$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: gEKv0HnfFZD/BSoNML60S6t9IMxiVRUU1muDxbqNIlI= Subject key identifier: DA:4E:4B:58:74:56:99:A6:D9:4B:48:1D:72:1B:BE:31:E2:B7:33:67 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 6E088B5DC9350E511975FC8FF8B61082D1F7E50D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05E4 Signing time: Fri 27 Mar 2026 00:07:46 +0000 Manifest this update: Fri 27 Mar 2026 00:07:46 +0000 Manifest next update: Tue 31 Mar 2026 00:07:46 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: ZnUYitueq2W7zAjhYzN+1NNTtpK8cKYy5lWcCgJEH6A=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 00:07:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:08:8b:5d:c9:35:0e:51:19:75:fc:8f:f8:b6:10:82:d1:f7:e5:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 27 00:07:46 2026 GMT Not After : Mar 31 00:07:46 2026 GMT Subject: serialNumber=0eeea85d27b276df9436f943595866a7f8cf39b80bc0f39dfac581ffd0a3c6a5, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a9:55:91:9c:02:b6:52:01:53:e1:0d:61:b7: 17:86:c3:38:50:dc:e0:b6:3b:c1:02:5b:5c:5e:b8: b3:e4:f2:9d:49:bc:7e:3d:31:97:9a:d3:02:99:a4: 62:f9:26:2e:65:0b:14:b9:bd:03:fa:62:60:f9:e9: c6:64:00:d1:42:c1:1b:5a:5c:f1:a9:0b:b5:2d:58: 89:7f:a6:b4:24:24:67:7e:8a:69:8b:f9:f6:97:bd: 98:dd:e9:08:4d:1e:c2:b1:c1:c8:9e:63:a6:20:a2: f5:5e:15:19:c1:41:9b:d4:76:c4:a2:6d:2d:3e:16: c5:db:77:89:e2:71:db:d2:86:02:59:4c:17:26:f2: 72:28:26:9a:00:3f:d8:0a:27:ad:81:86:88:55:1e: 71:5d:17:63:39:e5:74:90:a4:d5:09:1e:cc:4f:38: 9b:48:66:ea:e6:df:17:d5:b7:27:91:a9:c7:90:72: 2a:5c:1d:8c:de:7e:d1:0f:7a:cd:c4:a6:c9:e2:99: ce:58:b5:d9:a4:74:46:c6:4a:3d:57:e6:96:9f:61: db:34:56:86:b2:b1:e9:27:74:5d:9b:6e:2d:7c:c6: 88:82:8e:3f:0e:7c:82:92:e5:67:88:08:0f:f1:55: c0:ef:c8:d5:4e:14:08:6c:9c:7c:86:43:00:41:46: ba:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:4E:4B:58:74:56:99:A6:D9:4B:48:1D:72:1B:BE:31:E2:B7:33:67 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:48:4d:e9:26:68:45:67:ca:3f:b3:fc:a0:0e:ed:69:bc:b3: e6:d0:0e:29:c0:fd:ff:ae:4a:c9:da:99:d6:e6:2c:20:7a:19: 87:af:7f:87:88:73:85:a2:eb:d3:dc:c5:14:37:2a:7e:5d:b1: 74:79:62:23:0f:95:7a:d5:b8:03:cb:42:5f:3f:8b:6a:a6:d7: 50:6b:2b:cb:10:3e:bd:ba:a9:0f:42:6f:3c:4d:8a:f9:d5:e3: d9:7c:9d:c7:8d:f8:41:4a:29:06:cf:bd:30:e1:41:00:59:68: ec:66:0b:dc:38:77:25:40:af:dd:ad:57:10:95:0d:3e:21:e8: 7c:90:f8:b9:e6:0f:2d:02:34:bb:23:4b:f7:e9:9c:77:2c:e3: a6:e6:79:79:a2:d0:bd:8d:65:40:de:e8:34:22:fa:40:eb:df: 77:65:0e:e7:f1:1d:6c:71:21:11:95:93:25:af:4c:81:1e:36: d1:03:d5:d7:ac:fa:08:e6:13:f6:a2:10:f5:fe:cd:ce:d8:8f: e9:f6:28:ac:38:76:c3:ff:c7:25:75:b3:1d:f5:9a:50:2a:f0: e4:46:8a:6f:26:62:cc:71:90:2d:aa:ef:ab:14:02:13:ce:f8: f5:b9:bc:00:b0:35:e5:9f:3c:7c:94:1c:09:92:44:38:9f:cd: ce:48:7f:dd -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUbgiLXck1DlEZdfyP+LYQgtH35Q0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDMyNzAwMDc0NloX DTI2MDMzMTAwMDc0NlowejFJMEcGA1UEBRNAMGVlZWE4NWQyN2IyNzZkZjk0MzZm OTQzNTk1ODY2YTdmOGNmMzliODBiYzBmMzlkZmFjNTgxZmZkMGEzYzZhNTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqlVkZwCtlIBU+ENYbcXhsM4UNzg tjvBAltcXriz5PKdSbx+PTGXmtMCmaRi+SYuZQsUub0D+mJg+enGZADRQsEbWlzx qQu1LViJf6a0JCRnfoppi/n2l72Y3ekITR7CscHInmOmIKL1XhUZwUGb1HbEom0t PhbF23eJ4nHb0oYCWUwXJvJyKCaaAD/YCietgYaIVR5xXRdjOeV0kKTVCR7MTzib SGbq5t8X1bcnkanHkHIqXB2M3n7RD3rNxKbJ4pnOWLXZpHRGxko9V+aWn2HbNFaG srHpJ3Rdm24tfMaIgo4/DnyCkuVniAgP8VXA78jVThQIbJx8hkMAQUa6PwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFNpOS1h0Vpmm2UtIHXIbvjHitzNnMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBADhITekmaEVnyj+z/KAO7Wm8s+bQDinA /f+uSsnamdbmLCB6GYevf4eIc4Wi69PcxRQ3Kn5dsXR5YiMPlXrVuAPLQl8/i2qm 11BrK8sQPr26qQ9CbzxNivnV49l8nceN+EFKKQbPvTDhQQBZaOxmC9w4dyVAr92t VxCVDT4h6HyQ+LnmDy0CNLsjS/fpnHcs46bmeXmi0L2NZUDe6DQi+kDr33dlDufx HWxxIRGVkyWvTIEeNtED1des+gjmE/aiEPX+zc7Yj+n2KKw4dsP/xyV1sx31mlAq 8ORGim8mYsxxkC2q76sUAhPO+PW5vACwNeWfPHyUHAmSRDifzc5If90= -----END CERTIFICATE-----Generated at Fri Mar 27 14:57:40 2026 by rpki-client