$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft File: manifest.mft (raw, json) Hash identifier: lPVh/NSNPwjCq6b7eZNa/RCXW/2P/oJolLiCTEO2Y4M= Subject key identifier: 3B:A9:DE:C9:90:C8:A5:D7:32:A6:1A:65:7F:17:A1:78:D3:44:D1:75 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 2735EAE108F03D15AEC6A98C360A9EA811FD6232 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft Manifest number: 045A Signing time: Tue 03 Jun 2025 00:01:55 +0000 Manifest this update: Tue 03 Jun 2025 00:01:55 +0000 Manifest next update: Sat 07 Jun 2025 00:01:55 +0000 Files and hashes: 1: 098c0cc3-be06-46b9-86e2-aeb99985dd07.roa (hash: jqwgOh5kWS3z1bEK82fAndF7P90TC9bsHaTEp5XUyI4=) 2: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (hash: 5YijxIX9ngseBpWgEXEtOJrJ/ZAQOXITkJJZXaF7RnQ=) 3: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (hash: NIj4/9nFBGK+Vn9i148rv3zESFxJslWIzQnP0S133PE=) 4: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (hash: bCB/1Q5i8vsuxJQ/RgS78i9KtNoQzI1Vx/oBRclCOlQ=) 5: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (hash: NcP3dfH5GjerFx00TDgkOgbiNcw3Wc98hrL/uGsB4Bg=) 6: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (hash: XcYQX4Y/m3zzTIGmqDZEsfiakUrP2LbxSIfICZUY2o4=) 7: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (hash: xthRMTgaJty+OIosYTfkHKttTrNfVnZL3POEE8TPxZQ=) 8: 565f9740-389f-45ac-956e-b96e19889315.roa (hash: L72PNQDj+dbD8I1YKZ/eFCM/XzMScNXvz5qRjI7nF3o=) 9: 72c1271b-5ed8-4478-ba43-6741904af7c8.roa (hash: PMhYSh4GOpjm9AZyz+mUE5IVu+zZmSBOJvzVDTLvMlI=) 10: 9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa (hash: dOEGzxN2yNNOFxoc1JbP7NDyvs7Lju0DQ5p0gw5bTpg=) 11: a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl (hash: pkmlilHxNgsGuOPnOLHVa03SRdltWuT2s9V8pVZzDyU=) 12: c18b0845-fc95-41d6-b476-af4e1e466849.roa (hash: bkvR3JA/fWxGuSnPgMF5xYxAGZ1T00VGLETmxfENh+4=) 13: e5ffe65e-7287-4628-8759-7c141866ee12.roa (hash: IlF3qJeZL89pawvOIJAXNedBkx2oJXXvVN15LGyrQ1g=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:35:ea:e1:08:f0:3d:15:ae:c6:a9:8c:36:0a:9e:a8:11:fd:62:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jun 3 00:01:55 2025 GMT Not After : Jun 7 00:01:55 2025 GMT Subject: serialNumber=5467744665e74e708d6e25797cac3787044d43a593d379ab18c31a3b59a14d9a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0a:6b:1b:9d:d3:6f:c6:42:f8:cd:1a:b4:46: 30:8b:f0:9b:04:7b:8c:1b:82:5e:53:16:04:3d:82: 94:34:a6:bc:ed:84:cd:0c:2b:79:29:82:7a:9c:d0: ee:06:63:81:11:77:5f:5c:f2:34:04:d5:6e:d2:f9: dd:44:9b:c2:c3:79:d9:6a:4f:46:8a:a7:62:89:f4: b9:e9:88:42:09:26:b4:98:de:20:d5:7d:57:82:62: c8:61:b2:a3:71:62:3c:b4:ae:16:89:5b:e3:ab:8e: 03:7b:bd:38:61:31:b0:07:4b:13:8d:86:8a:6b:83: 64:ab:20:5a:8e:b8:9d:8c:ab:e2:28:d4:d9:49:21: 