$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: 5pXN4gAzBAv1Buh3nBRj9DmDb9u8SKI1ve46ezXLL2I= Subject key identifier: CA:EE:87:F3:8E:4B:E8:33:0B:3C:17:BF:01:B1:CB:9B:2E:AB:8B:CE Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0A9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0A76 Signing time: Wed 14 May 2025 19:47:43 +0000 Manifest this update: Wed 14 May 2025 19:47:42 +0000 Manifest next update: Wed 21 May 2025 19:47:42 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: TstdTnQ2Dm9OHMHPa6MHqEl6PFqjLoCjO3zJ1qyHcyE=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: HTyyzc4XtgSz/IIMfSzZJ+tCNDi1E/skEpatmhSWJ4M=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: pnzNagfBV7JflMfDBvAJDWyy7ts19fn5YwbkxkgayA8=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: 46zzXAJsoYLrd8w4NMQBrt4B+bpK+w9wRKgXWSkwTsI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: uKI22TwxIQY9iFbcuULN7d8S3JosFyv3WIhvtX7yzyk=) 6: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: nQp6CVVIzkkqk2XECRH9BEijjawtFfwARhBhch9mLWM=) 7: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: 6TG7RmsvnGNbTnnGm7wGd69mXpkPkix9Q5ZbBmiNmUE=) 8: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: hhE8XmYwxey9Fv68RhRQXSH/5MjemozAt+vDJtNoqQU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 19:47:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2718 (0xa9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: May 14 19:47:42 2025 GMT Not After : May 21 19:47:42 2025 GMT Subject: CN=6824f35e-00b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:08:1d:aa:bb:15:a8:82:f7:d5:33:49:30:a4: a7:00:57:39:ff:68:f7:ce:5c:f6:c0:0b:b1:92:ec: 44:28:46:95:59:a0:39:60:7b:b1:39:f5:43:8f:93: 34:7b:bc:6e:d8:77:e9:2b:fc:27:09:cf:fb:97:e1: 6f:2e:15:53:4e:28:64:2a:23:6a:c3:bb:17:a9:38: e1:ce:06:f9:94:17:4e:89:97:09:65:c2:6d:c5:3e: 02:6e:94:5d:1f:12:06:7c:e6:e1:5f:30:bd:3f:0d: c6:75:d4:61:a1:06:9e:a5:70:69:ae:a6:a4:30:a6: 54:09:de:96:68:52:43:68:37:28:e1:ed:1c:b7:0a: b6:37:ab:da:df:b5:1b:5c:49:64:c1:64:0a:29:5b: 27:8f:2c:0f:f8:17:c3:97:0e:e4:f8:d8:8a:7f:6c: 59:99:be:ff:82:3b:6e:76:e8:15:be:00:0c:ac:78: aa:af:3e:1d:18:80:f6:db:d6:c1:93:0a:e1:92:6e: 20:a8:c7:08:83:8f:c7:a6:6e:4c:56:95:c6:06:d1: ce:6b:29:c4:44:1b:aa:95:dc:a5:ae:a0:a0:d4:aa: a1:f5:66:d0:39:0e:0c:38:a4:c1:f1:24:0f:2d:35: 18:f2:39:78:3d:7e:b1:91:b1:4a:44:9d:1f:97:f4: 0b:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:EE:87:F3:8E:4B:E8:33:0B:3C:17:BF:01:B1:CB:9B:2E:AB:8B:CE X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:65:11:25:26:8d:da:ec:1e:06:b1:6f:1a:bf:82:bf:4e:c4: 0e:6b:24:dd:e6:a0:b3:b8:ec:08:e9:ab:a3:08:03:63:4b:87: 80:5f:3e:c3:ca:57:7d:9d:2c:e8:d4:b4:e5:ce:c1:c4:2b:a5: 30:94:58:1b:c9:59:41:79:f7:f9:a9:0e:8e:d4:56:3b:b5:ea: bf:5f:85:98:84:de:f2:e6:ab:a7:79:fd:33:17:29:e3:b5:24: ad:83:1d:65:fd:2b:97:d0:a0:8d:8c:71:40:d8:ff:af:7f:60: b8:2e:a1:35:ac:39:42:a3:f8:e8:23:03:88:21:fe:12:dc:1c: b9:9f:92:8d:5e:06:82:94:ef:22:1f:e9:49:98:dd:d9:2d:2a: 42:1b:f7:37:22:cf:3f:9f:52:99:e2:31:72:78:2b:7e:df:44: d9:96:ae:d7:b3:48:46:d9:aa:24:8d:9f:90:3f:6c:be:3d:e2: be:56:fe:e9:95:8c:2a:ad:84:8d:de:55:ca:69:7a:6b:7f:6f: 9e:18:06:2e:6e:be:c6:64:1b:7f:5d:a7:85:78:36:30:ef:8f: 32:3d:f5:d8:a7:84:fd:7f:77:21:89:a8:16:ae:e7:f9:0b:31: 53:e7:00:3f:3f:b1:b1:d0:85:20:b2:b6:9e:ca:a6:53:83:13: 55:4a:b9:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwNTE0MTk0NzQyWhcNMjUwNTIxMTk0NzQyWjAYMRYwFAYD VQQDEw02ODI0ZjM1ZS0wMGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmwgdqrsVqIL31TNJMKSnAFc5/2j3zlz2wAuxkuxEKEaVWaA5YHuxOfVDj5M0 e7xu2HfpK/wnCc/7l+FvLhVTTihkKiNqw7sXqTjhzgb5lBdOiZcJZcJtxT4CbpRd HxIGfObhXzC9Pw3GddRhoQaepXBprqakMKZUCd6WaFJDaDco4e0ctwq2N6va37Ub XElkwWQKKVsnjywP+BfDlw7k+NiKf2xZmb7/gjtudugVvgAMrHiqrz4dGID229bB kwrhkm4gqMcIg4/Hpm5MVpXGBtHOaynERBuqldylrqCg1Kqh9WbQOQ4MOKTB8SQP LTUY8jl4PX6xkbFKRJ0fl/QLGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMruh/OO S+gzCzwXvwGxy5suq4vOMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwZRElJo3a7B4GsW8av4K/TsQOayTd5qCzuOwI6aujCANjS4eAXz7D yld9nSzo1LTlzsHEK6UwlFgbyVlBeff5qQ6O1FY7teq/X4WYhN7y5qunef0zFynj tSStgx1l/SuX0KCNjHFA2P+vf2C4LqE1rDlCo/joIwOIIf4S3By5n5KNXgaClO8i H+lJmN3ZLSpCG/c3Is8/n1KZ4jFyeCt+30TZlq7Xs0hG2aokjZ+QP2y+PeK+Vv7p lYwqrYSN3lXKaXprf2+eGAYubr7GZBt/XaeFeDYw748yPfXYp4T9f3chiagWruf5 CzFT5wA/P7Gx0IUgsraeyqZTgxNVSrkD -----END CERTIFICATE-----Generated at Fri May 16 09:58:11 2025 by rpki-client