This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: lwhSNJdTIc8QgaJ+4V7kOYdl5NBVNpIyzCd9yarJsjY= Subject key identifier: 8D:0C:26:D8:48:D3:54:F0:02:FD:2B:95:6C:4D:8D:F9:1D:9B:AE:81 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 3A7D6D157A4DBDBBD82C2D6C2B0C5D3254AA9F1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 056D Signing time: Fri 28 Nov 2025 00:02:49 +0000 Manifest this update: Fri 28 Nov 2025 00:02:49 +0000 Manifest next update: Tue 02 Dec 2025 00:02:49 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: vMshhhjNCkg+joxGjlB6DjBabKopeFpeB6cNMNkzq+w=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: w+4+bxo/lRwC2hOG9Edn/+79C2GPpMAPhWdMbwG/9JU=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: Tu8KJsB24gvGTIUjn+HPIkPOVBYVMazosJy1Qzbh6a8=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: FS1vyz0XLamDOjQ21vOD06OkgWtvhJ7UwSqPGE+oQcg=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 58PnTQblNII2sxrHD4qKI/6eE/pKAhirfUgxfDJkXS8=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: cQc2HrAbBAfe1GL6X0izbfHrnYW3gH/cqRPzedsr7F8=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 02 Dec 2025 00:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:7d:6d:15:7a:4d:bd:bb:d8:2c:2d:6c:2b:0c:5d:32:54:aa:9f:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 28 00:02:49 2025 GMT Not After : Dec 2 00:02:49 2025 GMT Subject: serialNumber=bcac4b651147d3892fd85bcad205d2b29bd904df004df418397e44bab3ea1c30, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2d:26:d2:cf:e2:8f:a7:e4:d8:ee:4e:9c:75: c4:f8:c9:52:e6:4f:bc:a5:18:a8:ab:9f:55:97:61: be:0e:86:ec:98:f9:6d:b2:0e:ae:2b:c4:51:fb:c2: 10:8d:68:a7:ff:64:e8:72:90:0e:26:80:a8:f2:13: 4a:62:f8:73:62:bb:ce:2b:27:ec:4d:34:09:80:e7: 46:b6:1f:a9:4a:1d:ad:78:26:0e:c0:93:47:32:8d: 89:7e:26:78:2b:82:41:9d:1c:13:19:54:ad:65:19: ba:a2:f7:cf:0a:c3:fa:05:48:10:10:1d:ad:bd:90: 23:87:50:8f:00:7b:09:8b:37:aa:42:29:d5:98:e7: 00:0c:54:93:e4:4d:17:5d:55:ba:59:57:28:0c:98: 31:bd:01:a7:21:73:14:56:11:e1:42:7c:0a:ca:73: 0e:52:ad:31:b5:db:fd:49:cf:20:59:39:d4:16:7c: 69:f7:04:0c:3a:64:de:e4:32:01:37:34:7d:6d:cf: 4c:64:69:5f:e4:fa:9f:e8:7a:b0:f6:39:e7:0e:99: 44:2b:29:98:55:78:72:c9:50:07:13:95:3b:af:43: 2e:c0:a5:6b:d7:0a:58:7d:8a:15:5a:ed:f8:c0:54: f3:f6:28:c3:cf:36:54:02:92:71:cd:5c:bc:ab:e3: 74:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:0C:26:D8:48:D3:54:F0:02:FD:2B:95:6C:4D:8D:F9:1D:9B:AE:81 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:3c:cd:66:62:d3:64:c5:30:02:64:b6:3f:17:18:be:2f:1e: 25:f8:78:dc:04:55:f4:7b:ce:8c:e5:c3:53:e7:7f:be:0d:58: cd:72:8b:20:d4:33:e1:b9:f7:02:60:1c:1f:84:0f:1b:95:27: f2:bc:72:36:d5:de:22:1e:b0:23:2d:59:d7:51:6a:48:76:f8: 22:53:6c:67:f6:ff:02:2a:78:9d:7b:cf:4b:fd:e4:b6:b9:3e: 47:a1:bf:b4:b2:7c:a0:51:1e:93:c0:dd:7e:51:61:ed:39:ea: 94:65:73:5e:0b:a6:9f:04:1b:41:5e:9a:b6:fe:c8:6c:14:d5: 68:3f:22:5f:be:52:33:9b:04:73:9d:04:45:d9:3c:83:3c:da: e9:c2:01:d3:e2:68:63:1e:c3:f5:27:ab:aa:5a:0b:82:24:24: 1a:86:6b:04:c2:d4:81:2c:a9:49:11:32:de:46:a4:99:e3:80: 0f:65:38:62:c1:ad:e0:b2:01:a4:d1:93:03:15:f5:c6:9f:48: 59:aa:72:4a:3a:e7:3e:5c:c9:d1:b1:df:71:48:bd:ff:4b:52: 2e:36:c2:b6:d7:a1:0c:09:2c:87:98:4d:9a:f9:c9:39:6c:19: 8a:19:9f:e7:f9:e8:13:ea:75:7c:2e:90:93:f5:f5:0c:6c:08: 4b:15:66:b4 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUOn1tFXpNvbvYLC1sKwxdMlSqnxowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTEyODAwMDI0OVoX DTI1MTIwMjAwMDI0OVowejFJMEcGA1UEBRNAYmNhYzRiNjUxMTQ3ZDM4OTJmZDg1 YmNhZDIwNWQyYjI5YmQ5MDRkZjAwNGRmNDE4Mzk3ZTQ0YmFiM2VhMWMzMDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi0m0s/ij6fk2O5OnHXE+MlS5k+8 pRioq59Vl2G+DobsmPltsg6uK8RR+8IQjWin/2TocpAOJoCo8hNKYvhzYrvOKyfs TTQJgOdGth+pSh2teCYOwJNHMo2JfiZ4K4JBnRwTGVStZRm6ovfPCsP6BUgQEB2t vZAjh1CPAHsJizeqQinVmOcADFST5E0XXVW6WVcoDJgxvQGnIXMUVhHhQnwKynMO Uq0xtdv9Sc8gWTnUFnxp9wQMOmTe5DIBNzR9bc9MZGlf5Pqf6Hqw9jnnDplEKymY VXhyyVAHE5U7r0MuwKVr1wpYfYoVWu34wFTz9ijDzzZUApJxzVy8q+N0TQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFI0MJthI01TwAv0rlWxNjfkdm66BMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAJA8zWZi02TFMAJktj8XGL4vHiX4eNwE VfR7zozlw1Pnf74NWM1yiyDUM+G59wJgHB+EDxuVJ/K8cjbV3iIesCMtWddRakh2 +CJTbGf2/wIqeJ17z0v95La5Pkehv7SyfKBRHpPA3X5RYe056pRlc14Lpp8EG0Fe mrb+yGwU1Wg/Il++UjObBHOdBEXZPIM82unCAdPiaGMew/Unq6paC4IkJBqGawTC 1IEsqUkRMt5GpJnjgA9lOGLBreCyAaTRkwMV9cafSFmqcko65z5cydGx33FIvf9L Ui42wrbXoQwJLIeYTZr5yTlsGYoZn+f56BPqdXwukJP19QxsCEsVZrQ= -----END CERTIFICATE-----Generated at Fri Nov 28 04:13:49 2025 by rpki-client