$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: 9pAoxOmI+Vny1qcQhUgzyeXQ99phDzCo2MfIb3VPB6E= Subject key identifier: AE:71:63:A0:18:4D:E7:A8:31:E7:B0:96:36:BB:8A:44:66:C2:5D:51 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 456599FB2C963D558BC2CF53A9B7E19F22091E69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 04C0 Signing time: Sat 14 Jun 2025 00:00:43 +0000 Manifest this update: Sat 14 Jun 2025 00:00:43 +0000 Manifest next update: Wed 18 Jun 2025 00:00:43 +0000 Files and hashes: 1: 0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa (hash: ie2o42aSKCyNP9ZTI7XVt3/jAd6pVFmZLYciu0GTo44=) 2: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: f8M8bGDZ/Hm+vAGKWXeZuo/DMVlffr955xt4SZ7OV3U=) 3: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: +LzVgL5yEjod9LZPg1MR/BXJI5ka7btRTQXKRa2t5J4=) 4: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: qXXEdeNpJnbmALkEwpslGjOpbxtjS7x0JpvBJQCUBmM=) 5: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (hash: F5hKqKTHPcXnLrPQKABZPfxyPw5XI4b6/R5dMYHO+qk=) 6: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: M0GrvXOE20uhKuyeVVUTHSV0Sp/NNw7IvIGk1QmX7es=) 7: 6982f3ac-c7ae-423c-a028-517d7541d973.roa (hash: O+f4fPRok5OcjlFoUBcYV4odcShUcF5ITkb1wQw8WQ8=) 8: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: XYrP3JzpiwlerGjCAvRn6JBEt/Vx6ALc20coGmCve4I=) 9: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: Lw4NhEY37CFACIw2dZIVFtI2XJWnZliiPF6u/ul/9WI=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:65:99:fb:2c:96:3d:55:8b:c2:cf:53:a9:b7:e1:9f:22:09:1e:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jun 14 00:00:43 2025 GMT Not After : Jun 18 00:00:43 2025 GMT Subject: serialNumber=2c9c153b83236363266b101a45c5b862e831acd3fb532e0a0548235c327d8d92, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:11:4a:f8:5a:88:ec:d5:56:6c:e9:0d:f5:b3: 69:80:58:09:31:9c:e2:2a:96:ba:39:8e:a3:42:f7: f1:e6:8b:ad:ca:90:80:be:77:22:27:75:8b:09:7d: 27:2d:4c:87:2a:f3:21:52:e5:cb:6a:cf:32:db:5a: 5e:5d:e2:b3:fe:56:76:b3:92:e7:7b:16:0c:78:1c: 35:38:ca:f9:f1:9c:35:5e:50:dc:71:a2:ef:51:e9: 15:c2:68:07:cd:63:ff:93:71:31:62:22:0c:84:41: 2a:4d:f1:11:a6:f3:4c:f8:67:4a:18:e0:7c:89:8a: 3c:0c:c8:61:5a:42:a5:96:25:20:2f:a9:d1:8d:c4: 48:d5:19:68:11:31:25:3a:1d:8c:de:06:f5:eb:00: 17:e4:f5:64:94:84:a7:71:4e:ae:04:97:59:77:f0: 4d:ed:af:50:d3:77:29:05:de:ac:09:3d:97:62:b9: ec:f4:ab:7c:60:d3:b3:0a:1c:8f:e6:21:84:9a:fc: