$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: +5DbZzD/9uxaAd3+XR0LOdwbfVeSTM0kWTpHIOQkN54= Subject key identifier: BE:DF:86:19:A6:62:FA:00:58:D0:81:0F:DC:FC:F9:A6:DD:57:6E:9B Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 7C54388524CDEDF9838FA01962F6AF21641AF4A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05DD Signing time: Fri 20 Mar 2026 00:06:02 +0000 Manifest this update: Fri 20 Mar 2026 00:06:02 +0000 Manifest next update: Tue 24 Mar 2026 00:06:02 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: a0uUBmTC86/yplxrf7nVqB3qSX9IOShzW4jyZ65E4XY=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Mar 2026 00:06:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:54:38:85:24:cd:ed:f9:83:8f:a0:19:62:f6:af:21:64:1a:f4:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 20 00:06:02 2026 GMT Not After : Mar 24 00:06:02 2026 GMT Subject: serialNumber=d87ef0c35d71c2936e7700ebb83dfb6627bd74f5d44b6a8fab625a561883a696, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:dd:60:31:fa:6e:9c:91:b0:dd:13:fb:6c:24: 8c:30:da:14:4c:29:ec:70:31:69:7e:58:5b:ca:b3: 0d:9d:06:bb:79:1e:e3:d5:bb:43:29:02:84:69:8f: 1b:13:e1:0c:5b:c3:ae:8a:5f:cf:60:52:50:2e:77: 71:95:93:a7:b6:87:40:50:e9:87:4a:19:9f:16:03: 80:44:c3:2e:ca:4a:96:22:c2:ad:58:34:ca:6f:de: 00:c5:79:5d:1c:6e:9f:f7:eb:00:f4:30:18:34:9e: 43:18:40:84:48:74:1e:6f:ef:2c:80:da:87:30:60: aa:9b:49:09:b6:ba:8e:71:96:ae:30:af:c0:96:c3: 2d:f3:b5:19:88:cd:ec:1b:e8:e5:64:75:fc:a3:78: fd:57:96:2e:b7:39:4c:15:f4:13:10:63:5e:6e:6a: 55:10:62:44:26:ba:7e:b1:26:fb:f7:1d:bf:f2:84: 82:82:e6:23:b3:99:0e:75:0a:b6:aa:7c:2c:af:59: 26:e4:aa:4f:c3:95:d4:65:78:16:0e:f2:7d:b2:d7: 8f:cd:cf:4e:50:5a:e9:24:0f:f9:14:c3:99:c7:f7: bc:72:34:b4:f7:d2:06:80:7d:1a:22:e6:bf:27:fd: 93:99:1f:6a:5e:03:76:8e:03:aa:11:90:42:44:8f: 7e:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:DF:86:19:A6:62:FA:00:58:D0:81:0F:DC:FC:F9:A6:DD:57:6E:9B X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:81:f4:52:2c:5f:d2:73:63:bd:ec:dd:4a:15:c9:6c:c9:2c: 04:49:73:8c:ff:2b:ca:0f:e5:79:db:ce:a4:c3:ca:32:33:d7: 8f:9b:da:9c:71:be:bb:e3:0c:b3:c0:a9:28:f1:5c:96:e2:8e: 14:fe:d3:f0:99:2e:7f:f5:23:aa:34:9e:80:e8:d6:72:c0:7f: 2c:c4:72:d6:2e:74:ab:f9:86:b6:ae:5d:d4:43:28:ca:d5:5a: 46:6d:32:22:d0:99:b6:86:ca:82:2f:8b:14:ae:ea:8f:54:3a: 8a:a9:fa:33:8d:52:40:5b:ed:77:d7:00:ba:b5:e2:b5:94:88: 8e:c8:6f:c1:98:cb:ef:b2:b5:c2:dd:22:19:4d:7e:ce:fd:82: aa:1f:b2:ea:eb:34:fa:8e:e7:aa:5d:97:14:50:4f:83:fd:ff: 7a:6c:ab:c5:13:15:dc:53:1f:ee:86:21:9c:f4:a0:d7:80:8d: 31:15:f2:bb:05:29:0c:3f:a2:0f:05:00:eb:a3:9c:20:a0:8a: 78:f1:07:c4:c2:af:bf:63:62:6c:a1:75:fe:f8:84:e5:12:d8: 64:17:3e:41:05:37:98:f2:cc:f4:1b:52:58:86:45:cf:ac:16: c0:51:1a:c1:e1:a2:a9:e6:d6:b4:a8:06:07:75:fa:17:70:8a: ef:31:73:75 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUfFQ4hSTN7fmDj6AZYvavIWQa9KAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDMyMDAwMDYwMloX DTI2MDMyNDAwMDYwMlowejFJMEcGA1UEBRNAZDg3ZWYwYzM1ZDcxYzI5MzZlNzcw MGViYjgzZGZiNjYyN2JkNzRmNWQ0NGI2YThmYWI2MjVhNTYxODgzYTY5NjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp91gMfpunJGw3RP7bCSMMNoUTCns cDFpflhbyrMNnQa7eR7j1btDKQKEaY8bE+EMW8Ouil/PYFJQLndxlZOntodAUOmH ShmfFgOARMMuykqWIsKtWDTKb94AxXldHG6f9+sA9DAYNJ5DGECESHQeb+8sgNqH MGCqm0kJtrqOcZauMK/AlsMt87UZiM3sG+jlZHX8o3j9V5YutzlMFfQTEGNebmpV EGJEJrp+sSb79x2/8oSCguYjs5kOdQq2qnwsr1km5KpPw5XUZXgWDvJ9stePzc9O UFrpJA/5FMOZx/e8cjS099IGgH0aIua/J/2TmR9qXgN2jgOqEZBCRI9+VQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFL7fhhmmYvoAWNCBD9z8+abdV26bMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAEWB9FIsX9JzY73s3UoVyWzJLARJc4z/ K8oP5XnbzqTDyjIz14+b2pxxvrvjDLPAqSjxXJbijhT+0/CZLn/1I6o0noDo1nLA fyzEctYudKv5hrauXdRDKMrVWkZtMiLQmbaGyoIvixSu6o9UOoqp+jONUkBb7XfX ALq14rWUiI7Ib8GYy++ytcLdIhlNfs79gqofsurrNPqO56pdlxRQT4P9/3psq8UT FdxTH+6GIZz0oNeAjTEV8rsFKQw/og8FAOujnCCginjxB8TCr79jYmyhdf74hOUS 2GQXPkEFN5jyzPQbUliGRc+sFsBRGsHhoqnm1rSoBgd1+hdwiu8xc3U= -----END CERTIFICATE-----Generated at Fri Mar 20 13:48:17 2026 by rpki-client