$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: AkAZr6dVX+l+jdvCJPhmI2RG/6KjR65sKAoFTLQt6Xk= Subject key identifier: CE:78:F0:13:63:1E:A7:C7:5E:31:C7:A2:C4:54:BD:95:EF:15:8B:9B Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 5C573534044A127A45CAEFE76110795FCFB91CA5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 04F5 Signing time: Mon 04 Aug 2025 00:51:00 +0000 Manifest this update: Mon 04 Aug 2025 00:51:00 +0000 Manifest next update: Fri 08 Aug 2025 00:51:00 +0000 Files and hashes: 1: 0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa (hash: b/i/s0AvV8fOlGqeT19SrGGpoOQM7iLVVlb9S5vqlO4=) 2: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: fo0bc+/zJ0OI3hK9FkWs0DcraScmVsZotuGlgIORZSY=) 3: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: fq/1/lAjE0At0TOKKfk0EpjGilZuMgSq75atpaMxDVA=) 4: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: 4Ft1XsWB/byv1JDDa2f9EgosRJBjRvrlyTbjPgtifQI=) 5: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (hash: b8+i88IJY6buKvpLALdKicSTgUWm0/AqrF4NrW1AiEg=) 6: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: fETUbKY+RD96BbxsXAfAiGaDWB2jsZUhDvXgLfPGlFU=) 7: 6982f3ac-c7ae-423c-a028-517d7541d973.roa (hash: g4RFBdr8RDCAoQ4TYjRSUf63E3aYT4/8kDlIFEDDVH8=) 8: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: debWm3i8TxmMdTOthG41rvQYO3ngTHRoFh3p/PeIoCo=) 9: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: VLK1Slk4sk4kyjVWsEzazHy2jCsMG5RGcwfQjAiwLVA=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:51:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:57:35:34:04:4a:12:7a:45:ca:ef:e7:61:10:79:5f:cf:b9:1c:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Aug 4 00:51:00 2025 GMT Not After : Aug 8 00:51:00 2025 GMT Subject: serialNumber=368ca8d34d55bfa32a5785432d36e463bc870c9114d138d1c035d95ba0351f8e, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:d3:f2:80:df:cf:c8:ab:72:88:e8:72:98:2e: c3:6a:20:20:43:eb:54:54:68:00:2c:5c:b3:37:7c: 34:2c:4e:b6:61:3e:b8:0b:14:eb:80:f9:5c:dc:26: ab:b1:55:b7:15:ab:4f:26:53:61:a7:c5:63:30:d3: 82:7f:4c:4f:e0:8c:65:06:db:af:29:59:57:b3:a7: ee:67:22:40:67:1f:d3:b5:e4:dc:ee:65:cb:92:95: 23:72:55:ea:31:81:ff:f3:15:d6:b5:f1:ca:9e:b3: 72:6f:ed:da:e6:a8:e8:cc:36:32:55:c3:d8:cb:49: d0:81:6b:d7:37:32:cd:60:39:ce:a0:7c:43:7c:6c: 38:d0:c0:3e:40:09:c6:cc:56:d8:10:ef:6d:b9:f0: ed:83:d6:55:6b:5b:8a:e6:bd:bd:13:18:92:3e:a8: bb:a1:47:ea:d2:3f:8c:de:25:c1:5c:b0:a0:e3:42: