$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: M4ApRT3Knww8RsNk9htLPYShy9nnbFTlU59oarb4bqI= Subject key identifier: 1E:4C:2F:CB:5F:6B:5C:DD:01:BB:78:70:F3:0C:54:E6:4B:70:34:62 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 62F67E93764BEAA3809848F47129AF33FBCB9755 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0603 Signing time: Mon 27 Apr 2026 00:00:09 +0000 Manifest this update: Mon 27 Apr 2026 00:00:09 +0000 Manifest next update: Fri 01 May 2026 00:00:09 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: ncOJWLp+aK8wenVb7YFJNsOqSsI5mtuIJHRk1LR8fx4=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: ixxf6ccd3osEyLmWkgkbiHVYyusTctrUjOhnPpMvlE4=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: pL63iKjbLOLYlourekfOR4Nmgu8cB/gmsl43BXFS/jc=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 64kuFuROhLtieOXlazTSy2bjQ+E6VKxKN/jo5XO5H34=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: ZpxX4uxdJxBRqoXrMr+4TjfM6a61MegoEvwGJaS8fgI=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 01 May 2026 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:f6:7e:93:76:4b:ea:a3:80:98:48:f4:71:29:af:33:fb:cb:97:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 27 00:00:09 2026 GMT Not After : May 1 00:00:09 2026 GMT Subject: serialNumber=9060c7d50a347ea8bbfd9a607507005af447788efd7f6e00042ff97ca5a7acae, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:1a:3f:09:04:4c:3e:b1:c3:4c:7d:42:12:68: 07:58:3e:46:f5:ef:1b:b7:de:2d:ad:f3:7c:64:5c: cd:e2:80:b1:3b:08:73:bc:31:42:96:b9:15:ad:5d: 2b:cb:9d:a9:0e:a8:a7:5e:da:34:5c:a2:dd:0b:4f: 7d:3e:ff:f9:28:79:8c:5c:a4:88:df:21:e7:8a:86: 69:40:25:d4:d3:a4:28:0a:68:35:14:b7:03:8e:91: 13:d2:a0:e9:28:7e:87:d0:ad:ce:10:0b:9a:b2:0b: a5:9c:8a:2f:02:1d:b6:1f:1d:b5:53:17:4b:b2:fe: 97:ea:ca:e7:0b:be:83:38:04:a0:0a:a9:60:bc:fa: af:93:8f:4b:27:5f:7f:2a:ac:9a:db:bb:33:3b:29: 29:1b:d4:b9:b2:80:43:60:8f:fb:fd:b5:82:ef:dc: 77:d2:99:60:1a:91:fc:4e:58:d5:a6:da:ef:88:d6: 33:1a:31:f4:c7:af:b7:1d:84:9c:0a:be:89:eb:e4: d3:2c:ab:c9:bb:85:55:a5:f4:54:38:47:33:75:09: 63:f7:a6:77:ef:34:65:3f:14:c3:a2:df:ca:36:51: 39:ee:2f:18:29:ad:6f:15:47:b1:b7:41:f6:df:66: fa:43:78:73:1e:a6:09:ba:bf:eb:96:69:2e:05:4c: bd:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:4C:2F:CB:5F:6B:5C:DD:01:BB:78:70:F3:0C:54:E6:4B:70:34:62 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:e0:0c:4a:b0:58:94:bc:3a:38:ff:5d:ed:d6:8e:6f:6d:43: 0f:b3:cf:6a:15:50:d6:0b:0f:67:f1:5f:99:80:90:fc:96:0a: fa:cd:d8:8a:eb:c5:39:45:d2:e9:72:77:e9:d4:e0:0f:88:3d: af:fe:50:e8:c2:2c:cb:4b:4c:0e:e2:34:b0:df:89:24:a1:05: 5d:ca:d2:31:e9:f7:3e:c0:c4:54:21:e8:eb:45:fa:74:88:8b: e3:15:95:d9:8c:61:02:f1:45:a2:59:42:be:7c:86:f9:b3:5e: 0c:fa:bd:40:cf:92:e4:b1:da:e7:e3:0b:2a:97:f6:2f:b3:97: a0:a2:68:97:77:7f:14:41:1b:ac:fb:96:92:9e:e3:81:0c:b1: 0d:c3:cb:b9:da:41:5f:6e:e4:89:88:4e:82:41:b9:c5:cc:c3: be:5f:3d:d0:d2:30:83:e9:0d:43:84:9d:32:75:16:6f:12:f5: 46:c7:1b:3e:71:d3:7a:82:c6:f1:8b:1a:54:e6:66:d5:3f:4e: fa:01:10:6d:e2:b8:6f:62:b1:b6:83:0f:8a:a1:22:3f:3d:f7: be:30:a6:3f:08:ea:ac:af:5d:65:ac:74:74:81:ec:f3:9d:6a: 70:9c:a9:b9:2f:93:a9:ac:83:f1:9f:df:fa:b0:18:bc:f0:dc: d9:81:d2:75 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUYvZ+k3ZL6qOAmEj0cSmvM/vLl1UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDQyNzAwMDAwOVoX DTI2MDUwMTAwMDAwOVowejFJMEcGA1UEBRNAOTA2MGM3ZDUwYTM0N2VhOGJiZmQ5 YTYwNzUwNzAwNWFmNDQ3Nzg4ZWZkN2Y2ZTAwMDQyZmY5N2NhNWE3YWNhZTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkho/CQRMPrHDTH1CEmgHWD5G9e8b t94trfN8ZFzN4oCxOwhzvDFClrkVrV0ry52pDqinXto0XKLdC099Pv/5KHmMXKSI 3yHnioZpQCXU06QoCmg1FLcDjpET0qDpKH6H0K3OEAuasgulnIovAh22Hx21UxdL sv6X6srnC76DOASgCqlgvPqvk49LJ19/Kqya27szOykpG9S5soBDYI/7/bWC79x3 0plgGpH8TljVptrviNYzGjH0x6+3HYScCr6J6+TTLKvJu4VVpfRUOEczdQlj96Z3 7zRlPxTDot/KNlE57i8YKa1vFUext0H232b6Q3hzHqYJur/rlmkuBUy9pwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFB5ML8tfa1zdAbt4cPMMVOZLcDRiMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAFHgDEqwWJS8Ojj/Xe3Wjm9tQw+zz2oV UNYLD2fxX5mAkPyWCvrN2IrrxTlF0ulyd+nU4A+IPa/+UOjCLMtLTA7iNLDfiSSh BV3K0jHp9z7AxFQh6OtF+nSIi+MVldmMYQLxRaJZQr58hvmzXgz6vUDPkuSx2ufj CyqX9i+zl6CiaJd3fxRBG6z7lpKe44EMsQ3Dy7naQV9u5ImIToJBucXMw75fPdDS MIPpDUOEnTJ1Fm8S9UbHGz5x03qCxvGLGlTmZtU/TvoBEG3iuG9isbaDD4qhIj89 974wpj8I6qyvXWWsdHSB7POdanCcqbkvk6msg/Gf3/qwGLzw3NmB0nU= -----END CERTIFICATE-----Generated at Mon Apr 27 08:25:47 2026 by rpki-client