$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: vZkaZk8LpG5V01vRtXLgTAI1cEHz4hMELb8O0Pju9ic= Subject key identifier: A4:3D:E5:85:CA:59:98:AF:F7:75:F3:E6:FB:0E:07:0A:A0:26:0F:E8 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0A92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0A44 Signing time: Fri 04 Apr 2025 19:59:42 +0000 Manifest this update: Fri 04 Apr 2025 19:59:41 +0000 Manifest next update: Fri 11 Apr 2025 19:59:41 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: 918rUC1n37VWyVdOCHE6eVdR/ewu9OY4sO0O0Ln3llg=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: l7mr6es1TVOyo1wNw2j4HcRInXoNf33J5ylI6iVUMv8=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: FuocMJExMkUp16L3R6FsGdSdFiq3mtbQ0I+3NIZrReg=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: OSzx+tHbv8GS0QRL7lJHUONIT8BBObbjKgYazgGJOB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 19:59:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2706 (0xa92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27 Validity Not Before: Apr 4 19:59:41 2025 GMT Not After : Apr 11 19:59:41 2025 GMT Subject: CN=67f03a2e-9a84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:8c:22:38:b3:65:f0:52:c7:b3:1a:0a:31:0a: 8e:5d:3a:1e:19:d4:8f:71:7e:c0:b9:96:e3:89:76: 08:c4:1c:18:0c:0e:db:00:09:22:30:81:c6:2d:b8: cf:a2:28:fd:8d:30:92:7a:93:18:6e:60:57:76:61: 19:39:32:55:42:37:bb:cc:81:71:d5:5a:9e:ed:c0: 34:6a:0a:6d:ae:ce:3d:1b:c1:56:14:63:1d:dd:6c: 23:b0:1c:ea:69:cf:03:bf:84:1c:f9:11:24:b2:25: 12:8d:41:20:f9:8f:65:c1:63:73:c5:e8:89:db:b1: b9:ad:ce:d5:61:e2:ab:72:31:6f:33:8f:34:9e:75: 30:de:99:a4:8a:75:be:bb:a0:56:ff:42:e8:63:04: 00:4f:dc:ce:c2:50:c0:8b:87:60:7c:b1:0b:81:2f: 94:25:d7:31:45:c3:b4:d0:37:0f:bb:54:f7:45:4a: 9e:52:49:37:66:c9:8f:f2:0c:60:9a:26:3a:b1:9b: d9:d5:79:7a:dd:c9:d8:42:ea:7c:91:e9:0a:42:57: 89:16:29:e8:f9:15:fb:f8:35:4f:99:a2:26:ff:16: 07:88:5f:c4:6d:c9:66:ee:64:8d:06:cc:b0:44:f1: 92:b1:db:20:43:59:be:41:2d:8a:5a:d0:61:cf:91: 82:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:3D:E5:85:CA:59:98:AF:F7:75:F3:E6:FB:0E:07:0A:A0:26:0F:E8 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:cb:22:4a:c7:bf:fa:0e:d1:0c:e8:74:aa:cc:92:c7:4a:34: a0:68:9f:8c:70:84:6f:04:a5:29:20:3b:4d:9c:7e:64:8a:bd: 24:4f:59:51:6b:ca:92:f7:78:1c:7e:ce:b0:7d:09:01:fe:83: bb:3e:e2:9d:a1:1b:58:5d:0a:c8:f0:88:d1:68:38:e5:51:e0: 13:c4:24:7e:1e:49:c6:52:ff:ed:2e:05:23:5c:25:55:0f:29: 68:4b:c9:a9:a9:73:3f:08:a8:c1:65:14:a8:52:1e:2b:54:9c: 2c:be:30:e4:8c:65:d0:80:e3:0c:5b:b6:69:ee:7a:53:f4:b7: 12:e9:87:1f:59:7f:99:3a:b3:b3:24:35:14:74:55:52:b3:27: 46:7a:62:a5:35:69:4c:43:84:42:02:e3:d3:b8:fb:51:b9:46: d3:3a:81:7a:de:67:1f:c0:3f:74:e5:d5:57:17:6b:aa:9e:a5: c0:f8:b9:56:a6:95:d7:af:12:57:d1:82:9b:56:cd:73:c1:46: 89:23:b9:a1:8c:1d:0a:a2:ea:e6:6b:ae:b9:54:fa:4f:80:dd: aa:d3:df:8a:c4:9f:74:f6:3f:ee:d6:dd:27:f3:89:07:44:b8: 23:4f:fe:b2:0e:cb:7c:41:a4:b2:b6:30:d0:49:bc:de:34:38: a9:ce:69:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCpIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUwNDA0MTk1OTQxWhcNMjUwNDExMTk1OTQxWjAYMRYwFAYD VQQDEw02N2YwM2EyZS05YTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA34wiOLNl8FLHsxoKMQqOXToeGdSPcX7AuZbjiXYIxBwYDA7bAAkiMIHGLbjP oij9jTCSepMYbmBXdmEZOTJVQje7zIFx1Vqe7cA0agptrs49G8FWFGMd3WwjsBzq ac8Dv4Qc+REksiUSjUEg+Y9lwWNzxeiJ27G5rc7VYeKrcjFvM480nnUw3pmkinW+ u6BW/0LoYwQAT9zOwlDAi4dgfLELgS+UJdcxRcO00DcPu1T3RUqeUkk3ZsmP8gxg miY6sZvZ1Xl63cnYQup8kekKQleJFino+RX7+DVPmaIm/xYHiF/Ebclm7mSNBsyw RPGSsdsgQ1m+QS2KWtBhz5GC7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKQ95YXK WZiv93Xz5vsOBwqgJg/oMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6yyJKx7/6DtEM6HSqzJLHSjSgaJ+McIRvBKUpIDtNnH5kir0kT1lR a8qS93gcfs6wfQkB/oO7PuKdoRtYXQrI8IjRaDjlUeATxCR+HknGUv/tLgUjXCVV DyloS8mpqXM/CKjBZRSoUh4rVJwsvjDkjGXQgOMMW7Zp7npT9LcS6YcfWX+ZOrOz JDUUdFVSsydGemKlNWlMQ4RCAuPTuPtRuUbTOoF63mcfwD905dVXF2uqnqXA+LlW ppXXrxJX0YKbVs1zwUaJI7mhjB0Kourma665VPpPgN2q09+KxJ909j/u1t0n84kH RLgjT/6yDst8QaSytjDQSbzeNDipzmmX -----END CERTIFICATE-----Generated at Sun Apr 6 10:09:23 2025 by rpki-client