$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: hG4OVnyNL9UcCyHtCAGqzZHGddPDoGCvnQmOBpheabg= Subject key identifier: BE:0B:E8:3C:3F:2C:2D:40:FE:91:DF:39:AE:02:E8:03:5C:BA:64:73 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0AEF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0AC6 Signing time: Sat 18 Oct 2025 20:28:09 +0000 Manifest this update: Sat 18 Oct 2025 20:28:09 +0000 Manifest next update: Sat 25 Oct 2025 20:28:09 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: N2Ozb/viNFsPceV7wuTRK6urFBn6jGEZWttLHgA55LI=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: HTyyzc4XtgSz/IIMfSzZJ+tCNDi1E/skEpatmhSWJ4M=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: pnzNagfBV7JflMfDBvAJDWyy7ts19fn5YwbkxkgayA8=) 4: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: hhE8XmYwxey9Fv68RhRQXSH/5MjemozAt+vDJtNoqQU=) 5: C782AE14615911F08635B771C4F9AE02.roa (hash: MaO7vUeiFdOZPyehARwka9eV8U3aNvjxrHmSWVwidY8=) 6: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: uKI22TwxIQY9iFbcuULN7d8S3JosFyv3WIhvtX7yzyk=) 7: B24920940C6911EC90B57338C4F9AE02.roa (hash: 46zzXAJsoYLrd8w4NMQBrt4B+bpK+w9wRKgXWSkwTsI=) 8: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: 6TG7RmsvnGNbTnnGm7wGd69mXpkPkix9Q5ZbBmiNmUE=) 9: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: nQp6CVVIzkkqk2XECRH9BEijjawtFfwARhBhch9mLWM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:28:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2799 (0xaef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Oct 18 20:28:09 2025 GMT Not After : Oct 25 20:28:09 2025 GMT Subject: CN=68f3f859-11d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ff:0a:60:2c:19:46:59:a3:64:a0:5a:c6:ed: 95:7e:75:3b:5e:98:a9:1a:67:d7:0c:62:0d:f9:c2: c9:7b:5d:a8:1b:ae:c4:b9:8d:c4:24:3c:5e:bb:9b: 2c:bf:cd:2b:cf:a1:d2:f6:90:78:2b:92:01:c8:0a: f1:dd:c4:d6:b5:ac:11:de:22:84:20:a7:d6:a1:69: 7e:1c:6c:85:f4:d9:18:5b:13:b8:ee:5e:d9:c6:19: 85:b6:d6:03:54:f8:75:09:45:81:e8:d9:ae:53:6d: 93:b3:fd:2b:b6:2e:53:b9:ea:bb:02:b8:96:34:f2: 82:4c:4d:86:1e:f5:6c:d4:de:85:30:10:40:01:8b: 3e:29:28:35:ab:e1:87:1a:c1:f4:ec:08:da:46:4f: ad:e8:89:c4:98:6a:40:83:a7:74:11:4e:23:9e:0c: c5:9d:7c:f4:f5:ff:72:39:f2:b8:c2:4d:be:e1:29: dc:70:35:59:c9:5d:ce:0b:aa:10:f8:de:2e:95:55: 23:43:c0:7d:4f:17:fd:09:52:db:44:ca:df:ef:6d: 52:46:59:2e:6e:ba:32:d8:ff:21:33:ca:15:bf:17: ea:09:95:21:90:a5:ba:bb:8e:f0:b1:c2:36:16:df: d8:29:12:6c:a0:29:a8:42:32:97:ae:6d:f2:fc:6b: eb:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:0B:E8:3C:3F:2C:2D:40:FE:91:DF:39:AE:02:E8:03:5C:BA:64:73 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:0b:48:6a:02:c0:9d:fe:92:6f:a6:23:08:9c:6d:b2:a8:7f: 17:34:80:d0:98:50:03:cc:5c:c8:05:95:73:c4:1d:41:71:23: 29:4b:06:26:b8:f9:40:84:74:da:f1:a4:f3:77:cb:0d:d6:bb: 4d:94:52:4b:92:4a:c5:f4:65:89:d2:66:81:23:7f:36:a8:c4: e2:64:12:d1:e4:07:0b:43:3d:02:50:eb:7f:43:e1:e1:95:97: 7c:46:70:df:47:db:33:20:29:ac:80:ba:c0:1e:b1:10:0c:79: ee:a9:0d:32:e9:c1:b6:66:db:2b:df:0b:c0:f4:64:d4:f3:65: be:98:ba:e6:fc:8d:aa:32:11:a9:0b:19:ac:d6:78:c9:89:d2: 66:71:39:ec:d6:ca:9c:95:6c:fb:2c:44:d5:1d:df:84:a6:e3: 19:d2:64:b1:73:27:07:d0:47:f5:4c:2b:33:87:f8:47:7a:e9: 2a:ae:f3:e3:b1:7c:28:3e:25:e0:38:de:f0:99:dd:3b:63:b2: 33:68:61:30:ce:be:a8:d4:88:4e:8b:00:eb:fd:1c:4f:89:1d: 77:f9:b0:ae:54:98:71:1b:c2:95:e4:ee:d4:59:00:69:3f:b7: 67:97:f7:89:05:9b:2c:c9:4e:1e:85:9c:81:3e:f4:f7:b3:b9: 72:db:99:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCu8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUxMDE4MjAyODA5WhcNMjUxMDI1MjAyODA5WjAYMRYwFAYD VQQDEw02OGYzZjg1OS0xMWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt/8KYCwZRlmjZKBaxu2VfnU7XpipGmfXDGIN+cLJe12oG67EuY3EJDxeu5ss v80rz6HS9pB4K5IByArx3cTWtawR3iKEIKfWoWl+HGyF9NkYWxO47l7ZxhmFttYD VPh1CUWB6NmuU22Ts/0rti5Tueq7AriWNPKCTE2GHvVs1N6FMBBAAYs+KSg1q+GH GsH07AjaRk+t6InEmGpAg6d0EU4jngzFnXz09f9yOfK4wk2+4SnccDVZyV3OC6oQ +N4ulVUjQ8B9Txf9CVLbRMrf721SRlkubroy2P8hM8oVvxfqCZUhkKW6u47wscI2 Ft/YKRJsoCmoQjKXrm3y/GvrsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4L6Dw/ LC1A/pHfOa4C6ANcumRzMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQC0hqAsCd/pJvpiMInG2yqH8XNIDQmFADzFzIBZVzxB1BcSMpSwYm uPlAhHTa8aTzd8sN1rtNlFJLkkrF9GWJ0maBI382qMTiZBLR5AcLQz0CUOt/Q+Hh lZd8RnDfR9szICmsgLrAHrEQDHnuqQ0y6cG2Ztsr3wvA9GTU82W+mLrm/I2qMhGp Cxms1njJidJmcTns1sqclWz7LETVHd+EpuMZ0mSxcycH0Ef1TCszh/hHeukqrvPj sXwoPiXgON7wmd07Y7IzaGEwzr6o1IhOiwDr/RxPiR13+bCuVJhxG8KV5O7UWQBp P7dnl/eJBZssyU4ehZyBPvT3s7ly25lU -----END CERTIFICATE-----Generated at Mon Oct 20 13:50:18 2025 by rpki-client