$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft File: manifest.mft (raw, json) Hash identifier: Je5NuKVAX/rNMNAF5MSDLxsf0dBwhGwwH5hmA3Y3W+U= Subject key identifier: FF:60:C8:D1:83:1C:B2:A8:F5:DB:38:8E:BE:91:29:C6:56:B0:90:87 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 45FBF3C1F7BF83ECA04AF86EA8D72B5DA0AB4841 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft Manifest number: 04EE Signing time: Mon 20 Oct 2025 00:00:24 +0000 Manifest this update: Mon 20 Oct 2025 00:00:24 +0000 Manifest next update: Fri 24 Oct 2025 00:00:24 +0000 Files and hashes: 1: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (hash: IAE/EgLUs20wPy1NberdZ5RlgXXRQyh5hMi8XIkDDVc=) 2: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (hash: EakTpsjg8XbW1cpR2oHcTT8EbYnqa5DVQybZqrZLkNY=) 3: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (hash: FB1Qpi6ubFBBb9QiCsmL14R/uNLcJYJQgm5SPXnPMkY=) 4: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (hash: crbnfBSBUv7kqzvdC15ui/LRtS7PQKPupuvCIreIl3Y=) 5: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (hash: hlhw8zUOcvU7dCYv2yf608PlU2cI798S9a3AQCYnqmg=) 6: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (hash: 1v9wIq4sBNlm/GC2BfQyE/SqWT0MGKf/GJbKnEXdVbE=) 7: 565f9740-389f-45ac-956e-b96e19889315.roa (hash: LJvew2T9bQIWuMlfUiq97MVDbVzuyC1QaX8FwA75otA=) 8: 840736df-cd98-4b5b-a4f2-5615993fc74d.roa (hash: n6tVsR1XAfzbjsnP/JgcUnf25M8E2mzJBAvKI8Zei+g=) 9: 9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa (hash: I1sPXiJBTC8O2PwOLV/CyY9n+H0ukfg/Uu670rdT7bs=) 10: a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl (hash: NqJ7Q/oxHHaKWIGNN56hxOnzWLqNWCkZz9DoLcQpKE4=) 11: b51d6a60-7601-45c2-8839-f2002dfa8409.roa (hash: UUIRkRmygN8aNQhzVQrNSTNyWSo9jIDHe1HZw1qKUNc=) 12: c18b0845-fc95-41d6-b476-af4e1e466849.roa (hash: 1qCT2IAmbrL6ggBAizoqvmMijAOFpynSDLesioUlgsA=) 13: e5ffe65e-7287-4628-8759-7c141866ee12.roa (hash: RRxrTylUoJkKAEjxwP+vK1kttbtccN3yY6tn3ob0ZHQ=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:fb:f3:c1:f7:bf:83:ec:a0:4a:f8:6e:a8:d7:2b:5d:a0:ab:48:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 20 00:00:24 2025 GMT Not After : Oct 24 00:00:24 2025 GMT Subject: serialNumber=6aaa2444166576377f26efc24d047ec87bdffcda48e20ce44d7fb6db310c2a4a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:a2:4c:2c:3d:b8:93:06:9a:38:a6:1f:7b:00: fe:45:2b:09:e6:1b:18:a1:94:c3:d6:c9:b4:f8:14: db:15:8d:32:f2:c5:f7:c9:76:25:d4:ab:cf:e1:53: 1a:f8:14:0b:f4:06:6a:b0:c6:4d:61:7c:41:2a:8a: 93:b2:5a:00:0e:74:99:9e:60:15:06:ad:6d:83:91: 65:54:58:3c:7d:c2:82:2d:c9:f5:fb:1e:33:bc:7c: 8d:d3:47:66:d7:b5:95:6c:d5:da:a0:4b:76:29:a4: 38:5d:dc:42:d7:68:68:e2:38:c6:aa:41:56:df:d2: 8e:95:5a:ff:17:d6:75:9e:e0:30:57:b6:af:ab:91: