$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: ye6IlvSkLwif/t8hnqG60M6pJcwDZVWEkNx4ocY6Q64= Subject key identifier: 06:45:BF:02:1D:A5:6D:DC:89:1A:5C:F1:C7:F2:88:01:76:89:A7:0C Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0AAD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0A5F Signing time: Fri 30 May 2025 19:58:46 +0000 Manifest this update: Fri 30 May 2025 19:58:46 +0000 Manifest next update: Fri 06 Jun 2025 19:58:46 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: Ku81ZSTKfxk5rDPtzsqdZ9c/wgT61RlWRBdZ/NB27h4=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: l7mr6es1TVOyo1wNw2j4HcRInXoNf33J5ylI6iVUMv8=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: FuocMJExMkUp16L3R6FsGdSdFiq3mtbQ0I+3NIZrReg=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: OSzx+tHbv8GS0QRL7lJHUONIT8BBObbjKgYazgGJOB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:58:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2733 (0xaad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: May 30 19:58:46 2025 GMT Not After : Jun 6 19:58:46 2025 GMT Subject: CN=683a0df6-6a3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:99:2a:a8:3d:4a:aa:0b:1c:ff:8b:fb:ab:8e: a4:52:cf:f5:c6:4e:1d:c0:44:99:62:e0:48:87:e0: bb:59:47:a2:88:34:54:b4:49:27:32:cf:6a:2e:d8: 89:3f:ad:ee:b5:a6:6e:4c:05:5f:12:4f:44:0f:f2: d5:b4:a6:94:9f:9a:ea:29:a4:16:a1:b8:01:83:42: e4:29:00:91:81:6b:1b:2f:bd:15:b3:dd:b4:68:b2: 9f:c1:16:e0:20:bf:1f:54:74:f5:38:0e:e7:4c:ed: a5:40:9e:a6:7b:10:a1:8d:9f:69:2d:9a:08:06:a0: 34:b3:88:22:d2:13:9b:85:da:fe:9b:7f:30:5c:11: b1:99:89:69:3e:b8:b7:b2:b5:43:6e:8e:2b:a2:a7: 48:d1:d8:a6:9a:a7:b2:8e:6e:1c:96:5b:32:f9:9e: 35:12:50:57:ab:3c:f4:e4:12:1d:e3:4e:87:dc:0e: 39:30:b2:1b:76:b2:f7:c1:34:8a:32:ae:58:80:85: 01:62:a7:06:cd:21:8b:40:a3:31:5b:76:a6:9d:81: 4e:7c:55:dc:38:1e:fb:ba:1e:9d:03:3f:b2:e3:34: 18:70:db:cf:be:89:7b:49:bc:98:6f:d3:7f:46:22: 4e:ad:da:d3:78:69:68:ae:a3:64:f0:be:3a:6b:8a: 3d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:45:BF:02:1D:A5:6D:DC:89:1A:5C:F1:C7:F2:88:01:76:89:A7:0C X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:eb:fb:59:bf:5e:b9:02:38:eb:0d:07:47:f3:05:64:f3:f3: 08:b4:ef:47:09:2e:a9:dc:c2:c5:da:d2:56:f2:89:20:68:81: 81:ae:55:22:ba:5a:25:c4:17:1e:b6:78:19:57:e6:64:c5:6a: 58:f4:d7:58:0a:dd:13:65:c5:ad:7d:36:3c:88:97:58:c9:44: 6f:7a:6c:e0:9d:3a:0d:91:99:63:81:00:22:7d:f3:29:bc:c7: e3:f8:16:0b:64:b3:94:ce:ba:84:0f:82:78:a0:f9:a2:4c:6b: 41:6d:5c:1b:96:a1:31:dd:31:ac:34:06:1f:5f:c8:cf:a5:42: 2e:f9:bf:37:d7:9a:42:ec:0f:2b:c9:3f:b0:fb:9a:74:37:60: 6c:30:d1:6c:11:5d:8b:23:51:76:b1:f0:ab:ad:5a:b4:a3:6e: da:a0:ed:4c:4b:30:12:33:97:3a:59:9d:55:73:22:26:0c:68: d4:ec:5e:c4:71:f5:e6:ed:f4:46:88:56:11:9e:7a:67:ab:95: 69:69:f7:eb:0e:47:d6:30:97:5f:5d:83:fc:cb:af:ca:77:ae: db:53:f5:1e:58:29:6b:6a:ce:ae:9e:a0:0e:40:9b:ea:bd:2a: 17:8d:84:41:ce:c2:45:b1:1c:be:17:dd:37:4d:a3:b2:f7:e1: 1b:fb:8a:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUwNTMwMTk1ODQ2WhcNMjUwNjA2MTk1ODQ2WjAYMRYwFAYD VQQDEw02ODNhMGRmNi02YTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzpkqqD1Kqgsc/4v7q46kUs/1xk4dwESZYuBIh+C7WUeiiDRUtEknMs9qLtiJ P63utaZuTAVfEk9ED/LVtKaUn5rqKaQWobgBg0LkKQCRgWsbL70Vs920aLKfwRbg IL8fVHT1OA7nTO2lQJ6mexChjZ9pLZoIBqA0s4gi0hObhdr+m38wXBGxmYlpPri3 srVDbo4roqdI0dimmqeyjm4cllsy+Z41ElBXqzz05BId406H3A45MLIbdrL3wTSK Mq5YgIUBYqcGzSGLQKMxW3amnYFOfFXcOB77uh6dAz+y4zQYcNvPvol7SbyYb9N/ RiJOrdrTeGlorqNk8L46a4o9ewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAZFvwId pW3ciRpc8cfyiAF2iacMMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB96/tZv165AjjrDQdH8wVk8/MItO9HCS6p3MLF2tJW8okgaIGBrlUi ulolxBcetngZV+ZkxWpY9NdYCt0TZcWtfTY8iJdYyURvemzgnToNkZljgQAiffMp vMfj+BYLZLOUzrqED4J4oPmiTGtBbVwblqEx3TGsNAYfX8jPpUIu+b8315pC7A8r yT+w+5p0N2BsMNFsEV2LI1F2sfCrrVq0o27aoO1MSzASM5c6WZ1VcyImDGjU7F7E cfXm7fRGiFYRnnpnq5VpaffrDkfWMJdfXYP8y6/Kd67bU/UeWClras6unqAOQJvq vSoXjYRBzsJFsRy+F903TaOy9+Eb+4rR -----END CERTIFICATE-----Generated at Sat May 31 16:45:45 2025 by rpki-client