$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: A99nmjoxI96AddDqR9jgDFXOYJmu2oQqoxb9iuo6zes= Subject key identifier: 4A:45:97:5C:E8:02:85:3E:3D:ED:3B:E8:D2:CD:04:3D:7D:48:86:F3 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0AB6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0A8E Signing time: Wed 02 Jul 2025 19:50:55 +0000 Manifest this update: Wed 02 Jul 2025 19:50:55 +0000 Manifest next update: Wed 09 Jul 2025 19:50:55 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: r5fc5n2pJg+ztuhT+bAInxG/NQiep8Z2+ZpX3/4j2qA=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: HTyyzc4XtgSz/IIMfSzZJ+tCNDi1E/skEpatmhSWJ4M=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: pnzNagfBV7JflMfDBvAJDWyy7ts19fn5YwbkxkgayA8=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: 46zzXAJsoYLrd8w4NMQBrt4B+bpK+w9wRKgXWSkwTsI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: uKI22TwxIQY9iFbcuULN7d8S3JosFyv3WIhvtX7yzyk=) 6: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: nQp6CVVIzkkqk2XECRH9BEijjawtFfwARhBhch9mLWM=) 7: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: 6TG7RmsvnGNbTnnGm7wGd69mXpkPkix9Q5ZbBmiNmUE=) 8: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: hhE8XmYwxey9Fv68RhRQXSH/5MjemozAt+vDJtNoqQU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:50:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2742 (0xab6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Jul 2 19:50:55 2025 GMT Not After : Jul 9 19:50:55 2025 GMT Subject: CN=68658d9f-8a4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:a0:33:b8:23:87:f3:d5:a9:55:0d:57:7a:89: c2:72:f8:97:f3:95:e8:0a:9c:2c:e4:6a:7b:dc:0b: ec:48:3a:cc:c8:16:a3:0e:5c:44:6f:b7:c4:05:e7: 0e:2e:ee:8c:ad:9f:10:6e:dc:d1:31:5a:55:82:29: 17:d3:79:b4:2c:98:d3:ad:34:73:ed:fd:74:c0:14: bb:51:c8:33:73:d8:b9:f8:75:15:ce:95:74:7b:8a: 3b:13:7a:8d:ba:21:d4:3e:db:c9:e8:27:00:7c:0f: 5e:20:ab:67:72:b0:82:20:d1:2c:fa:dd:7e:5f:6e: 2d:37:3a:d2:5e:41:3d:1b:74:38:3e:55:d9:0a:eb: f8:fe:6e:59:ba:70:e7:1a:1c:6f:b5:58:3c:2b:8a: 80:84:14:9f:ec:69:33:3d:62:99:e4:15:f4:8d:a0: 1f:c7:41:d9:68:38:39:2d:8c:fc:74:1f:25:b1:b7: b4:84:00:79:62:d1:98:cb:ee:8c:e1:97:d9:eb:30: 36:d2:d5:81:a8:c5:4c:e5:5c:4b:22:11:11:b1:f0: 4f:e1:32:8c:63:b3:c2:43:2b:0a:4c:bd:58:2c:79: a0:52:e8:86:f2:72:5a:10:37:95:92:9c:2f:18:dd: 34:c4:2e:a2:21:87:86:df:3e:7e:62:3b:2c:d1:32: a3:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:45:97:5C:E8:02:85:3E:3D:ED:3B:E8:D2:CD:04:3D:7D:48:86:F3 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:f0:c7:24:4a:e0:dd:de:82:73:8c:48:f0:91:f2:c8:1e:b0: 1c:eb:af:af:1c:46:e0:8e:e0:61:fd:6e:9a:66:48:d0:34:89: 75:d9:1c:58:1e:c8:56:a7:f2:75:10:fd:38:51:f7:22:d0:e1: cf:d7:6f:1b:48:7c:75:41:88:ae:68:5f:9d:6e:40:20:69:83: 50:f7:5a:88:6c:b9:58:2e:4e:96:5c:5e:2d:a1:0e:f4:52:c4: 0e:e6:f9:b4:e3:a3:53:a9:76:3a:37:0e:75:58:60:2a:69:90: 98:d1:4b:82:af:64:2d:30:8a:87:91:35:9d:16:ce:1a:e4:bb: 65:da:1f:30:06:ef:f1:16:67:d7:a8:c8:53:b6:99:84:a0:32: 9e:f2:62:36:b4:65:80:20:1c:d5:7a:72:81:dc:3e:3e:82:78: d3:5f:67:e7:20:db:52:e6:6b:9e:8b:8b:b3:b4:18:61:2b:04: d0:73:d8:72:b1:ae:d9:be:a1:99:4d:57:b9:47:90:47:02:85: 6d:7c:1a:e8:3f:da:d6:5c:29:a4:67:5f:e0:00:c2:45:01:8e: f1:bb:67:b1:9e:84:08:85:d0:de:53:f6:e5:e7:01:4c:fc:48: 98:dd:03:05:1f:75:a8:62:72:4f:64:90:c5:b9:07:33:ab:f0: dc:a6:62:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwNzAyMTk1MDU1WhcNMjUwNzA5MTk1MDU1WjAYMRYwFAYD VQQDEw02ODY1OGQ5Zi04YTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt6AzuCOH89WpVQ1XeonCcviX85XoCpws5Gp73AvsSDrMyBajDlxEb7fEBecO Lu6MrZ8QbtzRMVpVgikX03m0LJjTrTRz7f10wBS7Ucgzc9i5+HUVzpV0e4o7E3qN uiHUPtvJ6CcAfA9eIKtncrCCINEs+t1+X24tNzrSXkE9G3Q4PlXZCuv4/m5ZunDn GhxvtVg8K4qAhBSf7GkzPWKZ5BX0jaAfx0HZaDg5LYz8dB8lsbe0hAB5YtGYy+6M 4ZfZ6zA20tWBqMVM5VxLIhERsfBP4TKMY7PCQysKTL1YLHmgUuiG8nJaEDeVkpwv GN00xC6iIYeG3z5+Yjss0TKjmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEpFl1zo AoU+Pe076NLNBD19SIbzMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA38MckSuDd3oJzjEjwkfLIHrAc66+vHEbgjuBh/W6aZkjQNIl12RxY HshWp/J1EP04Ufci0OHP128bSHx1QYiuaF+dbkAgaYNQ91qIbLlYLk6WXF4toQ70 UsQO5vm046NTqXY6Nw51WGAqaZCY0UuCr2QtMIqHkTWdFs4a5Ltl2h8wBu/xFmfX qMhTtpmEoDKe8mI2tGWAIBzVenKB3D4+gnjTX2fnINtS5muei4uztBhhKwTQc9hy sa7ZvqGZTVe5R5BHAoVtfBroP9rWXCmkZ1/gAMJFAY7xu2exnoQIhdDeU/bl5wFM /EiY3QMFH3WoYnJPZJDFuQczq/DcpmLG -----END CERTIFICATE-----Generated at Thu Jul 3 06:11:51 2025 by rpki-client