$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: PMIeHT85nMVWvEt5AvR5Eg7fW7i5uZIjJilhFgHMv2w= Subject key identifier: 32:BE:3E:97:F7:96:69:B9:B4:90:09:DE:5A:2D:C0:29:62:00:56:87 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B7C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 0B27 Signing time: Fri 12 Jun 2026 19:25:29 +0000 Manifest this update: Fri 12 Jun 2026 19:25:29 +0000 Manifest next update: Fri 19 Jun 2026 19:25:29 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: X4Tj/s6phiCxgJ28pwTYpaBp4fwLp9XaRw0Of7bd71E=) 2: B379B0346F4711EA81200366C4F9AE02.roa (hash: 8YU1CGBXL/Y8cKfBuUoFRdl8h7rYmsUhvxveXcxQ+/4=) 3: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: FsdxlcuHXOB+GZBdpk7LDn7uN7PNXa0fvxLZvoX+V2c=) 4: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (hash: U2prKzUVYLMejIwBY9EOi9zclj2VGJE3Jm44WaqS9F8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Jun 2026 19:25:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2940 (0xb7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Jun 12 19:25:29 2026 GMT Not After : Jun 19 19:25:29 2026 GMT Subject: CN=6a2c5d29-0695 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:da:76:3e:36:24:d5:31:68:69:62:68:3c:94: 88:47:fc:44:b0:71:09:2a:29:11:ac:c3:d8:f0:a5: dd:77:16:c6:2a:58:04:93:33:1d:36:4b:b1:92:5f: 21:fa:d9:4d:f6:b7:0b:00:b8:1c:3c:86:43:2e:a3: 06:de:36:f3:a1:f4:4c:fc:fe:7b:6c:23:b7:59:ff: 50:14:b4:ee:96:74:3a:2f:9e:7f:39:18:44:2f:37: 5e:c0:4c:1f:df:1f:dc:d3:0c:74:cc:b1:94:e6:23: da:f8:7f:49:01:04:33:97:c9:c7:af:b9:d5:1c:58: 32:06:f3:f6:3e:a4:a7:e9:d1:50:05:39:f2:54:1e: 4c:ec:dc:ff:84:0d:77:ab:00:fd:07:75:f8:6d:5a: bb:1b:40:21:45:c6:d1:05:f9:c4:c9:22:11:cd:21: 46:5e:1b:5c:60:01:5f:bd:39:0e:3c:da:2e:0e:aa: 64:cb:64:7b:b0:d0:84:a2:f2:a3:7b:8c:cc:7b:3d: 49:8d:7b:7f:aa:6c:57:a8:bd:bd:30:dd:81:24:7d: 7a:0c:ca:bc:26:8e:35:c9:37:42:1f:2e:08:98:a1: c9:d3:b0:65:b2:c4:3d:aa:cb:70:20:21:d7:3e:07: 6c:ce:33:86:18:e0:f1:bb:2c:52:a6:38:55:ed:d1: 96:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:BE:3E:97:F7:96:69:B9:B4:90:09:DE:5A:2D:C0:29:62:00:56:87 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:b6:5b:79:ac:01:d7:5d:65:b7:80:21:f1:bc:d9:37:37:59: 4d:03:81:5e:99:28:82:fe:b9:3c:75:f5:82:f1:0b:25:69:20: 73:ab:8c:d3:53:46:21:7f:c1:de:bb:83:64:55:6c:d5:03:3e: fa:3d:64:9e:ea:5d:28:ab:ef:66:21:f7:00:c9:d6:1e:08:75: ec:79:5b:28:41:3d:85:07:92:4a:09:63:77:5f:6e:b7:e7:22: 11:b9:f6:75:cf:7a:d3:4b:4d:28:bd:49:67:3c:98:6c:3f:7a: a5:e8:b8:f8:cb:2b:b4:1d:12:29:05:f7:be:7f:dc:5f:2d:55: 7e:1a:d4:6c:88:ec:3d:b4:cf:07:bf:ca:d0:10:7e:6f:be:07: 56:cd:1e:99:db:7d:5e:fc:08:26:46:65:ba:c4:92:ac:95:4a: 75:24:bd:02:32:d3:34:1c:93:3e:f6:dd:b3:d4:3d:69:86:ae: c4:4c:b1:fc:ed:4b:23:b5:b7:a0:5e:39:ba:63:60:c7:6e:49: 76:c7:87:4f:d8:e4:54:49:d8:d0:19:17:87:b8:15:d9:66:13: b2:78:cd:d2:2c:81:ee:a9:12:b3:08:9c:c6:77:cd:9d:c0:63: 60:aa:db:65:5a:a8:a8:4f:56:b3:dd:44:a1:cf:cc:09:03:22: 31:a5:db:58 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICC3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjYwNjEyMTkyNTI5WhcNMjYwNjE5MTkyNTI5WjAYMRYwFAYD VQQDEw02YTJjNWQyOS0wNjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAztp2PjYk1TFoaWJoPJSIR/xEsHEJKikRrMPY8KXddxbGKlgEkzMdNkuxkl8h +tlN9rcLALgcPIZDLqMG3jbzofRM/P57bCO3Wf9QFLTulnQ6L55/ORhELzdewEwf 3x/c0wx0zLGU5iPa+H9JAQQzl8nHr7nVHFgyBvP2PqSn6dFQBTnyVB5M7Nz/hA13 qwD9B3X4bVq7G0AhRcbRBfnEySIRzSFGXhtcYAFfvTkOPNouDqpky2R7sNCEovKj e4zMez1JjXt/qmxXqL29MN2BJH16DMq8Jo41yTdCHy4ImKHJ07BlssQ9qstwICHX PgdszjOGGODxuyxSpjhV7dGWVQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDK+Ppf3 lmm5tJAJ3lotwCliAFaHMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAJ7ZbeawB111lt4Ah8bzZNzdZTQOBXpkogv65PHX1gvELJWkgc6uM01NGIX/B 3ruDZFVs1QM++j1knupdKKvvZiH3AMnWHgh17HlbKEE9hQeSSgljd19ut+ciEbn2 dc9600tNKL1JZzyYbD96pei4+MsrtB0SKQX3vn/cXy1VfhrUbIjsPbTPB7/K0BB+ b74HVs0emdt9XvwIJkZlusSSrJVKdSS9AjLTNByTPvbds9Q9aYauxEyx/O1LI7W3 oF45umNgx25JdseHT9jkVEnY0BkXh7gV2WYTsnjN0iyB7qkSswicxnfNncBjYKrb ZVqoqE9Ws91Eoc/MCQMiMaXbWA== -----END CERTIFICATE-----Generated at Sat Jun 13 21:12:00 2026 by rpki-client