$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: RBZWvlscrrrzChU13rGwGIannEry/rVGftQu3dT0DOE= Subject key identifier: 92:AE:0B:C7:B9:41:DB:D1:5E:EF:AD:5D:97:AB:70:0B:58:64:AC:26 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0AAD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0A85 Signing time: Sat 14 Jun 2025 19:28:24 +0000 Manifest this update: Sat 14 Jun 2025 19:28:23 +0000 Manifest next update: Sat 21 Jun 2025 19:28:23 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: I4NmGThflW2D+6MabRnQkbJ781rzHd7I2IryYR4wqKY=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: HTyyzc4XtgSz/IIMfSzZJ+tCNDi1E/skEpatmhSWJ4M=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: pnzNagfBV7JflMfDBvAJDWyy7ts19fn5YwbkxkgayA8=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: 46zzXAJsoYLrd8w4NMQBrt4B+bpK+w9wRKgXWSkwTsI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: uKI22TwxIQY9iFbcuULN7d8S3JosFyv3WIhvtX7yzyk=) 6: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: nQp6CVVIzkkqk2XECRH9BEijjawtFfwARhBhch9mLWM=) 7: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: 6TG7RmsvnGNbTnnGm7wGd69mXpkPkix9Q5ZbBmiNmUE=) 8: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: hhE8XmYwxey9Fv68RhRQXSH/5MjemozAt+vDJtNoqQU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:28:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2733 (0xaad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Jun 14 19:28:23 2025 GMT Not After : Jun 21 19:28:23 2025 GMT Subject: CN=684dcd58-c97e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:05:b5:a8:bc:1b:79:cf:57:dd:96:56:de:2b: 09:b0:df:cf:5d:49:99:1e:ae:69:14:12:29:62:b6: 4a:09:3e:67:50:f3:88:65:08:27:18:d0:cd:d3:79: 48:eb:e0:ab:04:a1:1a:f1:4d:bc:fc:cd:7a:01:cb: b9:69:0d:bc:a9:50:44:75:dd:4e:34:3f:94:87:69: e0:36:b8:9f:dc:01:00:ac:7a:99:29:44:a9:de:e3: 45:9d:4d:bc:b6:04:79:61:d9:3d:ca:f3:9d:ac:ec: 30:82:c6:5d:72:c8:72:8c:65:a9:c9:90:93:4e:3c: 12:47:76:d6:8e:cf:a8:53:cf:3e:dc:71:79:5b:36: f5:c1:a4:2a:b9:96:34:46:70:00:9f:43:b9:30:fe: 2d:0d:fd:bd:3f:4a:f7:7b:1b:1f:5b:e6:22:5d:93: 1b:8a:1c:1c:22:d5:47:08:a0:da:f1:57:82:3d:32: b7:19:bf:2c:fe:ea:e8:11:53:0d:48:fe:34:75:b0: af:3e:c3:c8:c8:c5:65:3f:11:6b:d5:25:69:5f:55: da:85:16:07:f4:39:68:53:a6:5c:18:49:e1:74:83: 3e:66:5d:2d:e8:a3:21:fd:00:4c:28:f6:a1:6e:97: 3e:d9:0b:47:30:96:ae:63:d1:6d:35:d3:23:f4:50: 1b:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:AE:0B:C7:B9:41:DB:D1:5E:EF:AD:5D:97:AB:70:0B:58:64:AC:26 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:55:af:90:fb:e2:71:aa:8d:f4:87:07:b6:95:0d:3b:ca:e9: d2:a5:c9:42:97:b8:21:47:15:b8:9c:02:08:b4:84:61:cb:c9: 27:fd:82:e6:b2:5f:c6:91:bd:8e:6e:aa:cc:ae:e4:43:c9:a1: c5:1c:97:f8:63:7c:12:cf:01:40:5d:47:ef:61:2a:1d:96:3e: f4:c8:94:ab:a8:ce:ed:0b:cc:1a:b4:3b:94:b4:98:16:90:a6: 05:24:2f:01:89:2a:5a:e2:cf:a3:cf:6e:07:76:69:45:1f:51: 8a:00:a2:e3:bd:f6:76:1e:4f:8a:33:78:e3:b2:36:14:cf:5d: c5:83:22:61:4b:a8:c2:72:5c:4b:87:f1:43:f5:0c:23:f9:ec: 1d:5e:19:de:5d:23:04:3e:32:db:2a:54:62:a6:e6:dd:a8:49: a2:06:9c:71:e2:7e:b3:a7:6c:07:13:eb:b9:02:e3:55:36:6f: 38:da:9b:5c:e6:bf:7c:26:0e:b0:7b:e2:a7:43:12:95:7e:a5: 0f:8b:cd:94:4b:e0:06:db:a2:a8:14:21:a0:cd:0a:c4:42:31: ed:4a:8f:c3:8f:e9:f6:8c:5d:21:bf:bc:a8:5f:10:6f:7e:f0: 09:77:8f:25:69:21:bf:5d:4b:ea:a4:20:73:e0:7d:cb:5b:1c: 86:fa:c1:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwNjE0MTkyODIzWhcNMjUwNjIxMTkyODIzWjAYMRYwFAYD VQQDEw02ODRkY2Q1OC1jOTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3gW1qLwbec9X3ZZW3isJsN/PXUmZHq5pFBIpYrZKCT5nUPOIZQgnGNDN03lI 6+CrBKEa8U28/M16Acu5aQ28qVBEdd1OND+Uh2ngNrif3AEArHqZKUSp3uNFnU28 tgR5Ydk9yvOdrOwwgsZdcshyjGWpyZCTTjwSR3bWjs+oU88+3HF5Wzb1waQquZY0 RnAAn0O5MP4tDf29P0r3exsfW+YiXZMbihwcItVHCKDa8VeCPTK3Gb8s/uroEVMN SP40dbCvPsPIyMVlPxFr1SVpX1XahRYH9DloU6ZcGEnhdIM+Zl0t6KMh/QBMKPah bpc+2QtHMJauY9FtNdMj9FAblQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJKuC8e5 QdvRXu+tXZercAtYZKwmMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxVa+Q++Jxqo30hwe2lQ07yunSpclCl7ghRxW4nAIItIRhy8kn/YLm sl/Gkb2ObqrMruRDyaHFHJf4Y3wSzwFAXUfvYSodlj70yJSrqM7tC8watDuUtJgW kKYFJC8BiSpa4s+jz24HdmlFH1GKAKLjvfZ2Hk+KM3jjsjYUz13FgyJhS6jCclxL h/FD9Qwj+ewdXhneXSMEPjLbKlRipubdqEmiBpxx4n6zp2wHE+u5AuNVNm842ptc 5r98Jg6we+KnQxKVfqUPi82US+AG26KoFCGgzQrEQjHtSo/Dj+n2jF0hv7yoXxBv fvAJd48laSG/XUvqpCBz4H3LWxyG+sE/ -----END CERTIFICATE-----Generated at Sun Jun 15 10:26:54 2025 by rpki-client