$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: sspPEfsjckaGa7yG8tIzXmSrB6pn8zLTJoQv+K8xPSE= Subject key identifier: 9E:94:75:73:46:1B:9A:77:97:CC:92:CC:72:08:D5:0F:D1:CC:36:C5 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 77E6FDAA94695C4B0987E29368726D94E8A35441 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 048D Signing time: Sun 27 Apr 2025 00:01:05 +0000 Manifest this update: Sun 27 Apr 2025 00:01:05 +0000 Manifest next update: Thu 01 May 2025 00:01:05 +0000 Files and hashes: 1: 0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa (hash: wP4Hpdmr/OwNXZR/z2mxgpBvFN4dWJn2rSKiJOl3I1I=) 2: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: 6IQb+ID1EEQAkgWPk5Qrd9AmQfMXrlKcsbgih45XlDw=) 3: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: EEVkOaEXmz5Tf159IxMdOl9eDIg+DdMd8jYJw0A1zdA=) 4: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: DZ4V1VY2NPdlYAhqmNqpWfZSU78K7H5shN4WYYovjY0=) 5: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (hash: 9Cu3sMIOvJbiXT4QemB0aP4Dse8bfnB6AkPJJ1M4Oro=) 6: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Vm7QfjHgAlb0UPcOnTyqKW32B6tcAoSX7QGWNxOXr68=) 7: 6982f3ac-c7ae-423c-a028-517d7541d973.roa (hash: +1qhA0qqK2NjVj1z4Ed9dkztWxHZdc+r8eaFbwy+2a8=) 8: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: VJjwA9E8igccih3oBbfYt2BRAHIMCoB6efVTGk4Se4s=) 9: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: aWmx8lm9+dbngOtB5H2OhOAmt3Vdrj6J7A7RESAkpCo=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 00:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:e6:fd:aa:94:69:5c:4b:09:87:e2:93:68:72:6d:94:e8:a3:54:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 27 00:01:05 2025 GMT Not After : May 1 00:01:05 2025 GMT Subject: serialNumber=f37998123c51b4b378f8435fab786f396b39a664db8231bfc312608ab18e94a6, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:65:f2:76:73:db:ab:8e:2c:68:4d:f6:25:7f: f5:6f:df:fb:21:e0:25:b6:65:5e:2e:1d:aa:e8:df: f0:2d:8c:6b:b6:24:83:1b:08:46:c2:c0:4f:65:da: 65:25:9c:31:27:98:ce:b0:2b:77:b6:aa:d1:09:ac: d5:c4:66:ba:01:73:c0:d2:f8:69:dd:d7:9f:95:4f: 87:a2:8f:54:23:cd:69:d8:77:23:9a:7a:2e:1b:54: b2:dd:c9:fd:30:93:9c:f1:fd:3f:75:bd:bc:b2:8c: 96:3f:a0:5b:e0:db:37:17:44:f0:48:ad:58:8c:f7: e7:cc:54:24:bd:96:65:3f:cb:70:64:15:85:37:10: a1:c4:ba:ed:fd:95:73:5e:ad:bb:a1:d9:77:ae:59: 06:48:43:a6:ad:f3:4c:ba:5c:1c:c4:f3:c2:4f:cc: b0:88:a9:ec:53:3c:66:26:f0:ec:12:a4:4d:5e:87: