$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: SWxYIRILojMR1FqyEcwGxiFdhyqjk8AueGJZeNque60= Subject key identifier: C1:58:A0:76:4C:42:60:EB:9C:4F:ED:67:4E:FE:2F:84:2C:88:CB:89 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 5FA41D9F8D547DF2DF967EE19961ABB86AF0FD18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0481 Signing time: Wed 16 Apr 2025 00:02:46 +0000 Manifest this update: Wed 16 Apr 2025 00:02:46 +0000 Manifest next update: Sun 20 Apr 2025 00:02:46 +0000 Files and hashes: 1: 0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa (hash: mmTq0rkMwK4WKP6Qk78cFnsiaz/MDevts9GEOFONFxo=) 2: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: jTiVLWBs0dSQFjGw5UgN6DkNaBHRlZlVavQqBJF9lRY=) 3: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: 1iH3uZQnNnd61RpxCzno6ZWy/8vdzmadYxVeuAMZhZA=) 4: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: DZ4V1VY2NPdlYAhqmNqpWfZSU78K7H5shN4WYYovjY0=) 5: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (hash: o+pOkcwKHxGSvQaifGq0xJXpDTkUQq605CBpkxt+glg=) 6: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Vm7QfjHgAlb0UPcOnTyqKW32B6tcAoSX7QGWNxOXr68=) 7: 6982f3ac-c7ae-423c-a028-517d7541d973.roa (hash: 5Qvp0UAhG7PMFXCJuN9T0EatXdG/aLa8CtLF6Z/XhXg=) 8: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: Ef+jhncw2EVelpeFCfW/FuyIuvC7XULKTTcPtMXiejM=) 9: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: aWmx8lm9+dbngOtB5H2OhOAmt3Vdrj6J7A7RESAkpCo=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 00:02:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:a4:1d:9f:8d:54:7d:f2:df:96:7e:e1:99:61:ab:b8:6a:f0:fd:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 16 00:02:46 2025 GMT Not After : Apr 20 00:02:46 2025 GMT Subject: serialNumber=c5956474cb6da39c2f67d861df8c1a302f8758485b685188ece572ce4bad5077, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:5b:0e:59:ae:dc:f9:1f:05:46:16:71:fe:e1: 27:f5:cf:14:79:c5:f4:75:a5:f4:e0:3d:4f:0f:62: c0:14:6e:51:ac:23:97:f2:c1:28:fe:1c:e5:c2:5c: 5f:ac:df:cc:01:1d:32:1a:6e:92:12:54:1a:4b:de: c6:bb:59:d6:e2:d9:1d:d8:db:25:a2:fe:0b:f1:81: aa:fe:f0:40:b0:16:5a:21:27:91:b2:86:4d:ad:a7: 86:49:c6:3a:17:57:52:51:73:79:b9:e7:e3:91:d4: f0:52:78:94:0a:b9:2f:b0:a0:17:9b:93:b1:48:35: 86:39:43:ec:7c:ec:b1:d2:cb:71:71:bb:69:cc:78: d6:76:72:aa:df:14:3b:2f:31:43:8b:f0:88:d2:e3: 53:30:62:74:01:81:9a:16:0f:18:f7:27:66:af:ea: f9:6b:e3:d7:5b:75:80:0f:63:85:80:87:58:5c:80: 