$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: 5HHyo8I1HwRbwKZ9vU1XTLAecjCzp6R1+gdLTGavNDA= Subject key identifier: 2C:53:20:86:E9:68:F7:05:88:AC:A6:8F:60:90:54:D7:83:F1:40:64 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0AA5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0A7D Signing time: Fri 30 May 2025 19:50:55 +0000 Manifest this update: Fri 30 May 2025 19:50:55 +0000 Manifest next update: Fri 06 Jun 2025 19:50:55 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: e9LzH/T3DaOxlJKpu1LKYM+e6WZ2QGeaixlP2AUi7xU=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: HTyyzc4XtgSz/IIMfSzZJ+tCNDi1E/skEpatmhSWJ4M=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: pnzNagfBV7JflMfDBvAJDWyy7ts19fn5YwbkxkgayA8=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: 46zzXAJsoYLrd8w4NMQBrt4B+bpK+w9wRKgXWSkwTsI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: uKI22TwxIQY9iFbcuULN7d8S3JosFyv3WIhvtX7yzyk=) 6: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: nQp6CVVIzkkqk2XECRH9BEijjawtFfwARhBhch9mLWM=) 7: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: 6TG7RmsvnGNbTnnGm7wGd69mXpkPkix9Q5ZbBmiNmUE=) 8: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: hhE8XmYwxey9Fv68RhRQXSH/5MjemozAt+vDJtNoqQU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:50:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2725 (0xaa5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: May 30 19:50:55 2025 GMT Not After : Jun 6 19:50:55 2025 GMT Subject: CN=683a0c1f-1370 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:c7:b1:7c:7f:ca:6d:33:4a:1c:3b:1b:77:4b: 3d:65:d1:c3:79:00:f1:c0:1e:ea:31:f5:9c:23:30: a8:e4:83:63:60:e7:61:80:c7:87:5f:8c:ed:01:43: b7:9f:04:94:9b:3b:20:dc:2a:8b:a3:73:ff:b6:50: 65:03:5c:d1:24:ed:5a:f4:55:89:02:47:2a:f2:77: 39:43:32:70:72:21:1a:cb:14:c0:ce:bc:7f:8f:77: 91:f0:d4:bb:42:58:6b:ff:95:a3:70:9b:9b:77:2d: 80:05:a2:f8:9c:89:8b:92:bb:64:ad:fc:26:6a:f1: 09:1a:4d:ba:70:3a:95:0a:dd:e3:24:86:e7:97:97: ce:4b:76:69:cd:ef:03:22:2f:da:d5:1e:a0:9e:36: a4:f1:12:3b:65:8f:15:74:bf:5d:ef:d6:72:fb:a4: d3:29:a1:ff:a6:88:14:01:9c:75:a0:17:4c:e7:45: b9:39:78:35:7a:13:90:0d:fc:99:1f:f3:57:58:ae: 80:41:e8:f1:65:e7:fc:b5:43:b1:a4:c9:d5:df:f7: c9:84:eb:49:e6:82:fd:a5:19:70:2d:11:c3:79:cc: 86:9c:cf:ce:74:49:b0:8d:e1:15:5c:43:f5:5d:10: d9:5e:af:e6:c3:32:33:73:6a:6e:96:3a:bd:2f:9c: f6:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:53:20:86:E9:68:F7:05:88:AC:A6:8F:60:90:54:D7:83:F1:40:64 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:ac:5f:16:02:fa:b8:30:dd:5c:5c:6f:ba:14:14:33:d5:72: e8:8e:fe:f2:cf:c6:74:58:1d:72:d7:19:60:f6:17:24:84:5d: 27:9a:fd:9c:61:da:f1:4e:90:95:0c:75:91:97:37:f2:4f:42: 93:2f:e3:93:93:8f:d7:cd:cd:ab:00:2d:76:52:bb:3a:fb:c5: 5e:da:c6:1f:6d:68:a5:71:2c:2c:7d:55:8a:f4:bf:16:2d:b2: 8a:e6:18:95:d3:2d:a7:ac:83:c1:ee:da:09:48:98:6d:a5:89: 11:00:f4:80:66:0f:15:d4:b0:1a:a7:a2:5e:ce:70:55:5b:9f: d7:35:f5:2b:0d:54:a1:cb:1b:b9:fb:48:e8:32:0e:c8:03:43: cf:25:16:40:d4:34:6d:37:c8:47:3f:1d:8e:de:7f:0f:21:ce: 58:2c:77:7f:91:2c:de:ce:ea:f1:4f:a1:aa:2f:d3:13:b8:6a: 59:5e:83:fb:6b:15:e7:3b:cb:05:8b:ef:16:e5:87:c2:84:cc: bc:67:a6:25:33:bb:5c:dd:1a:67:6f:67:10:58:26:a5:e5:b1: 49:3b:c5:ae:9d:3d:90:5a:39:b6:46:4f:21:2b:ca:5d:65:f9: 95:8d:f1:88:6a:d1:db:93:9b:24:3a:89:c4:fe:25:72:c8:a8: 88:6e:a4:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwNTMwMTk1MDU1WhcNMjUwNjA2MTk1MDU1WjAYMRYwFAYD VQQDEw02ODNhMGMxZi0xMzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA18exfH/KbTNKHDsbd0s9ZdHDeQDxwB7qMfWcIzCo5INjYOdhgMeHX4ztAUO3 nwSUmzsg3CqLo3P/tlBlA1zRJO1a9FWJAkcq8nc5QzJwciEayxTAzrx/j3eR8NS7 Qlhr/5WjcJubdy2ABaL4nImLkrtkrfwmavEJGk26cDqVCt3jJIbnl5fOS3Zpze8D Ii/a1R6gnjak8RI7ZY8VdL9d79Zy+6TTKaH/pogUAZx1oBdM50W5OXg1ehOQDfyZ H/NXWK6AQejxZef8tUOxpMnV3/fJhOtJ5oL9pRlwLRHDecyGnM/OdEmwjeEVXEP1 XRDZXq/mwzIzc2puljq9L5z2ewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCxTIIbp aPcFiKymj2CQVNeD8UBkMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLrF8WAvq4MN1cXG+6FBQz1XLojv7yz8Z0WB1y1xlg9hckhF0nmv2c YdrxTpCVDHWRlzfyT0KTL+OTk4/Xzc2rAC12Urs6+8Ve2sYfbWilcSwsfVWK9L8W LbKK5hiV0y2nrIPB7toJSJhtpYkRAPSAZg8V1LAap6JeznBVW5/XNfUrDVShyxu5 +0joMg7IA0PPJRZA1DRtN8hHPx2O3n8PIc5YLHd/kSzezurxT6GqL9MTuGpZXoP7 axXnO8sFi+8W5YfChMy8Z6YlM7tc3Rpnb2cQWCal5bFJO8WunT2QWjm2Rk8hK8pd ZfmVjfGIatHbk5skOonE/iVyyKiIbqQC -----END CERTIFICATE-----Generated at Sat May 31 17:39:10 2025 by rpki-client