d5:52:b9:68:b8:a2:f0:64:82:67:0a: d7:02:8c:44:9d:a8:64:c3:b6:c0:89:eb:92:da:a6: ad:95:28:7b:c1:67:b4:d2:38:b5:7e:72:20:01:e6: 36:2b:b4:c4:ab:a4:87:6b:a2:1a:b8:8a:ce:50:58: 7c:3a:6e:3f:76:3d:2d:1b:1c:82:6a:63:29:2d:fe: fc:80:0f:20:1a:b9:93:93:ce:3b:ee:fc:b8:ac:86: 9c:fa:c5:73:04:1b:bd:d6:68:e1:3e:10:a7:25:02: 8e:86:5c:a7:96:5e:ef:18:4f:3d:26:f6:f2:ac:4c: 21:e0:5b:88:8d:48:e7:87:b8:b8:94:cc:90:c8:71: 1d:0e:07:69:b2:66:0a:ac:61:6a:f8:0d:10:d9:d4: 81:72:05:c7:69:40:ee:bf:c1:53:b1:a4:26:f2:b9: d9:64:a1:58:f0:8c:ca:90:34:52:0a:fe:62:37:a2: 65:90:10:54:d5:ee:0c:09:63:85:19:03:11:eb:2c: f3:16:be:fb:7e:eb:07:f4:4e:6b:f4:49:31:e3:42: 6e:44:da:46:f0:76:91:07:d8:cc:2d:24:2c:d1:57: 13:5c:d8:05:44:f1:b2:c7:00:e5:e6:3c:f8:e7:d8: b3:2c:d9:46:4b:67:3b:8d:d6:8b:70:25:97:60:79: 8e:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:C6:8E:79:9F:A9:45:D9:61:27:07:5F:A6:A3:13:D6:CD:1A:69:BB X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:ea:5e:9f:79:ef:47:f0:80:62:40:6f:b0:2b:51:72:ba:51: f7:2b:ec:12:09:38:c4:a8:eb:ec:2b:86:0f:e9:68:b8:7d:ef: b0:71:37:e8:7a:98:10:d1:d9:53:79:59:95:a6:2b:cf:8f:25: 29:8e:90:b3:87:10:16:19:f7:a1:f9:f9:40:08:0c:5c:45:81: b8:16:21:61:6a:27:74:f9:c4:eb:08:38:f1:58:9d:ef:c2:85: e0:5d:f4:81:c6:95:f7:4d:1a:0d:f6:ba:34:da:50:9d:6d:f9: f5:b0:4c:aa:81:88:d2:63:b1:5a:ea:79:c9:29:83:1b:de:2e: 55:58:67:85:de:0c:3c:39:fe:62:b7:2d:d5:5b:ec:e5:b8:40: ce:3c:17:de:92:94:da:7b:66:94:0f:34:9b:72:03:ad:37:6c: 8e:11:10:4b:9b:8e:84:d1:2c:59:c6:a5:a9:21:e5:3a:97:8c: 04:39:56:08:aa:dc:a9:b2:1d:6c:f2:20:5c:65:97:b2:fe:ee: 71:5f:7e:30:14:8b:e2:e0:87:67:e9:69:0f:43:9c:4e:92:03: aa:c0:e3:6b:54:e9:e6:39:0b:1b:49:89:54:56:a1:ab:c2:f9: 71:d2:b1:83:7e:c4:55:01:3f:33:42:5e:ca:b4:e1:51:4e:f1: 89:03:af:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUxMDE4MjAzNjQ3WhcNMjUxMDI1MjAzNjQ3WjAYMRYwFAYD VQQDEw02OGYzZmE1Zi1mYTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAso+/1VK5aLii8GSCZwrXAoxEnahkw7bAieuS2qatlSh7wWe00ji1fnIgAeY2 K7TEq6SHa6IauIrOUFh8Om4/dj0tGxyCamMpLf78gA8gGrmTk8477vy4rIac+sVz BBu91mjhPhCnJQKOhlynll7vGE89JvbyrEwh4FuIjUjnh7i4lMyQyHEdDgdpsmYK rGFq+A0Q2dSBcgXHaUDuv8FTsaQm8rnZZKFY8IzKkDRSCv5iN6JlkBBU1e4MCWOF GQMR6yzzFr77fusH9E5r9Ekx40JuRNpG8HaRB9jMLSQs0VcTXNgFRPGyxwDl5jz4 59izLNlGS2c7jdaLcCWXYHmOjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMvGjnmf qUXZYScHX6ajE9bNGmm7MB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQ6l6fee9H8IBiQG+wK1FyulH3K+wSCTjEqOvsK4YP6Wi4fe+wcTfo epgQ0dlTeVmVpivPjyUpjpCzhxAWGfeh+flACAxcRYG4FiFhaid0+cTrCDjxWJ3v woXgXfSBxpX3TRoN9ro02lCdbfn1sEyqgYjSY7Fa6nnJKYMb3i5VWGeF3gw8Of5i ty3VW+zluEDOPBfekpTae2aUDzSbcgOtN2yOERBLm46E0SxZxqWpIeU6l4wEOVYI qtypsh1s8iBcZZey/u5xX34wFIvi4Idn6WkPQ5xOkgOqwONrVOnmOQsbSYlUVqGr wvlx0rGDfsRVAT8zQl7KtOFRTvGJA682 -----END CERTIFICATE-----Generated at Sun Oct 19 23:31:02 2025 by rpki-client