Manifest

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft
File:                     manifest.mft (raw, json)
Hash identifier:          RWDdLt8bopNyPrGAU9+fI1CWCCos0k075TMYadRt0M4=
Subject key identifier:   F7:BF:C4:E4:17:59:E0:8B:B2:A6:4B:E0:DE:B8:9B:CA:46:5F:6F:A4
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Certificate issuer:       /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial:       30D3836CFC099576257D5A148B69AED701A3437C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft
Manifest number:          049A
Signing time:             Mon 04 Aug 2025 00:01:04 +0000
Manifest this update:     Mon 04 Aug 2025 00:01:04 +0000
Manifest next update:     Fri 08 Aug 2025 00:01:04 +0000
Files and hashes:         1: 177c9702-ee39-42d1-b76f-6cee77f4fb45.roa (hash: KY+3ez0xt27XvXV4Ptra/fdRkMmp3DQqO0tBL1+GFms=)
                          2: 197500e2-3802-44b2-a561-ca3dad01e209.roa (hash: tbAbfaC2RuFNWZiog/TRY+SJFGIcDojyat8DSXiGpj4=)
                          3: 1dffeac8-b779-49ef-ba27-58bc19891e60.roa (hash: +dgLMbF0Pa9+nV1whtS18K/OYeyEPHxLgt1uJNdX/z8=)
                          4: 220cee0c-6002-409a-8194-38e216c0096c.crl (hash: 5XWbdRhmoGEQd9Gyw+Od7AQq8g+T29neHDHpbhhpzq8=)
                          5: 22707524-2248-48ea-815f-578f49b19436.roa (hash: 0tdunrsGVZ3WKr4OAoHYFQU5uziBzinewn0h/W+ES+E=)
                          6: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (hash: HJIWOyYe38lELu3rJl66xPnUxv4UykP49+nbKbbeZnk=)
                          7: 245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa (hash: lg1YUGhW4/UQUdrKyIyy9Kwc8htsOn7PAyEoxCHWx20=)
                          8: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (hash: RVZmephehkkT8+1riYnPQqbreq38Sj6EedTm0lchM3A=)
                          9: 3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa (hash: amkVtT5O0C2NbJL88E9FOLSqLSjYan3d8UkmnxNtxG4=)
                          10: 42932dd4-2720-47b3-a472-fc2c8a50a46c.roa (hash: waiHC2uvQ/JWWGj6dv0+Jnvjhmk720UW4x8oKc0eTrA=)
                          11: 43fd8687-12d4-49b5-9958-8536ce8160b4.roa (hash: hcBCz8pjSbZBwEsa41ey2guhkl5K7x9KUwBIbfqn6Jc=)
                          12: 6b15abb6-10b7-4ecd-9947-c96012f824c6.roa (hash: 5Ttu2kLHtleGqXhGp1154M4Fs/n0b2qXFD2eo3KCU0w=)
                          13: 7b26d410-17d7-4310-bb58-41c465f8eef2.roa (hash: Xr7nLPSK2ZSyjI0rCOlF0AuSHNbswrAss87oZHF4EXo=)
                          14: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (hash: V/7m5yE+CCJeT/nKdukf9a+x/FN2cTA8qHx6R6yG9Jc=)
                          15: 8c170584-7c9b-414b-8cba-a934a0a79bbe.roa (hash: MpHMr+yOCUzQRFUKkTgd81TD/8QRLDFKm2v/LK5PTCg=)
                          16: 9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa (hash: 89Q54azxDN3ASeR/6p4+Ave3WHYO3C21Hbmap/CklK4=)
                          17: adf75e2e-9d2c-4718-a49d-ad44079b266b.roa (hash: Kvmc/hqY/vogQCWVl6vkaYesnaU1vHdvynPTnINrqQw=)
                          18: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (hash: Q0EtPntghfx8+ADDUWnuWTFrTDM7wTJyYoojeo1TxHI=)
                          19: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (hash: BfhQ5TfBlWMRzxrXseNxhYgROPwC4eDy5cgt1Lgc9to=)
                          20: d953b731-7921-47dd-abf3-b7b8cc367900.roa (hash: h4ZB/MWEgyJ8LZrf1SxnyFlIxQ+R+CVKJktPaoigBZ4=)
                          21: e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa (hash: dClEonqXxXGeK3AlK7PwDwEIvV/bh31mEliYfQYbDzE=)
                          22: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (hash: lt421rqinW4t2tzNSI/diNg120uGP5DeTElYLmy4iaM=)
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 08 Aug 2025 00:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:d3:83:6c:fc:09:95:76:25:7d:5a:14:8b:69:ae:d7:01:a3:43:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
        Validity
            Not Before: Aug  4 00:01:04 2025 GMT