c8:47:d4:78:c1:9f:17:0f:4f:f1:9f:6d:b3:dc:93: 97:b3:11:c5:5e:86:0c:07:86:00:ff:99:5b:59:91: 03:d7:b1:e2:3b:46:c9:d6:86:3e:03:5b:e4:26:f1: 43:05:dd:cb:17:7c:48:9f:70:6d:8a:6e:5b:48:fc: fa:ad:e3:07:3d:5d:09:b8:03:fa:1c:ee:fe:4f:ed: 37:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:78:F0:13:63:1E:A7:C7:5E:31:C7:A2:C4:54:BD:95:EF:15:8B:9B X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:61:76:aa:51:bc:15:ba:bc:89:f9:d9:e1:55:5c:78:88:14: 84:28:29:b8:2b:fe:cf:97:14:7b:94:e8:35:72:7d:dc:9f:d9: 7f:73:94:6b:19:bf:3f:31:95:58:d7:96:6d:1b:76:5f:78:96: 05:23:37:c7:e2:01:a2:2d:93:06:b1:04:36:38:67:b7:95:bf: 52:2a:e8:3a:d8:df:81:3b:1a:3a:4b:ad:f2:61:ec:1b:89:84: 1c:cd:f9:45:d3:2d:88:4a:c5:86:25:cd:04:33:74:8b:fe:26: 90:ee:57:bf:12:11:99:8e:66:aa:27:f7:e2:3f:f6:e1:44:8b: 35:e2:b4:f8:cc:05:71:f8:c9:af:65:ef:32:c2:cf:6d:ad:93: 71:6b:7c:95:f6:ff:a4:0b:ea:62:66:4a:48:59:4a:f5:8f:34: be:06:2c:cf:99:75:9c:67:67:13:89:8c:6f:ed:a2:09:f1:db: 9d:1e:6f:85:93:f1:b5:68:ab:82:e6:e8:b8:50:83:22:69:c5: f4:96:59:cc:20:a9:ae:65:cb:d1:44:41:db:06:78:dd:ca:eb: 45:61:70:5f:6d:70:f3:90:e1:39:30:35:c6:0d:c9:eb:db:e9: 3b:cd:57:b7:73:b6:e5:45:e7:8f:5c:9b:7a:cf:1f:e6:99:10: df:ce:9b:4d -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUXFc1NARKEnpFyu/nYRB5X8+5HKUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDgwNDAwNTEwMFoX DTI1MDgwODAwNTEwMFowejFJMEcGA1UEBRNAMzY4Y2E4ZDM0ZDU1YmZhMzJhNTc4 NTQzMmQzNmU0NjNiYzg3MGM5MTE0ZDEzOGQxYzAzNWQ5NWJhMDM1MWY4ZTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNPygN/PyKtyiOhymC7DaiAgQ+tU VGgALFyzN3w0LE62YT64CxTrgPlc3CarsVW3FatPJlNhp8VjMNOCf0xP4IxlBtuv KVlXs6fuZyJAZx/TteTc7mXLkpUjclXqMYH/8xXWtfHKnrNyb+3a5qjozDYyVcPY y0nQgWvXNzLNYDnOoHxDfGw40MA+QAnGzFbYEO9tufDtg9ZVa1uK5r29ExiSPqi7 oUfq0j+M3iXBXLCg40LIR9R4wZ8XD0/xn22z3JOXsxHFXoYMB4YA/5lbWZED17Hi O0bJ1oY+A1vkJvFDBd3LF3xIn3Btim5bSPz6reMHPV0JuAP6HO7+T+034wIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFM548BNjHqfHXjHHosRUvZXvFYubMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAHBhdqpRvBW6vIn52eFVXHiIFIQoKbgr /s+XFHuU6DVyfdyf2X9zlGsZvz8xlVjXlm0bdl94lgUjN8fiAaItkwaxBDY4Z7eV v1Iq6DrY34E7GjpLrfJh7BuJhBzN+UXTLYhKxYYlzQQzdIv+JpDuV78SEZmOZqon 9+I/9uFEizXitPjMBXH4ya9l7zLCz22tk3FrfJX2/6QL6mJmSkhZSvWPNL4GLM+Z dZxnZxOJjG/tognx250eb4WT8bVoq4Lm6LhQgyJpxfSWWcwgqa5ly9FEQdsGeN3K 60VhcF9tcPOQ4TkwNcYNyevb6TvNV7dztuVF549cm3rPH+aZEN/Om00= -----END CERTIFICATE-----Generated at Mon Aug 4 11:01:34 2025 by rpki-client