c3:a6:97:54:f0:ef:08:7e:c1:81:b1:93:32:de:2b: ac:91:6e:f0:d9:21:8d:b5:62:10:fc:b8:fa:b0:b8: 84:33:45:93:7b:c6:a5:5b:0e:1c:9e:96:8c:97:82: 53:0f:d8:45:f1:eb:d7:97:b4:bf:89:4f:10:0c:0c: 60:f8:c2:41:5c:a1:15:ff:3a:54:8f:58:ea:45:23: 50:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:94:75:73:46:1B:9A:77:97:CC:92:CC:72:08:D5:0F:D1:CC:36:C5 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:3e:61:b4:19:d1:b6:05:b7:e1:a2:ec:12:36:df:44:cb:86: bd:f9:35:d9:c1:83:66:a5:de:61:1a:0a:92:07:2d:3f:2c:a1: 6b:d6:4d:eb:ce:55:87:d6:c3:a9:5a:23:89:64:0f:ea:6d:b2: cc:d4:b7:82:c4:65:3f:b1:46:99:be:6a:96:60:06:b4:da:d7: 95:61:ff:3e:e5:65:36:b1:f2:2b:87:50:3f:16:45:07:fc:7c: 7e:92:ca:36:7e:07:3f:53:1c:14:0f:0a:f2:47:32:5d:78:e0: 7c:76:72:2d:d0:b4:46:7b:83:3f:d4:fb:14:9a:bd:cc:4d:54: b7:7d:53:97:a9:7b:7c:e0:26:66:53:5d:88:b8:09:5f:1a:57: 02:fa:ec:6e:44:24:1f:d4:f4:78:44:0d:44:9f:07:df:d9:cb: 16:5d:f0:25:ec:04:be:58:9b:58:18:3c:1b:fb:cf:90:bb:bb: 90:02:9d:1d:37:c9:c9:2f:1d:d2:67:48:ae:9c:6c:64:bf:f3: 1e:8a:3a:17:09:28:9c:35:4a:ef:7e:ce:9c:4a:28:1d:6d:be: 2f:4d:f5:20:bd:39:31:ba:1c:0e:f0:2c:89:22:33:1d:bf:ed: 76:e3:b7:f6:0c:96:72:ec:21:bf:e1:fd:d1:f2:57:53:f5:5a: 48:c1:a7:a6 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUd+b9qpRpXEsJh+KTaHJtlOijVEEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDQyNzAwMDEwNVoX DTI1MDUwMTAwMDEwNVowejFJMEcGA1UEBRNAZjM3OTk4MTIzYzUxYjRiMzc4Zjg0 MzVmYWI3ODZmMzk2YjM5YTY2NGRiODIzMWJmYzMxMjYwOGFiMThlOTRhNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGXydnPbq44saE32JX/1b9/7IeAl tmVeLh2q6N/wLYxrtiSDGwhGwsBPZdplJZwxJ5jOsCt3tqrRCazVxGa6AXPA0vhp 3deflU+Hoo9UI81p2HcjmnouG1Sy3cn9MJOc8f0/db28soyWP6Bb4Ns3F0TwSK1Y jPfnzFQkvZZlP8twZBWFNxChxLrt/ZVzXq27odl3rlkGSEOmrfNMulwcxPPCT8yw iKnsUzxmJvDsEqRNXofDppdU8O8IfsGBsZMy3iuskW7w2SGNtWIQ/Lj6sLiEM0WT e8alWw4cnpaMl4JTD9hF8evXl7S/iU8QDAxg+MJBXKEV/zpUj1jqRSNQnwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFJ6UdXNGG5p3l8ySzHII1Q/RzDbFMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBACs+YbQZ0bYFt+Gi7BI230TLhr35NdnB g2al3mEaCpIHLT8soWvWTevOVYfWw6laI4lkD+ptsszUt4LEZT+xRpm+apZgBrTa 15Vh/z7lZTax8iuHUD8WRQf8fH6SyjZ+Bz9THBQPCvJHMl144Hx2ci3QtEZ7gz/U +xSavcxNVLd9U5epe3zgJmZTXYi4CV8aVwL67G5EJB/U9HhEDUSfB9/ZyxZd8CXs BL5Ym1gYPBv7z5C7u5ACnR03yckvHdJnSK6cbGS/8x6KOhcJKJw1Su9+zpxKKB1t vi9N9SC9OTG6HA7wLIkiMx2/7Xbjt/YMlnLsIb/h/dHyV1P1WkjBp6Y= -----END CERTIFICATE-----Generated at Sun Apr 27 07:06:56 2025 by rpki-client