Manifest

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
File:                     manifest.mft (raw, json)
Hash identifier:          Fxxp9lfgC6tl7JT4eaykmTRuIjd2U61T2vXiOcN0LzU=
Subject key identifier:   F1:39:4E:B1:3D:71:70:D5:89:24:CE:B4:E7:49:2B:93:EC:6F:44:51
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Certificate issuer:       /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial:       2A99BFB78EB5BC9D2767F569D19A03199EF544B6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
Manifest number:          0653
Signing time:             Thu 16 Jul 2026 00:00:35 +0000
Manifest this update:     Thu 16 Jul 2026 00:00:35 +0000
Manifest next update:     Mon 20 Jul 2026 00:00:35 +0000
Files and hashes:         1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: uFhdRcqb17sehgzwIoR4q7Vi0ZfcREdcaPo26hXeajo=)
                          2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: M+i7XpsJD4p5Tk2yVGdLmGjDs5xTMXCNLVAUi3YO9fw=)
                          3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: 0OedyNMwjL1I1p7rzryfdYD0nslES0i+43AbthFPFmE=)
                          4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: aoaRIM84eruV/ISWBs3PJCPQb0sEmsLtTOcu1EdbsFA=)
                          5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: vbtxuyfgx9e6lLFR0CnUGCC1kgCTySw+Ljt4yM1fDb4=)
                          6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: q5bh3h1LHQcXwRDCiiiYn6TP5+N60E0SyV4QnQBQL8c=)
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Jul 2026 00:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:99:bf:b7:8e:b5:bc:9d:27:67:f5:69:d1:9a:03:19:9e:f5:44:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
        Validity
            Not Before: Jul 16 00:00:35 2026 GMT
            Not After : Jul 20 00:00:35 2026 GMT
        Subject: serialNumber=e8e80a3889351cbeb8d59f40d7d9b97df012c60c28a156d6123789875355b4ce, CN=bb9a9116-f615-462e-a680-5266b327e0fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:33:a4:b6:ec:15:59:63:63:29:a1:94:89:50:
                    37:d2:08:d4:64:bd:08:23:df:19:35:d8:fa:3a:b8:
                    08:e3:17:da:66:11:03:c8:48:fb:16:28:6b:53:e3:
                    f3:4a:c2:c7:e4:a5:41:a4:cc:b4:eb:0b:8f:cd:14:
                    77:eb:c9:36:31:7e:61:b2:22:13:5f:19:12:06:e7:
                    ab:88:b1:ab:0f:a9:4d:d4:89:5d:5a:08:bd:ba:12:
                    40:e0:62:75:ed:c1:97:19:29:8b:6a:33:5d:63:3d:
                    45:83:8f:0b:22:19:cf:28:02:77:8d:66:53:11:4c:
                    8b:e3:f0:8e:6c:c9:17:eb:9c:35:98:24:a2:17:4c:
                    13:9f:19:35:dc:47:bb:d7:be:8c:a6:48:c0:06:c4:
                    96:81:43:9f:29:ed:6d:2d:bf:42:cc:45:34:0e:1e:
                    a9:57:e3:60:95:ed:df:4b:58:51:4f:31:19:cc:48:
