$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: Mf2tdqThZrL0a62ImGwN8yKCA9+FTQvKqfHuivqb7sE= Subject key identifier: BB:7F:22:73:C1:77:33:0D:0D:00:8C:F7:72:C1:E3:6A:43:DE:5D:CD Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0B04 Signing time: Sat 04 Apr 2026 19:16:25 +0000 Manifest this update: Sat 04 Apr 2026 19:16:25 +0000 Manifest next update: Sat 11 Apr 2026 19:16:25 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: Hkq7okhFDbot4WOaDl8aH8iGHtmaFeXTRcbx3KO7HMs=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: U2prKzUVYLMejIwBY9EOi9zclj2VGJE3Jm44WaqS9F8=) 3: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: FsdxlcuHXOB+GZBdpk7LDn7uN7PNXa0fvxLZvoX+V2c=) 4: B379B0346F4711EA81200366C4F9AE02.roa (hash: 8YU1CGBXL/Y8cKfBuUoFRdl8h7rYmsUhvxveXcxQ+/4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 19:16:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2905 (0xb59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Apr 4 19:16:25 2026 GMT Not After : Apr 11 19:16:25 2026 GMT Subject: CN=69d16389-9421 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:3b:b6:76:3d:72:b3:d6:bc:e0:fd:00:9e:8c: 35:f2:3f:18:9c:d4:55:34:61:ce:e1:0d:a8:d7:cf: 11:15:0a:2f:84:ac:78:51:77:db:6f:08:8e:36:07: 0a:3e:79:8c:68:21:61:5a:02:ad:02:c4:7d:da:54: 59:20:58:81:74:7a:15:96:c8:ff:07:23:16:49:3c: 09:1a:e4:46:a4:a3:13:67:a0:58:61:16:84:82:42: 79:63:5b:a0:48:ce:71:04:01:88:67:c6:e7:14:3f: 03:3f:4a:6b:e5:44:55:75:69:fa:27:1c:17:d2:3c: d9:ad:2a:37:f1:c0:f8:2d:e6:7f:2b:e1:a0:fc:1a: 99:68:b9:68:cc:40:1d:6e:25:fa:91:4d:9d:f6:2c: b1:80:99:4c:91:b9:73:33:78:e1:a3:5e:d4:79:ee: 86:97:b7:d1:f0:c4:85:33:56:95:82:9d:7c:48:9d: 1b:8c:e0:8b:30:e8:fe:5e:89:b5:25:7f:af:26:23: fe:ee:65:dc:30:cb:29:ce:9b:62:cb:3e:ba:1a:32: d7:45:ac:ff:f6:81:a6:f5:e2:08:d1:4c:1d:5f:57: ef:59:0a:e2:0c:fa:d0:e0:61:8e:0a:db:cc:f5:da: 5d:ec:ce:bb:52:6f:6f:5b:69:ca:75:86:5b:49:56: 93:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:7F:22:73:C1:77:33:0D:0D:00:8C:F7:72:C1:E3:6A:43:DE:5D:CD X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:63:69:84:d9:bd:2c:81:2e:c3:dd:ed:bd:4e:17:a5:06:17: 41:48:e6:ac:14:60:43:99:3b:60:46:9d:19:eb:c2:5a:79:8b: 5b:ad:08:8c:d0:85:41:f1:88:9a:af:5b:82:38:7e:5f:39:18: 0b:e7:9e:b1:13:bf:b6:8e:c9:9d:ae:00:29:16:88:37:9f:e2: d5:ef:c4:48:ae:c0:3f:a8:57:51:75:09:ba:35:da:f3:85:3b: c6:77:77:82:87:9b:9f:30:78:5c:aa:24:75:24:9d:1c:37:41: 37:83:d2:da:db:b7:ad:ec:40:93:62:f6:3f:51:e0:a4:9f:e7: 86:02:04:ea:ff:f8:01:40:f3:1d:1b:75:3b:f6:b9:55:4e:f1: a5:2b:42:ba:a0:2a:85:52:38:57:2d:e2:a5:2a:43:9a:11:33: 9a:8b:42:5b:e2:1c:71:a6:50:d7:99:70:a7:a4:6f:25:c8:51: 69:8e:06:b8:e8:a4:4d:30:01:17:bd:02:97:25:25:cd:c4:c6: d7:df:17:74:da:6a:e6:8d:b9:0f:05:e7:20:ed:95:be:c3:f2: 7a:c3:38:50:14:48:ac:1f:96:70:0a:37:dd:c2:e2:f5:09:d2: f3:96:6d:c2:7b:32:51:4c:cb:2f:47:20:ef:8a:75:e4:be:d9: d8:05:e1:a4 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICC1kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjYwNDA0MTkxNjI1WhcNMjYwNDExMTkxNjI1WjAYMRYwFAYD VQQDEw02OWQxNjM4OS05NDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAozu2dj1ys9a84P0Anow18j8YnNRVNGHO4Q2o188RFQovhKx4UXfbbwiONgcK PnmMaCFhWgKtAsR92lRZIFiBdHoVlsj/ByMWSTwJGuRGpKMTZ6BYYRaEgkJ5Y1ug SM5xBAGIZ8bnFD8DP0pr5URVdWn6JxwX0jzZrSo38cD4LeZ/K+Gg/BqZaLlozEAd biX6kU2d9iyxgJlMkblzM3jho17Uee6Gl7fR8MSFM1aVgp18SJ0bjOCLMOj+Xom1 JX+vJiP+7mXcMMspzptiyz66GjLXRaz/9oGm9eII0UwdX1fvWQriDPrQ4GGOCtvM 9dpd7M67Um9vW2nKdYZbSVaTMQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFLt/InPB dzMNDQCM93LB42pD3l3NMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAD2NphNm9LIEuw93tvU4XpQYXQUjmrBRgQ5k7YEadGevCWnmLW60IjNCFQfGI mq9bgjh+XzkYC+eesRO/to7Jna4AKRaIN5/i1e/ESK7AP6hXUXUJujXa84U7xnd3 goebnzB4XKokdSSdHDdBN4PS2tu3rexAk2L2P1HgpJ/nhgIE6v/4AUDzHRt1O/a5 VU7xpStCuqAqhVI4Vy3ipSpDmhEzmotCW+IccaZQ15lwp6RvJchRaY4GuOikTTAB F70ClyUlzcTG198XdNpq5o25DwXnIO2VvsPyesM4UBRIrB+WcAo33cLi9QnS85Zt wnsyUUzLL0cg74p15L7Z2AXhpA== -----END CERTIFICATE-----Generated at Mon Apr 6 08:31:46 2026 by rpki-client