$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: VersEaM9rwUA8wR3oL4lXiWuhrhSPaT0pLtFYMG6GJQ= Subject key identifier: BA:5B:41:32:C9:62:02:2B:24:3A:A7:50:CC:28:CC:38:7D:FA:82:A4 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0AD9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0AB0 Signing time: Thu 04 Sep 2025 19:46:42 +0000 Manifest this update: Thu 04 Sep 2025 19:46:42 +0000 Manifest next update: Thu 11 Sep 2025 19:46:42 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: hCvkuEXfcEczRGfgSZ/uzqIWeoOr9DoXrhvvlnbwuGI=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: HTyyzc4XtgSz/IIMfSzZJ+tCNDi1E/skEpatmhSWJ4M=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: pnzNagfBV7JflMfDBvAJDWyy7ts19fn5YwbkxkgayA8=) 4: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: hhE8XmYwxey9Fv68RhRQXSH/5MjemozAt+vDJtNoqQU=) 5: C782AE14615911F08635B771C4F9AE02.roa (hash: MaO7vUeiFdOZPyehARwka9eV8U3aNvjxrHmSWVwidY8=) 6: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: uKI22TwxIQY9iFbcuULN7d8S3JosFyv3WIhvtX7yzyk=) 7: B24920940C6911EC90B57338C4F9AE02.roa (hash: 46zzXAJsoYLrd8w4NMQBrt4B+bpK+w9wRKgXWSkwTsI=) 8: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: 6TG7RmsvnGNbTnnGm7wGd69mXpkPkix9Q5ZbBmiNmUE=) 9: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: nQp6CVVIzkkqk2XECRH9BEijjawtFfwARhBhch9mLWM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 19:46:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2777 (0xad9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Sep 4 19:46:42 2025 GMT Not After : Sep 11 19:46:42 2025 GMT Subject: CN=68b9eca2-286f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a1:36:8e:45:8f:8b:f4:4a:d8:02:64:b2:18: 2b:47:50:8b:72:bc:65:00:3f:5d:78:f0:50:6d:c4: b1:4a:1e:c1:b0:9c:33:33:36:39:14:c1:2c:1a:63: 66:47:22:77:13:2f:d7:9f:6f:fb:fd:14:f3:4b:4a: d3:a8:8c:e0:33:e3:5a:37:03:d6:93:dd:e3:59:4a: a6:d8:65:b4:04:47:b0:63:41:40:56:2b:bc:e4:76: 63:3d:50:94:3c:80:aa:29:7d:d8:b0:fe:fc:a7:2f: b5:a4:3a:e7:92:db:c3:1c:ed:ce:03:c2:d6:4c:e1: a2:c2:cf:57:64:58:84:aa:84:2d:90:43:13:78:88: 4d:43:65:a4:a4:91:82:4e:15:e6:87:47:49:5a:ba: 98:84:3c:aa:4b:7b:a2:1c:5d:b3:8e:7d:4d:e8:d2: 83:82:ec:14:c3:2a:0e:9d:9f:40:1a:2b:82:4a:37: 51:82:cd:ff:6c:ab:83:fc:71:12:a6:07:c9:5c:9c: 14:c4:92:41:17:6e:94:1a:4e:2a:dd:2b:92:de:3e: 2f:44:2a:8f:83:82:f3:3d:9d:cc:78:0e:4d:62:ff: 05:42:c3:ac:05:eb:d6:ef:b4:f7:68:17:52:ea:93: 03:34:0a:6b:41:3e:ee:08:60:c0:b0:27:35:3d:00: 6d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:5B:41:32:C9:62:02:2B:24:3A:A7:50:CC:28:CC:38:7D:FA:82:A4 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:37:c3:bc:08:25:5d:2c:7a:8b:f7:b0:46:bc:e6:00:a8:d9: cf:0d:af:07:a0:2f:1d:ae:bb:2f:8e:c9:f7:1a:ef:ae:65:61: e7:5e:fa:d7:48:44:7e:b2:b4:d4:9e:7e:1b:12:38:5f:6f:5b: c6:b8:9a:49:df:7b:89:3b:b1:e9:3f:18:fd:df:80:f3:77:0b: 87:a9:c4:f1:00:e0:4f:32:ac:e7:a9:dc:24:e2:47:68:c2:31: ed:ca:63:2f:bd:9b:b4:9b:75:9b:21:e0:de:29:64:98:79:42: 01:7f:b7:a7:da:3a:0e:4b:8b:c7:29:bb:e0:3b:85:3f:36:8e: 6e:c7:84:cf:c8:d1:40:4b:c6:63:46:94:d3:41:5f:91:27:d4: 05:08:75:ac:39:cd:5f:3b:64:8a:fe:a5:b1:1c:f3:8e:1d:2f: 80:b1:57:32:f2:cb:05:ba:46:46:9b:42:f6:62:7a:fb:4b:6f: 80:b2:36:8c:8c:67:ba:85:ba:64:92:43:33:cb:07:fc:7f:fa: 97:10:5c:39:61:b4:fb:f1:85:19:cc:71:e4:5d:c5:9c:de:78: 4e:fd:2f:d9:5c:8d:7b:f1:2e:54:19:2f:28:89:f8:fc:6e:71: ae:f6:1c:4d:a6:ce:e1:ad:09:a4:05:eb:39:f8:c9:d1:24:d7: 7c:da:95:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCtkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwOTA0MTk0NjQyWhcNMjUwOTExMTk0NjQyWjAYMRYwFAYD VQQDEw02OGI5ZWNhMi0yODZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA16E2jkWPi/RK2AJkshgrR1CLcrxlAD9dePBQbcSxSh7BsJwzMzY5FMEsGmNm RyJ3Ey/Xn2/7/RTzS0rTqIzgM+NaNwPWk93jWUqm2GW0BEewY0FAViu85HZjPVCU PICqKX3YsP78py+1pDrnktvDHO3OA8LWTOGiws9XZFiEqoQtkEMTeIhNQ2WkpJGC ThXmh0dJWrqYhDyqS3uiHF2zjn1N6NKDguwUwyoOnZ9AGiuCSjdRgs3/bKuD/HES pgfJXJwUxJJBF26UGk4q3SuS3j4vRCqPg4LzPZ3MeA5NYv8FQsOsBevW77T3aBdS 6pMDNAprQT7uCGDAsCc1PQBt3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLpbQTLJ YgIrJDqnUMwozDh9+oKkMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAlN8O8CCVdLHqL97BGvOYAqNnPDa8HoC8drrsvjsn3Gu+uZWHnXvrX SER+srTUnn4bEjhfb1vGuJpJ33uJO7HpPxj934DzdwuHqcTxAOBPMqznqdwk4kdo wjHtymMvvZu0m3WbIeDeKWSYeUIBf7en2joOS4vHKbvgO4U/No5ux4TPyNFAS8Zj RpTTQV+RJ9QFCHWsOc1fO2SK/qWxHPOOHS+AsVcy8ssFukZGm0L2Ynr7S2+AsjaM jGe6hbpkkkMzywf8f/qXEFw5YbT78YUZzHHkXcWc3nhO/S/ZXI178S5UGS8oifj8 bnGu9hxNps7hrQmkBes5+MnRJNd82pUq -----END CERTIFICATE-----Generated at Sat Sep 6 05:01:49 2025 by rpki-client