$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft File: manifest.mft (raw, json) Hash identifier: m+hpFA5g9zb0Wmes1OwMeV5KB/PGNq/w8AMtEgwdg58= Subject key identifier: 96:32:C8:5E:16:C3:C9:9C:84:1B:4F:EC:58:D0:6D:3C:04:99:E8:BD Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 204B80856A9E56E4274BCC9C82232628B8F8E13A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft Manifest number: 04EF Signing time: Tue 21 Oct 2025 00:01:02 +0000 Manifest this update: Tue 21 Oct 2025 00:01:02 +0000 Manifest next update: Sat 25 Oct 2025 00:01:02 +0000 Files and hashes: 1: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (hash: IAE/EgLUs20wPy1NberdZ5RlgXXRQyh5hMi8XIkDDVc=) 2: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (hash: EakTpsjg8XbW1cpR2oHcTT8EbYnqa5DVQybZqrZLkNY=) 3: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (hash: FB1Qpi6ubFBBb9QiCsmL14R/uNLcJYJQgm5SPXnPMkY=) 4: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (hash: crbnfBSBUv7kqzvdC15ui/LRtS7PQKPupuvCIreIl3Y=) 5: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (hash: hlhw8zUOcvU7dCYv2yf608PlU2cI798S9a3AQCYnqmg=) 6: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (hash: 1v9wIq4sBNlm/GC2BfQyE/SqWT0MGKf/GJbKnEXdVbE=) 7: 565f9740-389f-45ac-956e-b96e19889315.roa (hash: LJvew2T9bQIWuMlfUiq97MVDbVzuyC1QaX8FwA75otA=) 8: 840736df-cd98-4b5b-a4f2-5615993fc74d.roa (hash: n6tVsR1XAfzbjsnP/JgcUnf25M8E2mzJBAvKI8Zei+g=) 9: 9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa (hash: I1sPXiJBTC8O2PwOLV/CyY9n+H0ukfg/Uu670rdT7bs=) 10: a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl (hash: o1sqSl+0+jlhM/Cj8+otJ3hoYTaoxM6AgPh3tSxz3ng=) 11: b51d6a60-7601-45c2-8839-f2002dfa8409.roa (hash: UUIRkRmygN8aNQhzVQrNSTNyWSo9jIDHe1HZw1qKUNc=) 12: c18b0845-fc95-41d6-b476-af4e1e466849.roa (hash: 1qCT2IAmbrL6ggBAizoqvmMijAOFpynSDLesioUlgsA=) 13: e5ffe65e-7287-4628-8759-7c141866ee12.roa (hash: RRxrTylUoJkKAEjxwP+vK1kttbtccN3yY6tn3ob0ZHQ=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:4b:80:85:6a:9e:56:e4:27:4b:cc:9c:82:23:26:28:b8:f8:e1:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 21 00:01:02 2025 GMT Not After : Oct 25 00:01:02 2025 GMT Subject: serialNumber=29257e83f87e4e4b16b54eaef2507a73962eb9c57720e02c46905dbc1dc5b3f1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:89:a5:35:1c:f1:7a:b1:59:a2:06:3f:76:8d: 8a:dc:db:36:f3:07:fb:ce:18:0d:95:39:4e:62:39: d9:5c:a8:74:71:40:65:88:96:70:5a:32:54:fc:5d: 67:29:1a:78:cc:43:31:a0:45:05:1c:8b:70:bf:70: 15:76:78:36:d9:3d:a0:04:93:71:c2:55:ec:cf:75: ff:aa:8b:b4:d6:16:fd:3b:c2:12:6a:7c:9d:7c:45: 44:1e:c3:da:3f:12:9b:e3:01:48:63:e7:23:65:c4: 2c:24:37:45:95:84:6b:51:67:ec:39:72:33:5a:6a: 1f:18:71:1b:5e:f3:04:96:3c:e0:7c:52:f4:ee:97: 