$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: FdU5ewlXn6wUYwwJ51a/xdHWTvs4wNr+rf0fo9hfBCc= Subject key identifier: 95:63:E5:0C:8A:58:4F:4C:C7:FB:B4:42:3C:2A:36:1E:B9:CE:44:41 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B50 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0AFC Signing time: Tue 24 Mar 2026 19:15:58 +0000 Manifest this update: Tue 24 Mar 2026 19:15:57 +0000 Manifest next update: Tue 31 Mar 2026 19:15:57 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: zDau3gFpb6saZq0yLIOg8Warfydek0ogK/oIRCSvTsQ=) 2: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: IQXJ/zZYazuLQWFRwreE4BzQ1bNBMvMkkYkVzqwMVR0=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: 8YU1CGBXL/Y8cKfBuUoFRdl8h7rYmsUhvxveXcxQ+/4=) 4: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: U2prKzUVYLMejIwBY9EOi9zclj2VGJE3Jm44WaqS9F8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 19:15:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2896 (0xb50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Mar 24 19:15:57 2026 GMT Not After : Mar 31 19:15:57 2026 GMT Subject: CN=69c2e2ed-fab0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d2:03:8d:8a:8e:e3:83:f1:b0:3a:16:56:37: 5d:5e:f1:df:63:57:40:24:df:46:6e:26:4a:2a:18: 13:75:c3:83:1e:13:c5:28:c8:ed:27:bb:63:25:c1: f1:5c:87:be:3e:fd:9b:d0:06:e4:65:58:d5:b5:05: 69:9d:3b:b0:30:ab:38:86:71:fb:b0:b3:0d:4b:86: cd:12:e4:de:4d:ca:81:d8:83:fb:6d:3d:73:51:a0: 31:27:b8:46:f7:62:53:db:f2:5b:6d:a7:4c:20:92: 38:25:56:d1:10:57:8a:da:84:bf:5a:8c:4d:88:12: 66:7f:f6:f5:07:61:00:29:c4:54:d9:07:79:4a:99: dc:3b:29:25:db:2c:f9:e8:35:41:46:0a:e1:b1:10: 87:d9:ce:98:f8:12:1f:a0:9d:94:a2:73:8d:eb:80: 44:5d:ef:bb:e9:b8:23:10:55:47:2a:6e:8e:ff:95: 91:15:58:64:6c:9e:2e:2e:ff:4e:95:65:f2:d7:bf: 3f:d0:3b:75:3a:c8:30:fb:70:2d:3e:e1:56:16:35: a6:08:5c:9e:3a:4d:25:7d:21:42:66:5f:53:e9:08: 64:d7:b7:6f:49:0c:44:d8:af:4b:88:63:58:70:84: 7e:42:bc:d7:1a:8e:8d:7d:d6:1c:af:0e:e7:6c:39: 8c:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:63:E5:0C:8A:58:4F:4C:C7:FB:B4:42:3C:2A:36:1E:B9:CE:44:41 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:cb:b8:62:a6:14:07:ab:2d:7e:62:08:cb:7b:38:a2:26:04: 9a:e1:b5:8a:83:36:4f:dc:75:86:5d:e0:9b:1f:e4:a6:17:ac: 8f:e5:ea:ce:0a:a0:d2:cd:38:3d:85:d6:b9:7e:e2:bb:33:4e: b8:38:9f:c8:d4:1d:0b:9e:da:6d:3d:3e:20:cc:1f:63:ac:90: b6:b1:cb:dd:8f:99:6e:a0:c3:19:6a:bf:36:46:08:9d:73:ea: 6a:37:00:d4:33:96:8c:3c:ed:a8:ad:f0:c7:10:8f:32:72:ea: f1:3e:b8:b4:91:eb:fa:23:a8:55:34:af:19:5a:70:76:cf:cc: 37:9b:fb:85:d3:78:40:a0:14:a2:b2:25:12:53:95:66:93:66: 07:79:89:6d:16:b0:98:21:70:ed:7c:dd:93:f9:df:ab:5b:22: 14:6d:ee:a3:38:f4:31:d9:b1:9d:31:83:8f:96:c6:10:0d:8b: df:36:7b:5b:30:47:4f:b9:80:fa:a2:4b:9f:3c:1a:ba:94:70: d2:3a:4f:61:45:a5:99:10:5b:08:54:a0:66:35:d7:79:a0:eb: 18:27:f4:c0:0b:f9:51:80:63:51:6d:05:e2:2d:55:ca:8e:57: 55:79:c3:f5:d9:be:3b:21:d1:a7:3b:ca:25:05:78:f7:ca:5d: dd:0e:c7:ee -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICC1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjYwMzI0MTkxNTU3WhcNMjYwMzMxMTkxNTU3WjAYMRYwFAYD VQQDEw02OWMyZTJlZC1mYWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtIDjYqO44PxsDoWVjddXvHfY1dAJN9GbiZKKhgTdcODHhPFKMjtJ7tjJcHx XIe+Pv2b0AbkZVjVtQVpnTuwMKs4hnH7sLMNS4bNEuTeTcqB2IP7bT1zUaAxJ7hG 92JT2/JbbadMIJI4JVbREFeK2oS/WoxNiBJmf/b1B2EAKcRU2Qd5SpncOykl2yz5 6DVBRgrhsRCH2c6Y+BIfoJ2UonON64BEXe+76bgjEFVHKm6O/5WRFVhkbJ4uLv9O lWXy178/0Dt1Osgw+3AtPuFWFjWmCFyeOk0lfSFCZl9T6Qhk17dvSQxE2K9LiGNY cIR+QrzXGo6NfdYcrw7nbDmMNwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJVj5QyK WE9Mx/u0QjwqNh65zkRBMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAEcu4YqYUB6stfmIIy3s4oiYEmuG1ioM2T9x1hl3gmx/kphesj+Xqzgqg0s04 PYXWuX7iuzNOuDifyNQdC57abT0+IMwfY6yQtrHL3Y+ZbqDDGWq/NkYInXPqajcA 1DOWjDztqK3wxxCPMnLq8T64tJHr+iOoVTSvGVpwds/MN5v7hdN4QKAUorIlElOV ZpNmB3mJbRawmCFw7Xzdk/nfq1siFG3uozj0MdmxnTGDj5bGEA2L3zZ7WzBHT7mA +qJLnzwaupRw0jpPYUWlmRBbCFSgZjXXeaDrGCf0wAv5UYBjUW0F4i1Vyo5XVXnD 9dm+OyHRpzvKJQV498pd3Q7H7g== -----END CERTIFICATE-----Generated at Thu Mar 26 14:17:46 2026 by rpki-client