0f:1a:84:cf:67:85:75:e4:63:00:5b:9c:d3:58:16: 2d:83:82:71:0f:e0:77:4d:f1:10:1d:1e:2b:34:88: 15:5c:c6:a8:ca:52:ee:85:d2:ec:f0:dc:53:41:d9: 2d:35:43:e7:98:e8:0a:6d:7c:d3:46:68:1f:8a:50: c3:82:0a:a8:df:28:68:f6:4d:d8:2b:4c:f9:e5:f7: 4a:81:f9:4c:bc:41:a3:b6:24:66:c4:f8:bf:bd:62: 40:fd:12:4d:f4:db:12:e1:48:3f:0f:37:2d:e0:73: c0:84:ce:5b:d9:d5:31:eb:af:45:dc:7f:44:2e:d7: 34:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:A9:DE:C9:90:C8:A5:D7:32:A6:1A:65:7F:17:A1:78:D3:44:D1:75 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:4f:4f:fb:1c:66:87:19:0e:2d:7f:bc:23:8d:7e:e9:f2:5e: 6c:99:09:cf:64:32:b8:24:f5:a5:3c:3e:76:70:c5:36:eb:e0: f1:9b:c0:73:c4:17:08:4f:1a:0d:1d:98:97:a6:ee:24:9b:8a: 78:cc:f3:c2:6b:05:7e:96:06:ff:52:70:12:0e:30:02:b0:b0: 1c:5a:8b:ad:1e:77:b1:35:4f:1a:af:92:e1:de:ed:4c:16:9a: 45:46:4f:a1:91:ae:b7:c4:76:ca:cf:f8:88:f4:3e:62:ee:42: 8c:a5:e8:c3:20:c3:f1:64:00:ca:59:d2:41:89:b5:8a:f0:5d: b5:7a:30:6e:4f:f4:29:d5:39:25:a6:c7:a6:81:fa:de:62:3b: 7d:32:b9:b7:84:b7:4c:0f:63:3e:6c:e1:39:54:94:b3:ed:a6: 7b:13:28:5e:da:fe:6d:4b:d7:c2:b8:74:73:01:14:ab:17:92: 8f:83:b7:b2:49:eb:47:e0:1f:22:93:7e:d7:73:0d:c3:c6:98: b5:0d:e9:24:aa:67:f4:31:b7:0a:d4:9c:bf:aa:f8:8f:b3:3c: e0:fa:1f:c2:cd:94:63:f8:91:6c:2f:15:fe:03:c7:a6:b9:2c: d6:f4:7f:30:e5:89:d3:7d:0c:f2:24:32:69:23:7e:e9:eb:40: 07:10:e7:19 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUJzXq4QjwPRWuxqmMNgqeqBH9YjIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDYwMzAwMDE1NVoX DTI1MDYwNzAwMDE1NVowejFJMEcGA1UEBRNANTQ2Nzc0NDY2NWU3NGU3MDhkNmUy NTc5N2NhYzM3ODcwNDRkNDNhNTkzZDM3OWFiMThjMzFhM2I1OWExNGQ5YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAprG53Tb8ZC+M0atEYwi/CbBHuM G4JeUxYEPYKUNKa87YTNDCt5KYJ6nNDuBmOBEXdfXPI0BNVu0vndRJvCw3nZak9G iqdiifS56YhCCSa0mN4g1X1XgmLIYbKjcWI8tK4WiVvjq44De704YTGwB0sTjYaK a4NkqyBajridjKviKNTZSSEPGoTPZ4V15GMAW5zTWBYtg4JxD+B3TfEQHR4rNIgV XMaoylLuhdLs8NxTQdktNUPnmOgKbXzTRmgfilDDggqo3yho9k3YK0z55fdKgflM vEGjtiRmxPi/vWJA/RJN9NsS4Ug/Dzct4HPAhM5b2dUx669F3H9ELtc0xwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFDup3smQyKXXMqYaZX8XoXjTRNF1MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMDhjMmYyNjQtMjNm OS00OWZiLTlkNDMtZjhiNTBiZWM5MjYxL2E1YjAxYmRkLWNkZWItNGNmYy04Yzkz LTdlNzBjNWUwOTMwNi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAChPT/scZocZDi1/vCONfunyXmyZCc9k Mrgk9aU8PnZwxTbr4PGbwHPEFwhPGg0dmJem7iSbinjM88JrBX6WBv9ScBIOMAKw sBxai60ed7E1TxqvkuHe7UwWmkVGT6GRrrfEdsrP+Ij0PmLuQoyl6MMgw/FkAMpZ 0kGJtYrwXbV6MG5P9CnVOSWmx6aB+t5iO30yubeEt0wPYz5s4TlUlLPtpnsTKF7a /m1L18K4dHMBFKsXko+Dt7JJ60fgHyKTftdzDcPGmLUN6SSqZ/QxtwrUnL+q+I+z POD6H8LNlGP4kWwvFf4Dx6a5LNb0fzDlidN9DPIkMmkjfunrQAcQ5xk= -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:21 2025 by rpki-client