$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: YggWVuoAavIuMLXKGn47GctWR2SBt0ZlR3GEA9RefVo= Subject key identifier: 86:90:1F:9D:33:CC:70:C4:D2:3F:4D:0D:09:81:9B:5C:23:DE:AE:B7 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0ADD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0A8C Signing time: Fri 22 Aug 2025 19:50:07 +0000 Manifest this update: Fri 22 Aug 2025 19:50:06 +0000 Manifest next update: Fri 29 Aug 2025 19:50:06 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: CszGFOAxSjlpjMzCbvW7wSfKsjGZk5nfFt/Z/TUOnV8=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: GD8TE1iM2Ym7f93p/1VYDkqCG50V4KFtJCkioUpH7AI=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: 34aVw5Rt72hNPVd0d/UxB/shSl9fnFPWjJTO5/uz5ZU=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: 5hsatirdoTAMt8sVP/32NV6rGnCIOasP2d6dKTsMLr4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:50:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2781 (0xadd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Aug 22 19:50:06 2025 GMT Not After : Aug 29 19:50:06 2025 GMT Subject: CN=68a8c9ee-8c1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:17:31:bc:f3:9d:f3:ce:4f:d4:b7:03:61:17: 44:c4:87:39:ff:37:48:38:2d:47:48:38:0c:ee:a0: cd:45:30:af:63:cc:5f:34:f1:73:08:fd:91:1e:38: 1e:1a:cd:50:81:9a:6f:fc:f7:d8:4e:58:4a:ec:99: cb:f2:ff:79:a1:44:75:a6:ad:58:ce:34:7b:cc:53: 6c:ed:da:b3:e6:2b:54:4a:99:e2:d7:a9:b4:d9:cc: d1:cb:db:29:4a:e1:25:06:c7:d3:ea:ee:11:af:83: 3c:b8:50:04:8b:e7:a7:1d:07:c5:bb:a8:7e:29:3d: d7:f0:ff:06:27:6e:5e:c1:25:01:a4:f9:fd:d5:bb: 83:b3:89:0b:1d:d2:23:1e:16:a0:3c:e4:5b:59:94: 7d:68:6d:5e:14:5f:0c:f4:8a:76:06:34:6d:90:04: 91:33:07:f8:16:7f:ed:da:eb:4a:6a:0c:2b:c8:5f: a4:99:86:b4:83:87:31:88:d0:64:1a:d1:99:db:ac: fb:8c:bd:5b:8f:88:96:b2:01:0f:37:04:b3:34:04: ef:53:80:b6:a8:53:5e:bd:c2:0f:fb:df:36:11:bf: ac:23:31:15:0e:dd:f8:56:bb:23:c1:45:a2:b6:36: e4:02:7f:d9:dd:73:24:94:7f:3c:d2:dd:91:65:87: a4:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:90:1F:9D:33:CC:70:C4:D2:3F:4D:0D:09:81:9B:5C:23:DE:AE:B7 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:db:23:75:00:9c:ae:5c:cb:22:c9:2e:36:82:bf:fa:92:d6: d1:c4:0a:8e:b3:2e:ed:67:75:df:fd:b6:5e:d9:16:b6:70:34: 5c:1e:71:3a:04:e9:bd:4f:06:df:2d:0e:23:72:ec:04:a5:3e: a9:f4:73:fc:42:03:af:ea:8e:e4:c6:8b:c0:66:f3:50:70:6b: 93:a8:0d:bd:78:0a:6b:e8:48:3e:73:4a:95:86:f3:27:67:3a: 2f:5b:b3:9b:b0:dd:64:b4:73:84:0a:6b:e4:3d:d4:9a:57:c8: bf:4f:d0:94:66:23:f8:b7:6a:bf:49:e0:71:e6:12:c3:49:04: b7:c0:d7:17:23:98:2c:6d:7c:fd:ab:ce:d2:72:eb:2d:84:b8: b4:2e:70:38:2b:c4:ea:b4:bd:13:15:9d:0f:fc:62:d3:ee:8e: d9:23:de:7c:1e:8f:22:de:fc:ae:61:75:44:10:11:f5:91:a8: 6c:f8:35:ea:15:2f:f4:cd:e9:74:c3:d9:11:87:18:4a:65:b1: 5c:a2:05:56:d4:a7:43:73:f0:40:06:ea:cc:25:f4:3e:6c:d8: 76:a6:b1:bf:91:44:8d:bb:bc:c1:97:6e:99:e8:91:b6:a3:23: 65:ac:3a:d9:e0:ed:99:ef:b5:7e:23:a2:ad:46:05:08:66:aa: b7:96:9c:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCt0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUwODIyMTk1MDA2WhcNMjUwODI5MTk1MDA2WjAYMRYwFAYD VQQDEw02OGE4YzllZS04YzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0BcxvPOd885P1LcDYRdExIc5/zdIOC1HSDgM7qDNRTCvY8xfNPFzCP2RHjge Gs1QgZpv/PfYTlhK7JnL8v95oUR1pq1YzjR7zFNs7dqz5itUSpni16m02czRy9sp SuElBsfT6u4Rr4M8uFAEi+enHQfFu6h+KT3X8P8GJ25ewSUBpPn91buDs4kLHdIj HhagPORbWZR9aG1eFF8M9Ip2BjRtkASRMwf4Fn/t2utKagwryF+kmYa0g4cxiNBk GtGZ26z7jL1bj4iWsgEPNwSzNATvU4C2qFNevcIP+982Eb+sIzEVDt34VrsjwUWi tjbkAn/Z3XMklH880t2RZYekPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIaQH50z zHDE0j9NDQmBm1wj3q63MB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAb2yN1AJyuXMsiyS42gr/6ktbRxAqOsy7tZ3Xf/bZe2Ra2cDRcHnE6 BOm9TwbfLQ4jcuwEpT6p9HP8QgOv6o7kxovAZvNQcGuTqA29eApr6Eg+c0qVhvMn ZzovW7ObsN1ktHOECmvkPdSaV8i/T9CUZiP4t2q/SeBx5hLDSQS3wNcXI5gsbXz9 q87ScusthLi0LnA4K8TqtL0TFZ0P/GLT7o7ZI958Ho8i3vyuYXVEEBH1kahs+DXq FS/0zel0w9kRhxhKZbFcogVW1KdDc/BABurMJfQ+bNh2prG/kUSNu7zBl26Z6JG2 oyNlrDrZ4O2Z77V+I6KtRgUIZqq3lpyf -----END CERTIFICATE-----Generated at Sat Aug 23 16:38:04 2025 by rpki-client