
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
File: manifest.mft (raw, json)
Hash identifier: e4SbMTPgjKkooDkHeqqlkrI58sV+rcTkkNDK8yTbHKA=
Subject key identifier: 1B:D3:77:40:13:D7:A2:E2:AD:60:AB:F8:88:16:6D:D2:E9:7F:16:5C
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 6F0B452F7C010583DCD102E46820FC7B36978915
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
Manifest number: 0654
Signing time: Fri 17 Jul 2026 00:01:04 +0000
Manifest this update: Fri 17 Jul 2026 00:01:04 +0000
Manifest next update: Tue 21 Jul 2026 00:01:04 +0000
Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: u9QVJAzTRfPv+XEQNxByLV8N8ZvfFzUay+yb6ChL7dA=)
2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: M+i7XpsJD4p5Tk2yVGdLmGjDs5xTMXCNLVAUi3YO9fw=)
3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: 0OedyNMwjL1I1p7rzryfdYD0nslES0i+43AbthFPFmE=)
4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: aoaRIM84eruV/ISWBs3PJCPQb0sEmsLtTOcu1EdbsFA=)
5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: vbtxuyfgx9e6lLFR0CnUGCC1kgCTySw+Ljt4yM1fDb4=)
6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: q5bh3h1LHQcXwRDCiiiYn6TP5+N60E0SyV4QnQBQL8c=)
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 21 Jul 2026 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:0b:45:2f:7c:01:05:83:dc:d1:02:e4:68:20:fc:7b:36:97:89:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Jul 17 00:01:04 2026 GMT
Not After : Jul 21 00:01:04 2026 GMT
Subject: serialNumber=a878971bc20dbcd8e431dc53c2bfc68cec27ff55e171c69e9fa9f1b763a7add2, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4e:90:c2:21:72:8a:7c:e4:28:1b:24:48:15:
61:01:e4:81:80:ed:54:fb:b3:35:74:69:6e:4a:81:
db:a4:b4:a5:4a:1e:3a:aa:04:c1:e0:a2:af:3b:f5:
73:1a:96:1c:d7:5d:42:43:fd:e7:97:ab:ea:57:d9:
74:fc:de:5a:74:77:fd:5b:05:2f:fe:ce:16:db:a0:
32:5c:f3:3a:b6:54:78:81:06:c6:6d:7a:69:fe:b8:
7c:b2:8c:b8:3a:24:7e:28:93:37:0e:5a:bc:cf:9e:
4d:7d:16:f2:57:dd:ae:7e:33:5d:fd:a2:ee:94:08:
c3:b8:3d:69:6f:1d:a6:18:8c:df:55:e0:fd:ac:f1:
5a:fa:b2:88:5c:0b:25:c4:98:9a:ce:b5:f7:84:af:
6a:6d:73:62:3f:7c:29:04:1c:11:4e:5a:5b:10:d3:
45:3d:63:4c:a3:76:0d:72:53:45:91:44:9d:42:07:
31:7c:40:29:04:55:04:aa:c2:1d:26:17:51:1a:53:
ad:5c:1f:9c:99:f6:26:18:7f:64:08:6f:80:53:8b:
63:fb:c3:0e:ef:ac:36:41:1d:e5:ca:f9:71:a2:7f:
7c:ea:52:7e:17:f2:df:20:4d:21:c4:58:70:33:44:
82:eb:62:97:08:65:72:ed:3b:63:1f:73:61:1d:85:
5e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D3:77:40:13:D7:A2:E2:AD:60:AB:F8:88:16:6D:D2:E9:7F:16:5C
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:a8:38:0e:db:55:f3:ad:4b:89:10:5e:ac:fc:74:6c:71:e9:
f7:ba:4d:95:13:d0:37:00:c4:a2:6d:89:f7:b3:63:01:d5:60:
00:52:cb:ad:ad:1c:a6:d0:d0:2b:7e:00:69:6e:55:2a:b7:eb:
96:4c:34:99:45:f9:fd:46:ef:53:f4:12:25:7b:66:a2:db:8a:
cb:72:55:61:1b:82:1c:74:27:24:47:0b:68:45:5f:42:e3:81:
a8:88:72:ce:c9:9e:30:f5:a1:e0:23:8a:79:2e:2a:15:52:35:
1f:a5:c7:46:46:7e:a4:08:b2:52:f1:7b:30:d9:71:ca:10:5c:
d2:fa:cd:cb:cf:2a:a7:d0:3e:15:a3:95:50:22:a1:0b:0c:ad:
49:9a:f6:44:5c:fb:2e:da:5c:06:b3:96:29:aa:70:e0:ff:19:
46:94:3c:5c:0c:5a:b7:c1:69:6f:ec:41:d7:ba:32:e6:49:c4:
09:ff:a6:6a:80:1d:b3:3c:4c:72:ba:e4:e1:e0:8b:a4:ab:ee:
ec:db:cf:69:97:b7:f8:ef:10:7d:52:9d:43:bd:4d:32:5c:a0:
f8:99:5d:f7:0f:15:64:80:b3:07:96:87:a6:41:33:46:b1:c7:
50:13:10:bb:c5:e4:04:af:25:5c:b8:4c:23:d4:0a:41:e9:ba:
94:ec:bd:79
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUbwtFL3wBBYPc0QLkaCD8ezaXiRUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDcxNzAwMDEwNFoX
DTI2MDcyMTAwMDEwNFowejFJMEcGA1UEBRNAYTg3ODk3MWJjMjBkYmNkOGU0MzFk
YzUzYzJiZmM2OGNlYzI3ZmY1NWUxNzFjNjllOWZhOWYxYjc2M2E3YWRkMjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU6QwiFyinzkKBskSBVhAeSBgO1U
+7M1dGluSoHbpLSlSh46qgTB4KKvO/VzGpYc111CQ/3nl6vqV9l0/N5adHf9WwUv
/s4W26AyXPM6tlR4gQbGbXpp/rh8soy4OiR+KJM3Dlq8z55NfRbyV92ufjNd/aLu
lAjDuD1pbx2mGIzfVeD9rPFa+rKIXAslxJiazrX3hK9qbXNiP3wpBBwRTlpbENNF
PWNMo3YNclNFkUSdQgcxfEApBFUEqsIdJhdRGlOtXB+cmfYmGH9kCG+AU4tj+8MO
76w2QR3lyvlxon986lJ+F/LfIE0hxFhwM0SC62KXCGVy7TtjH3NhHYVeAQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBvTd0AT16LirWCr+IgWbdLpfxZcMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi
NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm
LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBACioOA7bVfOtS4kQXqz8dGxx6fe6TZUT
0DcAxKJtifezYwHVYABSy62tHKbQ0Ct+AGluVSq365ZMNJlF+f1G71P0EiV7ZqLb
istyVWEbghx0JyRHC2hFX0LjgaiIcs7JnjD1oeAjinkuKhVSNR+lx0ZGfqQIslLx
ezDZccoQXNL6zcvPKqfQPhWjlVAioQsMrUma9kRc+y7aXAazlimqcOD/GUaUPFwM
WrfBaW/sQde6MuZJxAn/pmqAHbM8THK65OHgi6Sr7uzbz2mXt/jvEH1SnUO9TTJc
oPiZXfcPFWSAsweWh6ZBM0axx1ATELvF5ASvJVy4TCPUCkHpupTsvXk=
-----END CERTIFICATE-----
Generated at Fri Jul 17 22:16:55 2026 by rpki-client