$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: yeOj5mdUfIowscZBrZDkLHCK7sXsPhBWkLYu0QXuVWQ= Subject key identifier: B9:F5:1B:C2:A6:5F:38:C0:1A:E7:1F:11:98:93:A4:F8:A0:1A:A9:75 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 0227625BCA2C270134171DF1278BF3CCADB44699 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0556 Signing time: Wed 05 Nov 2025 00:02:51 +0000 Manifest this update: Wed 05 Nov 2025 00:02:51 +0000 Manifest next update: Sun 09 Nov 2025 00:02:51 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: BpImD3hzmVWefzPKaimFe0Y1NJ38bORHGCF6FFlY0k0=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: xQO1wnKvetpsF+feWgIvq9A3g8NXj+xFCYGVWoa7USY=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: 2XLb7h6yISDftQlUB4TcpfpywHo5glEYW1SGISdeDoA=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: wcYYwgkTAd9Q2xT1BuIAMuJob/FJA9RrYdGr+wpFwVw=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: zwcPWnYArAZVLpt/G7O+elUyq5aa8j+XVNVGlvHcIz4=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: EWyZQ0kD4O1likOe4tykuIu5kk0yH0Zz9dIOCoYFR6g=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:27:62:5b:ca:2c:27:01:34:17:1d:f1:27:8b:f3:cc:ad:b4:46:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 5 00:02:51 2025 GMT Not After : Nov 9 00:02:51 2025 GMT Subject: serialNumber=db047582290d3b913697c5ba596f8143d8c2f504eee802dc5e39b591d835f15d, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:fb:9b:bf:ed:04:d8:f6:16:6c:37:79:41:48: de:ff:e2:42:21:68:38:a1:e0:39:c3:08:79:e7:4f: 79:0c:33:68:6d:dd:b7:56:a6:e2:7f:ef:d2:49:49: b1:72:e8:cb:28:49:98:a9:e6:f3:b2:0a:2e:ff:5c: 25:51:05:84:b6:88:d6:ac:d9:d2:de:81:1f:3e:4f: 9c:fb:75:d9:41:17:72:0f:44:5d:e8:dd:95:dd:cc: a4:ff:d5:23:82:92:c0:f8:5b:8a:35:94:91:f1:22: 3b:01:43:67:f3:4e:fd:f4:83:bf:dd:b0:7a:2e:59: 0e:78:77:0d:62:04:cc:4e:a1:70:72:6e:d7:04:6e: 0b:42:88:d2:55:7b:4b:7b:d8:8a:60:11:c6:db:5a: 06:36:a1:80:27:21:7f:77:34:02:73:58:74:07:0b: 08:4a:03:92:a5:8c:46:d3:3e:18:32:8b:41:55:d0: 0c:3a:d9:8a:de:e7:24:1d:bd:bd:2e:3c:56:49:9a: 3a:80:fc:be:3d:c3:a9:53:7d:3e:ae:6b:32:56:38: ea:25:f6:6e:53:5b:67:b9:33:37:7d:6d:b7:d3:24: d2:2d:a3:3e:04:bd:bc:de:26:98:74:6d:fb:0a:65: ea:2c:ad:28:8c:84:73:15:06:bf:eb:d8:56:9d:03: e0:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:F5:1B:C2:A6:5F:38:C0:1A:E7:1F:11:98:93:A4:F8:A0:1A:A9:75 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:78:2a:96:77:31:62:dc:f9:cc:b9:02:78:93:fe:0b:1f:0b: 44:2a:8e:94:ea:3e:18:9f:f2:01:69:ff:09:1a:67:aa:43:e1: af:2f:c8:af:b4:d4:2c:17:13:a4:25:ee:4e:96:26:b3:32:8f: c1:8f:86:47:4b:76:db:71:8c:97:be:db:17:b6:28:93:7d:f3: 25:51:65:68:4e:9c:f8:89:3e:e4:ed:03:0f:84:80:a5:22:fc: d5:1f:ff:37:f3:d1:af:73:c6:51:2d:49:32:e8:87:0a:c7:11: 62:98:c8:d7:2d:d6:12:25:9d:81:65:70:de:f8:1d:fe:99:e9: 39:13:b4:c7:11:1b:92:c6:1e:c2:9a:79:35:38:25:79:5c:7f: 1a:3b:ae:c3:f8:f0:77:8e:ad:2f:57:b9:ee:37:ab:21:5c:56: 70:22:a0:a0:7e:b8:57:6c:26:b2:fe:82:06:b6:5b:38:ec:a1: e0:2f:f8:4b:85:18:0e:05:6f:2d:6e:22:dc:c1:8f:eb:a6:dd: a1:2b:50:73:9c:16:15:33:9f:f1:9e:3d:65:90:3c:a9:11:da: fc:c5:52:35:0f:26:19:da:cf:1c:8d:82:38:7a:e4:44:26:28: 85:1d:f5:98:4b:4f:65:cd:bc:06:d2:53:2b:05:56:d2:7d:7f: 87:e6:b8:a0 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUAidiW8osJwE0Fx3xJ4vzzK20RpkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTEwNTAwMDI1MVoX DTI1MTEwOTAwMDI1MVowejFJMEcGA1UEBRNAZGIwNDc1ODIyOTBkM2I5MTM2OTdj NWJhNTk2ZjgxNDNkOGMyZjUwNGVlZTgwMmRjNWUzOWI1OTFkODM1ZjE1ZDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/ubv+0E2PYWbDd5QUje/+JCIWg4 oeA5wwh55095DDNobd23Vqbif+/SSUmxcujLKEmYqebzsgou/1wlUQWEtojWrNnS 3oEfPk+c+3XZQRdyD0Rd6N2V3cyk/9UjgpLA+FuKNZSR8SI7AUNn80799IO/3bB6 LlkOeHcNYgTMTqFwcm7XBG4LQojSVXtLe9iKYBHG21oGNqGAJyF/dzQCc1h0BwsI SgOSpYxG0z4YMotBVdAMOtmK3uckHb29LjxWSZo6gPy+PcOpU30+rmsyVjjqJfZu U1tnuTM3fW230yTSLaM+BL283iaYdG37CmXqLK0ojIRzFQa/69hWnQPgSQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFLn1G8KmXzjAGucfEZiTpPigGql1MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAIF4KpZ3MWLc+cy5AniT/gsfC0QqjpTq Phif8gFp/wkaZ6pD4a8vyK+01CwXE6Ql7k6WJrMyj8GPhkdLdttxjJe+2xe2KJN9 8yVRZWhOnPiJPuTtAw+EgKUi/NUf/zfz0a9zxlEtSTLohwrHEWKYyNct1hIlnYFl cN74Hf6Z6TkTtMcRG5LGHsKaeTU4JXlcfxo7rsP48HeOrS9Xue43qyFcVnAioKB+ uFdsJrL+gga2WzjsoeAv+EuFGA4Fby1uItzBj+um3aErUHOcFhUzn/GePWWQPKkR 2vzFUjUPJhnazxyNgjh65EQmKIUd9ZhLT2XNvAbSUysFVtJ9f4fmuKA= -----END CERTIFICATE-----Generated at Wed Nov 5 09:50:11 2025 by rpki-client