$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: 0xJF0lOi2QWnrN+f+p9xQ9i3qJsrCEKjbKHAS/bRnl8= Subject key identifier: D7:B0:40:F4:61:35:90:59:84:B1:E8:F0:BB:51:0C:CD:78:35:EB:9E Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0AB2 Signing time: Tue 04 Nov 2025 19:42:52 +0000 Manifest this update: Tue 04 Nov 2025 19:42:51 +0000 Manifest next update: Tue 11 Nov 2025 19:42:51 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: BhGTbitXSArzovivc93Ymrk1lHESJm1QnQHyo6XShOc=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: GD8TE1iM2Ym7f93p/1VYDkqCG50V4KFtJCkioUpH7AI=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: 34aVw5Rt72hNPVd0d/UxB/shSl9fnFPWjJTO5/uz5ZU=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: 5hsatirdoTAMt8sVP/32NV6rGnCIOasP2d6dKTsMLr4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:42:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2819 (0xb03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Nov 4 19:42:51 2025 GMT Not After : Nov 11 19:42:51 2025 GMT Subject: CN=690a573c-aa70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:97:cd:86:a1:ca:2e:e7:1c:95:f2:38:3f:43: 13:08:64:59:70:04:90:41:a0:dd:ac:38:2c:13:a8: 16:8a:3c:c9:da:e1:da:89:31:59:86:b7:f5:a7:6a: 36:da:4c:d4:56:ae:55:16:c9:72:af:a7:a2:f9:38: 58:64:58:d2:26:26:6e:92:39:bb:14:f0:43:fa:1d: 32:ad:65:c7:10:ea:c7:e7:f1:1e:a2:be:8c:13:10: 99:eb:3e:e0:81:c3:ba:96:6d:59:b3:bb:fc:1e:73: f5:a1:8e:a8:dd:90:68:bb:15:ef:36:ce:4b:ad:bf: f4:d3:6a:f6:9e:3b:07:93:27:c2:0d:51:bf:4c:de: ef:f0:8b:ad:ba:48:ac:d5:25:c5:3f:29:ea:aa:5c: 21:bc:21:ab:fb:4b:0e:4c:02:e7:91:cc:0d:f3:52: 18:60:cf:ee:1c:7a:9d:07:d0:58:a8:8e:df:8e:64: 24:e8:28:ca:f7:cc:b8:9d:37:5d:f6:37:8e:b3:a3: bd:e3:a8:60:88:6a:ff:41:44:6c:03:06:d7:68:a3: 41:74:37:b2:6b:ec:44:e7:be:7b:1e:7f:33:48:c6: 23:f5:10:17:bd:51:62:dc:2e:01:4e:3b:d5:d4:88: f5:e4:2e:e4:94:46:7e:48:f6:48:9b:47:36:d7:f2: 91:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:B0:40:F4:61:35:90:59:84:B1:E8:F0:BB:51:0C:CD:78:35:EB:9E X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:54:90:1a:3a:1d:47:33:86:a4:f7:fd:99:fc:b7:c0:47:92: 10:e5:6c:cc:ac:3a:b2:db:3a:99:54:f1:5b:80:c5:8b:bc:7e: dc:c2:f1:d0:4c:99:7a:a7:d4:7a:45:0f:ca:86:20:27:de:17: 7f:fe:38:b7:04:c1:8b:ed:76:9a:68:21:0d:53:ed:39:93:fd: 50:14:af:58:15:5e:e0:f6:20:2d:5d:2d:28:de:f3:b7:62:82: 4a:8c:ab:53:f8:d7:14:ee:d3:87:9b:79:3e:35:23:3b:0b:86: ac:82:0a:7c:72:84:43:f4:02:93:d2:8c:92:2b:43:03:09:75: ad:a9:90:36:93:fb:26:66:cd:b6:72:02:f1:9d:0f:da:d9:c2: 34:03:4b:0f:19:35:48:22:37:4f:40:87:38:99:97:54:eb:f2: ee:8b:02:d0:25:8c:f9:69:a2:2f:6f:24:b1:6b:96:7e:06:fa: 59:11:e2:9b:4b:30:3a:e9:62:3d:50:58:0e:4b:86:1f:f3:98: ea:1f:1a:79:39:31:e2:2c:19:95:b2:b7:2d:91:fc:5d:6d:ca: ae:f3:64:a7:7d:b7:cf:94:bf:dc:55:c5:a4:77:9f:3c:a6:ef: 46:24:ca:f5:e3:34:af:34:3b:5b:6b:6c:81:2b:6a:8c:f0:85: f5:a8:c5:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCwMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUxMTA0MTk0MjUxWhcNMjUxMTExMTk0MjUxWjAYMRYwFAYD VQQDEw02OTBhNTczYy1hYTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxJfNhqHKLucclfI4P0MTCGRZcASQQaDdrDgsE6gWijzJ2uHaiTFZhrf1p2o2 2kzUVq5VFslyr6ei+ThYZFjSJiZukjm7FPBD+h0yrWXHEOrH5/Eeor6MExCZ6z7g gcO6lm1Zs7v8HnP1oY6o3ZBouxXvNs5Lrb/002r2njsHkyfCDVG/TN7v8Iutukis 1SXFPynqqlwhvCGr+0sOTALnkcwN81IYYM/uHHqdB9BYqI7fjmQk6CjK98y4nTdd 9jeOs6O946hgiGr/QURsAwbXaKNBdDeya+xE5757Hn8zSMYj9RAXvVFi3C4BTjvV 1Ij15C7klEZ+SPZIm0c21/KR7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNewQPRh NZBZhLHo8LtRDM14NeueMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAVJAaOh1HM4ak9/2Z/LfAR5IQ5WzMrDqy2zqZVPFbgMWLvH7cwvHQ TJl6p9R6RQ/KhiAn3hd//ji3BMGL7XaaaCENU+05k/1QFK9YFV7g9iAtXS0o3vO3 YoJKjKtT+NcU7tOHm3k+NSM7C4asggp8coRD9AKT0oySK0MDCXWtqZA2k/smZs22 cgLxnQ/a2cI0A0sPGTVIIjdPQIc4mZdU6/LuiwLQJYz5aaIvbySxa5Z+BvpZEeKb SzA66WI9UFgOS4Yf85jqHxp5OTHiLBmVsrctkfxdbcqu82SnfbfPlL/cVcWkd588 pu9GJMr14zSvNDtba2yBK2qM8IX1qMWW -----END CERTIFICATE-----Generated at Wed Nov 5 10:00:41 2025 by rpki-client