43:93:e7:11:6b:d9:e1:2f:38:25:9b:94:f6:58:5e: f2:cc:e5:b2:78:e3:0a:1c:1a:5b:50:f0:5d:a3:80: 04:fc:01:41:43:6c:2f:b3:da:d9:fb:75:7c:69:8f: 19:d0:8d:ed:10:e8:3a:5f:5d:c8:ef:e2:54:37:3e: be:47:c1:10:6a:3d:63:a4:37:a0:37:08:fd:da:1e: b7:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:58:A0:76:4C:42:60:EB:9C:4F:ED:67:4E:FE:2F:84:2C:88:CB:89 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:67:22:d0:3e:02:3e:fb:e2:57:fd:77:32:f8:cc:44:da:bc: c5:91:be:c5:db:ee:76:12:69:6d:ec:8b:b7:5b:48:4b:dd:e5: e7:f5:84:29:f1:26:90:a8:0e:3b:77:34:f9:5c:3e:a5:b6:31: 9d:24:8d:5d:43:e0:63:93:d0:e1:4f:ce:bf:8f:f4:00:c4:ab: b3:4e:7e:b0:46:90:99:b2:30:24:4b:e2:32:af:9a:b2:2f:64: fe:1e:10:f9:75:31:48:cd:a3:44:c7:ae:7d:5a:14:3c:66:07: 4f:4e:7b:9e:13:a9:9a:e7:3d:d9:50:29:15:e3:b0:54:f0:9d: a5:80:e4:d4:5b:34:ec:01:5a:56:e4:ed:64:41:22:6b:1d:4c: 55:8d:1c:40:02:bb:f2:b7:da:c8:61:17:d6:55:96:c2:a3:3b: 22:08:e6:b0:a2:37:62:54:4f:4e:7a:9b:64:7a:43:23:59:3a: c3:81:1e:e3:81:58:86:e9:12:ef:1f:6e:38:44:dd:9b:43:18: 85:fa:24:d7:21:78:45:a6:0b:cc:b3:19:19:e4:0b:cc:0e:07: 15:df:d5:50:4b:df:fb:7c:0b:d2:0f:3a:ca:f5:a7:f7:d4:b5: 95:c3:a3:fb:59:5d:b7:55:50:75:8b:72:27:cf:09:d2:fb:a8: 5d:09:1f:1b -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUX6Qdn41UffLfln7hmWGruGrw/RgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDQxNjAwMDI0NloX DTI1MDQyMDAwMDI0NlowejFJMEcGA1UEBRNAYzU5NTY0NzRjYjZkYTM5YzJmNjdk ODYxZGY4YzFhMzAyZjg3NTg0ODViNjg1MTg4ZWNlNTcyY2U0YmFkNTA3NzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1sOWa7c+R8FRhZx/uEn9c8UecX0 daX04D1PD2LAFG5RrCOX8sEo/hzlwlxfrN/MAR0yGm6SElQaS97Gu1nW4tkd2Nsl ov4L8YGq/vBAsBZaISeRsoZNraeGScY6F1dSUXN5uefjkdTwUniUCrkvsKAXm5Ox SDWGOUPsfOyx0stxcbtpzHjWdnKq3xQ7LzFDi/CI0uNTMGJ0AYGaFg8Y9ydmr+r5 a+PXW3WAD2OFgIdYXIBDk+cRa9nhLzglm5T2WF7yzOWyeOMKHBpbUPBdo4AE/AFB Q2wvs9rZ+3V8aY8Z0I3tEOg6X13I7+JUNz6+R8EQaj1jpDegNwj92h63gQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFMFYoHZMQmDrnE/tZ07+L4QsiMuJMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAGFnItA+Aj774lf9dzL4zETavMWRvsXb 7nYSaW3si7dbSEvd5ef1hCnxJpCoDjt3NPlcPqW2MZ0kjV1D4GOT0OFPzr+P9ADE q7NOfrBGkJmyMCRL4jKvmrIvZP4eEPl1MUjNo0THrn1aFDxmB09Oe54TqZrnPdlQ KRXjsFTwnaWA5NRbNOwBWlbk7WRBImsdTFWNHEACu/K32shhF9ZVlsKjOyII5rCi N2JUT056m2R6QyNZOsOBHuOBWIbpEu8fbjhE3ZtDGIX6JNcheEWmC8yzGRnkC8wO BxXf1VBL3/t8C9IPOsr1p/fUtZXDo/tZXbdVUHWLcifPCdL7qF0JHxs= -----END CERTIFICATE-----Generated at Wed Apr 16 16:40:07 2025 by rpki-client