ee:51:72:fe:89:25:c6:67:43:ca:91:43:91:c4:5e: d6:a3:c2:fe:99:1e:7a:7a:5e:ea:08:f5:0c:bc:7a: 53:9c:11:81:47:98:f4:a7:6c:ec:72:7b:f3:33:a6: fb:9b:31:81:37:db:51:9b:76:74:dc:03:55:6f:b1: 76:65:ab:48:66:ff:96:ae:97:b5:79:c3:c0:25:f6: 91:7e:08:21:1c:b3:f1:ae:b9:aa:d2:93:ca:f6:ae: f6:e9:a1:82:70:2a:7a:e3:b1:b8:2d:b8:8d:18:57: ab:5a:b3:79:9f:63:f0:63:bd:df:73:4f:06:79:23: 4a:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:60:C8:D1:83:1C:B2:A8:F5:DB:38:8E:BE:91:29:C6:56:B0:90:87 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:42:67:78:cf:c8:82:95:bd:27:bd:3f:d5:c3:44:2e:5a:46: be:a7:86:26:53:91:39:6b:f3:81:36:70:0d:2a:50:16:39:a9: 8a:17:f5:07:eb:49:4e:e3:b7:9a:2d:86:90:36:34:02:88:f1: 18:82:3e:b1:37:73:ff:4f:0b:68:36:91:ac:2f:21:d2:8c:35: 6e:d4:a4:3e:c3:cc:86:af:5b:3b:9a:e9:74:97:63:e4:81:a8: b1:b9:c5:2a:29:96:68:59:6d:c3:9a:37:09:48:cd:b8:44:59: 80:80:94:08:8e:2b:7c:69:b9:7c:ae:29:3c:95:ef:58:2a:b9: 50:a3:a9:12:47:b7:28:ef:13:0d:85:fa:de:a3:76:38:2c:e9: 8f:c5:ed:68:9c:e2:e3:56:98:f0:c1:42:98:c1:da:63:fd:21: 20:0f:14:80:8c:cd:fd:fb:11:df:10:ef:5a:a7:29:e5:ab:de: 99:fb:22:98:0b:2f:25:f1:60:68:5c:1f:23:58:a4:80:94:81: e7:06:76:b3:6c:f2:73:63:95:af:c5:98:48:3a:9a:c4:e7:4a: f7:5c:f8:bc:5b:53:d3:a3:b4:ae:1d:79:de:1d:dc:af:91:b3: e0:0e:f2:a7:c6:01:8f:c5:17:c4:d1:45:a0:c0:7d:d4:0c:ce: cd:a3:35:2b -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIURfvzwfe/g+ygSvhuqNcrXaCrSEEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAyMDAwMDAyNFoX DTI1MTAyNDAwMDAyNFowejFJMEcGA1UEBRNANmFhYTI0NDQxNjY1NzYzNzdmMjZl ZmMyNGQwNDdlYzg3YmRmZmNkYTQ4ZTIwY2U0NGQ3ZmI2ZGIzMTBjMmE0YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6JMLD24kwaaOKYfewD+RSsJ5hsY oZTD1sm0+BTbFY0y8sX3yXYl1KvP4VMa+BQL9AZqsMZNYXxBKoqTsloADnSZnmAV Bq1tg5FlVFg8fcKCLcn1+x4zvHyN00dm17WVbNXaoEt2KaQ4XdxC12ho4jjGqkFW 39KOlVr/F9Z1nuAwV7avq5HuUXL+iSXGZ0PKkUORxF7Wo8L+mR56el7qCPUMvHpT nBGBR5j0p2zscnvzM6b7mzGBN9tRm3Z03ANVb7F2ZatIZv+Wrpe1ecPAJfaRfggh HLPxrrmq0pPK9q726aGCcCp647G4LbiNGFerWrN5n2PwY73fc08GeSNKGQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFP9gyNGDHLKo9ds4jr6RKcZWsJCHMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMDhjMmYyNjQtMjNm OS00OWZiLTlkNDMtZjhiNTBiZWM5MjYxL2E1YjAxYmRkLWNkZWItNGNmYy04Yzkz LTdlNzBjNWUwOTMwNi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAINCZ3jPyIKVvSe9P9XDRC5aRr6nhiZT kTlr84E2cA0qUBY5qYoX9QfrSU7jt5othpA2NAKI8RiCPrE3c/9PC2g2kawvIdKM NW7UpD7DzIavWzua6XSXY+SBqLG5xSoplmhZbcOaNwlIzbhEWYCAlAiOK3xpuXyu KTyV71gquVCjqRJHtyjvEw2F+t6jdjgs6Y/F7Wic4uNWmPDBQpjB2mP9ISAPFICM zf37Ed8Q71qnKeWr3pn7IpgLLyXxYGhcHyNYpICUgecGdrNs8nNjla/FmEg6msTn Svdc+LxbU9OjtK4ded4d3K+Rs+AO8qfGAY/FF8TRRaDAfdQMzs2jNSs= -----END CERTIFICATE-----Generated at Mon Oct 20 07:25:00 2025 by rpki-client