44:eb:b6:7e:4a:f7:ac:b6:76:5f:e7:5f:2d:4a:4e: c0:ec:d3:f5:c0:3e:73:41:17:90:70:5a:56:24:a4: d4:1b:03:51:0e:98:79:1c:4e:4b:bd:58:e0:f1:27: 8e:62:f9:6d:8d:49:55:db:36:3a:0c:17:97:de:d6: f5:5c:d6:53:a0:f9:f9:01:7d:53:66:90:11:47:04: 60:79:05:5f:25:53:81:72:ca:60:11:21:c8:13:1a: 18:3c:74:23:f6:e6:8a:c7:9c:2e:90:c6:bc:0e:73: 54:5c:51:13:ce:60:87:4f:5d:d2:31:d2:cc:5f:1f: 5d:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:32:C8:5E:16:C3:C9:9C:84:1B:4F:EC:58:D0:6D:3C:04:99:E8:BD X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:00:e1:27:e9:3e:11:28:16:63:cd:6c:17:93:dd:46:6c:a2: 33:70:1e:75:8b:87:40:ee:79:06:f4:26:e5:75:7e:00:71:32: c1:28:46:b0:14:7c:d6:12:c5:d4:57:a9:2b:c0:f9:16:c0:0e: b3:bc:43:20:a8:b5:1a:55:31:45:6a:a8:46:d7:65:a7:dd:a6: ee:d1:25:5b:02:af:d9:32:c1:48:a0:f0:f2:8f:10:d0:b1:cc: 50:8b:42:c9:7f:c3:a9:b3:e4:a0:5c:e2:4e:6f:41:4c:82:fa: 53:cc:c3:2a:be:ce:7a:d0:c3:e6:4c:e5:9a:51:37:98:f4:9e: de:a7:28:85:4e:7a:4c:7c:98:28:8a:bc:15:60:fe:59:ed:29: 11:24:25:27:99:5c:0e:97:6e:2a:37:79:ce:93:17:94:57:0b: 62:73:58:7b:03:2d:52:bb:7e:1a:aa:c5:09:2a:88:55:89:72: 67:be:9c:ec:69:cd:ed:78:39:be:41:99:7e:bd:5d:53:07:dc: 6b:85:1b:87:e7:50:bd:55:b1:f7:b5:8f:a2:26:a5:bf:03:ed: 60:ee:d6:89:16:75:79:75:df:54:86:97:74:c0:c7:30:9f:97: 7d:e0:fe:e1:6d:d1:83:bd:ba:ed:d1:c4:de:fb:71:fe:b5:f2: f5:47:23:a1 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUIEuAhWqeVuQnS8ycgiMmKLj44TowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAyMTAwMDEwMloX DTI1MTAyNTAwMDEwMlowejFJMEcGA1UEBRNAMjkyNTdlODNmODdlNGU0YjE2YjU0 ZWFlZjI1MDdhNzM5NjJlYjljNTc3MjBlMDJjNDY5MDVkYmMxZGM1YjNmMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsomlNRzxerFZogY/do2K3Ns28wf7 zhgNlTlOYjnZXKh0cUBliJZwWjJU/F1nKRp4zEMxoEUFHItwv3AVdng22T2gBJNx wlXsz3X/qou01hb9O8ISanydfEVEHsPaPxKb4wFIY+cjZcQsJDdFlYRrUWfsOXIz WmofGHEbXvMEljzgfFL07pdE67Z+SvestnZf518tSk7A7NP1wD5zQReQcFpWJKTU GwNRDph5HE5LvVjg8SeOYvltjUlV2zY6DBeX3tb1XNZToPn5AX1TZpARRwRgeQVf JVOBcspgESHIExoYPHQj9uaKx5wukMa8DnNUXFETzmCHT13SMdLMXx9dZwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFJYyyF4Ww8mchBtP7FjQbTwEmei9MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMDhjMmYyNjQtMjNm OS00OWZiLTlkNDMtZjhiNTBiZWM5MjYxL2E1YjAxYmRkLWNkZWItNGNmYy04Yzkz LTdlNzBjNWUwOTMwNi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBADMA4SfpPhEoFmPNbBeT3UZsojNwHnWL h0DueQb0JuV1fgBxMsEoRrAUfNYSxdRXqSvA+RbADrO8QyCotRpVMUVqqEbXZafd pu7RJVsCr9kywUig8PKPENCxzFCLQsl/w6mz5KBc4k5vQUyC+lPMwyq+znrQw+ZM 5ZpRN5j0nt6nKIVOekx8mCiKvBVg/lntKREkJSeZXA6Xbio3ec6TF5RXC2JzWHsD LVK7fhqqxQkqiFWJcme+nOxpze14Ob5BmX69XVMH3GuFG4fnUL1Vsfe1j6Impb8D 7WDu1okWdXl131SGl3TAxzCfl33g/uFt0YO9uu3RxN77cf618vVHI6E= -----END CERTIFICATE-----Generated at Tue Oct 21 21:24:00 2025 by rpki-client