$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: 38SlfrIZUC0Y2qGpQ/w/F4Zr17Vk263c/il6+i7H7wY= Subject key identifier: 4E:4C:31:BA:32:A0:7A:56:2D:10:A1:00:07:A6:C2:8C:7E:59:E6:32 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 0A8424728D252684B900609CD24B4E5CF0C8A1F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05CA Signing time: Sun 01 Mar 2026 00:01:51 +0000 Manifest this update: Sun 01 Mar 2026 00:01:51 +0000 Manifest next update: Thu 05 Mar 2026 00:01:51 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: 7j8v+nCDe/v7/WCFrVSicX9f/04mFEkWjakfQVQjk0k=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:84:24:72:8d:25:26:84:b9:00:60:9c:d2:4b:4e:5c:f0:c8:a1:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 1 00:01:51 2026 GMT Not After : Mar 5 00:01:51 2026 GMT Subject: serialNumber=d28b24338ad0fa23279340df2a948d5b67f84a83b82beaf5924e6ddbc4101375, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a2:ab:67:4e:0d:80:ba:41:c3:1a:35:5f:52: 9c:7b:7b:9a:b8:0f:bb:19:32:c3:74:a7:4b:e4:72: 3d:c5:76:6d:29:f9:76:c7:c2:05:41:72:d2:f4:99: 72:f6:04:06:85:77:ea:e9:1b:71:f7:9f:f5:d2:8c: 56:30:f6:f6:8c:0f:e7:58:b4:d5:08:bc:72:81:0f: ac:83:cc:9b:3f:78:06:db:f1:3d:c4:b2:9a:13:87: 6e:6a:94:1c:fe:6c:07:87:73:bb:7d:bd:c7:3a:ad: e8:df:16:a1:7f:09:9c:13:74:32:96:19:fe:c9:7d: 67:af:22:b9:b2:78:16:f8:3c:45:1e:01:41:35:75: 02:71:76:2e:c5:81:a2:67:8d:b9:5d:f6:62:a2:7a: de:46:21:9c:a6:0f:1e:e5:1a:97:cd:a6:42:82:2b: 7d:16:59:4d:2d:40:3a:92:0f:9f:9a:8a:e4:f5:82: e1:c3:5a:1e:b4:74:6a:69:88:74:6a:9f:6f:2a:7a: 81:e5:a8:7e:db:b3:d3:75:67:a3:3e:f8:30:6d:05: e2:a2:d9:21:30:00:13:e2:bb:bb:a8:36:66:c1:db: 29:06:e7:92:d6:9f:e1:d6:dd:9b:15:a9:99:41:2a: 35:1d:35:af:fd:7d:99:f0:31:6b:1d:33:ee:08:38: 55:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:4C:31:BA:32:A0:7A:56:2D:10:A1:00:07:A6:C2:8C:7E:59:E6:32 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:00:09:af:ce:ab:94:40:35:bc:14:c8:6e:54:d8:e5:7b:7a: db:16:27:6e:cb:01:7d:75:a9:c6:26:21:54:e7:bf:13:82:f5: f9:37:0e:f9:68:a7:97:32:d8:c6:4e:f2:3f:f0:0b:eb:20:24: 97:7d:fe:0e:78:09:a2:86:54:64:6f:a2:0b:31:76:47:ba:ad: cf:25:5d:c8:2e:4c:be:13:42:29:c1:43:6b:7f:9f:75:90:ee: 79:79:a1:af:87:96:06:3d:ca:13:c9:c0:4a:51:8d:fc:3d:65: f4:db:5a:fa:5a:65:d1:6e:7b:e2:b6:22:63:47:cb:eb:e0:bb: 90:40:a7:d3:48:27:77:7e:dd:ef:52:38:33:d8:63:8c:09:d3: bc:46:e2:84:e8:5d:86:f4:fa:68:73:6d:63:9d:f3:2d:ba:f9: a5:c0:03:09:37:62:d5:f5:f9:b3:e5:33:9d:20:cd:38:91:00: 7f:a6:9a:32:71:28:46:29:72:a5:b9:b1:f9:77:93:e4:68:df: 09:25:b0:04:ce:88:67:47:d3:d3:08:2f:fb:d9:e7:67:84:83: 95:73:a7:a6:ec:e1:45:df:f5:f0:47:58:4e:f6:8f:25:57:9b: b1:58:80:ed:26:27:b6:8a:03:e3:43:83:97:89:68:5f:36:a3: 09:32:0f:a3 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUCoQkco0lJoS5AGCc0ktOXPDIofcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDMwMTAwMDE1MVoX DTI2MDMwNTAwMDE1MVowejFJMEcGA1UEBRNAZDI4YjI0MzM4YWQwZmEyMzI3OTM0 MGRmMmE5NDhkNWI2N2Y4NGE4M2I4MmJlYWY1OTI0ZTZkZGJjNDEwMTM3NTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKKrZ04NgLpBwxo1X1Kce3uauA+7 GTLDdKdL5HI9xXZtKfl2x8IFQXLS9Jly9gQGhXfq6Rtx95/10oxWMPb2jA/nWLTV CLxygQ+sg8ybP3gG2/E9xLKaE4duapQc/mwHh3O7fb3HOq3o3xahfwmcE3Qylhn+ yX1nryK5sngW+DxFHgFBNXUCcXYuxYGiZ425XfZionreRiGcpg8e5RqXzaZCgit9 FllNLUA6kg+fmork9YLhw1oetHRqaYh0ap9vKnqB5ah+27PTdWejPvgwbQXiotkh MAAT4ru7qDZmwdspBueS1p/h1t2bFamZQSo1HTWv/X2Z8DFrHTPuCDhV2wIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFE5MMboyoHpWLRChAAemwox+WeYyMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBACgACa/Oq5RANbwUyG5U2OV7etsWJ27L AX11qcYmIVTnvxOC9fk3Dvlop5cy2MZO8j/wC+sgJJd9/g54CaKGVGRvogsxdke6 rc8lXcguTL4TQinBQ2t/n3WQ7nl5oa+HlgY9yhPJwEpRjfw9ZfTbWvpaZdFue+K2 ImNHy+vgu5BAp9NIJ3d+3e9SODPYY4wJ07xG4oToXYb0+mhzbWOd8y26+aXAAwk3 YtX1+bPlM50gzTiRAH+mmjJxKEYpcqW5sfl3k+Ro3wklsATOiGdH09MIL/vZ52eE g5Vzp6bs4UXf9fBHWE72jyVXm7FYgO0mJ7aKA+NDg5eJaF82owkyD6M= -----END CERTIFICATE-----Generated at Sun Mar 1 17:17:37 2026 by rpki-client