This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: t1Fj35w/Xej4BjSwAmwHv5CSgJrgVe36POQGxY+Lh9w= Subject key identifier: E3:7A:0C:66:42:1C:D5:B6:96:D8:1D:E7:25:5B:06:E2:26:CA:B3:C9 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 23838406DDFBEC2AC626347F88173AA12FC10692 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 058E Signing time: Wed 31 Dec 2025 00:11:17 +0000 Manifest this update: Wed 31 Dec 2025 00:11:17 +0000 Manifest next update: Sun 04 Jan 2026 00:11:17 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: Bx8IjGSFb+yTK1w5PcvqFyMuC+VBiwA4Tv2xEK+If1w=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: S1Ao7Ed2lEOUChf0wwWlihVPVCgDd6ngfsHWkEG+//M=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: Tu8KJsB24gvGTIUjn+HPIkPOVBYVMazosJy1Qzbh6a8=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: FS1vyz0XLamDOjQ21vOD06OkgWtvhJ7UwSqPGE+oQcg=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 58PnTQblNII2sxrHD4qKI/6eE/pKAhirfUgxfDJkXS8=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: cQc2HrAbBAfe1GL6X0izbfHrnYW3gH/cqRPzedsr7F8=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 Jan 2026 00:11:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:83:84:06:dd:fb:ec:2a:c6:26:34:7f:88:17:3a:a1:2f:c1:06:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Dec 31 00:11:17 2025 GMT Not After : Jan 4 00:11:17 2026 GMT Subject: serialNumber=b000aba2d42e3f23ef50c821a44bc3ea62e93e0a6faeb6ff1c71f96dc5be8028, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:7a:07:d5:cb:34:bd:69:bf:d8:af:68:cc:45: 6f:34:fc:cc:36:f2:bb:39:3c:6e:a1:29:a0:f1:3b: 07:97:07:b9:a0:b3:5b:4f:d6:e4:b8:1a:a2:24:2d: fe:0f:03:25:3c:c6:bc:d5:be:9d:9a:13:f1:39:01: c5:93:1e:9f:71:63:bc:34:b2:72:c6:b3:f6:39:74: 63:9f:e2:71:50:d9:24:d5:d2:2f:0f:e8:22:0b:2c: 25:01:e1:f7:86:70:86:5c:90:93:26:52:09:e4:52: a6:2a:3b:3d:18:c2:64:88:a7:9e:11:dd:11:e1:02: ae:a2:ba:ab:22:10:8c:96:df:57:26:d3:79:ab:8c: 37:8b:fa:5c:25:87:10:fd:77:60:47:cf:67:3e:ff: ff:eb:b6:9a:8e:fe:31:c4:06:1a:bb:e0:eb:97:89: f4:a2:72:8a:88:96:54:e4:8e:94:13:93:51:50:68: bd:a0:7e:be:30:f6:f5:6e:b1:c6:71:66:9a:39:60: 54:b3:e5:cf:41:08:93:59:e9:f4:44:f9:ab:60:88: 5b:e4:23:c0:95:59:23:9d:82:8c:06:35:85:e1:af: 15:4a:95:4b:a9:47:4d:96:61:45:c2:2a:b3:1b:6e: 50:72:29:26:aa:88:a8:84:c0:fa:71:ec:7f:d9:54: 6c:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:7A:0C:66:42:1C:D5:B6:96:D8:1D:E7:25:5B:06:E2:26:CA:B3:C9 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:b6:56:f0:8d:93:ac:89:ff:c4:b6:ba:7a:6c:80:d7:75:7d: c4:b2:ac:4e:98:d4:aa:36:6a:08:60:80:e0:86:34:2c:c2:ca: f8:46:7d:bc:aa:ab:c0:0d:eb:fc:0b:fe:5a:69:7d:8e:41:7c: fd:fe:24:40:0d:72:2e:1d:18:3c:6e:97:db:59:38:01:c2:d3: 5a:f0:4f:6f:35:cc:6b:59:1b:67:06:6c:ad:9c:b7:01:b9:db: 54:8c:0b:8f:a2:d0:8e:1e:c3:de:b7:de:52:81:d0:19:0f:db: cf:7a:7e:ea:a5:3e:40:58:e0:fd:5f:ea:c1:68:e1:0a:92:ec: d5:d9:02:98:a7:e9:6a:d9:5a:b5:fb:3e:10:7b:6a:01:83:70: 15:91:8f:36:a1:d5:28:f6:e2:93:b5:28:57:d2:f9:ad:4b:47: eb:7f:d7:00:c4:1c:26:fe:3e:a1:e4:84:dc:e7:1b:b5:da:19: c7:1f:0c:6d:31:23:3b:6e:81:03:2f:8a:c1:c5:a1:25:e8:62: a6:19:48:bb:8b:7c:80:16:06:dd:05:53:6c:47:43:6d:ae:27: bd:f4:31:c8:d5:1a:db:81:69:8c:2e:c6:55:a4:a6:8e:17:35: 39:13:27:0f:34:6f:7f:4c:94:c7:10:f1:f0:ec:5e:21:4f:cb: cd:8d:01:1b -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUI4OEBt377CrGJjR/iBc6oS/BBpIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTIzMTAwMTExN1oX DTI2MDEwNDAwMTExN1owejFJMEcGA1UEBRNAYjAwMGFiYTJkNDJlM2YyM2VmNTBj ODIxYTQ0YmMzZWE2MmU5M2UwYTZmYWViNmZmMWM3MWY5NmRjNWJlODAyODEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3oH1cs0vWm/2K9ozEVvNPzMNvK7 OTxuoSmg8TsHlwe5oLNbT9bkuBqiJC3+DwMlPMa81b6dmhPxOQHFkx6fcWO8NLJy xrP2OXRjn+JxUNkk1dIvD+giCywlAeH3hnCGXJCTJlIJ5FKmKjs9GMJkiKeeEd0R 4QKuorqrIhCMlt9XJtN5q4w3i/pcJYcQ/XdgR89nPv//67aajv4xxAYau+Drl4n0 onKKiJZU5I6UE5NRUGi9oH6+MPb1brHGcWaaOWBUs+XPQQiTWen0RPmrYIhb5CPA lVkjnYKMBjWF4a8VSpVLqUdNlmFFwiqzG25QcikmqoiohMD6cex/2VRsCQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFON6DGZCHNW2ltgd5yVbBuImyrPJMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBACW2VvCNk6yJ/8S2unpsgNd1fcSyrE6Y 1Ko2aghggOCGNCzCyvhGfbyqq8AN6/wL/lppfY5BfP3+JEANci4dGDxul9tZOAHC 01rwT281zGtZG2cGbK2ctwG521SMC4+i0I4ew9633lKB0BkP2896fuqlPkBY4P1f 6sFo4QqS7NXZApin6WrZWrX7PhB7agGDcBWRjzah1Sj24pO1KFfS+a1LR+t/1wDE HCb+PqHkhNznG7XaGccfDG0xIztugQMvisHFoSXoYqYZSLuLfIAWBt0FU2xHQ22u J730McjVGtuBaYwuxlWkpo4XNTkTJw80b39MlMcQ8fDsXiFPy82NARs= -----END CERTIFICATE-----Generated at Wed Dec 31 07:39:10 2025 by rpki-client