$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: NRQLnfSf6IBZd90Izapn71qk0euJKOdbkwzfORyFTS4= Subject key identifier: 67:A1:84:9A:68:91:37:D7:71:85:3F:59:CA:EE:B5:98:D7:C6:0F:C1 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 399965F341EDA3C053CF99F51B667DD2636A0343 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05E3 Signing time: Thu 26 Mar 2026 00:07:39 +0000 Manifest this update: Thu 26 Mar 2026 00:07:39 +0000 Manifest next update: Mon 30 Mar 2026 00:07:39 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: H4qJPSUIHWy6IqAwNKg0SG5ws3ezrI0UyU5YxgMVZPg=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 30 Mar 2026 00:07:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:99:65:f3:41:ed:a3:c0:53:cf:99:f5:1b:66:7d:d2:63:6a:03:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 26 00:07:39 2026 GMT Not After : Mar 30 00:07:39 2026 GMT Subject: serialNumber=7a0f916b1cc514ce3721a4355c15b489207eff164023d5352b067d690a796991, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:1f:db:e5:5c:7e:fb:b1:88:bc:50:a2:49:f6: 20:10:8e:34:ed:f6:38:dc:bf:99:38:78:26:10:7a: 81:04:b1:84:89:11:83:51:9a:08:3c:19:62:3c:b3: 98:ba:95:37:8b:d3:57:46:16:68:b3:6c:b5:58:8c: f9:be:f6:6a:b6:8d:d1:b9:00:01:bb:9d:9d:d8:3e: 0c:95:ba:c5:67:88:64:79:46:b0:71:71:f9:dd:ec: 9e:78:f6:1b:c2:ad:e7:f7:80:bc:58:58:14:55:cf: 86:75:2c:a7:c1:7a:2d:25:6c:2c:05:75:e4:b8:7b: f2:3e:59:59:df:f8:39:9d:75:40:68:49:5d:30:48: 1f:46:d5:d8:9b:78:b1:86:a2:12:cf:8b:22:8a:21: de:23:5f:34:c1:b3:17:f4:03:64:f5:10:bb:08:f7: 02:e4:2b:c8:47:ab:62:1f:19:e9:0c:72:e9:fb:63: 86:ae:5a:20:4d:43:d3:5b:a4:d6:ce:f0:04:3e:66: 09:18:6b:00:29:7f:d7:4f:96:9f:6d:24:c1:5d:8c: 41:48:3c:45:dc:26:5f:a6:bc:62:cd:0c:68:dd:b2: 9b:46:51:5f:e0:ef:2d:66:15:63:be:22:42:b8:d6: 72:fe:a0:e6:99:e1:77:f4:54:ec:df:b1:35:32:cc: 53:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:A1:84:9A:68:91:37:D7:71:85:3F:59:CA:EE:B5:98:D7:C6:0F:C1 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:f9:dc:7f:6e:d2:91:ca:ed:32:3b:93:ff:03:3a:c3:c0:12: 9a:ed:58:40:9e:4b:6a:ee:e4:3e:77:31:d5:36:7e:9b:be:84: 13:e6:12:a8:f7:70:2f:0f:ab:b9:f5:80:49:46:79:9b:ef:26: f4:65:ee:f1:b0:17:e9:71:de:d4:bb:fc:5e:c0:5c:af:c5:66: 2e:e6:bf:92:f7:96:10:e9:a8:df:53:1f:d4:94:25:e7:d8:63: 8c:35:b2:34:a5:a1:c0:7e:a3:5e:33:68:de:74:52:cf:2c:b3: 67:9a:6a:3f:50:17:67:89:ad:14:03:96:e7:28:68:5f:f8:f6: 00:02:9f:38:71:ba:30:49:5e:93:a0:91:ab:bb:f7:5c:7f:d9: 40:f8:4b:79:93:db:54:44:5e:67:59:31:40:28:3f:43:cd:a8: ab:0a:d0:97:8c:28:2d:f7:d0:8e:9d:24:7f:50:c5:4e:3c:77: 7f:6a:48:48:2f:28:88:1d:63:b0:3b:cb:5b:55:fe:ac:dc:f8: 52:4e:7b:62:08:ec:31:34:b5:56:5d:28:11:e6:58:bd:75:5a: f0:42:0a:f7:fb:b6:4d:c4:a6:d2:b8:b3:9f:e7:7c:1c:12:d6: d6:8a:9c:0e:6d:ec:31:9b:c0:87:51:80:fe:5f:26:a6:0e:26: 6c:79:6f:45 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUOZll80Hto8BTz5n1G2Z90mNqA0MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDMyNjAwMDczOVoX DTI2MDMzMDAwMDczOVowejFJMEcGA1UEBRNAN2EwZjkxNmIxY2M1MTRjZTM3MjFh NDM1NWMxNWI0ODkyMDdlZmYxNjQwMjNkNTM1MmIwNjdkNjkwYTc5Njk5MTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB/b5Vx++7GIvFCiSfYgEI407fY4 3L+ZOHgmEHqBBLGEiRGDUZoIPBliPLOYupU3i9NXRhZos2y1WIz5vvZqto3RuQAB u52d2D4MlbrFZ4hkeUawcXH53eyeePYbwq3n94C8WFgUVc+GdSynwXotJWwsBXXk uHvyPllZ3/g5nXVAaEldMEgfRtXYm3ixhqISz4siiiHeI180wbMX9ANk9RC7CPcC 5CvIR6tiHxnpDHLp+2OGrlogTUPTW6TWzvAEPmYJGGsAKX/XT5afbSTBXYxBSDxF 3CZfprxizQxo3bKbRlFf4O8tZhVjviJCuNZy/qDmmeF39FTs37E1MsxTNwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFGehhJpokTfXcYU/WcrutZjXxg/BMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAG753H9u0pHK7TI7k/8DOsPAEprtWECe S2ru5D53MdU2fpu+hBPmEqj3cC8Pq7n1gElGeZvvJvRl7vGwF+lx3tS7/F7AXK/F Zi7mv5L3lhDpqN9TH9SUJefYY4w1sjSlocB+o14zaN50Us8ss2eaaj9QF2eJrRQD lucoaF/49gACnzhxujBJXpOgkau791x/2UD4S3mT21REXmdZMUAoP0PNqKsK0JeM KC330I6dJH9QxU48d39qSEgvKIgdY7A7y1tV/qzc+FJOe2II7DE0tVZdKBHmWL11 WvBCCvf7tk3EptK4s5/nfBwS1taKnA5t7DGbwIdRgP5fJqYOJmx5b0U= -----END CERTIFICATE-----Generated at Thu Mar 26 10:26:35 2026 by rpki-client