$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: rf1NV+W9eNukJwDmNtJxtNo6/K8zSylyYCRGH6lTu3o= Subject key identifier: E4:84:41:19:28:F2:A3:FE:F7:B7:2B:26:DC:95:18:2E:6D:96:43:F1 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B6C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0B17 Signing time: Tue 12 May 2026 19:28:34 +0000 Manifest this update: Tue 12 May 2026 19:28:33 +0000 Manifest next update: Tue 19 May 2026 19:28:33 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: KSe39UHud5/3ndVqdY/YhqCahyJrIMEikdRXYy/gTDA=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: U2prKzUVYLMejIwBY9EOi9zclj2VGJE3Jm44WaqS9F8=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: 8YU1CGBXL/Y8cKfBuUoFRdl8h7rYmsUhvxveXcxQ+/4=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: FsdxlcuHXOB+GZBdpk7LDn7uN7PNXa0fvxLZvoX+V2c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 19:28:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2924 (0xb6c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: May 12 19:28:33 2026 GMT Not After : May 19 19:28:33 2026 GMT Subject: CN=6a037f62-0c38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:3b:e3:af:7e:a6:3f:2b:5a:6d:8b:a0:23:45: 0b:e7:3e:a8:35:02:df:1e:09:21:7a:bd:70:a3:f6: f2:e1:4e:aa:c4:d0:58:e4:fe:67:80:51:63:8c:e1: e2:15:56:11:c3:f7:8b:4e:a0:e9:17:7d:80:fc:96: a7:a4:b2:9c:ae:fd:64:a4:35:8c:8f:5a:98:22:3f: 35:cd:9c:86:5a:3f:95:7d:cc:44:66:eb:c6:ec:1b: e2:97:90:cb:0a:c6:bd:73:90:21:5b:b2:37:3c:fa: 7d:4c:b6:6a:5d:dd:3a:19:c1:77:a6:91:a1:55:f6: 73:c1:c5:7c:dd:7d:18:3a:5c:f5:d5:aa:08:1e:07: 5e:2a:6b:0c:01:ec:c3:cc:b7:09:c6:df:d4:e6:61: 6f:37:a4:2e:1c:9c:81:90:30:c2:82:d4:cf:30:88: 42:03:c5:51:4d:7f:9d:fc:a1:8a:77:ad:c4:ba:42: 29:c1:9a:1c:1d:1b:9a:42:f7:f6:92:35:61:03:f9: 5e:a8:c6:18:60:87:24:5e:96:f6:17:54:11:b7:1a: 2a:cc:f8:15:7e:fe:4f:d6:f8:87:f3:31:28:1d:57: e1:a3:a8:8b:52:9b:69:fc:fc:50:eb:6c:1f:99:3f: d7:d6:55:90:3b:45:26:ae:13:dd:a3:29:3a:06:50: 79:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:84:41:19:28:F2:A3:FE:F7:B7:2B:26:DC:95:18:2E:6D:96:43:F1 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:4b:2b:9b:7c:d0:29:43:ad:ec:0c:27:f7:d4:2c:99:37:9e: 5d:40:b8:be:97:5a:5a:79:16:b7:c8:26:ce:7b:e7:dd:9f:8b: a2:3b:80:ba:fe:34:c3:ae:72:89:07:5e:18:3b:98:62:89:6f: dd:79:22:6a:2b:f5:a6:d3:a1:cb:30:fd:b8:12:c6:58:95:ad: cb:21:5e:9a:49:1c:5b:03:2b:f0:8b:61:b9:8f:d7:21:5a:6e: 3f:86:ee:22:39:ee:05:dd:09:f0:05:17:30:5c:c9:75:73:97: 9a:00:66:78:3b:00:1c:a7:ab:2f:ac:94:31:d6:cd:42:95:48: d7:64:da:b5:55:34:85:fa:59:32:b9:21:38:25:0b:cb:e6:c4: 85:27:7c:90:32:54:18:42:d5:0c:e5:5b:48:e9:56:f7:a3:08: cd:02:d9:3d:d4:49:51:2f:86:38:71:53:a8:98:d6:05:6e:b6: a6:27:f0:28:28:6c:68:7c:9e:50:bb:04:ad:68:ec:4c:86:0d: 95:bc:63:35:75:43:ab:bf:54:c8:79:5c:9a:d5:38:12:84:ec: 76:56:0c:f6:1d:97:89:52:2b:3f:d7:89:bb:45:99:3c:04:63: 7e:b3:57:cb:fb:8d:8b:15:db:be:60:31:f4:36:a6:62:aa:6e: c5:e2:72:a6 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICC2wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjYwNTEyMTkyODMzWhcNMjYwNTE5MTkyODMzWjAYMRYwFAYD VQQDEw02YTAzN2Y2Mi0wYzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArTvjr36mPytabYugI0UL5z6oNQLfHgkher1wo/by4U6qxNBY5P5ngFFjjOHi FVYRw/eLTqDpF32A/JanpLKcrv1kpDWMj1qYIj81zZyGWj+VfcxEZuvG7Bvil5DL Csa9c5AhW7I3PPp9TLZqXd06GcF3ppGhVfZzwcV83X0YOlz11aoIHgdeKmsMAezD zLcJxt/U5mFvN6QuHJyBkDDCgtTPMIhCA8VRTX+d/KGKd63EukIpwZocHRuaQvf2 kjVhA/leqMYYYIckXpb2F1QRtxoqzPgVfv5P1viH8zEoHVfho6iLUptp/PxQ62wf mT/X1lWQO0UmrhPdoyk6BlB5KQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFOSEQRko 8qP+97crJtyVGC5tlkPxMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAmEsrm3zQKUOt7Awn99QsmTeeXUC4vpdaWnkWt8gmznvn3Z+LojuAuv40w65y iQdeGDuYYolv3Xkiaiv1ptOhyzD9uBLGWJWtyyFemkkcWwMr8IthuY/XIVpuP4bu IjnuBd0J8AUXMFzJdXOXmgBmeDsAHKerL6yUMdbNQpVI12TatVU0hfpZMrkhOCUL y+bEhSd8kDJUGELVDOVbSOlW96MIzQLZPdRJUS+GOHFTqJjWBW62pifwKChsaHye ULsErWjsTIYNlbxjNXVDq79UyHlcmtU4EoTsdlYM9h2XiVIrP9eJu0WZPARjfrNX y/uNixXbvmAx9DamYqpuxeJypg== -----END CERTIFICATE-----Generated at Wed May 13 09:19:42 2026 by rpki-client