$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft File: manifest.mft (raw, json) Hash identifier: yGovjKxB50DS7QmQuc4QbVP6l1sKjmF/n/ZCU9siiVk= Subject key identifier: 3F:17:6B:ED:B8:65:E2:65:89:E8:25:5B:88:9D:85:78:66:A6:04:81 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 021BE525A33D39F67FE1A2BF7CE8EAA928DB6E6B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft Manifest number: 04BF Signing time: Sat 06 Sep 2025 00:00:10 +0000 Manifest this update: Sat 06 Sep 2025 00:00:10 +0000 Manifest next update: Wed 10 Sep 2025 00:00:10 +0000 Files and hashes: 1: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (hash: Inf6BHRDFcuBrV3oThzzcMkjJroMpJ9ibXuZCcjt7iU=) 2: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (hash: fGSsKj2cKRA3NzFl1vxdTnJLWCoHcVJxd/NP9D4Zgn0=) 3: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (hash: 5krXfQmtvFa3p/zGuhtYdwXx2bhwnSlnBGMBT5/C90s=) 4: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (hash: yNwrc4eIBFh8rwHwD3UT2rO93b0uYz7SKUmA2QpIRAM=) 5: 466316d4-3129-402d-9aa7-5d64ed8b2748.roa (hash: d3D1Cy9b6vvywT1OoZlb4iHQqyvlUSnvxGIHg8SUqGo=) 6: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (hash: +14gGOWicFnFCeHVH8Ak7CK1a9GvGCsscKdiLdX2TPg=) 7: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (hash: ZbfxNTz2vZOd+qwb/sTdNRG2THM9RZh8THAc2h4P8Ns=) 8: 565f9740-389f-45ac-956e-b96e19889315.roa (hash: A3CkU9hX1LJ8Z4Oqu7pSqLLzgProPuTpqUak8x/LmCM=) 9: 9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa (hash: aXM0t9hwbF8ItRCX2bQLMhpTdm1cgiiPqQrW4Nvogaw=) 10: a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl (hash: wPpsJomFn+u5oHtpVrbKKZlbGXYLClsOy5EVWmr6cMA=) 11: b51d6a60-7601-45c2-8839-f2002dfa8409.roa (hash: uZ8t1QW8qXg/l4OrPax5PNIDOJZ7roMZmK1bu7uNxyY=) 12: c18b0845-fc95-41d6-b476-af4e1e466849.roa (hash: y6300OW8yTSeKdHqQ/PnRnkGKDNilhwbmi9rIkZhvqc=) 13: e5ffe65e-7287-4628-8759-7c141866ee12.roa (hash: bqmTaC8T8ve8fQQbO76TSsczcKbQ+gJEVFGBNbBX7fw=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:1b:e5:25:a3:3d:39:f6:7f:e1:a2:bf:7c:e8:ea:a9:28:db:6e:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Sep 6 00:00:10 2025 GMT Not After : Sep 10 00:00:10 2025 GMT Subject: serialNumber=643d1288cbca72339fe53fc740148f54292a6bc2fc601bf2572b6bbce5952303, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:ac:2b:5f:4c:4c:89:a8:cc:e8:e6:ef:c5:7f: 6d:5a:8f:c7:83:53:a3:a1:29:2a:69:b2:bf:80:54: 2d:cd:c5:6e:b8:bf:ae:94:23:7a:74:49:b8:ef:2c: ed:f4:78:35:e6:b1:0f:b0:3b:06:17:00:00:11:b1: ec:4c:d2:ec:33:90:96:47:49:ea:7a:db:dc:51:6a: eb:78:3d:c5:5b:50:e8:6c:98:b1:46:f5:84:f9:b1: 73:3f:83:70:67:43:e0:ff:77:6e:d1:23:2c:44:1e: b0:af:67:bf:b5:6f:93:24:b7:d5:96:eb:ef:df:51: ee:b3:40:54:57:b8:ef:55:06:18:5b:3d:d8:d5:57: