$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft File: manifest.mft (raw, json) Hash identifier: bENHyk9s5ibzysUYWkBrsZcgBgmtfDj3laKHU3xguCc= Subject key identifier: 08:85:7E:6B:30:01:F7:89:97:C3:42:7B:D7:C2:82:7B:CA:11:BE:90 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 186ED5BFF69A688263A1C564731F7754D1ADD18D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft Manifest number: 043D Signing time: Mon 05 May 2025 00:01:13 +0000 Manifest this update: Mon 05 May 2025 00:01:13 +0000 Manifest next update: Fri 09 May 2025 00:01:13 +0000 Files and hashes: 1: 098c0cc3-be06-46b9-86e2-aeb99985dd07.roa (hash: N4i8C5zmzaXeT7PnScGJylWklIVMEYnOQyZk06FyGAg=) 2: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (hash: f5zOsMKnKNX1/ft/H4npc5+z9StJhV5Lh9IWJLIFcFQ=) 3: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (hash: oswh/Fx6aO5On8Aftv8Si8+w0jTtCv2Q5lkxz1aRPaA=) 4: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (hash: U33+Cmyb8Bh15qZgoTQPIKNpwqwicQuG3CpQ0Ut7BDs=) 5: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (hash: IkBcOwPfW2kOf8xx912I8K/L35Tx9gCRrFjq6MCNYCs=) 6: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (hash: Y61C0xsr59coKegF/Fb7kRMesSqxu6amCzKA4hGnoss=) 7: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (hash: 80+dllhGsc5V16ceFMklKCS0pRmrn7Ju3eUH4c9Qlfg=) 8: 565f9740-389f-45ac-956e-b96e19889315.roa (hash: X068U9bzjrj3gFYNuGwKvaqDTdkC448TENmH5VTdgHA=) 9: 72c1271b-5ed8-4478-ba43-6741904af7c8.roa (hash: rPboLMDPYUqOJc5OGCG8ZkEGx9utn4eAmoWGVlu/a7c=) 10: 9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa (hash: +eCXdjxui+V/B0KgFafPyTzBfghrP1K3inLobaZfTYU=) 11: a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl (hash: YaCnnmH6z21ek1XAECVBa521aorXgGLwzW865uCqj3U=) 12: c18b0845-fc95-41d6-b476-af4e1e466849.roa (hash: PZauguuoWfziE8tLh5uSzOxPakhX7smEyRkW4V6FbuY=) 13: e5ffe65e-7287-4628-8759-7c141866ee12.roa (hash: wGZKIcw5jng+5D5btszB7yyI+fIXi6PSBKg1ef4jBSo=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:6e:d5:bf:f6:9a:68:82:63:a1:c5:64:73:1f:77:54:d1:ad:d1:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 5 00:01:13 2025 GMT Not After : May 9 00:01:13 2025 GMT Subject: serialNumber=1236a9020e2cf3be695164063102678ce27cf80b6e90913cae545453798513b2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:eb:e7:2b:df:28:c7:55:26:a9:a7:c2:d6:5d: 18:97:81:77:7b:4a:7f:94:fe:01:4b:4c:85:3b:45: e4:9a:41:dd:67:2b:a7:09:ed:1c:17:09:f3:cf:65: f8:b4:67:09:b3:0e:f8:ea:2b:49:3a:2b:83:a2:7c: 7d:46:85:ff:08:81:80:ad:76:8d:72:53:45:c7:9b: e5:90:63:6f:cb:16:2c:13:c9:8d:c7:28:a0:11:c3: 8a:68:19:d9:f1:c5:40:2b:9b:04:eb:2f:24:23:cb: e2:fa:41:80:8b:f8:a9:76:57:4e:a6:31:46:07:51: a2:f9:90:79:f6:75:32:f8:44:0f:77:3f:b9:a9:1b: 