$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: LhjtFxlYLQ7JmzLrCwCj2+8ButsbiadA2yLKBdcJNZY= Subject key identifier: 3A:D3:16:03:19:FE:7A:9D:3D:DC:A7:15:14:5C:06:6F:FB:C7:5B:E7 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 368404A552FF7CAC7EC9CB83B28833B5444D5124 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05F9 Signing time: Fri 17 Apr 2026 00:12:07 +0000 Manifest this update: Fri 17 Apr 2026 00:12:07 +0000 Manifest next update: Tue 21 Apr 2026 00:12:07 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: fBr0FJZHirFcH3ag+GYmmqFTeajRM7HzkuaR2bLGrqU=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 00:12:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:84:04:a5:52:ff:7c:ac:7e:c9:cb:83:b2:88:33:b5:44:4d:51:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 17 00:12:07 2026 GMT Not After : Apr 21 00:12:07 2026 GMT Subject: serialNumber=a79181be7a02883d1b59a7e95d487995f84bc83bf5b12c3d69828acd3e1d9bcb, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:cb:98:21:46:8d:de:78:aa:33:6b:db:40:bf: 76:a3:c9:21:2d:30:20:a7:ef:5f:b2:5d:e9:6d:64: 34:9e:06:7d:ed:6d:13:a7:1d:a0:af:f3:b9:49:ea: 80:64:6a:19:5e:28:56:19:69:f6:69:26:7a:df:30: 2a:a2:e1:78:4d:92:6d:f8:9b:17:d0:49:81:bc:b5: c3:c6:f5:60:35:e3:c3:71:24:af:01:4d:61:36:e0: 52:97:3f:c3:7a:73:26:f2:80:f8:9e:7b:e3:c0:1f: e3:12:31:9d:6e:65:a2:b1:da:91:8f:13:59:af:42: b7:1b:fc:c6:57:92:0f:c3:2e:bd:63:83:02:79:fe: c8:e1:01:1a:d2:0d:d6:48:83:ae:ff:c1:fe:c8:0d: e4:ed:ac:d6:87:bf:98:1e:95:bc:59:d0:e1:07:61: e8:37:23:f0:7e:ee:6a:13:28:62:a8:fc:47:a5:af: 33:bc:2f:52:62:43:77:c5:b1:c1:7c:35:f0:b5:25: b0:e0:c1:cd:13:18:4e:4f:11:7e:d1:e8:29:c6:36: 0a:39:6f:3b:a8:b3:9f:98:75:95:4b:33:47:e8:92: aa:bd:fe:29:5e:bd:f7:89:7b:24:ae:5c:ca:7b:93: ce:c6:97:4c:af:53:8a:53:d3:98:37:84:31:45:ff: 94:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:D3:16:03:19:FE:7A:9D:3D:DC:A7:15:14:5C:06:6F:FB:C7:5B:E7 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:fb:86:e9:ad:59:7e:67:10:da:93:3f:bc:3b:66:1f:da:02: b0:e9:89:9f:26:bb:8e:29:f8:a0:13:65:84:97:9c:d1:52:34: 3d:2a:b9:4e:b4:e4:0f:ef:cd:cf:b3:83:ff:2d:5d:7f:cc:07: bc:6a:7b:e2:0c:8a:e3:fe:e1:ec:e6:5d:09:d2:47:a3:be:3d: 0f:c2:b5:49:98:8c:2e:c6:79:d0:15:7f:1c:a0:60:c4:61:e9: 56:ba:95:10:53:aa:b9:d8:2b:c4:d4:01:53:54:23:26:73:09: 32:a8:bb:91:3b:00:80:ae:4d:a4:d4:d2:43:89:91:2a:f9:04: 05:69:ee:63:9e:b8:45:79:bf:53:ad:68:84:1b:3a:e6:06:0a: b3:b7:ad:60:62:29:82:be:88:c0:9c:fb:df:fb:a6:95:8a:33: 65:97:b5:6b:db:d3:fd:d6:c7:93:7c:fa:a4:df:df:35:98:d3: bb:d7:09:0a:ae:a7:5e:6c:22:60:d4:f5:e2:9f:72:8e:63:89: 69:b3:27:2a:c4:f8:26:b3:f0:6f:e8:08:ef:d3:bc:d8:e2:72: 05:2d:3b:aa:97:fc:13:06:79:c5:dc:bf:28:f1:5e:4e:b5:fb: 6f:27:83:8d:c9:be:0e:dc:11:a1:1d:44:78:90:bf:63:38:5e: 72:5b:f9:9b -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUNoQEpVL/fKx+ycuDsogztURNUSQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDQxNzAwMTIwN1oX DTI2MDQyMTAwMTIwN1owejFJMEcGA1UEBRNAYTc5MTgxYmU3YTAyODgzZDFiNTlh N2U5NWQ0ODc5OTVmODRiYzgzYmY1YjEyYzNkNjk4MjhhY2QzZTFkOWJjYjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMuYIUaN3niqM2vbQL92o8khLTAg p+9fsl3pbWQ0ngZ97W0Tpx2gr/O5SeqAZGoZXihWGWn2aSZ63zAqouF4TZJt+JsX 0EmBvLXDxvVgNePDcSSvAU1hNuBSlz/DenMm8oD4nnvjwB/jEjGdbmWisdqRjxNZ r0K3G/zGV5IPwy69Y4MCef7I4QEa0g3WSIOu/8H+yA3k7azWh7+YHpW8WdDhB2Ho NyPwfu5qEyhiqPxHpa8zvC9SYkN3xbHBfDXwtSWw4MHNExhOTxF+0egpxjYKOW87 qLOfmHWVSzNH6JKqvf4pXr33iXskrlzKe5POxpdMr1OKU9OYN4QxRf+UIQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFDrTFgMZ/nqdPdynFRRcBm/7x1vnMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAEP7humtWX5nENqTP7w7Zh/aArDpiZ8m u44p+KATZYSXnNFSND0quU605A/vzc+zg/8tXX/MB7xqe+IMiuP+4ezmXQnSR6O+ PQ/CtUmYjC7GedAVfxygYMRh6Va6lRBTqrnYK8TUAVNUIyZzCTKou5E7AICuTaTU 0kOJkSr5BAVp7mOeuEV5v1OtaIQbOuYGCrO3rWBiKYK+iMCc+9/7ppWKM2WXtWvb 0/3Wx5N8+qTf3zWY07vXCQqup15sImDU9eKfco5jiWmzJyrE+Caz8G/oCO/TvNji cgUtO6qX/BMGecXcvyjxXk61+28ng43Jvg7cEaEdRHiQv2M4XnJb+Zs= -----END CERTIFICATE-----Generated at Fri Apr 17 06:05:26 2026 by rpki-client