$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: LaDzWIuWndAxvDxV+wmNpIdzKKvTaemP04BIUapZx64= Subject key identifier: B1:CA:CC:18:46:61:3F:6D:64:89:49:5F:7A:63:A8:27:9D:AB:B1:49 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0A80 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0A5F Signing time: Wed 02 Apr 2025 19:46:00 +0000 Manifest this update: Wed 02 Apr 2025 19:45:59 +0000 Manifest next update: Wed 09 Apr 2025 19:45:59 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: vsDE1viflpWHYZzM6RlkApWa3RPND7bS1n1/qBYoEAg=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: osiy8r5wOcZwc+hzXjUSDPKHDtxSKkSDsBR1kqJAjV4=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: UGiehiieQMG0h11m4WT8Sepc4lZpfmvaR3Wz1SUuF+k=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: Nuk6/U0PEEUTh4/Znumg3fhwPF24LqsvJENpm5HBvzI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: +xOv12aaFD+ElTkbMbM+GL6Nan/ResHUQv6dF6h2KxA=) 6: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: e8azGhGG7CmFQBeeb8o4Fwn7XSaKfDNPN3n+loBbFd4=) 7: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: EdbP6Ic3TKOXeBjm7GNDv83YO0G30y52gbvBzwhEMSM=) 8: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: nUOUleUTzrwDfXxPCbpeZJCMn5m+Z2Uvkn1+H8UcN1Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 19:45:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2688 (0xa80) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8 Validity Not Before: Apr 2 19:45:59 2025 GMT Not After : Apr 9 19:45:59 2025 GMT Subject: CN=67ed93f7-4dc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:23:74:f9:35:96:f8:ce:7d:2b:28:bd:4c:b4: 5e:c0:c6:29:0d:f8:b8:1e:f9:3a:99:3a:b5:2c:35: f6:85:79:79:6f:3b:dc:c6:79:1f:37:b9:cf:d6:56: 39:18:91:f8:c3:06:8c:0c:39:24:40:12:af:0d:20: 5e:3a:ff:fc:54:33:cd:3b:5a:46:8e:7d:c4:8a:5c: d4:39:30:9e:5a:53:a2:9c:e6:8a:d9:43:d8:a2:cb: 17:cf:94:a6:76:08:01:70:f3:a9:71:0c:7c:fb:4e: 68:80:c5:ed:ca:d5:6a:c0:a2:e5:57:54:c7:c0:6e: ba:9f:21:52:43:46:0c:33:96:bc:25:a9:76:3b:d9: 4b:f3:90:48:58:69:10:c5:7f:e3:ef:85:4e:30:c7: 11:60:3a:97:92:4a:64:43:1c:56:f6:f4:8c:7d:76: d3:95:4d:2f:cd:71:16:5e:1b:5f:6c:64:6d:c4:1c: 3c:c7:18:d4:6e:f4:56:50:69:7d:29:a0:a3:dd:83: f8:70:85:77:b7:ed:03:72:5d:59:64:99:ad:52:db: 65:22:2b:da:58:b9:c9:9d:f5:d9:87:9a:3e:dc:76: a0:70:9f:5e:88:0c:de:64:19:39:31:30:d5:10:71: 60:7f:2c:16:fa:c7:91:14:6f:e1:cb:1c:a8:14:64: 0f:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:CA:CC:18:46:61:3F:6D:64:89:49:5F:7A:63:A8:27:9D:AB:B1:49 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:00:3b:97:24:06:51:f0:04:89:16:76:2c:d2:19:bf:3f:5a: 63:2b:e0:d0:4e:92:de:88:28:da:82:27:83:1b:f3:d0:3f:5b: 51:e4:b8:d2:ba:61:e7:f2:21:82:de:91:a8:af:ca:ba:4a:5a: a1:d5:99:90:9b:7e:ea:a0:95:ea:23:50:76:5f:0a:f5:ea:22: 55:a9:69:a8:94:b7:5c:0b:75:1c:37:ba:11:db:b8:33:37:0c: 8b:19:49:37:2e:af:47:db:a6:fe:4a:94:18:4c:40:ea:b1:05: d2:21:5d:28:60:d5:27:b7:2d:82:73:e7:60:f2:b3:b3:83:c1: 5c:4f:c9:f5:a1:5e:f6:bf:a9:52:87:af:49:cb:8a:90:fe:37: 38:62:68:e1:b1:5d:71:bb:dd:34:bd:59:c6:4c:71:3f:23:2d: 11:76:c3:c9:30:59:fb:cb:26:69:17:5f:b0:4e:e1:33:87:50: 91:69:46:ce:f8:86:e8:15:ad:0f:41:6c:40:90:99:95:1b:c6: d0:bf:75:31:c2:0c:d8:3c:5c:de:b5:62:27:da:5a:00:a5:31: e6:aa:0b:91:f7:b4:82:bf:45:af:48:c0:c6:7d:c7:cd:f7:da: ec:e7:75:db:0a:99:fa:e7:a0:d0:b9:92:64:f0:d4:97:24:b3: b2:a2:75:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwNDAyMTk0NTU5WhcNMjUwNDA5MTk0NTU5WjAYMRYwFAYD VQQDEw02N2VkOTNmNy00ZGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7SN0+TWW+M59Kyi9TLRewMYpDfi4Hvk6mTq1LDX2hXl5bzvcxnkfN7nP1lY5 GJH4wwaMDDkkQBKvDSBeOv/8VDPNO1pGjn3EilzUOTCeWlOinOaK2UPYossXz5Sm dggBcPOpcQx8+05ogMXtytVqwKLlV1THwG66nyFSQ0YMM5a8Jal2O9lL85BIWGkQ xX/j74VOMMcRYDqXkkpkQxxW9vSMfXbTlU0vzXEWXhtfbGRtxBw8xxjUbvRWUGl9 KaCj3YP4cIV3t+0Dcl1ZZJmtUttlIivaWLnJnfXZh5o+3HagcJ9eiAzeZBk5MTDV EHFgfywW+seRFG/hyxyoFGQPqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLHKzBhG YT9tZIlJX3pjqCedq7FJMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhADuXJAZR8ASJFnYs0hm/P1pjK+DQTpLeiCjagieDG/PQP1tR5LjS umHn8iGC3pGor8q6Slqh1ZmQm37qoJXqI1B2Xwr16iJVqWmolLdcC3UcN7oR27gz NwyLGUk3Lq9H26b+SpQYTEDqsQXSIV0oYNUnty2Cc+dg8rOzg8FcT8n1oV72v6lS h69Jy4qQ/jc4YmjhsV1xu900vVnGTHE/Iy0RdsPJMFn7yyZpF1+wTuEzh1CRaUbO +IboFa0PQWxAkJmVG8bQv3UxwgzYPFzetWIn2loApTHmqguR97SCv0WvSMDGfcfN 99rs53XbCpn656DQuZJk8NSXJLOyonU5 -----END CERTIFICATE-----Generated at Fri Apr 4 18:29:14 2025 by rpki-client