$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: tuqJpwpHc7sxCHezBtwpIsKsB0QCSUYIYXMgd8c+Uw0= Subject key identifier: 37:EB:3A:B6:CC:ED:75:C2:58:FD:7C:68:B2:2D:D3:F5:13:83:58:28 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 126136AEAE30756AD8A6A42E68BA92EA4E2E73D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 060B Signing time: Tue 05 May 2026 00:02:17 +0000 Manifest this update: Tue 05 May 2026 00:02:17 +0000 Manifest next update: Sat 09 May 2026 00:02:17 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: hnVf6SxGgTctbBdKgdwkZAIrVuVZqm9Yu/4vvUnz3Go=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: ixxf6ccd3osEyLmWkgkbiHVYyusTctrUjOhnPpMvlE4=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: pL63iKjbLOLYlourekfOR4Nmgu8cB/gmsl43BXFS/jc=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 64kuFuROhLtieOXlazTSy2bjQ+E6VKxKN/jo5XO5H34=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: ZpxX4uxdJxBRqoXrMr+4TjfM6a61MegoEvwGJaS8fgI=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 May 2026 00:02:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:61:36:ae:ae:30:75:6a:d8:a6:a4:2e:68:ba:92:ea:4e:2e:73:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: May 5 00:02:17 2026 GMT Not After : May 9 00:02:17 2026 GMT Subject: serialNumber=3dcc33e219be010ba2bb2d21ccb5a241a6b379ba84557302dc7754b565eedaa3, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d2:10:8d:5c:44:5f:4b:9a:b3:95:ff:af:a1: 1a:6f:6d:bc:00:3e:b7:5b:35:0c:a9:80:de:82:98: a5:6d:ac:b6:07:51:a1:53:1b:c5:b0:03:eb:67:c4: 49:a3:23:2a:f9:f3:fc:f3:4a:d3:0f:6a:3a:ac:ea: 99:cc:75:2f:de:67:e0:d8:c4:6a:66:d1:07:ec:68: fa:eb:b7:e4:c5:8b:86:ea:37:3b:8e:df:bd:e9:74: 0c:52:11:e4:f0:69:a5:40:19:85:fe:8f:c6:46:61: 16:df:8e:22:cf:39:c8:ee:8f:5c:d6:72:db:3e:c8: 3a:66:07:ea:82:e6:38:60:a2:b5:71:5e:3f:4f:80: 46:d2:61:1e:24:e1:d6:26:a7:a1:23:c8:df:42:e3: f7:ad:75:43:0b:ab:ef:1b:a3:05:da:e9:64:be:50: 4a:62:c1:f7:35:df:c4:96:b7:d6:b2:1d:c8:2e:10: 8b:89:a1:4b:29:3b:66:ca:25:9f:f9:41:04:f7:a2: bd:77:49:e8:28:e2:df:0d:9d:6e:71:49:1d:2c:7c: 77:ef:35:ff:14:9f:51:82:d9:fc:aa:91:6d:c1:ca: 7d:cf:ca:60:6a:13:43:21:5b:1d:0e:2e:bb:1f:0e: d8:75:5c:46:45:ea:c7:e7:b5:0c:8c:09:64:b7:72: 9b:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:EB:3A:B6:CC:ED:75:C2:58:FD:7C:68:B2:2D:D3:F5:13:83:58:28 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:3a:4c:d2:24:30:c5:25:e9:c2:06:3f:65:38:8c:dc:fa:c2: dc:e8:92:e0:75:e5:04:ca:34:62:42:2d:14:9b:19:37:f9:49: 8d:6b:cb:e8:36:c8:13:0c:ad:53:d9:8f:09:c4:91:f3:ac:b2: 19:2a:bd:35:01:a4:2d:b8:25:aa:c7:c1:2d:af:ed:bc:1d:53: 99:a8:99:35:69:03:39:81:8e:0c:3d:4f:23:b5:c6:22:69:a6: 19:84:6f:5e:46:f9:fe:ed:cc:b4:88:ba:df:b8:d8:2b:03:88: 17:cf:00:3b:bb:38:f9:68:da:ef:a0:e4:2e:97:cc:53:1c:a9: ce:cf:2d:5d:d7:9d:09:ab:7c:8c:83:d1:d6:ec:1b:45:fc:ff: 9e:96:c0:61:4e:83:48:e4:ed:15:69:f5:a3:f3:d7:1d:1b:fd: 4f:3d:db:03:d3:dc:a8:11:f0:aa:b7:a0:a9:21:4d:ea:f8:fc: 51:5e:aa:87:5c:52:1a:9c:c8:79:34:ff:08:df:ea:dd:88:d4: 6a:e7:2a:82:69:ff:e7:c7:c9:44:de:b7:89:f0:48:54:2d:0b: 23:e0:09:a8:22:c7:fe:5f:da:67:a4:88:29:1b:2f:b6:e6:14: 76:95:70:17:12:3f:ac:e6:1d:a8:5e:5d:67:04:0c:d8:d8:e9: b1:11:8c:d6 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUEmE2rq4wdWrYpqQuaLqS6k4uc9kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDUwNTAwMDIxN1oX DTI2MDUwOTAwMDIxN1owejFJMEcGA1UEBRNAM2RjYzMzZTIxOWJlMDEwYmEyYmIy ZDIxY2NiNWEyNDFhNmIzNzliYTg0NTU3MzAyZGM3NzU0YjU2NWVlZGFhMzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9IQjVxEX0uas5X/r6Eab228AD63 WzUMqYDegpilbay2B1GhUxvFsAPrZ8RJoyMq+fP880rTD2o6rOqZzHUv3mfg2MRq ZtEH7Gj667fkxYuG6jc7jt+96XQMUhHk8GmlQBmF/o/GRmEW344izznI7o9c1nLb Psg6ZgfqguY4YKK1cV4/T4BG0mEeJOHWJqehI8jfQuP3rXVDC6vvG6MF2ulkvlBK YsH3Nd/ElrfWsh3ILhCLiaFLKTtmyiWf+UEE96K9d0noKOLfDZ1ucUkdLHx37zX/ FJ9Rgtn8qpFtwcp9z8pgahNDIVsdDi67Hw7YdVxGRerH57UMjAlkt3KbYQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFDfrOrbM7XXCWP18aLIt0/UTg1goMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAGE6TNIkMMUl6cIGP2U4jNz6wtzokuB1 5QTKNGJCLRSbGTf5SY1ry+g2yBMMrVPZjwnEkfOsshkqvTUBpC24JarHwS2v7bwd U5momTVpAzmBjgw9TyO1xiJpphmEb15G+f7tzLSIut+42CsDiBfPADu7OPlo2u+g 5C6XzFMcqc7PLV3XnQmrfIyD0dbsG0X8/56WwGFOg0jk7RVp9aPz1x0b/U892wPT 3KgR8Kq3oKkhTer4/FFeqodcUhqcyHk0/wjf6t2I1GrnKoJp/+fHyUTet4nwSFQt CyPgCagix/5f2mekiCkbL7bmFHaVcBcSP6zmHaheXWcEDNjY6bERjNY= -----END CERTIFICATE-----Generated at Tue May 5 12:42:59 2026 by rpki-client