$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: R/roGZaqlGIQpTPr7v5E5YN659kET4CoVbdadG/eK08= Subject key identifier: AA:93:9F:F7:E0:3D:A4:FC:10:9C:62:8A:36:BB:0A:CC:4F:C3:CF:31 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 0E3B107C9EBDD2FECF3C53A4C7919B6A6E23CD00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 04D5 Signing time: Sat 05 Jul 2025 00:04:09 +0000 Manifest this update: Sat 05 Jul 2025 00:04:09 +0000 Manifest next update: Wed 09 Jul 2025 00:04:09 +0000 Files and hashes: 1: 0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa (hash: ie2o42aSKCyNP9ZTI7XVt3/jAd6pVFmZLYciu0GTo44=) 2: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: 8S6kDrMTXuXitjTjSJcEqU5a2NOpZp9wvDiB3iIQODU=) 3: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: +LzVgL5yEjod9LZPg1MR/BXJI5ka7btRTQXKRa2t5J4=) 4: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: oIDXPNv1Mka93Q0YbuluJYu0qVSYWb5A4eGY2N6a0og=) 5: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (hash: F5hKqKTHPcXnLrPQKABZPfxyPw5XI4b6/R5dMYHO+qk=) 6: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: rLzzd2tpxPzSHeVq4ufO95LK6Vwc/XYwCCbCUOPEqcM=) 7: 6982f3ac-c7ae-423c-a028-517d7541d973.roa (hash: O+f4fPRok5OcjlFoUBcYV4odcShUcF5ITkb1wQw8WQ8=) 8: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /wNnt0ikqeC8jW/WaQtlJthQbNAbgmO+CWmu99gAvRw=) 9: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: tg1nJKR0DHrhFmNM4Uh5qbEkkpCCQsIm47+kHh9VFWg=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 00:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:3b:10:7c:9e:bd:d2:fe:cf:3c:53:a4:c7:91:9b:6a:6e:23:cd:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jul 5 00:04:09 2025 GMT Not After : Jul 9 00:04:09 2025 GMT Subject: serialNumber=24e19c078e26ce65e5bea50235f0ac2a8ab9fc95445d00859b218e8dcf4cfc64, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:7b:f1:63:06:17:5f:0c:e1:84:44:3c:09:18: 85:86:20:5c:9d:5e:28:55:6f:57:83:74:35:81:d9: 01:c8:e8:92:f3:0b:1f:25:57:29:4a:cb:c1:8c:97: 3c:9d:4f:b1:47:2a:09:83:8d:04:d0:33:20:0d:65: e3:f3:fa:23:01:f2:0a:1f:15:31:b8:e3:e2:67:3b: 39:73:28:76:a5:3b:3b:7f:e5:c8:fb:e0:05:8a:00: 47:b1:bd:39:57:3f:c0:eb:db:f2:31:c6:50:8a:ed: c2:a1:ad:ba:ef:6e:ab:0e:00:28:f5:f0:f4:67:f2: d2:5e:d2:f2:dd:36:85:77:a1:b1:48:9e:f4:61:fc: ff:1a:84:83:4c:80:4a:82:ac:2b:10:de:ee:1a:67: 0c:7d:3e:14:b2:33:87:17:89:18:ee:e4:e2:fd:b3: 01:d6:8d:cc:66:0d:8b:6d:23:ea:42:eb:f5:8c:9b: 