$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: g59R/4uhUJ7eEyFP7udjzPXgCOCyAiCHLk3s/vLY1wQ= Subject key identifier: 21:07:56:21:8E:33:1B:CB:53:4C:01:30:CC:99:31:33:35:A3:25:47 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0AF0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0AC7 Signing time: Mon 20 Oct 2025 20:16:24 +0000 Manifest this update: Mon 20 Oct 2025 20:16:24 +0000 Manifest next update: Mon 27 Oct 2025 20:16:24 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: jjRTTNI5Nm2Mwdjji9RjmqZmiJUzWVxc+GyrwpE43Lk=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: HTyyzc4XtgSz/IIMfSzZJ+tCNDi1E/skEpatmhSWJ4M=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: pnzNagfBV7JflMfDBvAJDWyy7ts19fn5YwbkxkgayA8=) 4: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: hhE8XmYwxey9Fv68RhRQXSH/5MjemozAt+vDJtNoqQU=) 5: C782AE14615911F08635B771C4F9AE02.roa (hash: MaO7vUeiFdOZPyehARwka9eV8U3aNvjxrHmSWVwidY8=) 6: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: uKI22TwxIQY9iFbcuULN7d8S3JosFyv3WIhvtX7yzyk=) 7: B24920940C6911EC90B57338C4F9AE02.roa (hash: 46zzXAJsoYLrd8w4NMQBrt4B+bpK+w9wRKgXWSkwTsI=) 8: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: 6TG7RmsvnGNbTnnGm7wGd69mXpkPkix9Q5ZbBmiNmUE=) 9: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: nQp6CVVIzkkqk2XECRH9BEijjawtFfwARhBhch9mLWM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 20:16:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2800 (0xaf0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Oct 20 20:16:24 2025 GMT Not After : Oct 27 20:16:24 2025 GMT Subject: CN=68f69898-4fbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:2f:9c:2e:e8:15:0b:30:b2:13:85:76:82:34: a2:ab:e6:52:ea:ad:ae:83:e8:e1:e2:ae:76:1d:cb: 7d:05:a8:83:d3:16:11:7c:c6:18:72:58:a0:f5:3b: 11:03:c5:ee:02:b2:9b:b2:f5:b7:ba:b7:a8:ce:63: 96:84:18:a1:2f:75:07:b3:7d:70:8f:a7:c6:64:57: b8:8f:9f:ef:4d:20:c1:29:de:0c:0b:30:49:08:df: 9a:89:b7:c2:1e:69:4d:28:df:d9:da:04:c8:8b:3b: 4a:87:48:f6:ee:c5:82:4e:15:b8:a0:11:35:6a:38: 87:0d:91:ab:40:a9:22:95:b4:07:3e:89:49:01:11: 98:75:c6:51:69:d7:ad:76:28:b2:63:79:3a:d6:fd: db:6a:c1:6d:6c:c6:c5:da:80:19:28:91:be:0f:fc: f5:fb:4d:f2:df:2a:1e:eb:d9:39:c9:40:62:24:2e: f6:dd:4c:8a:c6:7f:69:d7:ca:d1:ee:d7:79:c4:e1: 56:c6:c1:48:6d:74:00:9d:9d:b7:27:dd:35:01:78: a0:a7:27:28:27:fb:79:d9:1e:d3:d8:97:3e:40:9b: b7:d7:7c:1c:b0:1e:eb:32:9e:a4:e0:73:98:03:9f: db:c3:a8:1c:82:81:a1:90:9f:4d:28:31:bc:12:fa: bc:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:07:56:21:8E:33:1B:CB:53:4C:01:30:CC:99:31:33:35:A3:25:47 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:c4:25:1a:05:cc:25:53:a5:ef:a7:1a:3f:54:cb:1b:d9:58: 51:04:13:b2:d7:ef:4f:7c:12:31:87:ea:96:1f:15:eb:8f:90: c1:63:c3:98:11:be:4a:51:43:68:98:8f:4a:3e:89:47:7f:1f: 95:e0:f9:4d:05:dd:a2:ec:0a:eb:ef:7c:d4:77:7d:c1:83:5b: 1c:64:b8:48:78:9c:f6:88:79:f0:4f:9d:3e:8f:a6:9e:dc:8f: 8c:c8:87:d9:4a:fb:4f:57:8d:34:d8:40:e0:a0:b6:9a:c6:10: 1a:8b:f4:c9:ad:30:3a:92:fc:24:e4:22:b0:12:b5:11:18:95: 43:42:ba:78:0a:77:09:10:63:41:93:a9:2b:9e:09:c4:4f:ea: c0:3d:36:58:a5:27:f1:e3:78:fa:64:2a:42:0e:c1:53:9b:cf: 3f:31:41:cc:af:2d:1d:e3:d4:d1:0a:a4:88:ba:c0:10:5b:95: 59:53:70:9e:dd:aa:ff:d4:5e:ee:23:d7:ae:72:3f:71:aa:2d: f8:88:58:96:55:24:9a:cc:fd:d9:8c:e9:51:3c:4f:2b:40:c5: 8a:e6:20:05:2d:40:61:c7:8f:81:be:b3:d9:03:9f:07:e9:2b: bf:04:70:61:a0:0b:8c:35:8a:6e:d9:b4:19:84:84:d1:24:eb: 8e:ef:ed:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUxMDIwMjAxNjI0WhcNMjUxMDI3MjAxNjI0WjAYMRYwFAYD VQQDEw02OGY2OTg5OC00ZmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyi+cLugVCzCyE4V2gjSiq+ZS6q2ug+jh4q52Hct9BaiD0xYRfMYYclig9TsR A8XuArKbsvW3ureozmOWhBihL3UHs31wj6fGZFe4j5/vTSDBKd4MCzBJCN+aibfC HmlNKN/Z2gTIiztKh0j27sWCThW4oBE1ajiHDZGrQKkilbQHPolJARGYdcZRadet diiyY3k61v3basFtbMbF2oAZKJG+D/z1+03y3yoe69k5yUBiJC723UyKxn9p18rR 7td5xOFWxsFIbXQAnZ23J901AXigpycoJ/t52R7T2Jc+QJu313wcsB7rMp6k4HOY A5/bw6gcgoGhkJ9NKDG8Evq8xwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCEHViGO MxvLU0wBMMyZMTM1oyVHMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgxCUaBcwlU6Xvpxo/VMsb2VhRBBOy1+9PfBIxh+qWHxXrj5DBY8OY Eb5KUUNomI9KPolHfx+V4PlNBd2i7Arr73zUd33Bg1scZLhIeJz2iHnwT50+j6ae 3I+MyIfZSvtPV4002EDgoLaaxhAai/TJrTA6kvwk5CKwErURGJVDQrp4CncJEGNB k6krngnET+rAPTZYpSfx43j6ZCpCDsFTm88/MUHMry0d49TRCqSIusAQW5VZU3Ce 3ar/1F7uI9eucj9xqi34iFiWVSSazP3ZjOlRPE8rQMWK5iAFLUBhx4+BvrPZA58H 6Su/BHBhoAuMNYpu2bQZhITRJOuO7+2k -----END CERTIFICATE-----Generated at Wed Oct 22 07:54:35 2025 by rpki-client