$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: 6FXtl4VNALl7jRUIb0rE02rttvtWW8bqhj9U/yYYVdw= Subject key identifier: 45:AE:CE:F7:E5:3E:C2:DE:9C:EB:A4:99:8D:C8:50:E6:EB:EC:15:64 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 3AB561A48DA85CE107871F5BC4FD9C8A69167333 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05D5 Signing time: Thu 12 Mar 2026 00:04:17 +0000 Manifest this update: Thu 12 Mar 2026 00:04:17 +0000 Manifest next update: Mon 16 Mar 2026 00:04:17 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: M49BVy4UbE/bXNrowOyqiUNW6wK+wMLdmbOB3BLPnSo=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 16 Mar 2026 00:04:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:b5:61:a4:8d:a8:5c:e1:07:87:1f:5b:c4:fd:9c:8a:69:16:73:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 12 00:04:17 2026 GMT Not After : Mar 16 00:04:17 2026 GMT Subject: serialNumber=63c4f98ec858a1547b4ff4327dc0b975fcc34ee737158d2aeb478d27475a1fba, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ec:f7:c9:9a:ed:6f:2a:04:dc:b5:8c:ac:79: 6f:1a:aa:19:97:46:d1:e6:b3:53:d1:0f:a1:a4:4e: 97:e1:38:39:32:98:7e:6f:c4:56:ae:18:aa:e9:45: 5f:6f:d3:51:a2:f3:8c:49:24:4f:b2:fe:ef:70:22: bb:dc:97:b0:9f:96:8a:0e:0b:61:77:5c:44:ce:7b: 08:f3:42:aa:c9:ed:86:b1:a8:92:82:74:3d:c6:67: 75:1f:e2:07:31:76:f4:4a:59:83:90:a6:6c:2e:6d: a6:05:d8:c1:7f:7c:d0:a2:ba:87:e5:79:c7:86:6c: 28:68:b8:6d:19:ed:3d:06:d7:0f:be:c1:db:db:d1: 6d:cf:0f:42:71:96:7c:ca:42:33:25:c0:e7:84:56: ac:15:92:4f:3d:56:a6:23:88:2c:f1:de:95:aa:ff: c6:1d:6b:83:22:43:17:8b:7a:24:9a:51:9d:e9:0b: f0:44:19:de:25:07:78:09:63:b1:ac:5e:ea:da:30: e2:36:db:52:85:2a:b1:84:7b:d3:b8:43:57:af:b6: 02:59:e3:e4:c9:f5:96:3f:dc:e0:29:a8:bc:f0:d2: f5:4c:de:b1:7a:23:8d:24:ae:af:3c:59:bb:ce:05: d7:95:11:70:2c:2c:03:95:17:ba:25:70:51:5c:71: f3:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:AE:CE:F7:E5:3E:C2:DE:9C:EB:A4:99:8D:C8:50:E6:EB:EC:15:64 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:68:59:96:42:0d:d8:d2:fa:2f:e9:5d:90:f2:a5:1f:61:31: c9:80:c4:dc:8f:51:21:60:43:af:aa:9c:65:a0:b3:a9:51:fd: e2:a8:86:49:2f:77:ba:7a:d1:05:bd:77:86:8f:f9:7d:c1:79: e1:a5:d2:c7:dc:44:45:23:dc:4f:64:c5:90:ff:cc:1d:bf:43: 8a:cd:45:c9:5e:d8:fa:19:44:11:db:0b:ff:f1:12:81:67:fd: cc:91:5e:ff:7b:cd:88:d0:0a:88:19:6c:33:1b:42:84:5b:c5: 00:b6:a4:77:91:8a:2d:35:66:4e:dd:94:11:31:44:ce:ce:e7: ff:4a:a6:64:1a:fa:04:8d:45:e8:53:e3:e9:22:5a:50:34:d7: 1d:dc:7f:d2:3e:59:fa:fd:f9:40:18:71:1d:b4:a8:d9:ce:fd: fc:c0:d0:99:59:c6:1c:08:71:47:30:92:07:c0:ae:04:2e:45: a8:fd:e9:82:c8:5e:08:bb:1c:9d:52:3e:31:d7:0c:d6:e8:bd: a6:80:e2:f5:c4:1a:ee:25:e3:5d:0b:f6:b6:27:34:64:98:e8: 0e:dc:e4:01:a5:92:c5:7e:44:01:04:6e:d5:77:51:62:69:90: 20:4c:b7:78:9f:cb:68:11:21:b8:4f:01:13:ef:29:53:d3:a6: fe:e6:5c:1c -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUOrVhpI2oXOEHhx9bxP2cimkWczMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDMxMjAwMDQxN1oX DTI2MDMxNjAwMDQxN1owejFJMEcGA1UEBRNANjNjNGY5OGVjODU4YTE1NDdiNGZm NDMyN2RjMGI5NzVmY2MzNGVlNzM3MTU4ZDJhZWI0NzhkMjc0NzVhMWZiYTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuz3yZrtbyoE3LWMrHlvGqoZl0bR 5rNT0Q+hpE6X4Tg5Mph+b8RWrhiq6UVfb9NRovOMSSRPsv7vcCK73Jewn5aKDgth d1xEznsI80Kqye2GsaiSgnQ9xmd1H+IHMXb0SlmDkKZsLm2mBdjBf3zQorqH5XnH hmwoaLhtGe09BtcPvsHb29Ftzw9CcZZ8ykIzJcDnhFasFZJPPVamI4gs8d6Vqv/G HWuDIkMXi3okmlGd6QvwRBneJQd4CWOxrF7q2jDiNttShSqxhHvTuENXr7YCWePk yfWWP9zgKai88NL1TN6xeiONJK6vPFm7zgXXlRFwLCwDlRe6JXBRXHHz6wIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFEWuzvflPsLenOukmY3IUObr7BVkMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAAxoWZZCDdjS+i/pXZDypR9hMcmAxNyP USFgQ6+qnGWgs6lR/eKohkkvd7p60QW9d4aP+X3BeeGl0sfcREUj3E9kxZD/zB2/ Q4rNRcle2PoZRBHbC//xEoFn/cyRXv97zYjQCogZbDMbQoRbxQC2pHeRii01Zk7d lBExRM7O5/9KpmQa+gSNRehT4+kiWlA01x3cf9I+Wfr9+UAYcR20qNnO/fzA0JlZ xhwIcUcwkgfArgQuRaj96YLIXgi7HJ1SPjHXDNbovaaA4vXEGu4l410L9rYnNGSY 6A7c5AGlksV+RAEEbtV3UWJpkCBMt3ify2gRIbhPARPvKVPTpv7mXBw= -----END CERTIFICATE-----Generated at Thu Mar 12 20:56:26 2026 by rpki-client