$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: M3Jv6/prSRFVvyMT1/nVLdehjsLG+3rHhz6T5duGoQk= Subject key identifier: 52:0F:A3:DB:94:47:53:54:1F:77:23:2D:6B:74:24:E7:8D:16:86:E1 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0A9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0A4E Signing time: Thu 24 Apr 2025 19:43:02 +0000 Manifest this update: Thu 24 Apr 2025 19:43:01 +0000 Manifest next update: Thu 01 May 2025 19:43:01 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: p7x0SvUXnannm9nHfBN8D4DXVzX72nWP5WAm5et9be0=) 2: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: l7mr6es1TVOyo1wNw2j4HcRInXoNf33J5ylI6iVUMv8=) 3: B379B0346F4711EA81200366C4F9AE02.roa (hash: FuocMJExMkUp16L3R6FsGdSdFiq3mtbQ0I+3NIZrReg=) 4: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: OSzx+tHbv8GS0QRL7lJHUONIT8BBObbjKgYazgGJOB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:43:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2716 (0xa9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Apr 24 19:43:01 2025 GMT Not After : May 1 19:43:01 2025 GMT Subject: CN=680a9446-049b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d0:16:c8:ca:72:76:8d:33:03:f6:5e:a0:c1: 8d:94:b4:f9:d1:23:64:47:56:97:6d:00:82:72:70: 1f:fa:6f:40:37:58:17:3a:dd:a7:3b:c5:1a:2d:b8: 1d:2f:e8:b9:bf:a8:ef:58:fd:72:3a:eb:f7:ec:eb: 38:ce:1a:2d:1f:8e:31:ec:7c:40:79:1f:1d:9c:04: 94:34:73:1b:61:a0:67:c9:6f:ec:4d:6b:8c:4c:b3: 69:ba:3e:99:f0:28:54:24:5d:5f:54:c0:fc:95:73: 5c:ac:72:aa:ba:98:25:42:de:d5:66:33:2a:7b:f9: 39:88:2a:8c:01:ea:ab:4e:9a:5e:ac:74:3a:2e:22: 00:98:3f:00:a6:2e:fc:1d:2f:5a:17:04:69:25:bd: 4b:19:84:14:6f:26:a3:e6:8e:45:30:d9:d7:36:06: 9b:33:df:ce:f5:14:ac:e6:cf:19:92:b9:5e:96:2d: 5e:78:6e:b7:46:d5:2e:17:36:fd:e8:ba:c7:20:fb: 16:26:4a:2d:02:ab:c6:69:29:2a:b5:71:6a:47:0b: e8:90:4c:74:39:37:07:4a:7a:97:75:1a:5a:e3:57: a7:e3:cc:84:34:02:c8:ac:55:9d:90:34:fe:3e:7b: 6b:67:74:29:91:2d:ad:55:59:01:43:16:c9:15:46: 4f:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:0F:A3:DB:94:47:53:54:1F:77:23:2D:6B:74:24:E7:8D:16:86:E1 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:e0:ab:d4:cd:04:67:3d:c0:0e:60:c7:18:27:1e:c8:e4:b5: 01:16:e2:77:a1:20:83:66:a4:61:e2:5d:a0:fb:6f:95:06:2f: 77:a4:33:24:c7:91:01:92:d6:ca:40:c7:59:00:b1:7e:63:33: 65:ea:a5:d8:90:27:29:3e:e4:49:a0:fc:c1:9a:c9:8e:33:68: 18:d8:84:e6:8b:8b:08:9d:b2:57:bd:08:15:f3:20:81:89:90: 8d:b3:ab:d7:ea:78:d3:7b:9c:d8:23:b2:99:55:1b:02:55:aa: 38:19:de:5f:42:71:a4:e0:e0:5d:98:dc:2d:3e:09:fb:61:77: a1:fb:ea:19:20:d0:c9:9d:01:7d:02:b8:5e:6e:11:34:d7:8d: 40:16:2b:05:cc:b7:05:71:2d:26:6a:a2:00:ec:f4:97:86:94: f9:eb:d1:64:87:fc:4c:f1:da:5b:34:87:04:75:4d:b2:23:bc: 68:8b:a6:ab:62:17:9b:71:59:07:21:8e:2e:4f:2d:a3:d3:d8: 84:42:ea:17:54:67:9e:e4:d2:25:4b:f1:8f:0a:31:5b:e2:11: 0f:f5:1f:68:f6:1c:17:3d:c3:84:1f:8a:8a:43:97:25:68:b7: 2c:42:c5:83:ae:5e:f1:25:32:a8:d9:38:b4:1f:25:c2:06:0d: e9:3d:c2:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCpwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUwNDI0MTk0MzAxWhcNMjUwNTAxMTk0MzAxWjAYMRYwFAYD VQQDEw02ODBhOTQ0Ni0wNDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApNAWyMpydo0zA/ZeoMGNlLT50SNkR1aXbQCCcnAf+m9AN1gXOt2nO8UaLbgd L+i5v6jvWP1yOuv37Os4zhotH44x7HxAeR8dnASUNHMbYaBnyW/sTWuMTLNpuj6Z 8ChUJF1fVMD8lXNcrHKqupglQt7VZjMqe/k5iCqMAeqrTpperHQ6LiIAmD8Api78 HS9aFwRpJb1LGYQUbyaj5o5FMNnXNgabM9/O9RSs5s8Zkrleli1eeG63RtUuFzb9 6LrHIPsWJkotAqvGaSkqtXFqRwvokEx0OTcHSnqXdRpa41en48yENALIrFWdkDT+ PntrZ3QpkS2tVVkBQxbJFUZPrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFIPo9uU R1NUH3cjLWt0JOeNFobhMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBL4KvUzQRnPcAOYMcYJx7I5LUBFuJ3oSCDZqRh4l2g+2+VBi93pDMk x5EBktbKQMdZALF+YzNl6qXYkCcpPuRJoPzBmsmOM2gY2ITmi4sInbJXvQgV8yCB iZCNs6vX6njTe5zYI7KZVRsCVao4Gd5fQnGk4OBdmNwtPgn7YXeh++oZINDJnQF9 ArhebhE0141AFisFzLcFcS0maqIA7PSXhpT569Fkh/xM8dpbNIcEdU2yI7xoi6ar YhebcVkHIY4uTy2j09iEQuoXVGee5NIlS/GPCjFb4hEP9R9o9hwXPcOEH4qKQ5cl aLcsQsWDrl7xJTKo2Ti0HyXCBg3pPcID -----END CERTIFICATE-----Generated at Sat Apr 26 13:01:09 2025 by rpki-client