8f:0c:a6:4e:a0:32:91:1b:ab:57:63:3d:be:b0:b1: 92:1a:e4:a9:1d:d0:5b:c4:3c:00:7d:3e:b2:a8:a6: 79:88:36:d1:98:d2:3f:79:ae:d4:78:8d:c4:11:ab: f0:c9:fa:32:4b:4c:21:8f:be:2a:5e:6b:ab:fd:50: 57:f6:5f:9d:32:ae:b4:d5:c2:f2:5f:bd:91:f3:9a: 99:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:93:9F:F7:E0:3D:A4:FC:10:9C:62:8A:36:BB:0A:CC:4F:C3:CF:31 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:06:ac:b8:51:bb:06:6d:e4:60:1c:7f:f6:d2:fc:11:a9:cd: a9:37:d0:19:29:4f:20:8e:5d:ac:34:b5:2d:b5:88:24:bd:a5: 21:8f:33:c6:1d:4d:a2:1e:38:94:cd:72:33:c0:92:b1:99:a3: e7:5b:b9:b9:bd:53:e4:ee:a9:f4:ed:28:a4:52:34:2f:6e:53: dc:80:2a:ad:c8:2b:37:45:19:ce:dc:30:8b:ba:c5:87:9f:ef: 85:bb:4c:fd:be:70:57:42:e2:80:d2:21:f0:ec:16:6e:7c:11: 19:bb:0a:d8:ab:d1:fe:9d:ae:ec:85:7c:53:5d:4b:8e:06:da: c2:24:1d:f4:9f:50:d5:4a:8f:73:c9:b7:da:d5:9a:df:d2:80: bc:75:f4:91:89:e3:d9:e7:89:82:2c:70:2f:93:b3:76:26:ef: e9:3d:a9:0b:ea:db:71:5b:82:ac:4e:f4:ba:7f:27:2a:27:b6: 22:6f:fc:eb:34:94:13:2b:75:8f:e5:ca:c6:cf:55:9c:ed:c6: 5d:22:a9:f3:65:25:03:a7:90:0a:2e:3c:78:ab:e8:57:cc:41: cc:4f:d2:3c:d8:60:d4:5b:f7:88:36:ae:7a:49:9a:cd:c0:ef: 6b:62:a0:4f:b0:23:6a:31:b5:7f:6d:bf:4f:05:d2:cc:0b:7d: 05:c2:36:ba -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUDjsQfJ690v7PPFOkx5Gbam4jzQAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDcwNTAwMDQwOVoX DTI1MDcwOTAwMDQwOVowejFJMEcGA1UEBRNAMjRlMTljMDc4ZTI2Y2U2NWU1YmVh NTAyMzVmMGFjMmE4YWI5ZmM5NTQ0NWQwMDg1OWIyMThlOGRjZjRjZmM2NDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHvxYwYXXwzhhEQ8CRiFhiBcnV4o VW9Xg3Q1gdkByOiS8wsfJVcpSsvBjJc8nU+xRyoJg40E0DMgDWXj8/ojAfIKHxUx uOPiZzs5cyh2pTs7f+XI++AFigBHsb05Vz/A69vyMcZQiu3Coa26726rDgAo9fD0 Z/LSXtLy3TaFd6GxSJ70Yfz/GoSDTIBKgqwrEN7uGmcMfT4UsjOHF4kY7uTi/bMB 1o3MZg2LbSPqQuv1jJuPDKZOoDKRG6tXYz2+sLGSGuSpHdBbxDwAfT6yqKZ5iDbR mNI/ea7UeI3EEavwyfoyS0whj74qXmur/VBX9l+dMq601cLyX72R85qZOwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFKqTn/fgPaT8EJxiija7CsxPw88xMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAFMGrLhRuwZt5GAcf/bS/BGpzak30Bkp TyCOXaw0tS21iCS9pSGPM8YdTaIeOJTNcjPAkrGZo+dbubm9U+TuqfTtKKRSNC9u U9yAKq3IKzdFGc7cMIu6xYef74W7TP2+cFdC4oDSIfDsFm58ERm7Ctir0f6druyF fFNdS44G2sIkHfSfUNVKj3PJt9rVmt/SgLx19JGJ49nniYIscC+Ts3Ym7+k9qQvq 23FbgqxO9Lp/JyontiJv/Os0lBMrdY/lysbPVZztxl0iqfNlJQOnkAouPHir6FfM QcxP0jzYYNRb94g2rnpJms3A72tioE+wI2oxtX9tv08F0swLfQXCNro= -----END CERTIFICATE-----Generated at Sat Jul 5 17:31:06 2025 by rpki-client