$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: BWMnFbx3mkv6AfLklq5W16yKYrN6BG95K8zqXt7+QWU= Subject key identifier: 58:D3:03:D6:F1:1C:D3:28:70:37:4E:E7:40:41:B5:C1:1F:5D:D8:06 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 7181940A3E614A0DD3BCE4424D8700BD22606EF3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 04CF Signing time: Sun 29 Jun 2025 00:03:04 +0000 Manifest this update: Sun 29 Jun 2025 00:03:04 +0000 Manifest next update: Thu 03 Jul 2025 00:03:04 +0000 Files and hashes: 1: 0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa (hash: ie2o42aSKCyNP9ZTI7XVt3/jAd6pVFmZLYciu0GTo44=) 2: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: blxMncEQ1mK+oNMeVtUh+r7j5GW9v2lGryGZ1X0LoUA=) 3: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: +LzVgL5yEjod9LZPg1MR/BXJI5ka7btRTQXKRa2t5J4=) 4: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: oIDXPNv1Mka93Q0YbuluJYu0qVSYWb5A4eGY2N6a0og=) 5: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (hash: F5hKqKTHPcXnLrPQKABZPfxyPw5XI4b6/R5dMYHO+qk=) 6: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: rLzzd2tpxPzSHeVq4ufO95LK6Vwc/XYwCCbCUOPEqcM=) 7: 6982f3ac-c7ae-423c-a028-517d7541d973.roa (hash: O+f4fPRok5OcjlFoUBcYV4odcShUcF5ITkb1wQw8WQ8=) 8: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /wNnt0ikqeC8jW/WaQtlJthQbNAbgmO+CWmu99gAvRw=) 9: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: tg1nJKR0DHrhFmNM4Uh5qbEkkpCCQsIm47+kHh9VFWg=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:03:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:81:94:0a:3e:61:4a:0d:d3:bc:e4:42:4d:87:00:bd:22:60:6e:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jun 29 00:03:04 2025 GMT Not After : Jul 3 00:03:04 2025 GMT Subject: serialNumber=ca442b210c451ddd1be2447419f1d5282b718def078e03d4b591e3d355674de6, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1b:11:62:a2:0e:3b:ba:82:cc:79:55:1a:49: ab:f6:6e:16:c2:ef:de:18:80:af:6c:78:f9:b3:f3: 35:c6:74:c0:3b:dc:8b:8f:71:07:61:c9:ba:37:72: 5b:b0:e1:94:bc:8b:27:0b:13:84:9c:1f:30:dc:04: 4a:c7:9c:b5:d3:49:a7:41:4f:7e:15:14:db:b4:70: 6f:1b:a6:ba:7a:f8:f7:e0:7d:fa:c6:5a:92:13:05: 4b:71:0f:7d:7b:62:ff:dc:ff:72:9f:02:47:d9:d1: 43:27:3d:34:a1:f4:88:4b:25:26:5f:99:6f:b5:85: 7a:ed:3b:10:80:db:f2:e2:48:cc:17:f2:6e:38:2c: de:07:11:54:3d:34:3d:7a:ab:56:8e:e6:91:ed:7a: fa:7c:90:fe:66:14:ad:64:c5:ec:f0:90:9e:85:69: 66:30:a2:f3:56:bf:13:55:43:76:de:c6:0b:a6:bb: 