This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: CTsCgo+Gyr7DsiJxQAaeXF1zbNsSjTRTMmgWoCOJhj8= Subject key identifier: D4:99:F3:B7:38:A7:83:34:B1:DD:11:41:F8:DB:C4:DC:EB:8D:54:1E Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 0F58EA04E9159FC726A12DDD0805463B7B1BAF11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0577 Signing time: Mon 08 Dec 2025 00:01:04 +0000 Manifest this update: Mon 08 Dec 2025 00:01:04 +0000 Manifest next update: Fri 12 Dec 2025 00:01:04 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: JhQsmRjXP7cn08DcT7QfIzw7J2+5FQCXTFJg3z7tYx8=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: S1Ao7Ed2lEOUChf0wwWlihVPVCgDd6ngfsHWkEG+//M=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: Tu8KJsB24gvGTIUjn+HPIkPOVBYVMazosJy1Qzbh6a8=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: FS1vyz0XLamDOjQ21vOD06OkgWtvhJ7UwSqPGE+oQcg=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 58PnTQblNII2sxrHD4qKI/6eE/pKAhirfUgxfDJkXS8=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: cQc2HrAbBAfe1GL6X0izbfHrnYW3gH/cqRPzedsr7F8=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:58:ea:04:e9:15:9f:c7:26:a1:2d:dd:08:05:46:3b:7b:1b:af:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Dec 8 00:01:04 2025 GMT Not After : Dec 12 00:01:04 2025 GMT Subject: serialNumber=aa500502017e666b6ff8c6a13549afac0f44424a73448c11599500a6a11499d9, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d9:ba:53:91:9d:92:97:c9:2f:54:06:45:02: 4b:a0:79:b7:42:78:cb:68:0b:f7:61:55:43:03:f2: f7:57:8d:40:4e:d6:02:8b:96:a4:45:9d:aa:e9:5d: 47:27:41:8b:69:c1:d3:5a:95:36:0b:b4:7f:28:75: a6:c0:90:ae:f3:5a:9d:a8:9c:02:11:ce:aa:1c:f2: 13:17:24:48:a9:be:44:8c:5a:90:50:f6:9d:d5:90: 59:68:87:cf:93:f1:4a:30:1f:d8:b9:13:e7:1b:7e: 92:f4:f5:72:07:0a:26:41:0f:13:f4:89:08:65:12: d9:fc:60:b7:ae:60:a5:f5:b2:60:43:87:a3:6d:b4: 82:8a:b4:2c:2c:c0:b3:a9:2f:fb:c7:6f:7d:9e:05: 82:7a:67:14:21:d5:46:5b:02:e8:52:87:4d:dc:8f: ee:02:da:0b:41:b7:ec:16:5e:b5:b8:d9:d2:b1:4a: 18:ad:43:60:33:93:4b:33:8f:e7:e3:e5:26:e0:cd: ba:83:8a:4d:8d:31:b5:ec:66:46:60:a3:8e:35:5e: 94:4e:2b:83:2f:58:f5:47:ab:a6:af:1b:f1:86:ed: 3d:80:d5:31:38:c0:af:dc:cb:30:86:3d:47:73:16: ba:f5:42:ec:f2:05:53:30:ef:e0:dc:5d:70:0e:c9: 60:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:99:F3:B7:38:A7:83:34:B1:DD:11:41:F8:DB:C4:DC:EB:8D:54:1E X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:2c:c6:fb:d8:2f:e9:20:23:8f:f6:51:43:40:15:87:e3:c0: 9e:2c:42:c4:49:aa:69:0d:bd:ae:6e:39:71:a6:f2:f7:ed:de: 3b:01:5b:90:11:cc:70:33:67:0d:4f:67:47:14:de:13:0e:13: 3a:e2:b5:e4:6b:0f:39:9b:ff:de:9f:6e:ef:8f:11:eb:d2:45: 0d:52:b0:ec:5b:43:eb:58:29:db:6a:96:d8:6e:1d:f1:fd:ae: ac:d6:1b:8a:c0:d7:47:4d:92:3b:6a:60:28:82:68:3e:a6:d3: 9b:83:cf:8e:91:8b:33:9d:67:f7:38:f2:01:87:f9:f0:52:66: b0:43:b1:14:b0:c3:42:99:36:d6:d9:65:e5:ee:b8:b1:40:ba: cf:62:72:e1:a2:15:ad:e1:36:6a:e0:e8:a7:3c:71:89:36:11: 24:17:40:82:48:e0:ff:19:ea:b5:b3:d8:63:5e:b1:17:1a:e4: fe:4f:02:5f:53:2b:88:d4:af:a1:b6:39:f6:32:8b:46:55:3d: 9f:0f:3d:60:03:bb:df:7a:80:32:a5:71:c9:9c:46:f9:17:78: a5:93:5e:2f:98:02:00:f4:be:8e:b7:a8:4d:4f:d0:2f:9b:65: b3:21:3f:d6:92:8c:c0:21:a9:90:48:a9:7d:6a:6d:3a:2e:0e: 5e:6b:ee:9d -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUD1jqBOkVn8cmoS3dCAVGO3sbrxEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTIwODAwMDEwNFoX DTI1MTIxMjAwMDEwNFowejFJMEcGA1UEBRNAYWE1MDA1MDIwMTdlNjY2YjZmZjhj NmExMzU0OWFmYWMwZjQ0NDI0YTczNDQ4YzExNTk5NTAwYTZhMTE0OTlkOTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9m6U5GdkpfJL1QGRQJLoHm3QnjL aAv3YVVDA/L3V41ATtYCi5akRZ2q6V1HJ0GLacHTWpU2C7R/KHWmwJCu81qdqJwC Ec6qHPITFyRIqb5EjFqQUPad1ZBZaIfPk/FKMB/YuRPnG36S9PVyBwomQQ8T9IkI ZRLZ/GC3rmCl9bJgQ4ejbbSCirQsLMCzqS/7x299ngWCemcUIdVGWwLoUodN3I/u AtoLQbfsFl61uNnSsUoYrUNgM5NLM4/n4+Um4M26g4pNjTG17GZGYKOONV6UTiuD L1j1R6umrxvxhu09gNUxOMCv3Mswhj1Hcxa69ULs8gVTMO/g3F1wDslg8QIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFNSZ87c4p4M0sd0RQfjbxNzrjVQeMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAAssxvvYL+kgI4/2UUNAFYfjwJ4sQsRJ qmkNva5uOXGm8vft3jsBW5ARzHAzZw1PZ0cU3hMOEzriteRrDzmb/96fbu+PEevS RQ1SsOxbQ+tYKdtqlthuHfH9rqzWG4rA10dNkjtqYCiCaD6m05uDz46RizOdZ/c4 8gGH+fBSZrBDsRSww0KZNtbZZeXuuLFAus9icuGiFa3hNmrg6Kc8cYk2ESQXQIJI 4P8Z6rWz2GNesRca5P5PAl9TK4jUr6G2OfYyi0ZVPZ8PPWADu996gDKlccmcRvkX eKWTXi+YAgD0vo63qE1P0C+bZbMhP9aSjMAhqZBIqX1qbTouDl5r7p0= -----END CERTIFICATE-----Generated at Mon Dec 8 05:57:48 2025 by rpki-client