This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: DzrGMr4DxWLjyKEN8o2PcOV2fH937BN8+7AXHHGScsg= Subject key identifier: 5B:48:F4:AE:77:4F:91:18:35:DD:E5:08:54:DD:A8:CD:DB:B5:EA:CB Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 28DD5D5111C51B65D3FB5F47DC42A9A554328BC9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0576 Signing time: Sun 07 Dec 2025 00:00:54 +0000 Manifest this update: Sun 07 Dec 2025 00:00:54 +0000 Manifest next update: Thu 11 Dec 2025 00:00:54 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: 9nftgKOIM666AMu0V8dzHqBAQ2OxGf8PONxebxtdbzQ=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: S1Ao7Ed2lEOUChf0wwWlihVPVCgDd6ngfsHWkEG+//M=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: Tu8KJsB24gvGTIUjn+HPIkPOVBYVMazosJy1Qzbh6a8=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: FS1vyz0XLamDOjQ21vOD06OkgWtvhJ7UwSqPGE+oQcg=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 58PnTQblNII2sxrHD4qKI/6eE/pKAhirfUgxfDJkXS8=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: cQc2HrAbBAfe1GL6X0izbfHrnYW3gH/cqRPzedsr7F8=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:dd:5d:51:11:c5:1b:65:d3:fb:5f:47:dc:42:a9:a5:54:32:8b:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Dec 7 00:00:54 2025 GMT Not After : Dec 11 00:00:54 2025 GMT Subject: serialNumber=988827aeb67b6e69cfe807a9b3ac68b46f7e4b5d80b17f678feddd89667a4f3f, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:85:15:5b:4b:1c:7e:ea:09:0a:ef:a6:a8:ed: 40:47:31:f9:bb:e2:d7:80:1c:95:c5:e0:e2:a2:f1: b2:06:58:90:94:a9:18:c7:59:f5:42:28:d3:2f:70: e1:5d:91:5d:a3:ba:e8:11:cc:be:a6:70:78:09:7b: 30:b8:19:e2:9c:80:59:a7:0a:a0:ca:af:55:91:e4: 8c:6e:ef:a6:52:83:d7:ff:93:07:64:40:92:ed:80: 62:68:7c:43:a3:fd:a8:3a:c3:fe:c0:43:5c:25:09: a4:31:38:1e:6e:2b:f8:17:a9:0e:4e:4c:1f:df:4e: 9d:51:5d:31:53:4d:84:46:85:54:9c:f0:11:0c:5c: fb:32:e1:cc:a9:ed:48:64:85:9d:54:ac:28:14:65: 0e:21:61:cb:eb:ac:73:2e:33:d7:82:20:dd:bf:f4: 8e:ca:46:9a:d9:3a:c8:35:48:95:c4:48:63:fb:4b: d5:f7:98:5b:f9:54:9a:9d:0a:4a:f6:cd:40:70:48: 90:3a:38:d4:8a:a7:3c:77:d0:aa:42:2d:71:d7:fd: 47:bd:c5:7a:2a:a8:9e:33:79:c4:ed:06:54:23:34: 92:36:8e:d9:78:bf:91:a6:ed:33:bd:28:35:f6:8b: ed:95:98:ba:25:6a:26:d9:db:a3:1b:fe:60:ef:fc: 85:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:48:F4:AE:77:4F:91:18:35:DD:E5:08:54:DD:A8:CD:DB:B5:EA:CB X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:ad:23:5c:2c:9f:18:12:ac:b2:7d:b1:de:cb:ad:ab:ba:c8: 93:be:3d:b9:42:29:81:18:78:aa:41:e8:8b:39:90:27:00:09: 25:22:89:88:4c:51:4b:71:76:1d:f1:95:1e:c5:b4:e8:00:fb: 11:71:f3:c7:4e:7b:fc:7c:b2:73:4d:b4:70:30:ad:a9:67:c1: f4:71:5a:26:4b:e7:c4:2c:64:75:48:c9:c9:a7:40:98:ba:00: a6:fe:24:7e:03:e9:93:c5:1f:18:a4:1e:09:53:92:8d:de:ad: 84:85:58:98:9e:c8:a4:db:33:98:15:8c:89:f9:45:3f:1b:52: e5:0b:59:7a:67:15:4f:fe:9d:64:2f:3b:8b:28:4b:52:00:46: 80:5e:9b:ba:1b:f0:57:17:89:4b:70:00:a3:06:0f:c5:7d:eb: de:dc:24:80:65:0d:be:7c:f6:20:c3:d3:a8:72:5a:fd:e2:3b: f3:d5:54:89:b0:03:39:f1:08:55:27:b8:30:da:fb:c4:b9:62: 54:87:e5:a9:d6:41:f2:62:ad:cb:06:d3:3c:81:d9:ce:e9:c4: 03:1f:89:de:01:08:0b:ec:7f:2f:a3:e4:4f:6b:2b:a0:fd:7a: f7:ca:9e:5d:13:ea:e2:82:7a:17:bc:7c:96:ae:a5:9a:95:2c: 08:0f:3f:80 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUKN1dURHFG2XT+19H3EKppVQyi8kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTIwNzAwMDA1NFoX DTI1MTIxMTAwMDA1NFowejFJMEcGA1UEBRNAOTg4ODI3YWViNjdiNmU2OWNmZTgw N2E5YjNhYzY4YjQ2ZjdlNGI1ZDgwYjE3ZjY3OGZlZGRkODk2NjdhNGYzZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYUVW0scfuoJCu+mqO1ARzH5u+LX gByVxeDiovGyBliQlKkYx1n1QijTL3DhXZFdo7roEcy+pnB4CXswuBninIBZpwqg yq9VkeSMbu+mUoPX/5MHZECS7YBiaHxDo/2oOsP+wENcJQmkMTgebiv4F6kOTkwf 306dUV0xU02ERoVUnPARDFz7MuHMqe1IZIWdVKwoFGUOIWHL66xzLjPXgiDdv/SO ykaa2TrINUiVxEhj+0vV95hb+VSanQpK9s1AcEiQOjjUiqc8d9CqQi1x1/1HvcV6 KqieM3nE7QZUIzSSNo7ZeL+Rpu0zvSg19ovtlZi6JWom2dujG/5g7/yFDwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFFtI9K53T5EYNd3lCFTdqM3bterLMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAHutI1wsnxgSrLJ9sd7Lrau6yJO+PblC KYEYeKpB6Is5kCcACSUiiYhMUUtxdh3xlR7FtOgA+xFx88dOe/x8snNNtHAwraln wfRxWiZL58QsZHVIycmnQJi6AKb+JH4D6ZPFHxikHglTko3erYSFWJieyKTbM5gV jIn5RT8bUuULWXpnFU/+nWQvO4soS1IARoBem7ob8FcXiUtwAKMGD8V9697cJIBl Db589iDD06hyWv3iO/PVVImwAznxCFUnuDDa+8S5YlSH5anWQfJircsG0zyB2c7p xAMfid4BCAvsfy+j5E9rK6D9evfKnl0T6uKCehe8fJaupZqVLAgPP4A= -----END CERTIFICATE-----Generated at Sun Dec 7 03:36:20 2025 by rpki-client