$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: +TdQVlVK/vCY3FOs+FBrr1g7+BICsfffMma1JOhgUMw= Subject key identifier: 64:2B:4D:18:26:01:DF:35:C8:23:2F:B9:AC:76:08:3F:12:25:8F:85 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0A8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0A6C Signing time: Mon 28 Apr 2025 20:04:25 +0000 Manifest this update: Mon 28 Apr 2025 20:04:24 +0000 Manifest next update: Mon 05 May 2025 20:04:24 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: 54SVYrJJJZyQ3Gie1zfd1pMWMtfJKFYyX80J/UQAAtw=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: osiy8r5wOcZwc+hzXjUSDPKHDtxSKkSDsBR1kqJAjV4=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: UGiehiieQMG0h11m4WT8Sepc4lZpfmvaR3Wz1SUuF+k=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: Nuk6/U0PEEUTh4/Znumg3fhwPF24LqsvJENpm5HBvzI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: +xOv12aaFD+ElTkbMbM+GL6Nan/ResHUQv6dF6h2KxA=) 6: D94C07CAF5B211EFBD3CA23FC4F9AE02.roa (hash: e8azGhGG7CmFQBeeb8o4Fwn7XSaKfDNPN3n+loBbFd4=) 7: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: EdbP6Ic3TKOXeBjm7GNDv83YO0G30y52gbvBzwhEMSM=) 8: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: nUOUleUTzrwDfXxPCbpeZJCMn5m+Z2Uvkn1+H8UcN1Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 20:04:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2701 (0xa8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Apr 28 20:04:24 2025 GMT Not After : May 5 20:04:24 2025 GMT Subject: CN=680fdf48-9fc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:40:b3:05:24:19:9f:ca:6b:8b:c0:b6:f3:00: 9c:b9:06:9d:ff:97:b9:c0:54:15:43:7b:e2:e3:aa: 64:3e:27:9f:91:25:aa:dd:b9:3e:dc:22:07:5a:19: 9c:8f:81:fe:a2:9f:61:9b:ee:b7:47:62:84:ca:de: bc:f5:a8:d8:64:e5:bf:11:b9:4c:00:f7:6c:e8:4b: 33:e3:00:33:9b:2c:11:f9:c2:0a:02:d2:23:b9:16: 30:27:6f:be:69:90:91:e4:5a:c5:20:24:00:c0:62: 80:60:b4:3a:c2:52:f9:c7:fb:53:1f:c5:2a:73:19: 42:bb:3d:65:86:46:c1:1e:0b:a8:6e:c6:d7:8a:b7: fe:0d:97:25:72:15:6f:99:06:4a:c5:4c:e2:08:e3: 24:66:82:59:01:b9:9d:74:00:66:f2:d0:e6:08:8e: 63:1d:05:26:1e:cb:67:eb:55:9c:85:51:b6:fb:de: 5b:6b:7f:3d:10:56:d9:55:4e:a7:d7:ec:0a:57:8f: a5:a9:c3:a6:e1:78:6e:3a:d7:3f:de:2a:53:7a:ce: 92:37:f2:ba:ee:eb:0a:21:d8:ca:ba:42:36:ba:75: 29:15:3d:e1:65:22:c0:1e:dc:66:5d:fb:81:b4:4b: f5:cb:01:2e:d4:38:5b:12:6e:89:d9:64:94:34:02: 64:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:2B:4D:18:26:01:DF:35:C8:23:2F:B9:AC:76:08:3F:12:25:8F:85 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:e9:d2:7c:a8:7e:20:65:07:06:f8:9a:c5:48:22:97:c0:62: 68:6e:95:47:46:fd:dd:ce:b6:ea:5f:60:79:e8:7d:d9:11:cd: 1d:d1:f4:68:00:57:80:95:b3:98:f2:33:0d:fc:77:a6:3f:89: 54:a8:24:77:d4:d2:67:18:39:c0:c5:e4:f9:c6:fc:dc:6d:81: 72:e8:4e:09:87:4c:6a:3a:88:7a:c1:dc:91:bf:7d:a9:8e:94: a6:56:20:b5:c5:9c:37:65:74:b3:49:26:91:df:3a:62:66:fc: a7:48:14:be:92:d9:02:fb:24:8f:47:56:77:3c:7a:8d:7e:1d: 53:49:18:90:c2:c9:33:a8:a0:76:15:e3:55:71:b5:98:7a:8b: 7d:29:a4:9c:86:1e:56:8c:d5:ea:3c:dd:b0:28:60:6a:c9:91: b8:47:7d:83:44:d2:95:ca:6f:01:32:15:fc:13:9d:69:65:98: de:e5:b7:59:e8:4d:d3:7f:d3:46:45:ac:e8:c9:95:7c:91:6b: 2f:ea:d2:1c:9a:4d:c8:0c:d1:9f:f6:f6:8c:33:9f:9a:e9:bd: 4c:fb:6a:e1:15:44:f8:07:cc:46:2d:54:ca:de:ef:ff:76:c7: f6:9c:2b:46:3b:72:ac:47:61:0a:d5:2c:73:bf:aa:6d:b4:59: ae:f0:5c:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjUwNDI4MjAwNDI0WhcNMjUwNTA1MjAwNDI0WjAYMRYwFAYD VQQDEw02ODBmZGY0OC05ZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7kCzBSQZn8pri8C28wCcuQad/5e5wFQVQ3vi46pkPiefkSWq3bk+3CIHWhmc j4H+op9hm+63R2KEyt689ajYZOW/EblMAPds6Esz4wAzmywR+cIKAtIjuRYwJ2++ aZCR5FrFICQAwGKAYLQ6wlL5x/tTH8UqcxlCuz1lhkbBHguobsbXirf+DZclchVv mQZKxUziCOMkZoJZAbmddABm8tDmCI5jHQUmHstn61WchVG2+95ba389EFbZVU6n 1+wKV4+lqcOm4XhuOtc/3ipTes6SN/K67usKIdjKukI2unUpFT3hZSLAHtxmXfuB tEv1ywEu1DhbEm6J2WSUNAJkfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGQrTRgm Ad81yCMvuax2CD8SJY+FMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCH6dJ8qH4gZQcG+JrFSCKXwGJobpVHRv3dzrbqX2B56H3ZEc0d0fRo AFeAlbOY8jMN/HemP4lUqCR31NJnGDnAxeT5xvzcbYFy6E4Jh0xqOoh6wdyRv32p jpSmViC1xZw3ZXSzSSaR3zpiZvynSBS+ktkC+ySPR1Z3PHqNfh1TSRiQwskzqKB2 FeNVcbWYeot9KaSchh5WjNXqPN2wKGBqyZG4R32DRNKVym8BMhX8E51pZZje5bdZ 6E3Tf9NGRazoyZV8kWsv6tIcmk3IDNGf9vaMM5+a6b1M+2rhFUT4B8xGLVTK3u// dsf2nCtGO3KsR2EK1Sxzv6pttFmu8FzB -----END CERTIFICATE-----Generated at Mon Apr 28 23:05:31 2025 by rpki-client on console.sobornost.net