27:73:1d:c3:95:9a:8b:24:45:57:02:7e:b5:56:fa: 83:69:62:08:41:cf:79:98:6f:78:0c:d2:d8:c6:b6: 86:ab:26:4c:11:50:57:af:98:9d:3b:82:4a:00:e2: 2f:52:c4:41:12:49:14:e5:ab:6d:51:02:ac:2c:8d: 7e:7e:81:c6:20:53:fb:ab:10:36:06:7e:d9:7f:00: e1:b3:e6:43:d1:f4:9b:d7:6b:d6:e6:a4:41:4b:19: 27:fb:9e:ab:89:e9:87:5e:f7:db:10:fd:af:9d:d3: e0:09:ab:3d:eb:84:28:98:b7:7c:6a:a4:c3:9a:fb: 46:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:85:7E:6B:30:01:F7:89:97:C3:42:7B:D7:C2:82:7B:CA:11:BE:90 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:31:5d:f9:4b:b0:24:2c:5b:c7:2d:44:b8:40:cc:13:51:e4: 89:c6:2c:d5:61:19:d2:c9:7e:52:ae:22:f6:fb:af:df:32:69: a5:3a:f6:27:77:66:95:6e:be:64:7d:78:06:cb:d3:80:88:78: fa:4e:6b:f1:71:b5:dc:ba:0e:df:3f:3b:ad:be:6d:31:5b:a2: 67:66:e7:c4:5d:e3:dd:38:02:8c:c1:a6:8e:7e:6f:94:d1:c4: ee:60:73:19:91:1d:f6:14:9f:95:41:50:20:e3:54:0d:50:50: 95:f3:a4:bf:c5:ea:c6:28:78:4d:37:75:83:61:0b:4b:2f:49: d4:d5:7e:24:23:c0:82:5c:59:ef:d4:72:77:92:e1:55:6f:7d: 0a:29:74:26:f6:40:ff:ca:e4:b2:1b:bb:ba:a4:3b:e4:a3:0c: be:83:1d:0b:eb:6f:43:8b:44:26:f6:ed:64:b8:49:9e:55:f6: db:67:70:93:d5:1f:ce:b4:b9:28:7e:8c:63:80:12:8c:45:45: d3:ee:ab:d8:a7:f8:53:2e:58:70:c1:d6:8a:76:54:8a:19:55: d6:31:2d:b7:8c:30:4a:ab:1e:85:b1:01:ca:17:09:00:ed:08: 5f:dd:bf:75:65:5f:d4:84:ee:e3:30:5c:c0:21:df:08:63:2c: 73:23:f3:0d -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUGG7Vv/aaaIJjocVkcx93VNGt0Y0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUwNTAwMDExM1oX DTI1MDUwOTAwMDExM1owejFJMEcGA1UEBRNAMTIzNmE5MDIwZTJjZjNiZTY5NTE2 NDA2MzEwMjY3OGNlMjdjZjgwYjZlOTA5MTNjYWU1NDU0NTM3OTg1MTNiMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuevnK98ox1UmqafC1l0Yl4F3e0p/ lP4BS0yFO0XkmkHdZyunCe0cFwnzz2X4tGcJsw746itJOiuDonx9RoX/CIGArXaN clNFx5vlkGNvyxYsE8mNxyigEcOKaBnZ8cVAK5sE6y8kI8vi+kGAi/ipdldOpjFG B1Gi+ZB59nUy+EQPdz+5qRsncx3DlZqLJEVXAn61VvqDaWIIQc95mG94DNLYxraG qyZMEVBXr5idO4JKAOIvUsRBEkkU5attUQKsLI1+foHGIFP7qxA2Bn7ZfwDhs+ZD 0fSb12vW5qRBSxkn+56riemHXvfbEP2vndPgCas964QomLd8aqTDmvtGgQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFAiFfmswAfeJl8NCe9fCgnvKEb6QMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMDhjMmYyNjQtMjNm OS00OWZiLTlkNDMtZjhiNTBiZWM5MjYxL2E1YjAxYmRkLWNkZWItNGNmYy04Yzkz LTdlNzBjNWUwOTMwNi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAEkxXflLsCQsW8ctRLhAzBNR5InGLNVh GdLJflKuIvb7r98yaaU69id3ZpVuvmR9eAbL04CIePpOa/Fxtdy6Dt8/O62+bTFb omdm58Rd4904AozBpo5+b5TRxO5gcxmRHfYUn5VBUCDjVA1QUJXzpL/F6sYoeE03 dYNhC0svSdTVfiQjwIJcWe/UcneS4VVvfQopdCb2QP/K5LIbu7qkO+SjDL6DHQvr b0OLRCb27WS4SZ5V9ttncJPVH860uSh+jGOAEoxFRdPuq9in+FMuWHDB1op2VIoZ VdYxLbeMMEqrHoWxAcoXCQDtCF/dv3VlX9SE7uMwXMAh3whjLHMj8w0= -----END CERTIFICATE-----Generated at Mon May 5 16:28:44 2025 by rpki-client