$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: dmL2quME7pLZ8qiK09mhCNiu8PxW6DdzS97mMZJKkP0= Subject key identifier: FB:7E:E9:BB:99:09:35:F4:E4:2E:72:7A:BC:E4:66:F9:52:2F:CC:50 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0AA4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0A56 Signing time: Sat 10 May 2025 19:32:42 +0000 Manifest this update: Sat 10 May 2025 19:32:41 +0000 Manifest next update: Sat 17 May 2025 19:32:41 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: XXhiPIINyTfGK0ijQyy7W3aWZRLPlXLoi0rBwjzy6tM=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: l7mr6es1TVOyo1wNw2j4HcRInXoNf33J5ylI6iVUMv8=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: FuocMJExMkUp16L3R6FsGdSdFiq3mtbQ0I+3NIZrReg=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: OSzx+tHbv8GS0QRL7lJHUONIT8BBObbjKgYazgGJOB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 19:32:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2724 (0xaa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: May 10 19:32:41 2025 GMT Not After : May 17 19:32:41 2025 GMT Subject: CN=681fa9d9-f5d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9d:3d:6a:f3:99:33:d5:e6:d1:9b:c1:e6:ce: d7:57:8f:50:56:c1:c1:e9:1f:13:a1:58:b0:d3:5d: 77:c8:30:98:5b:c2:6e:6c:16:3c:6c:f5:21:55:f4: e0:ef:18:03:fa:38:96:88:69:35:8e:01:2f:4a:aa: c3:6d:2a:41:fe:0d:00:ca:41:78:c2:1e:2d:18:9f: c9:0e:5d:2e:a8:7c:78:46:63:29:bd:87:96:e9:b8: 18:9b:9e:de:a5:f8:47:1d:f6:69:99:7d:3c:02:66: c6:e1:05:f9:e2:0c:36:0c:69:aa:fe:e3:56:ea:8e: 90:d2:89:da:d7:45:15:f0:16:b1:c7:e6:82:27:6b: c8:d7:3f:f0:f2:89:42:8d:ec:c9:71:85:36:a3:d9: f7:3d:bf:96:42:1b:b9:55:59:5f:b2:01:51:05:11: c8:43:c4:75:a3:36:78:6b:3b:74:19:b9:de:4c:b5: ec:a8:54:55:2c:c8:be:b1:07:2b:1c:8a:38:f7:73: c8:4c:82:30:40:24:e4:66:52:3f:55:ab:ed:7e:80: cc:fb:61:d9:65:b9:b6:be:57:b5:26:7d:bf:a4:fe: ca:7b:a4:99:b0:a3:7a:66:8b:c3:7a:29:ac:b7:69: e9:dd:22:fd:7b:24:6d:61:87:4c:ec:1f:2b:38:f3: 95:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:7E:E9:BB:99:09:35:F4:E4:2E:72:7A:BC:E4:66:F9:52:2F:CC:50 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:d9:f7:97:9e:57:04:2a:80:bd:32:3d:79:ff:28:87:e9:9d: 48:2a:55:27:55:f5:87:eb:ab:56:1e:dc:0f:24:c4:4e:18:4c: 63:87:53:4c:04:44:07:21:42:2b:ac:4c:4e:87:e0:7a:1f:1a: 94:f9:4f:7a:5d:ed:56:32:a7:ab:2e:b4:75:58:ab:03:23:3d: ad:cc:05:4a:93:3f:4b:04:33:93:ab:c4:53:92:98:24:cf:4a: e1:3c:6d:a7:b4:00:71:de:0d:28:c3:dd:7e:af:b0:89:88:62: 41:df:07:4b:e2:f3:2f:38:9c:2f:0a:75:fe:19:f3:12:01:f4: 46:52:f1:67:3e:ba:a7:bc:2b:9f:cc:df:09:25:a7:31:d0:bd: 85:50:88:24:e5:84:1d:59:c0:f3:1c:4b:d0:52:cb:7b:0c:f6: 24:40:3a:1f:53:25:bd:f3:75:1b:72:73:fe:4a:c3:79:f1:d1: b7:19:5a:dd:ed:53:8c:50:b9:5d:22:95:ec:47:34:b3:da:da: 43:2c:85:6c:35:27:99:8a:26:d3:fe:df:5a:b3:d4:cb:cd:d7: 96:a6:d9:b0:fe:84:cb:dc:7d:7e:c3:47:0b:25:56:72:34:b0: 26:6b:c0:d0:de:5a:84:d8:c8:79:be:44:67:f6:20:45:08:b9: 6c:ab:83:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUwNTEwMTkzMjQxWhcNMjUwNTE3MTkzMjQxWjAYMRYwFAYD VQQDEw02ODFmYTlkOS1mNWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuZ09avOZM9Xm0ZvB5s7XV49QVsHB6R8ToViw0113yDCYW8JubBY8bPUhVfTg 7xgD+jiWiGk1jgEvSqrDbSpB/g0AykF4wh4tGJ/JDl0uqHx4RmMpvYeW6bgYm57e pfhHHfZpmX08AmbG4QX54gw2DGmq/uNW6o6Q0ona10UV8Baxx+aCJ2vI1z/w8olC jezJcYU2o9n3Pb+WQhu5VVlfsgFRBRHIQ8R1ozZ4azt0GbneTLXsqFRVLMi+sQcr HIo493PITIIwQCTkZlI/VavtfoDM+2HZZbm2vle1Jn2/pP7Ke6SZsKN6ZovDeims t2np3SL9eyRtYYdM7B8rOPOV5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPt+6buZ CTX05C5yerzkZvlSL8xQMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAj2feXnlcEKoC9Mj15/yiH6Z1IKlUnVfWH66tWHtwPJMROGExjh1NM BEQHIUIrrExOh+B6HxqU+U96Xe1WMqerLrR1WKsDIz2tzAVKkz9LBDOTq8RTkpgk z0rhPG2ntABx3g0ow91+r7CJiGJB3wdL4vMvOJwvCnX+GfMSAfRGUvFnPrqnvCuf zN8JJacx0L2FUIgk5YQdWcDzHEvQUst7DPYkQDofUyW983UbcnP+SsN58dG3GVrd 7VOMULldIpXsRzSz2tpDLIVsNSeZiibT/t9as9TLzdeWptmw/oTL3H1+w0cLJVZy NLAma8DQ3lqE2Mh5vkRn9iBFCLlsq4Nq -----END CERTIFICATE-----Generated at Sun May 11 19:12:42 2025 by rpki-client