$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: C7M7sn1xCoblKAbvpgrqnI6I1nJ4ZikBS1wGk4+3SI0= Subject key identifier: 04:A9:6E:89:7E:66:5D:23:BD:01:BF:E4:B4:59:E5:EC:F6:21:54:B5 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 3A3E2D6C7CBA2D51731C47B56CD05388FC9270AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0607 Signing time: Fri 01 May 2026 00:01:26 +0000 Manifest this update: Fri 01 May 2026 00:01:26 +0000 Manifest next update: Tue 05 May 2026 00:01:26 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: jRY8L/JvSqDC87CaTp/qNhvrQ5WESU1IwvHB0xjaA+w=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: ixxf6ccd3osEyLmWkgkbiHVYyusTctrUjOhnPpMvlE4=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: pL63iKjbLOLYlourekfOR4Nmgu8cB/gmsl43BXFS/jc=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 64kuFuROhLtieOXlazTSy2bjQ+E6VKxKN/jo5XO5H34=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: ZpxX4uxdJxBRqoXrMr+4TjfM6a61MegoEvwGJaS8fgI=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 05 May 2026 00:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:3e:2d:6c:7c:ba:2d:51:73:1c:47:b5:6c:d0:53:88:fc:92:70:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: May 1 00:01:26 2026 GMT Not After : May 5 00:01:26 2026 GMT Subject: serialNumber=a6ae8669c578e8d934a289119782871e394b58ea529a51dbe2a2b646a7b5c4ac, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a6:48:bf:e6:d4:c4:c1:be:c3:d8:91:af:b7: 24:30:8f:40:f1:ee:ec:7d:2a:22:f1:c2:2b:52:bd: 76:78:09:75:6b:7d:bf:98:a1:6c:9d:fe:78:29:2e: 69:7f:0b:18:f0:5e:13:e2:e5:b9:61:12:88:18:81: a1:5e:8c:a6:3d:ff:17:c5:bc:99:d3:ba:1b:cf:0b: 07:78:a8:e1:5b:84:a2:53:3e:e5:bf:29:71:2c:04: 0e:f1:f2:f0:c0:b9:ae:75:57:e3:7e:55:fd:02:ff: bd:b9:51:dd:fd:40:60:d7:bf:fb:94:fa:a1:10:48: 20:ee:c6:63:3c:f3:c5:3c:21:ca:3f:cb:8a:de:db: fa:81:18:88:0e:a2:d7:af:81:bf:25:85:99:98:b7: 39:24:a4:74:55:58:2e:4c:ce:e3:6f:22:e0:5e:ce: 83:6a:a8:44:22:41:87:ba:c8:7b:80:bc:d9:20:a2: b0:0c:67:27:39:ae:36:0b:89:75:d6:0c:32:8b:44: 92:52:4d:18:76:c3:8b:0a:c3:b7:76:7c:84:af:82: da:a3:12:ea:f5:bf:83:fb:94:46:34:e4:b3:43:84: 16:11:86:80:fb:45:c6:a2:c2:06:e9:82:c3:47:15: 63:b3:14:ec:a0:73:b8:ec:d6:f6:e6:01:e5:ef:ca: 3a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:A9:6E:89:7E:66:5D:23:BD:01:BF:E4:B4:59:E5:EC:F6:21:54:B5 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:dd:ae:1f:75:9f:f1:06:50:09:1c:10:08:5c:07:5b:31:32: 19:36:ab:d0:33:f2:71:6d:1b:ca:26:83:41:7f:24:14:50:b7: 9f:6e:d7:71:64:6f:47:bf:6f:73:1b:f1:fe:96:c9:6c:f5:42: 3d:63:97:1d:a8:8a:43:b5:ea:23:57:4e:fb:d8:44:18:84:3a: 8c:95:69:86:cd:76:0f:6a:fc:58:fe:53:e5:70:06:b4:1b:a6: bd:4d:57:b1:47:d6:a8:0d:40:6d:ab:96:83:43:8e:bc:c4:6c: aa:59:f3:8a:4e:9d:27:9b:72:24:5a:ce:3d:4d:0e:7d:57:53: 56:a0:fb:22:9d:68:55:e5:da:73:cd:b5:64:fc:84:18:a9:8a: 7d:0a:5f:8d:a4:dd:7b:90:8e:49:b4:1c:64:47:e9:d8:03:2b: b2:43:23:b0:4d:f8:24:92:48:35:26:10:0e:c9:14:47:fe:3c: 68:1d:d1:a4:42:3d:82:3e:8c:9e:0b:39:55:36:0f:c4:b6:f3: a4:60:1a:eb:e5:f7:f9:8a:a6:09:07:f4:3c:3b:f9:c5:8c:f7: cb:f1:ba:c9:26:a8:a3:b8:8f:f5:ee:b8:b8:26:3c:72:93:3e: ec:09:e1:5c:41:bf:63:66:e9:dc:69:d5:45:54:85:54:45:55: a4:fc:72:ff -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUOj4tbHy6LVFzHEe1bNBTiPyScKswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDUwMTAwMDEyNloX DTI2MDUwNTAwMDEyNlowejFJMEcGA1UEBRNAYTZhZTg2NjljNTc4ZThkOTM0YTI4 OTExOTc4Mjg3MWUzOTRiNThlYTUyOWE1MWRiZTJhMmI2NDZhN2I1YzRhYzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaZIv+bUxMG+w9iRr7ckMI9A8e7s fSoi8cIrUr12eAl1a32/mKFsnf54KS5pfwsY8F4T4uW5YRKIGIGhXoymPf8XxbyZ 07obzwsHeKjhW4SiUz7lvylxLAQO8fLwwLmudVfjflX9Av+9uVHd/UBg17/7lPqh EEgg7sZjPPPFPCHKP8uK3tv6gRiIDqLXr4G/JYWZmLc5JKR0VVguTM7jbyLgXs6D aqhEIkGHush7gLzZIKKwDGcnOa42C4l11gwyi0SSUk0YdsOLCsO3dnyEr4LaoxLq 9b+D+5RGNOSzQ4QWEYaA+0XGosIG6YLDRxVjsxTsoHO47Nb25gHl78o6+wIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFASpbol+Zl0jvQG/5LRZ5ez2IVS1MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBACjdrh91n/EGUAkcEAhcB1sxMhk2q9Az 8nFtG8omg0F/JBRQt59u13Fkb0e/b3Mb8f6WyWz1Qj1jlx2oikO16iNXTvvYRBiE OoyVaYbNdg9q/Fj+U+VwBrQbpr1NV7FH1qgNQG2rloNDjrzEbKpZ84pOnSebciRa zj1NDn1XU1ag+yKdaFXl2nPNtWT8hBipin0KX42k3XuQjkm0HGRH6dgDK7JDI7BN +CSSSDUmEA7JFEf+PGgd0aRCPYI+jJ4LOVU2D8S286RgGuvl9/mKpgkH9Dw7+cWM 98vxuskmqKO4j/XuuLgmPHKTPuwJ4VxBv2Nm6dxp1UVUhVRFVaT8cv8= -----END CERTIFICATE-----Generated at Fri May 1 15:55:43 2026 by rpki-client