$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: pyfmzBFxGXu3HQQhFvCKiTsTk982+IEgeCsgZ+MZ9rI= Subject key identifier: FD:33:83:82:35:5C:F0:8F:0E:73:86:49:38:75:21:60:42:07:99:45 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0A8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0A6A Signing time: Thu 24 Apr 2025 19:35:40 +0000 Manifest this update: Thu 24 Apr 2025 19:35:40 +0000 Manifest next update: Thu 01 May 2025 19:35:40 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: G8PoeWlzt8UxP2F1mbQGIElS7qRAg/DU/XDVCbxHkKI=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: osiy8r5wOcZwc+hzXjUSDPKHDtxSKkSDsBR1kqJAjV4=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: UGiehiieQMG0h11m4WT8Sepc4lZpfmvaR3Wz1SUuF+k=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: Nuk6/U0PEEUTh4/Znumg3fhwPF24LqsvJENpm5HBvzI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: +xOv12aaFD+ElTkbMbM+GL6Nan/ResHUQv6dF6h2KxA=) 6: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: e8azGhGG7CmFQBeeb8o4Fwn7XSaKfDNPN3n+loBbFd4=) 7: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: EdbP6Ic3TKOXeBjm7GNDv83YO0G30y52gbvBzwhEMSM=) 8: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: nUOUleUTzrwDfXxPCbpeZJCMn5m+Z2Uvkn1+H8UcN1Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:35:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2699 (0xa8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Apr 24 19:35:40 2025 GMT Not After : May 1 19:35:40 2025 GMT Subject: CN=680a928c-1d14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:27:e6:88:ca:06:2f:f6:b1:22:fb:cf:82:a4: 34:34:d3:4f:f6:43:ec:fa:fe:46:6d:23:77:57:97: 96:a3:07:f6:3e:f7:39:f0:a4:fc:06:90:9c:b3:e5: 77:63:f1:24:51:af:bb:9f:f6:7a:b5:69:d1:5c:8b: bb:b1:4b:72:57:0f:5e:03:6d:87:46:36:33:97:fe: 31:df:1c:ac:e6:2e:d3:97:05:bd:77:9f:10:b8:00: d9:68:10:07:15:90:5d:fd:a1:43:b1:ef:a7:4b:4d: b5:de:75:7e:61:62:dd:0c:99:3e:47:7e:b1:48:f5: ca:0b:4c:9e:15:26:c9:ba:a4:cd:bb:fe:df:1a:4b: 9a:b0:8d:d1:83:a4:a3:68:7f:a6:5b:c6:9f:c2:3f: ef:96:74:48:38:44:98:81:09:01:66:0c:ae:05:5e: 67:00:ee:b6:57:78:c0:a7:76:8b:87:08:11:9b:4e: 34:e8:ef:94:f3:62:56:7a:5a:f6:97:22:98:0e:fb: fc:e3:a5:bb:f8:29:02:19:0b:6a:c4:e7:6b:f4:38: ed:30:84:76:8b:d6:42:3c:eb:89:f0:6c:37:1f:ac: d5:d2:93:6d:7b:cf:48:1e:d8:fc:40:7b:91:1c:e9: 78:d5:25:22:5b:05:3e:c5:77:fb:ea:db:4e:04:80: 34:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:33:83:82:35:5C:F0:8F:0E:73:86:49:38:75:21:60:42:07:99:45 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:6e:a9:83:c2:a2:db:de:31:74:ae:02:64:cc:64:08:fe:6b: 1b:97:e4:88:90:76:ab:09:b3:71:56:45:d3:06:23:e8:be:bd: b3:ef:3b:62:58:38:c1:cb:cf:af:c6:00:37:20:24:7b:3f:59: f7:82:3d:e7:94:69:5c:fe:b5:5c:f9:eb:2f:92:68:01:00:b3: 6f:7b:18:a4:2e:6e:2d:7b:e4:15:28:69:a0:14:a0:3c:b9:a1: be:83:c1:2d:b9:88:f9:e9:50:a0:eb:08:43:a4:af:ca:19:95: e2:8c:bb:cf:1a:0f:f6:6f:79:65:cd:fb:d5:e8:3b:a5:dd:0f: d2:79:6e:17:3e:9e:f3:ad:ba:9a:ef:7e:d7:1b:d7:ba:44:f5: eb:f6:4f:43:45:cb:39:43:bb:2e:bb:53:20:39:c1:33:ba:10: 8f:6c:c1:3f:8c:e7:64:1d:8e:cc:83:1b:b2:df:1a:35:07:6e: ff:4b:aa:ad:e1:c2:82:7d:8b:23:1a:e8:1a:96:b6:4c:fd:74: 11:de:3e:c0:3f:02:d7:b0:a7:df:e0:8a:56:3c:44:79:63:5b: a3:f9:ca:2c:b2:0c:c7:b7:91:81:96:20:69:3e:25:57:9c:9b: 51:bb:19:07:84:32:e1:15:78:f4:ea:17:96:4f:ca:1c:10:14: e7:86:1e:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwNDI0MTkzNTQwWhcNMjUwNTAxMTkzNTQwWjAYMRYwFAYD VQQDEw02ODBhOTI4Yy0xZDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4CfmiMoGL/axIvvPgqQ0NNNP9kPs+v5GbSN3V5eWowf2Pvc58KT8BpCcs+V3 Y/EkUa+7n/Z6tWnRXIu7sUtyVw9eA22HRjYzl/4x3xys5i7TlwW9d58QuADZaBAH FZBd/aFDse+nS0213nV+YWLdDJk+R36xSPXKC0yeFSbJuqTNu/7fGkuasI3Rg6Sj aH+mW8afwj/vlnRIOESYgQkBZgyuBV5nAO62V3jAp3aLhwgRm0406O+U82JWelr2 lyKYDvv846W7+CkCGQtqxOdr9DjtMIR2i9ZCPOuJ8Gw3H6zV0pNte89IHtj8QHuR HOl41SUiWwU+xXf76ttOBIA0gQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP0zg4I1 XPCPDnOGSTh1IWBCB5lFMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjbqmDwqLb3jF0rgJkzGQI/msbl+SIkHarCbNxVkXTBiPovr2z7zti WDjBy8+vxgA3ICR7P1n3gj3nlGlc/rVc+esvkmgBALNvexikLm4te+QVKGmgFKA8 uaG+g8EtuYj56VCg6whDpK/KGZXijLvPGg/2b3llzfvV6Dul3Q/SeW4XPp7zrbqa 737XG9e6RPXr9k9DRcs5Q7suu1MgOcEzuhCPbME/jOdkHY7Mgxuy3xo1B27/S6qt 4cKCfYsjGugalrZM/XQR3j7APwLXsKff4IpWPER5Y1uj+cossgzHt5GBliBpPiVX nJtRuxkHhDLhFXj06heWT8ocEBTnhh5o -----END CERTIFICATE-----Generated at Sat Apr 26 04:02:35 2025 by rpki-client