be:66:c1:48:2b:00:db:db:f0:a7:77:39:04:e4:46: ba:e4:70:74:5d:0a:73:b2:b6:16:b6:c5:a5:0b:f8: e1:43:e6:b9:62:78:e8:0d:2d:63:ba:02:87:f9:71: d3:17:b4:d5:79:59:01:b9:fb:f8:7d:b3:1c:17:76: 1d:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:71:63:A0:18:4D:E7:A8:31:E7:B0:96:36:BB:8A:44:66:C2:5D:51 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:1d:e8:35:18:ae:23:0c:ac:4b:01:5d:4f:a5:22:6b:e2:4a: ff:d9:3a:28:04:f4:4e:50:ba:3a:e1:eb:58:d1:53:42:d9:ec: a8:1a:d1:8c:8d:a7:e9:ed:6b:47:51:cc:ee:d6:95:a5:d1:95: c7:47:a4:4d:60:93:f6:08:7b:7a:97:85:e7:f4:5c:bf:6c:84: 06:36:a2:77:b2:75:0e:fc:67:75:91:b6:92:89:9c:89:6f:b0: aa:11:8c:d7:bf:8b:40:b9:a0:3c:9e:14:a0:b9:ae:a8:b7:6c: 97:45:19:43:7e:05:1b:96:a0:c1:70:84:9c:53:ef:f2:47:83: 9b:9d:71:35:a8:e7:b9:a7:48:d6:f2:8b:b5:d6:ad:d4:ca:7e: f4:ca:bd:d8:89:a0:c0:fb:ea:79:83:03:7a:4f:44:90:f4:6e: ba:bb:31:b7:96:f5:1b:aa:cf:c1:b8:fa:58:44:7e:5d:96:2f: 1d:44:62:9b:53:84:c4:18:b1:1c:12:4f:bb:51:64:e1:74:95: 28:4a:8d:c8:07:b8:d5:6c:6b:22:3a:cd:56:aa:09:d1:55:be: 24:ad:6a:bf:27:a4:35:d9:a9:83:00:60:da:f5:e8:3b:8f:80: 7a:3b:3f:59:cb:6c:84:cc:15:3b:56:cd:01:0b:f2:da:f3:5a: 34:ea:67:2d -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIURWWZ+yyWPVWLws9TqbfhnyIJHmkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDYxNDAwMDA0M1oX DTI1MDYxODAwMDA0M1owejFJMEcGA1UEBRNAMmM5YzE1M2I4MzIzNjM2MzI2NmIx MDFhNDVjNWI4NjJlODMxYWNkM2ZiNTMyZTBhMDU0ODIzNWMzMjdkOGQ5MjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBFK+FqI7NVWbOkN9bNpgFgJMZzi Kpa6OY6jQvfx5outypCAvnciJ3WLCX0nLUyHKvMhUuXLas8y21peXeKz/lZ2s5Ln exYMeBw1OMr58Zw1XlDccaLvUekVwmgHzWP/k3ExYiIMhEEqTfERpvNM+GdKGOB8 iYo8DMhhWkKlliUgL6nRjcRI1RloETElOh2M3gb16wAX5PVklISncU6uBJdZd/BN 7a9Q03cpBd6sCT2XYrns9Kt8YNOzChyP5iGEmvy+ZsFIKwDb2/CndzkE5Ea65HB0 XQpzsrYWtsWlC/jhQ+a5YnjoDS1jugKH+XHTF7TVeVkBufv4fbMcF3YdHwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFK5xY6AYTeeoMeewlja7ikRmwl1RMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAGId6DUYriMMrEsBXU+lImviSv/ZOigE 9E5Qujrh61jRU0LZ7Kga0YyNp+nta0dRzO7WlaXRlcdHpE1gk/YIe3qXhef0XL9s hAY2oneydQ78Z3WRtpKJnIlvsKoRjNe/i0C5oDyeFKC5rqi3bJdFGUN+BRuWoMFw hJxT7/JHg5udcTWo57mnSNbyi7XWrdTKfvTKvdiJoMD76nmDA3pPRJD0brq7MbeW 9Ruqz8G4+lhEfl2WLx1EYptThMQYsRwST7tRZOF0lShKjcgHuNVsayI6zVaqCdFV viStar8npDXZqYMAYNr16DuPgHo7P1nLbITMFTtWzQEL8trzWjTqZy0= -----END CERTIFICATE-----Generated at Sat Jun 14 18:33:19 2025 by rpki-client