cb:b2:31:5f:bf:6b:41:0e:ef:ca:6f:81:4e:d5:17: 65:9f:be:50:cf:43:31:c1:4d:32:0f:27:64:fd:7f: dd:37:94:d2:60:15:ba:fe:66:bd:f3:98:ab:b6:82: b2:ab:6b:29:64:b8:e1:be:ac:c9:c3:9a:02:a1:fe: 93:72:7b:9c:8c:db:ed:d5:0d:d6:8b:17:d8:af:cd: 59:11:0b:0b:65:7a:de:d9:45:7d:d2:d9:13:4f:f2: 63:43:c7:94:0a:ae:48:5e:55:c6:48:0b:45:d7:4a: 6e:d3:d3:ab:a0:21:2b:23:2a:ba:33:7c:9d:a2:de: d8:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:17:6B:ED:B8:65:E2:65:89:E8:25:5B:88:9D:85:78:66:A6:04:81 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:af:45:ef:1f:3d:30:0e:7e:74:e8:97:cd:7b:03:c5:8c:76: 9a:c4:c0:b6:59:89:f1:3e:b1:b8:cf:0f:75:a4:ca:61:cb:19: 26:d0:1b:5a:31:6b:f0:94:d7:80:b9:fc:ac:e2:f7:38:d7:cc: ef:4e:68:bd:c7:58:1a:71:b5:7a:34:36:f7:2b:66:b2:47:eb: 08:94:75:b5:01:d2:25:34:1e:c5:05:a9:37:5f:ca:b5:87:94: 48:56:a9:7e:aa:c0:a3:6f:9f:a4:cb:85:94:0f:d6:f5:87:2c: 07:1f:71:d3:fc:14:ba:b3:53:16:67:74:56:9a:f4:02:be:ce: 23:c7:93:e6:cf:74:2e:cb:97:44:c1:11:09:35:15:e3:c9:05: 58:b9:62:bb:90:36:8d:af:27:19:70:fd:bb:a2:b6:a2:c2:d4: 9a:cc:45:dc:46:21:02:d5:bb:5b:54:a6:fb:20:56:6b:20:9b: 2a:7e:b0:96:31:3b:4c:ad:88:cc:36:12:97:fe:4d:b4:e4:7f: 12:a8:09:0a:25:af:a0:7b:66:78:77:f9:5e:5e:02:48:05:6f: 63:ea:98:3f:89:17:89:41:a5:03:6e:01:72:94:dd:83:79:d3: bd:2a:87:fd:ec:9c:bc:88:da:83:02:8e:5f:f3:18:7e:62:73: 1e:61:bd:6e -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUAhvlJaM9OfZ/4aK/fOjqqSjbbmswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDkwNjAwMDAxMFoX DTI1MDkxMDAwMDAxMFowejFJMEcGA1UEBRNANjQzZDEyODhjYmNhNzIzMzlmZTUz ZmM3NDAxNDhmNTQyOTJhNmJjMmZjNjAxYmYyNTcyYjZiYmNlNTk1MjMwMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqwrX0xMiajM6ObvxX9tWo/Hg1Oj oSkqabK/gFQtzcVuuL+ulCN6dEm47yzt9Hg15rEPsDsGFwAAEbHsTNLsM5CWR0nq etvcUWrreD3FW1DobJixRvWE+bFzP4NwZ0Pg/3du0SMsRB6wr2e/tW+TJLfVluvv 31Hus0BUV7jvVQYYWz3Y1VfLsjFfv2tBDu/Kb4FO1Rdln75Qz0MxwU0yDydk/X/d N5TSYBW6/ma985irtoKyq2spZLjhvqzJw5oCof6TcnucjNvt1Q3WixfYr81ZEQsL ZXre2UV90tkTT/JjQ8eUCq5IXlXGSAtF10pu09OroCErIyq6M3ydot7YDwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFD8Xa+24ZeJlieglW4idhXhmpgSBMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMDhjMmYyNjQtMjNm OS00OWZiLTlkNDMtZjhiNTBiZWM5MjYxL2E1YjAxYmRkLWNkZWItNGNmYy04Yzkz LTdlNzBjNWUwOTMwNi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAGCvRe8fPTAOfnTol817A8WMdprEwLZZ ifE+sbjPD3WkymHLGSbQG1oxa/CU14C5/Kzi9zjXzO9OaL3HWBpxtXo0NvcrZrJH 6wiUdbUB0iU0HsUFqTdfyrWHlEhWqX6qwKNvn6TLhZQP1vWHLAcfcdP8FLqzUxZn dFaa9AK+ziPHk+bPdC7Ll0TBEQk1FePJBVi5YruQNo2vJxlw/buitqLC1JrMRdxG IQLVu1tUpvsgVmsgmyp+sJYxO0ytiMw2Epf+TbTkfxKoCQolr6B7Znh3+V5eAkgF b2PqmD+JF4lBpQNuAXKU3YN5070qh/3snLyI2oMCjl/zGH5icx5hvW4= -----END CERTIFICATE-----Generated at Sat Sep 6 15:20:06 2025 by rpki-client