                    6a:8a:c6:a4:ae:6a:e0:99:ab:e9:72:0c:5a:90:ba:
                    a7:b7:2f:ad:62:99:6b:e5:a8:c0:4e:13:67:93:81:
                    db:4f:f0:c6:19:9b:6f:0c:16:44:09:7a:15:57:42:
                    9c:6c:24:f1:5c:4d:73:5f:37:fe:11:94:8a:a7:09:
                    db:83:dc:4b:28:ed:23:45:f1:e5:0f:df:f2:ad:26:
                    69:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:39:4E:B1:3D:71:70:D5:89:24:CE:B4:E7:49:2B:93:EC:6F:44:51
            X509v3 Authority Key Identifier:
                keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:28:45:b9:80:2e:6b:2f:d1:23:2a:a0:6a:10:a5:e2:fb:ad:
         ec:ce:9d:50:39:ac:f3:e6:73:ed:ee:a9:1a:fa:07:76:8b:c9:
         3c:a2:a0:3c:f1:18:59:56:47:83:23:7d:a3:71:ff:8f:bd:0f:
         69:ee:d2:c1:eb:74:2d:08:28:fe:7d:dc:60:c7:ab:dd:bf:23:
         30:47:dd:b1:95:9c:6c:91:34:1c:81:5c:1e:47:b6:93:31:9c:
         29:bf:dc:9f:28:e2:82:34:bf:15:5a:f9:a8:74:b2:24:a5:23:
         17:9f:b6:46:08:55:31:22:3d:95:a8:ec:9d:3e:85:5a:5d:64:
         27:b1:ea:2f:5c:90:e9:ce:83:50:d7:aa:53:62:f0:ed:ff:90:
         e8:f5:e4:8d:a6:16:43:2b:34:70:60:d2:f2:88:dd:d3:75:59:
         ef:c0:86:cc:6c:a6:dd:11:75:3d:4d:2f:ec:17:66:66:28:86:
         35:bb:79:f4:77:81:8a:06:26:d5:15:71:60:ff:c8:c3:00:c9:
         db:d5:d2:f7:93:cb:61:bb:dc:2f:db:19:4b:1e:74:16:f9:ac:
         9f:14:77:c5:03:c4:a4:43:bb:70:e4:75:b2:46:56:f7:a6:24:
         8b:90:f9:bb:15:54:2b:3a:b1:be:c0:a8:39:f4:4a:04:26:10:
         aa:c7:ce:01
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUKpm/t461vJ0nZ/Vp0ZoDGZ71RLYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDcxNjAwMDAzNVoX
DTI2MDcyMDAwMDAzNVowejFJMEcGA1UEBRNAZThlODBhMzg4OTM1MWNiZWI4ZDU5
ZjQwZDdkOWI5N2RmMDEyYzYwYzI4YTE1NmQ2MTIzNzg5ODc1MzU1YjRjZTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDOktuwVWWNjKaGUiVA30gjUZL0I
I98ZNdj6OrgI4xfaZhEDyEj7FihrU+PzSsLH5KVBpMy06wuPzRR368k2MX5hsiIT
XxkSBueriLGrD6lN1IldWgi9uhJA4GJ17cGXGSmLajNdYz1Fg48LIhnPKAJ3jWZT
EUyL4/CObMkX65w1mCSiF0wTnxk13Ee7176MpkjABsSWgUOfKe1tLb9CzEU0Dh6p
V+Ngle3fS1hRTzEZzEhqisakrmrgmavpcgxakLqnty+tYplr5ajAThNnk4HbT/DG
GZtvDBZECXoVV0KcbCTxXE1zXzf+EZSKpwnbg9xLKO0jRfHlD9/yrSZpZQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPE5TrE9cXDViSTOtOdJK5Psb0RRMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi
NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm
LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBAFwoRbmALmsv0SMqoGoQpeL7rezOnVA5
rPPmc+3uqRr6B3aLyTyioDzxGFlWR4MjfaNx/4+9D2nu0sHrdC0IKP593GDHq92/
IzBH3bGVnGyRNByBXB5HtpMxnCm/3J8o4oI0vxVa+ah0siSlIxeftkYIVTEiPZWo
7J0+hVpdZCex6i9ckOnOg1DXqlNi8O3/kOj15I2mFkMrNHBg0vKI3dN1We/Ahsxs
pt0RdT1NL+wXZmYohjW7efR3gYoGJtUVcWD/yMMAydvV0veTy2G73C/bGUsedBb5
rJ8Ud8UDxKRDu3DkdbJGVvemJIuQ+bsVVCs6sb7AqDn0SgQmEKrHzgE=
-----END CERTIFICATE-----
Generated at Thu Jul 16 21:13:13 2026 by rpki-client