$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: QsOnthJTo+Sg7V8t+daMVs9jUysWPv4v1Q58CW1JzJo= Subject key identifier: 2E:C6:7C:7A:23:AC:63:E6:DD:7C:18:FF:04:49:93:64:EB:5F:22:7D Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0AD2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0AA9 Signing time: Fri 22 Aug 2025 19:42:34 +0000 Manifest this update: Fri 22 Aug 2025 19:42:33 +0000 Manifest next update: Fri 29 Aug 2025 19:42:33 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: mxWpTLRXmxmzskNNMIsQ+vSoOLrCmvDVtSpB0yKJV+Y=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: HTyyzc4XtgSz/IIMfSzZJ+tCNDi1E/skEpatmhSWJ4M=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: pnzNagfBV7JflMfDBvAJDWyy7ts19fn5YwbkxkgayA8=) 4: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: hhE8XmYwxey9Fv68RhRQXSH/5MjemozAt+vDJtNoqQU=) 5: C782AE14615911F08635B771C4F9AE02.roa (hash: MaO7vUeiFdOZPyehARwka9eV8U3aNvjxrHmSWVwidY8=) 6: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: uKI22TwxIQY9iFbcuULN7d8S3JosFyv3WIhvtX7yzyk=) 7: B24920940C6911EC90B57338C4F9AE02.roa (hash: 46zzXAJsoYLrd8w4NMQBrt4B+bpK+w9wRKgXWSkwTsI=) 8: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: 6TG7RmsvnGNbTnnGm7wGd69mXpkPkix9Q5ZbBmiNmUE=) 9: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: nQp6CVVIzkkqk2XECRH9BEijjawtFfwARhBhch9mLWM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:42:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2770 (0xad2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Aug 22 19:42:33 2025 GMT Not After : Aug 29 19:42:33 2025 GMT Subject: CN=68a8c829-9e35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a2:39:c2:2b:1f:83:62:42:6a:83:17:13:fd: d3:8d:ef:4a:67:bd:72:59:33:ff:f3:82:5b:2d:11: 16:e9:ba:42:b8:c7:99:ea:94:e8:f5:61:81:82:06: e7:aa:b6:55:48:da:93:e8:27:27:13:c7:b8:cc:d5: 7c:35:a6:82:3a:de:5c:e7:c9:55:d6:9a:18:d0:77: 2e:61:7e:5b:22:2a:7a:d2:e5:19:e9:ef:0c:0c:d3: 13:c7:21:1f:1a:1e:04:2f:53:19:50:6f:ca:81:be: 2b:65:ba:b7:36:5e:2c:1b:6b:7c:a2:7b:ef:39:bf: 0d:59:8d:7d:3b:6d:b8:93:09:e8:f4:42:ca:da:2b: 8d:70:17:bd:e6:14:f7:d9:05:f4:a9:a6:99:8f:49: 7f:51:4f:6e:37:14:b0:87:32:85:69:76:48:f5:d0: c5:ef:f5:33:e4:a6:4f:1a:2f:33:dc:5f:1f:1d:77: 73:8b:ee:ec:e9:71:9d:0b:59:cf:de:b8:84:47:81: 6a:6d:7d:ec:32:df:c3:9b:4c:4d:28:f7:c7:cd:50: 76:bc:86:63:9d:0f:07:50:30:2d:df:f1:71:b9:6e: 91:58:ea:37:35:bf:16:b0:1d:c1:12:31:ac:59:36: ae:8c:eb:c9:6a:7e:39:5c:9a:a6:17:db:b4:21:07: f1:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:C6:7C:7A:23:AC:63:E6:DD:7C:18:FF:04:49:93:64:EB:5F:22:7D X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:7d:c8:85:9b:a0:73:c6:8e:1a:cd:93:f0:93:65:48:08:f8: 79:72:66:b7:94:dc:56:36:36:21:70:99:84:94:8a:53:d1:4d: 76:31:35:ac:57:04:fd:61:47:e6:08:2e:0c:b7:05:ad:e3:25: 2e:ea:22:71:92:8a:60:1e:69:69:0b:05:1f:73:42:5e:32:63: 56:f5:f5:23:fa:47:44:81:48:67:cf:e2:c4:07:5f:bf:6d:8f: cf:ce:b9:29:d9:b4:8c:64:fd:22:c3:f3:5b:16:f0:7f:5a:bd: 6b:e3:44:8a:10:ca:f1:66:13:76:09:64:d0:7e:35:5d:03:23: 94:a8:e0:fd:ca:77:43:4b:c7:50:60:ad:8a:b9:93:8e:d4:f2: 66:b8:38:4a:20:f4:cc:eb:9c:1d:e7:de:f2:b5:97:b9:ed:40: e0:ce:34:1f:77:57:97:0c:c6:80:19:46:46:fe:13:7d:e6:e8: 1f:a0:12:37:71:07:d0:d6:25:f6:4d:da:c9:d1:39:81:16:f7: 63:09:09:6d:59:99:0b:ad:d8:b0:e0:de:73:d6:e3:8a:83:3a: 71:59:3f:00:49:4a:67:a9:13:e4:54:0a:21:4b:c4:7d:63:1f: 6b:7e:aa:6f:32:8f:76:ba:1a:10:2a:6d:6b:ac:09:3f:af:a6: 5b:a8:c4:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCtIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwODIyMTk0MjMzWhcNMjUwODI5MTk0MjMzWjAYMRYwFAYD VQQDEw02OGE4YzgyOS05ZTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaI5wisfg2JCaoMXE/3Tje9KZ71yWTP/84JbLREW6bpCuMeZ6pTo9WGBggbn qrZVSNqT6CcnE8e4zNV8NaaCOt5c58lV1poY0HcuYX5bIip60uUZ6e8MDNMTxyEf Gh4EL1MZUG/Kgb4rZbq3Nl4sG2t8onvvOb8NWY19O224kwno9ELK2iuNcBe95hT3 2QX0qaaZj0l/UU9uNxSwhzKFaXZI9dDF7/Uz5KZPGi8z3F8fHXdzi+7s6XGdC1nP 3riER4FqbX3sMt/Dm0xNKPfHzVB2vIZjnQ8HUDAt3/FxuW6RWOo3Nb8WsB3BEjGs WTaujOvJan45XJqmF9u0IQfxOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC7GfHoj rGPm3XwY/wRJk2TrXyJ9MB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8fciFm6Bzxo4azZPwk2VICPh5cma3lNxWNjYhcJmElIpT0U12MTWs VwT9YUfmCC4MtwWt4yUu6iJxkopgHmlpCwUfc0JeMmNW9fUj+kdEgUhnz+LEB1+/ bY/Pzrkp2bSMZP0iw/NbFvB/Wr1r40SKEMrxZhN2CWTQfjVdAyOUqOD9yndDS8dQ YK2KuZOO1PJmuDhKIPTM65wd597ytZe57UDgzjQfd1eXDMaAGUZG/hN95ugfoBI3 cQfQ1iX2TdrJ0TmBFvdjCQltWZkLrdiw4N5z1uOKgzpxWT8ASUpnqRPkVAohS8R9 Yx9rfqpvMo92uhoQKm1rrAk/r6ZbqMR5 -----END CERTIFICATE-----Generated at Sat Aug 23 20:25:33 2025 by rpki-client