This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: GoNHE24ixiQ9sIPfQxeyjFNsUHBDrZ/sP51wpU7omCA= Subject key identifier: BA:BB:55:05:01:D1:BA:48:B5:D7:EC:8D:B6:14:C1:4D:F3:B5:4A:D4 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 4FFC279C911B1B10CC49A27129624E65DFAEE802 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 058B Signing time: Sun 28 Dec 2025 00:10:49 +0000 Manifest this update: Sun 28 Dec 2025 00:10:49 +0000 Manifest next update: Thu 01 Jan 2026 00:10:49 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: 3pKE7yRgdncBEdIbr87uwwcHqk8PCJZMn9ECkc/OCNk=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: S1Ao7Ed2lEOUChf0wwWlihVPVCgDd6ngfsHWkEG+//M=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: Tu8KJsB24gvGTIUjn+HPIkPOVBYVMazosJy1Qzbh6a8=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: FS1vyz0XLamDOjQ21vOD06OkgWtvhJ7UwSqPGE+oQcg=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 58PnTQblNII2sxrHD4qKI/6eE/pKAhirfUgxfDJkXS8=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: cQc2HrAbBAfe1GL6X0izbfHrnYW3gH/cqRPzedsr7F8=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 Jan 2026 00:10:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:fc:27:9c:91:1b:1b:10:cc:49:a2:71:29:62:4e:65:df:ae:e8:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Dec 28 00:10:49 2025 GMT Not After : Jan 1 00:10:49 2026 GMT Subject: serialNumber=12c6254b004829f50ac0f63d7ad39336ff12424a64dfab07d6f39d8a8b2e4081, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:3b:de:f7:78:f0:7a:8f:c7:dd:aa:f8:71:42: 39:4d:ad:a5:21:f0:5a:3b:e4:c9:b2:30:0c:de:b1: 20:ee:4d:c5:c9:b1:c3:34:9c:c7:6f:05:e4:06:1b: 52:cb:ba:26:26:39:3e:de:80:b4:f7:44:49:f5:cc: 26:55:2e:4f:b6:37:b0:59:54:3f:03:67:cd:98:ee: c1:ee:c5:5f:a2:a0:3f:48:64:ba:9c:10:d9:a3:4a: c7:7f:26:9a:bc:eb:a0:b9:b3:c6:51:e9:63:c4:20: 82:47:7d:c2:47:98:8a:bb:93:e9:3d:29:3a:4e:a5: a4:a5:64:e9:f8:39:61:a7:22:e7:e9:e4:05:50:ba: e9:06:68:11:22:ea:a5:a6:b0:94:fd:bc:69:4f:c7: e0:a4:af:2f:05:dc:98:33:c8:f2:f6:39:66:6d:83: cd:d2:d6:e5:48:8c:0c:97:73:69:29:f7:38:5a:7a: ed:fe:06:25:7a:1f:ba:d1:12:ee:11:59:b8:ab:54: f2:b0:31:a1:22:14:5b:0f:cd:10:25:3d:a0:24:9d: 4b:e9:75:b5:eb:3b:65:52:73:f0:cc:e8:94:cd:9f: 9c:e4:5c:83:0d:1e:98:39:6b:9e:54:5c:c8:11:07: 9d:e8:67:74:70:0e:14:ef:75:65:5d:4b:ab:d2:10: 05:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:BB:55:05:01:D1:BA:48:B5:D7:EC:8D:B6:14:C1:4D:F3:B5:4A:D4 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:09:8c:2c:ad:27:87:9a:62:8e:f0:d0:b2:0f:46:f0:68:26: 1a:83:90:f9:b7:17:74:95:22:a3:07:c4:43:b8:bd:5f:ad:98: 6b:33:88:bc:b3:dc:fd:64:30:2f:ac:7e:d9:e6:7a:d3:34:3c: 8d:cb:7b:ce:5e:4b:97:b8:32:fa:3d:f0:a6:4e:6c:1c:07:8c: 57:5f:2c:cd:96:4a:0f:ce:82:5e:d2:a9:b1:7d:a3:c1:b3:66: 20:b8:58:1b:ac:5a:7b:b7:bc:f3:48:13:b1:ee:64:8d:f2:96: 11:62:1f:88:61:54:2c:9c:87:80:d5:2f:a0:55:71:ae:e6:79: 59:72:84:4d:d7:17:29:98:c3:96:50:f3:2a:25:46:46:75:c5: 18:22:43:ce:35:4d:7c:cd:1b:df:e4:4a:64:6f:c0:ea:ae:61: e5:43:b7:f7:a9:42:bd:26:80:6f:02:aa:7f:5d:8c:78:71:c2: 2a:50:e3:8e:7c:a1:5d:92:b4:56:a9:62:43:aa:6e:48:8f:94: 3c:a6:68:08:ef:d5:82:c6:e7:3d:3e:82:e9:5f:11:53:5d:e4: bd:ad:62:2c:1f:ef:cf:6d:cf:c7:1d:7d:da:1d:c2:cd:59:55: 85:4a:3e:55:6c:a5:73:40:1d:d0:a7:ca:c6:23:eb:90:4a:c3: a2:48:1b:c7 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUT/wnnJEbGxDMSaJxKWJOZd+u6AIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTIyODAwMTA0OVoX DTI2MDEwMTAwMTA0OVowejFJMEcGA1UEBRNAMTJjNjI1NGIwMDQ4MjlmNTBhYzBm NjNkN2FkMzkzMzZmZjEyNDI0YTY0ZGZhYjA3ZDZmMzlkOGE4YjJlNDA4MTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTve93jweo/H3ar4cUI5Ta2lIfBa O+TJsjAM3rEg7k3FybHDNJzHbwXkBhtSy7omJjk+3oC090RJ9cwmVS5PtjewWVQ/ A2fNmO7B7sVfoqA/SGS6nBDZo0rHfyaavOugubPGUeljxCCCR33CR5iKu5PpPSk6 TqWkpWTp+DlhpyLn6eQFULrpBmgRIuqlprCU/bxpT8fgpK8vBdyYM8jy9jlmbYPN 0tblSIwMl3NpKfc4Wnrt/gYleh+60RLuEVm4q1TysDGhIhRbD80QJT2gJJ1L6XW1 6ztlUnPwzOiUzZ+c5FyDDR6YOWueVFzIEQed6Gd0cA4U73VlXUur0hAF+wIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFLq7VQUB0bpItdfsjbYUwU3ztUrUMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAJAJjCytJ4eaYo7w0LIPRvBoJhqDkPm3 F3SVIqMHxEO4vV+tmGsziLyz3P1kMC+sftnmetM0PI3Le85eS5e4Mvo98KZObBwH jFdfLM2WSg/Ogl7SqbF9o8GzZiC4WBusWnu3vPNIE7HuZI3ylhFiH4hhVCych4DV L6BVca7meVlyhE3XFymYw5ZQ8yolRkZ1xRgiQ841TXzNG9/kSmRvwOquYeVDt/ep Qr0mgG8Cqn9djHhxwipQ4458oV2StFapYkOqbkiPlDymaAjv1YLG5z0+gulfEVNd 5L2tYiwf789tz8cdfdodws1ZVYVKPlVspXNAHdCnysYj65BKw6JIG8c= -----END CERTIFICATE-----Generated at Sun Dec 28 06:06:30 2025 by rpki-client