$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: DVlwYug+cHCX+wAtqXihk6wSQYGv4LaI03sLGJUt068= Subject key identifier: E4:6B:9E:A1:4C:C3:1B:C4:87:0A:D0:72:5C:BE:BC:C3:D4:2F:89:74 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0AC3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0A72 Signing time: Wed 02 Jul 2025 19:58:34 +0000 Manifest this update: Wed 02 Jul 2025 19:58:33 +0000 Manifest next update: Wed 09 Jul 2025 19:58:33 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: wmbszOfsHNpbinUIE5OHkSfc7JTK4MwIQICbNeqrU+U=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: GD8TE1iM2Ym7f93p/1VYDkqCG50V4KFtJCkioUpH7AI=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: 34aVw5Rt72hNPVd0d/UxB/shSl9fnFPWjJTO5/uz5ZU=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: 5hsatirdoTAMt8sVP/32NV6rGnCIOasP2d6dKTsMLr4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:58:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2755 (0xac3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Jul 2 19:58:33 2025 GMT Not After : Jul 9 19:58:33 2025 GMT Subject: CN=68658f69-ae17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:9e:7a:6b:ef:fd:c5:37:44:4f:07:a0:2e:2a: b2:eb:62:48:19:30:8b:0f:df:41:eb:20:e3:48:90: 2b:36:ab:c3:15:1f:bd:87:cb:9c:07:64:d7:87:28: e9:1a:9f:ad:7f:ad:85:cd:55:28:11:42:57:a0:f1: 04:95:50:41:76:89:31:6d:53:ac:5c:e2:53:3b:c9: 6f:1f:34:cf:b5:55:0d:9d:98:f0:24:5f:15:d6:b9: f1:12:7c:4e:9e:7b:34:57:a0:bf:91:ad:2a:d6:b6: 28:52:4f:cf:95:a3:2d:65:57:c8:fd:fa:c6:8b:f2: 81:1f:a5:91:ea:d3:ab:a4:5c:14:96:02:36:d0:8e: 9a:7c:b3:c7:d8:6c:67:46:1b:28:91:83:56:9f:de: 8d:2c:d7:77:bf:53:62:b7:83:55:8b:d4:9a:4f:13: f5:31:01:1e:12:65:a0:78:85:14:cd:74:17:11:1b: a6:b2:6c:af:de:94:e6:7f:0f:ac:f9:c1:b9:38:b2: f6:b4:6c:b2:b7:bb:c4:97:bb:fa:06:72:2d:ef:74: a0:65:be:13:d9:d3:25:34:e1:df:d0:b3:b3:56:e3: 6f:de:05:35:13:12:55:41:e5:43:a8:c4:0d:5f:64: 25:bc:c7:bb:29:88:87:a3:c0:09:dd:25:df:f2:6b: 7f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:6B:9E:A1:4C:C3:1B:C4:87:0A:D0:72:5C:BE:BC:C3:D4:2F:89:74 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:88:dc:b6:bd:e7:c3:12:28:50:b2:a9:c7:81:3b:7f:fe:bc: f9:3b:89:17:90:1f:3b:72:4a:3f:34:7c:db:2b:8b:36:3b:50: cd:82:be:08:b2:28:1f:bf:6f:e2:79:b1:ca:d7:73:84:ce:95: a5:78:2b:09:d6:59:d4:f3:a2:9e:ff:71:7c:e1:19:b3:e5:bc: 8c:a9:ba:19:43:bc:6c:bf:f4:e1:be:11:48:9d:55:de:39:86: bd:33:d8:15:cc:4d:6d:04:c1:c0:1a:6a:bf:5c:79:b1:1f:2c: 3d:fd:03:fd:c6:b6:12:f8:d1:dd:9f:13:4c:96:d8:c5:94:c0: c5:f0:f4:03:d0:78:55:f5:4d:7f:d8:07:a3:36:f7:c1:78:f5: 3e:9d:0b:4a:ae:85:5f:9a:03:0f:3e:4d:65:58:17:ba:6b:2e: bd:27:fc:26:1d:06:cc:f8:3f:f8:ad:16:da:77:4a:04:c2:91: 7d:35:45:b5:ca:c9:16:6a:ce:cf:46:b6:12:0d:03:b5:61:97: e2:fd:6a:00:6d:bc:20:5b:bf:50:17:5e:26:02:16:1e:6b:8b: 25:46:53:25:5d:b8:81:3d:f3:a3:36:ae:47:5a:51:5a:44:63: 11:29:a6:a1:74:0e:ec:9d:69:23:fa:d0:fe:c3:a5:c0:c2:54: e8:b2:4a:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUwNzAyMTk1ODMzWhcNMjUwNzA5MTk1ODMzWjAYMRYwFAYD VQQDEw02ODY1OGY2OS1hZTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzJ56a+/9xTdETwegLiqy62JIGTCLD99B6yDjSJArNqvDFR+9h8ucB2TXhyjp Gp+tf62FzVUoEUJXoPEElVBBdokxbVOsXOJTO8lvHzTPtVUNnZjwJF8V1rnxEnxO nns0V6C/ka0q1rYoUk/PlaMtZVfI/frGi/KBH6WR6tOrpFwUlgI20I6afLPH2Gxn RhsokYNWn96NLNd3v1Nit4NVi9SaTxP1MQEeEmWgeIUUzXQXERumsmyv3pTmfw+s +cG5OLL2tGyyt7vEl7v6BnIt73SgZb4T2dMlNOHf0LOzVuNv3gU1ExJVQeVDqMQN X2QlvMe7KYiHo8AJ3SXf8mt/FQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFORrnqFM wxvEhwrQcly+vMPUL4l0MB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxiNy2vefDEihQsqnHgTt//rz5O4kXkB87cko/NHzbK4s2O1DNgr4I sigfv2/iebHK13OEzpWleCsJ1lnU86Ke/3F84Rmz5byMqboZQ7xsv/ThvhFInVXe OYa9M9gVzE1tBMHAGmq/XHmxHyw9/QP9xrYS+NHdnxNMltjFlMDF8PQD0HhV9U1/ 2AejNvfBePU+nQtKroVfmgMPPk1lWBe6ay69J/wmHQbM+D/4rRbad0oEwpF9NUW1 yskWas7PRrYSDQO1YZfi/WoAbbwgW79QF14mAhYea4slRlMlXbiBPfOjNq5HWlFa RGMRKaahdA7snWkj+tD+w6XAwlToskrb -----END CERTIFICATE-----Generated at Thu Jul 3 07:00:05 2025 by rpki-client