$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: BuxXQexJ6+efnCFvID2wRKvo2t14Qn8MvrR4iAjILBw= Subject key identifier: 39:76:E6:74:95:F1:6F:B9:BA:95:9B:B7:F8:B6:B0:D7:75:EA:02:1E Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0B0A Signing time: Thu 16 Apr 2026 19:21:50 +0000 Manifest this update: Thu 16 Apr 2026 19:21:49 +0000 Manifest next update: Thu 23 Apr 2026 19:21:49 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: okj/LrtQD9kaiYlFYAORtczPoyYl+LVwyNCQlt7xSkw=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: U2prKzUVYLMejIwBY9EOi9zclj2VGJE3Jm44WaqS9F8=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: 8YU1CGBXL/Y8cKfBuUoFRdl8h7rYmsUhvxveXcxQ+/4=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: FsdxlcuHXOB+GZBdpk7LDn7uN7PNXa0fvxLZvoX+V2c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 19:21:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2911 (0xb5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Apr 16 19:21:49 2026 GMT Not After : Apr 23 19:21:49 2026 GMT Subject: CN=69e136ce-3ca6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:03:cd:dc:be:3e:52:40:79:b3:6c:38:71:57: e6:c6:0e:16:1c:d5:f5:2b:25:06:c2:e9:27:23:a6: d7:f7:c3:8f:75:4c:b8:68:19:ca:0f:36:70:6b:ca: 4e:f0:41:7e:f8:9d:82:5d:96:b7:02:3c:e9:c4:8c: 89:53:d2:67:6b:70:18:36:08:44:1f:07:9c:60:4e: d3:c1:a6:44:46:79:c3:e5:61:95:67:3c:67:84:c3: d0:39:a0:68:c3:08:d1:45:fe:0c:d8:c9:f7:19:61: 51:de:cd:9f:d2:35:b6:c0:40:2d:32:09:69:73:c2: d5:d1:a3:2f:d0:e7:88:ef:5a:76:75:5b:18:42:4b: be:76:fc:5a:a5:60:32:16:ab:80:56:63:d0:c9:e4: 15:5c:54:a5:0e:fc:69:f7:9b:bd:ae:f6:7e:10:ba: 3d:ea:c8:50:24:59:88:bf:f8:31:53:73:9b:f1:b5: cf:61:65:9a:43:33:ae:51:4d:aa:11:19:00:c6:a4: 8a:72:d2:96:ee:cd:5f:11:3a:44:39:0e:e3:22:b1: 83:f6:18:ef:4a:87:83:77:5d:96:71:d1:3f:8a:84: a3:c0:b8:f2:e8:b2:0b:dc:47:cb:b7:b1:b8:93:b2: b6:d2:c1:4d:d8:03:fe:a0:95:f9:ea:26:d7:b6:47: 28:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:76:E6:74:95:F1:6F:B9:BA:95:9B:B7:F8:B6:B0:D7:75:EA:02:1E X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:a7:f8:82:1f:86:9c:66:d9:aa:67:fc:dd:8e:bc:98:99:15: 2e:ff:87:df:71:2f:64:17:88:9c:5f:d4:5c:4d:f7:b6:6c:57: 78:58:fb:5f:d8:76:3f:eb:29:0e:dc:a7:d9:b2:a0:a5:54:f9: 88:41:88:9c:6e:0d:fe:98:89:58:71:65:9d:d1:77:93:06:07: 75:11:00:60:8b:13:6c:ed:99:b0:4d:05:05:c0:1d:2b:c9:6a: ca:dd:30:2a:e8:ba:d2:3c:cf:1c:a1:e5:92:7c:5c:46:d7:4d: a3:96:c2:8a:5d:e8:25:6b:84:05:f6:45:09:2e:0b:fa:97:64: e3:ff:4f:4f:4e:7e:4d:cf:37:66:18:f2:49:b4:93:2c:69:82: 5a:fd:fb:b0:b3:d6:10:14:2e:f4:76:4d:85:41:10:ad:21:6e: 89:bc:da:67:7f:79:4b:40:71:92:77:86:83:98:57:7d:4e:95: 54:91:3c:9f:50:d8:e6:ad:d1:d8:9a:19:b6:cc:3d:a8:16:be: 47:41:a2:e3:10:61:46:11:cd:ca:b3:86:06:c5:7b:b8:d0:0d: 2b:03:97:b5:8d:44:da:9c:a7:19:ad:08:fc:30:ac:e0:21:7e: 10:db:f2:cf:7a:34:6c:fa:8c:c9:a3:40:95:63:6c:63:fe:0f: b2:44:14:1b -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICC18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjYwNDE2MTkyMTQ5WhcNMjYwNDIzMTkyMTQ5WjAYMRYwFAYD VQQDEw02OWUxMzZjZS0zY2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsAPN3L4+UkB5s2w4cVfmxg4WHNX1KyUGwuknI6bX98OPdUy4aBnKDzZwa8pO 8EF++J2CXZa3AjzpxIyJU9Jna3AYNghEHwecYE7TwaZERnnD5WGVZzxnhMPQOaBo wwjRRf4M2Mn3GWFR3s2f0jW2wEAtMglpc8LV0aMv0OeI71p2dVsYQku+dvxapWAy FquAVmPQyeQVXFSlDvxp95u9rvZ+ELo96shQJFmIv/gxU3Ob8bXPYWWaQzOuUU2q ERkAxqSKctKW7s1fETpEOQ7jIrGD9hjvSoeDd12WcdE/ioSjwLjy6LIL3EfLt7G4 k7K20sFN2AP+oJX56ibXtkcokQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDl25nSV 8W+5upWbt/i2sNd16gIeMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEARaf4gh+GnGbZqmf83Y68mJkVLv+H33EvZBeInF/UXE33tmxXeFj7X9h2P+sp Dtyn2bKgpVT5iEGInG4N/piJWHFlndF3kwYHdREAYIsTbO2ZsE0FBcAdK8lqyt0w Kui60jzPHKHlknxcRtdNo5bCil3oJWuEBfZFCS4L+pdk4/9PT05+Tc83ZhjySbST LGmCWv37sLPWEBQu9HZNhUEQrSFuibzaZ395S0BxkneGg5hXfU6VVJE8n1DY5q3R 2JoZtsw9qBa+R0Gi4xBhRhHNyrOGBsV7uNANKwOXtY1E2pynGa0I/DCs4CF+ENvy z3o0bPqMyaNAlWNsY/4PskQUGw== -----END CERTIFICATE-----Generated at Fri Apr 17 11:31:28 2026 by rpki-client