            Not After : Aug  8 00:01:04 2025 GMT
        Subject: serialNumber=a0f6829671e6181c4cb0c38e4a524f8596a8fc23765fca56ba95ec6dca8c1633, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ff:fd:59:3a:a5:41:9b:45:fd:de:08:67:ea:
                    6b:08:4d:12:ca:2b:9e:ab:8c:15:a9:05:6a:84:67:
                    69:9c:05:e5:7c:f6:ba:6a:5a:2f:51:d7:72:d1:d2:
                    92:e4:fa:54:aa:e1:bf:d0:2d:bc:d3:7a:73:c6:0b:
                    9e:82:5c:b4:9d:7f:44:41:10:ef:5e:b9:23:bc:75:
                    c1:86:d2:c2:45:93:32:b9:3c:42:e5:0e:b3:cb:9c:
                    69:09:8a:2f:b1:51:2e:2b:cc:f5:f4:46:24:75:23:
                    7f:8f:8e:48:3f:26:ef:5b:00:a7:db:cd:ff:92:44:
                    af:d7:0b:3a:19:d3:96:d8:9a:f2:44:84:9a:92:44:
                    f0:0a:cd:65:b3:02:6f:75:97:b0:60:b0:da:10:02:
                    18:ec:56:da:68:77:ce:b3:f7:cd:31:9a:0e:2f:0d:
                    1f:9c:4c:d3:dd:7c:fe:82:0e:b3:c3:c7:3a:c1:d6:
                    9a:f4:c4:53:58:d5:c7:12:e0:30:1f:44:9b:86:05:
                    ea:ee:09:8e:71:8e:75:0b:0f:13:e2:ec:61:59:b1:
                    01:99:16:f9:1d:42:a5:3b:20:05:80:5a:9c:52:fc:
                    f8:e6:f0:99:93:06:00:98:d7:10:e2:c6:6d:c1:82:
                    59:03:75:e2:07:35:92:a0:79:93:8c:47:57:95:8d:
                    8e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:BF:C4:E4:17:59:E0:8B:B2:A6:4B:E0:DE:B8:9B:CA:46:5F:6F:A4
            X509v3 Authority Key Identifier:
                keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:78:ac:8b:41:6b:52:ce:eb:b7:aa:6a:c3:44:70:05:a7:62:
         f3:06:10:df:71:3d:a7:e6:8a:3f:e9:b4:ed:2f:b4:39:a4:3b:
         46:32:f2:fc:ab:b5:ee:4a:dd:f2:e3:1f:2b:be:c3:7d:a9:1d:
         41:d7:27:0f:f8:6d:07:23:cf:5f:e1:ce:bc:f5:38:5a:4c:5b:
         7b:e3:41:05:8b:e9:46:7c:7c:e4:14:d6:0f:98:e2:7e:1a:04:
         6f:6a:01:25:14:bb:6c:e7:32:af:e2:59:b7:0e:2a:6b:4c:3e:
         b2:7e:55:1e:5a:4d:0a:9e:4a:4a:ed:92:d5:47:d5:f6:a8:62:
         38:25:06:a6:bb:d9:92:36:c4:ef:f7:c3:60:0d:4e:ee:da:31:
         63:f5:83:22:26:95:c4:53:93:d0:ef:96:b1:00:0b:8a:e6:7e:
         07:82:9a:e2:70:72:37:1a:18:8d:27:0e:c0:6e:3b:4d:60:29:
         ac:69:1e:96:2b:89:7a:c6:35:05:0d:af:98:57:ed:bf:88:89:
         f4:8e:fb:2a:de:2c:32:bd:79:96:a3:fc:4f:07:17:52:d3:94:
         5b:4f:35:3c:91:ba:5f:4f:c0:63:e4:3e:0f:b1:8e:91:e7:6c:
         cb:e8:7a:93:aa:0e:c4:46:b2:5d:7f:ac:13:01:9f:99:00:eb:
         13:b6:c8:b4
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUMNODbPwJlXYlfVoUi2mu1wGjQ3wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwNDAwMDEwNFoX
DTI1MDgwODAwMDEwNFowejFJMEcGA1UEBRNAYTBmNjgyOTY3MWU2MTgxYzRjYjBj
MzhlNGE1MjRmODU5NmE4ZmMyMzc2NWZjYTU2YmE5NWVjNmRjYThjMTYzMzEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1//9WTqlQZtF/d4IZ+prCE0Syiue
q4wVqQVqhGdpnAXlfPa6alovUddy0dKS5PpUquG/0C2803pzxguegly0nX9EQRDv
XrkjvHXBhtLCRZMyuTxC5Q6zy5xpCYovsVEuK8z19EYkdSN/j45IPybvWwCn283/
kkSv1ws6GdOW2JryRISakkTwCs1lswJvdZewYLDaEAIY7FbaaHfOs/fNMZoOLw0f
nEzT3Xz+gg6zw8c6wdaa9MRTWNXHEuAwH0SbhgXq7gmOcY51Cw8T4uxhWbEBmRb5
HUKlOyAFgFqcUvz45vCZkwYAmNcQ4sZtwYJZA3XiBzWSoHmTjEdXlY2OpQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPe/xOQXWeCLsqZL4N64m8pGX2+kMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2Yjk2ODEzZTQvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3
MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0LzIyMGNlZTBjLTYwMDItNDA5YS04MTk0
LTM4ZTIxNmMwMDk2Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBAIB4rItBa1LO67eqasNEcAWnYvMGEN9x
Pafmij/ptO0vtDmkO0Yy8vyrte5K3fLjHyu+w32pHUHXJw/4bQcjz1/hzrz1OFpM
W3vjQQWL6UZ8fOQU1g+Y4n4aBG9qASUUu2znMq/iWbcOKmtMPrJ+VR5aTQqeSkrt
ktVH1faoYjglBqa72ZI2xO/3w2ANTu7aMWP1gyImlcRTk9DvlrEAC4rmfgeCmuJw
cjcaGI0nDsBuO01gKaxpHpYriXrGNQUNr5hX7b+IifSO+yreLDK9eZaj/E8HF1LT
lFtPNTyRul9PwGPkPg+xjpHnbMvoepOqDsRGsl1/rBMBn5kA6xO2yLQ=
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:24 2025 by rpki-client