$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: FykkwapNxtfbp5njz2kUn19GWQPvzMAlpHCVNeo1A/w= Subject key identifier: 4C:41:F1:1B:41:EA:FC:7E:86:0D:9E:6A:92:1B:C7:9E:BC:46:95:F2 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 59873AE41994AF0F264ABE180D95E45429D193A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05EC Signing time: Sat 04 Apr 2026 00:09:37 +0000 Manifest this update: Sat 04 Apr 2026 00:09:37 +0000 Manifest next update: Wed 08 Apr 2026 00:09:37 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: +0kKXRU1j70LAxgavpGWqSEeddYty2j93832O8d/xds=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 Apr 2026 00:09:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:87:3a:e4:19:94:af:0f:26:4a:be:18:0d:95:e4:54:29:d1:93:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 4 00:09:37 2026 GMT Not After : Apr 8 00:09:37 2026 GMT Subject: serialNumber=127cec0d4c58ce612376891f90de24c5d9b15a2ed71c7df6782425ef09e36aad, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:2d:99:8f:56:a2:b1:96:b3:fe:b1:da:29:da: 22:2c:42:49:7d:4a:02:0b:1e:28:39:5c:2d:af:22: 12:04:d7:05:99:10:ad:4d:a7:eb:5d:fb:d9:37:9e: 19:6e:67:cc:42:a4:7c:5f:9b:67:a6:ae:49:16:ae: 3a:cf:ea:ac:7a:24:56:ed:dc:5f:9a:0d:56:99:4f: 1d:68:ca:ce:a3:f6:17:bd:52:94:d4:b6:19:97:8a: ee:fa:b5:e4:e3:b9:8d:58:7f:d8:00:28:e0:5a:f6: e4:72:b3:af:c4:8b:4d:5a:a3:56:0b:fd:fd:da:06: 01:59:0b:67:97:ca:4c:58:f6:63:32:2c:fe:df:69: d5:e4:6d:4d:25:66:1e:6d:89:d8:76:b1:40:ac:7d: 5d:2c:4f:ec:bf:8c:44:74:a0:ab:0a:6f:78:8c:e4: a1:ac:b9:a1:12:15:f9:bc:61:1c:a9:ac:77:80:53: 6a:c2:bd:b6:50:8b:29:99:40:55:4f:bb:30:6f:28: 1d:cc:a3:92:43:a0:8c:79:e5:bd:a1:47:2e:98:ff: 9f:12:ad:be:81:68:8a:7b:11:11:cc:02:75:ab:f9: 8f:d9:dc:79:51:28:4d:b7:be:ce:bd:7b:0c:6c:4d: dc:7d:7c:a2:da:3f:12:c3:bf:0e:5e:a7:31:7d:9e: fb:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:41:F1:1B:41:EA:FC:7E:86:0D:9E:6A:92:1B:C7:9E:BC:46:95:F2 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:8e:33:db:e6:3f:36:aa:7b:c8:64:d6:41:32:a1:6d:d6:a5: 0c:9c:dc:b9:70:85:0a:3b:c2:5d:c2:78:41:ea:01:ee:b9:98: d5:30:da:15:7c:c1:56:e8:2a:67:6b:b9:45:d8:3a:4d:82:23: 60:11:87:f8:1e:76:80:85:0b:45:87:2a:66:da:24:fd:85:4c: df:e4:0d:5c:bd:a0:68:d7:b4:cf:65:1f:05:d9:11:e8:dc:45: 36:22:89:3d:fa:a9:8a:86:7f:d3:5c:60:5c:86:d8:6a:e5:68: b7:02:57:df:7a:f1:1e:61:c6:ef:bf:74:88:e1:03:89:28:83: 7e:76:ab:a8:2e:22:90:0f:ee:1d:7a:1d:56:6a:f0:76:61:17: f0:ec:f7:91:9e:a1:56:6e:31:db:a5:d8:bd:ba:f4:ff:2c:cd: b6:aa:89:51:f6:6e:20:73:e2:fe:33:da:25:48:42:fb:0c:56: 8d:64:39:8f:ec:c4:6f:a9:98:22:02:c8:f5:f1:8e:f0:13:ea: 18:5b:7f:de:23:37:5d:99:2c:00:4e:76:57:3c:f9:11:f1:03: 0a:37:e7:0b:9f:92:f4:c9:55:3a:8b:21:71:e8:94:8e:15:7c: 30:0a:25:73:cb:ac:cc:b3:28:32:4d:7e:ec:18:3d:8b:b2:d1: d5:14:81:1f -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUWYc65BmUrw8mSr4YDZXkVCnRk6IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDQwNDAwMDkzN1oX DTI2MDQwODAwMDkzN1owejFJMEcGA1UEBRNAMTI3Y2VjMGQ0YzU4Y2U2MTIzNzY4 OTFmOTBkZTI0YzVkOWIxNWEyZWQ3MWM3ZGY2NzgyNDI1ZWYwOWUzNmFhZDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi2Zj1aisZaz/rHaKdoiLEJJfUoC Cx4oOVwtryISBNcFmRCtTafrXfvZN54ZbmfMQqR8X5tnpq5JFq46z+qseiRW7dxf mg1WmU8daMrOo/YXvVKU1LYZl4ru+rXk47mNWH/YACjgWvbkcrOvxItNWqNWC/39 2gYBWQtnl8pMWPZjMiz+32nV5G1NJWYebYnYdrFArH1dLE/sv4xEdKCrCm94jOSh rLmhEhX5vGEcqax3gFNqwr22UIspmUBVT7swbygdzKOSQ6CMeeW9oUcumP+fEq2+ gWiKexERzAJ1q/mP2dx5UShNt77OvXsMbE3cfXyi2j8Sw78OXqcxfZ77UQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFExB8RtB6vx+hg2eapIbx568RpXyMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBADKOM9vmPzaqe8hk1kEyoW3WpQyc3Llw hQo7wl3CeEHqAe65mNUw2hV8wVboKmdruUXYOk2CI2ARh/gedoCFC0WHKmbaJP2F TN/kDVy9oGjXtM9lHwXZEejcRTYiiT36qYqGf9NcYFyG2GrlaLcCV9968R5hxu+/ dIjhA4kog352q6guIpAP7h16HVZq8HZhF/Ds95GeoVZuMdul2L269P8szbaqiVH2 biBz4v4z2iVIQvsMVo1kOY/sxG+pmCICyPXxjvAT6hhbf94jN12ZLABOdlc8+RHx Awo35wufkvTJVTqLIXHolI4VfDAKJXPLrMyzKDJNfuwYPYuy0dUUgR8= -----END CERTIFICATE-----Generated at Sat Apr 4 11:29:22 2026 by rpki-client