$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: zV7jE159Vuo3Sdn9DrUERuuiyP1DrwetmorDvCBXC5I= Subject key identifier: EA:3F:68:D4:27:42:E6:45:4E:1C:F9:19:B5:3E:BE:D1:AC:ED:94:70 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0ACD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0A7C Signing time: Tue 22 Jul 2025 19:58:55 +0000 Manifest this update: Tue 22 Jul 2025 19:58:55 +0000 Manifest next update: Tue 29 Jul 2025 19:58:55 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: wgEYrzFhisadcwvCfQPi0SkMqgwIYrH9A+sR1jg1epQ=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: GD8TE1iM2Ym7f93p/1VYDkqCG50V4KFtJCkioUpH7AI=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: 34aVw5Rt72hNPVd0d/UxB/shSl9fnFPWjJTO5/uz5ZU=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: 5hsatirdoTAMt8sVP/32NV6rGnCIOasP2d6dKTsMLr4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 19:58:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2765 (0xacd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Jul 22 19:58:55 2025 GMT Not After : Jul 29 19:58:55 2025 GMT Subject: CN=687fed7f-280f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:db:bd:65:82:09:45:73:1c:39:d1:d1:23:9d: b4:69:42:b1:58:9b:6b:ac:5d:8d:80:c9:eb:b3:74: ef:91:53:b6:b6:b9:4e:f4:61:38:2b:c9:11:0f:7a: d6:a8:79:e0:ae:bd:93:2c:12:dd:49:6f:35:06:7b: 22:67:7b:58:9c:90:38:76:36:08:ad:34:5f:c3:98: 64:b0:8d:91:4a:f1:11:a8:0d:7f:52:bd:1f:75:98: b9:17:a2:83:ef:91:25:c3:f7:dd:48:71:2e:0e:83: 07:a5:76:15:d6:ee:e8:bd:cc:6b:4f:47:75:09:bb: 2a:ce:ab:2c:32:c1:fe:6e:6a:58:87:e4:2d:99:b8: 46:0b:63:45:d3:af:19:e2:5e:f5:4f:4a:91:a8:30: cd:bf:f2:3b:66:eb:a6:05:df:0a:e8:79:b4:c5:30: 82:fa:2f:ae:09:d4:82:60:9a:78:c4:91:53:69:47: 97:3b:8f:b1:38:fb:45:ee:ba:db:2e:93:bc:3d:72: 42:02:2d:61:a1:8b:66:12:03:e5:9d:2c:d7:56:7f: f1:2d:c0:06:0e:d4:44:cb:65:b0:9e:b7:a9:36:dc: d5:05:af:39:ae:02:de:b4:ca:fa:4d:7c:95:dc:7e: 24:dd:90:c0:5b:e3:81:bf:49:b1:e3:89:7a:f5:52: a0:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:3F:68:D4:27:42:E6:45:4E:1C:F9:19:B5:3E:BE:D1:AC:ED:94:70 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:8c:76:5b:cc:97:af:2d:9b:49:b7:47:f8:d7:e1:28:b7:00: 56:6a:a6:38:e5:ac:ee:ca:b7:d9:19:69:89:be:19:66:92:96: cc:17:22:99:6b:2a:73:82:68:bc:88:12:26:9c:9c:d7:3f:6f: e5:9e:14:80:56:82:ed:a1:07:85:d0:49:c1:99:d6:23:3d:12: 6b:c2:fa:11:80:99:e5:73:f3:cb:75:20:4c:ed:5d:94:08:6d: 1b:2e:b9:72:11:5d:9c:0c:4c:58:e5:a6:af:fb:e2:e0:de:a4: 68:97:ce:03:8b:a9:ed:5a:15:19:c7:9d:86:a5:71:d8:31:fc: 64:5b:62:02:df:9d:d7:da:05:81:3a:4e:f9:24:8b:9d:c2:d5: 48:f0:ae:00:f5:81:89:d9:09:84:20:3c:1b:a3:28:ac:9a:a7: f3:eb:41:56:a7:d7:d2:38:9f:22:da:ec:f1:f4:36:f2:d4:e7: 0e:66:ca:12:6a:b5:18:7b:30:52:d4:88:9d:89:ce:89:e8:99: 7b:09:9d:38:5a:9a:7d:e5:85:1f:2e:a0:77:ad:75:39:e0:07: 8a:ae:56:5c:68:4b:29:13:c6:be:06:cd:3f:ee:98:62:d5:ad: a4:78:25:ac:da:9c:11:46:32:65:31:f6:6c:fb:bf:4c:47:38: 8b:65:f7:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCs0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUwNzIyMTk1ODU1WhcNMjUwNzI5MTk1ODU1WjAYMRYwFAYD VQQDEw02ODdmZWQ3Zi0yODBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAstu9ZYIJRXMcOdHRI520aUKxWJtrrF2NgMnrs3TvkVO2trlO9GE4K8kRD3rW qHngrr2TLBLdSW81BnsiZ3tYnJA4djYIrTRfw5hksI2RSvERqA1/Ur0fdZi5F6KD 75Elw/fdSHEuDoMHpXYV1u7ovcxrT0d1CbsqzqssMsH+bmpYh+QtmbhGC2NF068Z 4l71T0qRqDDNv/I7ZuumBd8K6Hm0xTCC+i+uCdSCYJp4xJFTaUeXO4+xOPtF7rrb LpO8PXJCAi1hoYtmEgPlnSzXVn/xLcAGDtREy2WwnrepNtzVBa85rgLetMr6TXyV 3H4k3ZDAW+OBv0mx44l69VKg6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOo/aNQn QuZFThz5GbU+vtGs7ZRwMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYjHZbzJevLZtJt0f41+EotwBWaqY45azuyrfZGWmJvhlmkpbMFyKZ aypzgmi8iBImnJzXP2/lnhSAVoLtoQeF0EnBmdYjPRJrwvoRgJnlc/PLdSBM7V2U CG0bLrlyEV2cDExY5aav++Lg3qRol84Di6ntWhUZx52GpXHYMfxkW2IC353X2gWB Ok75JIudwtVI8K4A9YGJ2QmEIDwboyismqfz60FWp9fSOJ8i2uzx9Dby1OcOZsoS arUYezBS1Iidic6J6Jl7CZ04Wpp95YUfLqB3rXU54AeKrlZcaEspE8a+Bs0/7phi 1a2keCWs2pwRRjJlMfZs+79MRziLZfce -----END CERTIFICATE-----Generated at Wed Jul 23 08:19:25 2025 by rpki-client