$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: zj6j6go3qyE/O2VOlLnCnbdnVURVJUzBEEm6wZUu2xg= Subject key identifier: D8:DA:7B:63:A5:AD:66:6E:CB:E9:7E:93:EB:96:2E:16:38:92:3C:D7 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 0F324EC7CD53F894CE7810AB8ABF651520F85A8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0508 Signing time: Wed 20 Aug 2025 00:03:23 +0000 Manifest this update: Wed 20 Aug 2025 00:03:23 +0000 Manifest next update: Sun 24 Aug 2025 00:03:23 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: kRvNXnU5c3WQTRHDtZI4R3Q/nimJVEiKrl5g3D4sn2I=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: juLVh7fURSlpsiHj8BTH0+77LqYkVLYxDkqQ1Btb6+4=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: WZEBUYJ8tacARmr4fleo5f2OpBdK8KyouIR8J9T3D1E=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Po+HHzGuBglBz9e/FVQqpy3zTm7LVh3VZ9iWVhteDhw=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: oB5dAfvqb950IZ3GAQBA22dFyOWsRm2PrbQj9ko+R74=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: 0MylFyi9TduMw1JRopNfqW7k0QVlsl87ZgXnVRp4bLc=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:03:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:32:4e:c7:cd:53:f8:94:ce:78:10:ab:8a:bf:65:15:20:f8:5a:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Aug 20 00:03:23 2025 GMT Not After : Aug 24 00:03:23 2025 GMT Subject: serialNumber=247b778976e39d22b6be48a17163fde0c771ddf858b722ea841c43811c396a1f, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:e3:32:2b:80:2e:d8:fa:7d:b5:c8:83:3e:c6: 9d:6d:0a:df:bf:04:3c:41:1d:d2:c1:b4:fe:c2:99: 5b:22:bf:06:ea:6e:a6:02:8e:05:a7:90:9d:54:fb: a6:53:ff:db:c9:64:7a:a0:3c:a0:df:6c:82:b2:ef: 9a:7e:b3:26:bd:8b:57:00:26:7d:b7:94:b2:1f:67: da:5d:a3:7c:14:08:c8:5f:27:9f:c3:cf:fd:a2:b4: 5e:50:31:a2:12:a2:50:bb:5e:98:f0:f1:74:5c:db: eb:bc:ef:d2:37:1e:bd:ec:52:e3:81:52:5d:a3:ea: 38:b8:78:0b:f7:ee:e3:d7:1d:55:7c:12:eb:bf:bf: 3a:b7:c9:b1:af:10:c7:cd:28:f4:2a:64:02:c7:63: d6:f3:6e:53:87:52:91:e8:84:25:a6:3b:ef:7f:77: 44:ff:a6:57:80:f7:34:10:4b:8d:03:a6:94:15:e6: df:ca:4e:58:b1:49:fb:09:3f:2c:ac:4c:e5:1a:91: 63:e3:fe:c0:19:a5:29:db:e6:e0:d3:f5:37:56:ad: 49:cd:14:6a:f4:a2:bb:c0:b0:10:60:7e:05:b8:b6: fa:73:3a:31:1d:6b:82:1c:d5:fa:cb:6f:b3:a8:44: af:00:77:c6:2f:f9:9a:9a:c2:cc:34:86:38:a9:30: fc:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:DA:7B:63:A5:AD:66:6E:CB:E9:7E:93:EB:96:2E:16:38:92:3C:D7 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:e1:41:59:e3:4f:c6:15:d9:c3:91:a1:9c:d0:f5:f3:13:6f: 6c:a9:e9:e2:59:1f:1f:e9:65:5e:af:99:e5:17:47:99:9c:8a: df:50:ea:4e:b6:46:4c:df:74:aa:56:97:82:09:0f:74:6e:5f: c1:b2:54:c8:6e:92:bb:70:35:a2:3e:65:74:79:e3:43:2b:81: ec:1f:27:6c:4e:f3:9c:64:d6:0c:73:97:71:f0:f1:ff:6e:6e: 2a:fe:c6:e1:a5:06:32:aa:85:e3:11:5e:9e:08:33:32:d5:60: de:80:2b:69:da:aa:43:5f:a5:76:92:6c:ad:2f:76:6d:22:f7: ed:17:02:50:25:9b:ef:1a:c3:4e:ab:e6:f2:c8:2c:99:2a:0f: 40:58:3d:ab:3e:c6:17:24:1d:3d:19:7f:eb:a1:50:1b:45:8a: 21:4f:83:37:35:38:33:17:ee:8d:57:93:0e:be:ab:4c:4a:fb: f0:b4:92:ba:e7:d7:0d:22:2e:35:b7:00:51:8e:83:05:cc:90: db:b7:6a:29:89:ca:0b:e4:c8:e6:2b:47:fc:af:f4:d9:50:1e: 0d:e6:41:fd:c2:4b:b3:45:9d:82:39:d4:a9:a5:aa:3f:25:67: 64:72:b4:5f:7c:4c:45:73:4f:c1:1c:2b:eb:90:f2:f6:ca:18: 2c:6c:37:48 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUDzJOx81T+JTOeBCrir9lFSD4Wo4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDgyMDAwMDMyM1oX DTI1MDgyNDAwMDMyM1owejFJMEcGA1UEBRNAMjQ3Yjc3ODk3NmUzOWQyMmI2YmU0 OGExNzE2M2ZkZTBjNzcxZGRmODU4YjcyMmVhODQxYzQzODExYzM5NmExZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOMyK4Au2Pp9tciDPsadbQrfvwQ8 QR3SwbT+wplbIr8G6m6mAo4Fp5CdVPumU//byWR6oDyg32yCsu+afrMmvYtXACZ9 t5SyH2faXaN8FAjIXyefw8/9orReUDGiEqJQu16Y8PF0XNvrvO/SNx697FLjgVJd o+o4uHgL9+7j1x1VfBLrv786t8mxrxDHzSj0KmQCx2PW825Th1KR6IQlpjvvf3dE /6ZXgPc0EEuNA6aUFebfyk5YsUn7CT8srEzlGpFj4/7AGaUp2+bg0/U3Vq1JzRRq 9KK7wLAQYH4FuLb6czoxHWuCHNX6y2+zqESvAHfGL/mamsLMNIY4qTD8UwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFNjae2OlrWZuy+l+k+uWLhY4kjzXMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBADPhQVnjT8YV2cORoZzQ9fMTb2yp6eJZ Hx/pZV6vmeUXR5mcit9Q6k62RkzfdKpWl4IJD3RuX8GyVMhukrtwNaI+ZXR540Mr gewfJ2xO85xk1gxzl3Hw8f9ubir+xuGlBjKqheMRXp4IMzLVYN6AK2naqkNfpXaS bK0vdm0i9+0XAlAlm+8aw06r5vLILJkqD0BYPas+xhckHT0Zf+uhUBtFiiFPgzc1 ODMX7o1Xkw6+q0xK+/C0krrn1w0iLjW3AFGOgwXMkNu3aimJygvkyOYrR/yv9NlQ Hg3mQf3CS7NFnYI51Kmlqj8lZ2RytF98TEVzT8EcK+uQ8vbKGCxsN0g= -----END CERTIFICATE-----Generated at Wed Aug 20 21:12:48 2025 by rpki-client