$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: qVADFs4fXlGLANtsi81D4doFFq+oEgY6ZJzHKe709rM= Subject key identifier: F7:E3:86:92:CD:E6:E0:40:E6:DF:AB:BE:7E:83:E3:F9:19:F4:22:62 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0B1B Signing time: Wed 20 May 2026 19:26:40 +0000 Manifest this update: Wed 20 May 2026 19:26:40 +0000 Manifest next update: Wed 27 May 2026 19:26:40 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: r7wX+V/mzHVZ4aH3u5yBf1pMWeg9tf7boCWOENU/T3I=) 2: B379B0346F4711EA81200366C4F9AE02.roa (hash: 8YU1CGBXL/Y8cKfBuUoFRdl8h7rYmsUhvxveXcxQ+/4=) 3: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: U2prKzUVYLMejIwBY9EOi9zclj2VGJE3Jm44WaqS9F8=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: FsdxlcuHXOB+GZBdpk7LDn7uN7PNXa0fvxLZvoX+V2c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 19:26:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2928 (0xb70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: May 20 19:26:40 2026 GMT Not After : May 27 19:26:40 2026 GMT Subject: CN=6a0e0af0-8eb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:aa:8b:96:7d:e4:90:1c:70:3c:79:fb:14:1f: da:a7:b9:6f:c8:7d:f4:c8:9d:79:e3:94:ca:8b:7f: 55:ac:38:fa:98:1a:5a:92:c0:73:a9:90:1f:69:5f: 88:18:20:c2:41:de:b0:7b:83:cf:6e:41:d8:5f:ef: 57:1b:2d:09:6c:51:7d:37:bc:ce:9c:12:c6:61:e4: 36:b0:2a:be:44:5c:96:f8:77:8d:39:8b:cd:ff:6d: bc:53:66:77:0b:a4:7b:a8:5b:ba:f9:84:99:03:44: d2:44:08:8d:60:dd:18:89:3a:48:f5:7b:c4:39:b4: 31:ca:59:09:47:71:66:bf:6a:be:cc:9d:8a:a3:ca: 51:67:13:80:9e:56:dd:9b:79:64:c0:42:ae:94:c2: 30:5f:3f:0b:6d:23:31:3d:62:4e:93:e7:63:be:e2: 55:8d:67:84:00:7a:01:c2:a9:18:44:81:06:af:c1: a8:a9:f0:c7:5d:16:e6:6a:9c:72:86:71:41:9c:3b: cc:e8:7c:8e:0c:ae:8a:04:11:70:50:12:cc:7c:5f: 3d:5b:18:92:8c:28:61:dc:6b:ae:be:98:f0:b8:08: 78:c0:0f:c9:d2:5c:57:3f:85:b6:0a:c4:92:da:49: 56:62:d2:91:40:76:ec:9a:fe:da:fe:05:ea:2d:d1: fc:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:E3:86:92:CD:E6:E0:40:E6:DF:AB:BE:7E:83:E3:F9:19:F4:22:62 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:d0:40:c2:aa:bf:26:5b:84:bb:e6:51:1c:31:c6:6d:df:aa: d2:7e:1a:09:b8:5a:0f:07:97:df:cf:7a:a8:51:32:6d:61:5d: 81:76:d7:58:d4:da:bb:2c:02:75:f5:4a:c5:6a:0f:0a:c2:9c: 5a:5c:31:4b:39:6e:d1:de:cc:92:2c:4a:fd:82:47:61:ff:98: 86:62:1a:d0:4b:7b:a0:c6:ac:51:ae:f3:0a:67:37:d8:f5:9e: 87:7e:7e:f0:7f:0f:b3:18:16:89:33:72:b8:cf:66:40:dc:c4: ed:4a:82:93:b3:ad:ea:d5:ec:2e:99:f2:05:1e:d1:50:5e:54: 57:db:9a:de:22:0e:14:06:75:6c:8b:94:a6:00:b8:c7:d0:68: 33:7c:78:33:85:9f:14:d6:bb:43:6c:6c:16:4a:37:3a:3f:a2: 00:32:52:45:b2:02:fa:97:d3:f5:8c:80:e3:89:22:08:2a:fd: 15:03:b0:f8:59:db:41:29:07:f7:aa:c1:75:ad:29:be:4f:ce: d2:fe:34:74:2a:8b:77:fe:68:3f:15:71:df:98:44:2a:27:15: 47:f0:b7:13:6b:e9:3b:11:25:3a:98:7c:13:d3:df:06:c8:b1: eb:be:f2:4f:12:f8:e2:16:16:12:00:02:13:81:4d:d4:89:f2: 2e:5e:de:99 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICC3AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjYwNTIwMTkyNjQwWhcNMjYwNTI3MTkyNjQwWjAYMRYwFAYD VQQDEw02YTBlMGFmMC04ZWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlqqLln3kkBxwPHn7FB/ap7lvyH30yJ1545TKi39VrDj6mBpaksBzqZAfaV+I GCDCQd6we4PPbkHYX+9XGy0JbFF9N7zOnBLGYeQ2sCq+RFyW+HeNOYvN/228U2Z3 C6R7qFu6+YSZA0TSRAiNYN0YiTpI9XvEObQxylkJR3Fmv2q+zJ2Ko8pRZxOAnlbd m3lkwEKulMIwXz8LbSMxPWJOk+djvuJVjWeEAHoBwqkYRIEGr8GoqfDHXRbmapxy hnFBnDvM6HyODK6KBBFwUBLMfF89WxiSjChh3GuuvpjwuAh4wA/J0lxXP4W2CsSS 2klWYtKRQHbsmv7a/gXqLdH8OQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFPfjhpLN 5uBA5t+rvn6D4/kZ9CJiMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAI9BAwqq/JluEu+ZRHDHGbd+q0n4aCbhaDweX3896qFEybWFdgXbXWNTauywC dfVKxWoPCsKcWlwxSzlu0d7MkixK/YJHYf+YhmIa0Et7oMasUa7zCmc32PWeh35+ 8H8PsxgWiTNyuM9mQNzE7UqCk7Ot6tXsLpnyBR7RUF5UV9ua3iIOFAZ1bIuUpgC4 x9BoM3x4M4WfFNa7Q2xsFko3Oj+iADJSRbIC+pfT9YyA44kiCCr9FQOw+FnbQSkH 96rBda0pvk/O0v40dCqLd/5oPxVx35hEKicVR/C3E2vpOxElOph8E9PfBsix677y TxL44hYWEgACE4FN1InyLl7emQ== -----END CERTIFICATE-----Generated at Thu May 21 09:38:31 2026 by rpki-client