$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: MGdHQFZBKZmJAl/xlGoplm4i5pmsvn+n4kfykps9q2I= Subject key identifier: D4:47:35:CA:0D:FC:DC:EF:91:6C:D7:BF:9E:34:7A:B8:59:67:CC:65 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 64168D2DABADF81637702F88A771DC20B515136E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0546 Signing time: Mon 20 Oct 2025 00:00:46 +0000 Manifest this update: Mon 20 Oct 2025 00:00:46 +0000 Manifest next update: Fri 24 Oct 2025 00:00:46 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: 3Yx3UQtZhXIragaUctkkF5yRvUCyIYqaG6Nw2G0W+qs=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: xQO1wnKvetpsF+feWgIvq9A3g8NXj+xFCYGVWoa7USY=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: 6Fpd9gBIc/LXj6j9T1twNVkYS5OMiVQbOSp7PmDxY1U=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Re8w+Sti8Sz8i6ZAYYfWup/PcRJPfYG0e5H8KWoVjfQ=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: orzuAvwA0tXGSbVd44tpHtx/sQmjzy5GEpUYNIU4BYE=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: FaKA2+GlvEUL82YaPOAX93DKaQdqjYCp0D4TmGmrPbI=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:16:8d:2d:ab:ad:f8:16:37:70:2f:88:a7:71:dc:20:b5:15:13:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Oct 20 00:00:46 2025 GMT Not After : Oct 24 00:00:46 2025 GMT Subject: serialNumber=44474916333dd61d0db28aab2ea14754b3381adba53f8805e5abeae088a6ee52, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c0:2a:1d:11:b7:e6:de:c2:cb:3b:14:59:9a: 35:58:00:2d:2f:22:d0:ed:43:39:6e:45:e0:7b:74: 0e:c7:c2:e3:f4:29:49:9d:d7:85:5e:12:ea:f0:9b: 85:28:d2:eb:60:f5:d5:b5:7d:6a:26:3e:c6:3d:38: 45:7c:4f:fd:3a:ba:80:6a:22:1c:73:7f:44:0a:9c: fb:90:b7:e6:99:f7:10:17:a4:a7:2c:bc:82:33:b2: 8a:48:1b:80:2d:ab:28:b0:65:dd:71:69:84:da:5e: 5e:71:9e:6b:b1:8c:c9:0b:c5:fc:de:c5:3b:a0:67: 53:2d:4e:45:33:46:70:d6:aa:c4:d4:55:d8:a3:c8: c2:af:bd:74:b4:54:a0:0c:bc:c2:27:45:51:63:4a: 15:22:9d:45:e1:f4:1d:b9:54:4e:3f:62:a8:94:3a: f1:32:f7:87:c3:3c:fa:42:f3:bf:d2:60:3a:9f:de: c1:39:ef:5a:fc:ae:d8:ad:cd:48:21:b9:be:90:42: 84:f7:a0:99:54:c6:94:03:cd:61:8f:18:8e:b1:37: 25:dc:a1:c3:91:ac:60:16:e0:59:af:53:8b:7b:ae: de:16:91:77:c5:88:05:04:20:c5:9d:5c:ea:d3:ff: e9:95:5b:80:ff:7c:69:a1:12:6e:d0:3a:6d:f7:b2: 67:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:47:35:CA:0D:FC:DC:EF:91:6C:D7:BF:9E:34:7A:B8:59:67:CC:65 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:bb:53:ed:37:87:b4:dd:35:1e:0a:24:54:1c:4b:13:99:73: 24:ea:e6:21:8b:2c:98:78:b6:8c:b0:1e:8d:51:cd:6b:7c:24: 85:8b:a4:c7:13:65:00:72:ca:d8:1a:df:92:b8:c3:af:2a:f9: fe:e0:94:5f:8f:93:77:d1:17:5c:62:6f:bc:e0:6f:86:c0:0d: 5b:5b:80:e3:5d:a2:fe:4f:1f:21:41:11:41:97:d0:87:89:02: e7:31:4e:ff:03:39:f2:c3:be:1b:ab:fd:34:b4:94:bc:5a:98: ca:97:31:cd:12:27:5a:96:31:b1:e3:f5:00:e3:9a:01:3e:5b: 36:06:8d:34:f6:82:c8:d7:3d:5f:b4:f3:06:75:27:66:19:b0: 0c:a3:e8:10:0c:7e:47:ae:a9:3f:9b:12:72:08:e9:65:92:6d: 68:39:4e:9e:44:55:4a:42:1c:c2:ee:2f:4a:a0:f6:41:e2:c0: 2f:de:d7:e4:d0:45:25:80:aa:64:e0:c1:e8:f0:7c:f8:c7:62: 1c:78:a2:aa:2f:e4:08:5f:31:e9:9e:26:dc:4e:21:a4:bc:84: 85:cb:bb:cc:0f:5a:6b:2b:4a:a4:83:65:56:f5:de:55:28:15: b8:47:7e:d5:0b:bf:18:38:89:2e:2d:ac:97:0c:d0:2b:a0:14: 87:ae:b9:ba -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUZBaNLaut+BY3cC+Ip3HcILUVE24wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTAyMDAwMDA0NloX DTI1MTAyNDAwMDA0NlowejFJMEcGA1UEBRNANDQ0NzQ5MTYzMzNkZDYxZDBkYjI4 YWFiMmVhMTQ3NTRiMzM4MWFkYmE1M2Y4ODA1ZTVhYmVhZTA4OGE2ZWU1MjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MAqHRG35t7CyzsUWZo1WAAtLyLQ 7UM5bkXge3QOx8Lj9ClJndeFXhLq8JuFKNLrYPXVtX1qJj7GPThFfE/9OrqAaiIc c39ECpz7kLfmmfcQF6SnLLyCM7KKSBuALasosGXdcWmE2l5ecZ5rsYzJC8X83sU7 oGdTLU5FM0Zw1qrE1FXYo8jCr710tFSgDLzCJ0VRY0oVIp1F4fQduVROP2KolDrx MveHwzz6QvO/0mA6n97BOe9a/K7Yrc1IIbm+kEKE96CZVMaUA81hjxiOsTcl3KHD kaxgFuBZr1OLe67eFpF3xYgFBCDFnVzq0//plVuA/3xpoRJu0Dpt97JniQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFNRHNcoN/NzvkWzXv540erhZZ8xlMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAFq7U+03h7TdNR4KJFQcSxOZcyTq5iGL LJh4toywHo1RzWt8JIWLpMcTZQByytga35K4w68q+f7glF+Pk3fRF1xib7zgb4bA DVtbgONdov5PHyFBEUGX0IeJAucxTv8DOfLDvhur/TS0lLxamMqXMc0SJ1qWMbHj 9QDjmgE+WzYGjTT2gsjXPV+08wZ1J2YZsAyj6BAMfkeuqT+bEnII6WWSbWg5Tp5E VUpCHMLuL0qg9kHiwC/e1+TQRSWAqmTgwejwfPjHYhx4oqov5AhfMemeJtxOIaS8 hIXLu8wPWmsrSqSDZVb13lUoFbhHftULvxg4iS4trJcM0CugFIeuubo= -----END CERTIFICATE-----Generated at Mon Oct 20 01:39:48 2025 by rpki-client