4f:0f:91:30:63:cb:ed:80:e3:66:0a:cc:0b:76:f0: 47:ec:df:bc:b7:52:91:56:5b:7f:29:f1:17:af:22: 07:7f:07:be:a8:e5:65:54:89:ef:93:88:f9:b2:b6: cf:3f:68:7d:50:42:ef:cb:b8:5b:cb:71:0d:80:86: 16:b1:b5:fd:a1:c7:3e:26:30:01:7d:a6:fd:8a:e6: 11:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:D3:03:D6:F1:1C:D3:28:70:37:4E:E7:40:41:B5:C1:1F:5D:D8:06 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:6d:38:4f:e4:16:4e:1c:bc:a1:6e:55:db:b2:e0:41:c0:90: 9e:44:d9:8a:ab:1e:59:ec:73:cb:97:0f:d8:ba:cd:39:de:56: 50:0b:32:8d:1f:99:46:80:b0:4a:d8:20:5c:db:db:4f:73:7f: c4:cd:7e:ce:42:0a:73:a9:0e:6a:c4:f9:2e:51:39:e3:89:6c: 8c:9a:61:c2:95:73:ce:f1:36:8e:c3:25:eb:35:dc:40:f7:00: 8c:50:ce:3b:d2:52:f5:56:f8:b9:67:5d:e2:99:97:24:ee:74: 1a:aa:2e:06:af:c1:37:44:d6:1e:48:ac:81:3c:d3:7f:ea:17: 57:25:cb:4f:bf:0c:3e:95:0a:bd:f1:5b:8d:c2:d2:24:2a:e8: c7:f5:bd:5b:28:63:4f:22:d5:7e:a3:96:74:2c:d8:4c:0b:b9: 9d:36:05:ee:5b:92:ff:cb:26:e2:cf:f3:a8:85:56:16:61:fc: b9:4f:be:3e:18:11:31:d3:a9:3f:57:76:93:9e:e9:7c:40:aa: 3f:1a:f1:51:ce:95:f7:fd:6e:38:02:98:ac:57:15:2f:f8:bb: ec:71:c6:41:a8:43:a4:fd:88:1a:14:90:f0:90:4e:f1:8c:c8: 19:2d:46:71:59:d3:40:14:0a:b3:85:ce:8e:20:5b:31:a3:1a: e6:65:88:db -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUcYGUCj5hSg3TvORCTYcAvSJgbvMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDYyOTAwMDMwNFoX DTI1MDcwMzAwMDMwNFowejFJMEcGA1UEBRNAY2E0NDJiMjEwYzQ1MWRkZDFiZTI0 NDc0MTlmMWQ1MjgyYjcxOGRlZjA3OGUwM2Q0YjU5MWUzZDM1NTY3NGRlNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhsRYqIOO7qCzHlVGkmr9m4Wwu/e GICvbHj5s/M1xnTAO9yLj3EHYcm6N3JbsOGUvIsnCxOEnB8w3ARKx5y100mnQU9+ FRTbtHBvG6a6evj34H36xlqSEwVLcQ99e2L/3P9ynwJH2dFDJz00ofSISyUmX5lv tYV67TsQgNvy4kjMF/JuOCzeBxFUPTQ9eqtWjuaR7Xr6fJD+ZhStZMXs8JCehWlm MKLzVr8TVUN23sYLprtPD5EwY8vtgONmCswLdvBH7N+8t1KRVlt/KfEXryIHfwe+ qOVlVInvk4j5srbPP2h9UELvy7hby3ENgIYWsbX9occ+JjABfab9iuYRqQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFFjTA9bxHNMocDdO50BBtcEfXdgGMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAI9tOE/kFk4cvKFuVduy4EHAkJ5E2Yqr Hlnsc8uXD9i6zTneVlALMo0fmUaAsErYIFzb209zf8TNfs5CCnOpDmrE+S5ROeOJ bIyaYcKVc87xNo7DJes13ED3AIxQzjvSUvVW+LlnXeKZlyTudBqqLgavwTdE1h5I rIE803/qF1cly0+/DD6VCr3xW43C0iQq6Mf1vVsoY08i1X6jlnQs2EwLuZ02Be5b kv/LJuLP86iFVhZh/LlPvj4YETHTqT9XdpOe6XxAqj8a8VHOlff9bjgCmKxXFS/4 u+xxxkGoQ6T9iBoUkPCQTvGMyBktRnFZ00AUCrOFzo4gWzGjGuZliNs= -----END CERTIFICATE-----Generated at Sun Jun 29 05:24:40 2025 by rpki-client