$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: /1zW2dy/GOlTGZK4Z4S/yKcxC+5vejzy0l5Thpft00g= Subject key identifier: AD:74:C4:FC:12:20:20:63:48:42:3E:E8:2B:22:4D:35:AF:93:48:37 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 3C9482506A7E21706A9E887E8837C5F851B2D0A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0552 Signing time: Sat 01 Nov 2025 00:02:07 +0000 Manifest this update: Sat 01 Nov 2025 00:02:07 +0000 Manifest next update: Wed 05 Nov 2025 00:02:07 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: S8PMfPIFouW0U6JwdNVX8BpDsK4PnjkSuO9uQpUTz1s=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: xQO1wnKvetpsF+feWgIvq9A3g8NXj+xFCYGVWoa7USY=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: 2XLb7h6yISDftQlUB4TcpfpywHo5glEYW1SGISdeDoA=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: wcYYwgkTAd9Q2xT1BuIAMuJob/FJA9RrYdGr+wpFwVw=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: zwcPWnYArAZVLpt/G7O+elUyq5aa8j+XVNVGlvHcIz4=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: EWyZQ0kD4O1likOe4tykuIu5kk0yH0Zz9dIOCoYFR6g=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 00:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:94:82:50:6a:7e:21:70:6a:9e:88:7e:88:37:c5:f8:51:b2:d0:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 1 00:02:07 2025 GMT Not After : Nov 5 00:02:07 2025 GMT Subject: serialNumber=1ff261c4a4c37ef9adfda6ef698b233e9f7a5373d3f707d6c296ae684cbb099f, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:04:3c:9e:8d:60:cb:87:50:25:c1:c1:b9:37: 88:80:e6:16:bd:1e:35:25:d2:33:4d:da:18:ff:5e: 87:4f:ad:7a:5a:65:5e:74:62:ef:4f:4e:91:fd:c7: a0:ce:d4:60:dc:42:7b:d2:2b:fd:01:f1:67:fc:8f: bb:2b:be:f7:84:0c:2a:f7:c0:af:af:63:11:40:52: 85:0b:31:7d:9e:a5:cd:be:79:d8:fe:20:fe:a8:10: 95:cd:f1:be:52:2d:d3:43:66:a7:91:ad:af:4a:cc: 28:db:84:b3:d1:97:3e:b3:78:f9:6a:00:a5:02:0f: cb:3d:80:58:be:7f:d0:0f:2e:20:0d:ba:2f:04:d4: b6:f1:2f:7b:a9:18:d1:af:f2:c7:72:ef:7e:7b:0b: 9a:a0:bd:ba:1c:70:db:1b:ef:ef:96:b8:34:9c:c1: 20:4b:66:40:61:74:44:0b:fa:15:48:50:d6:a3:88: d3:a2:e6:4d:12:b8:1c:e2:d0:01:c6:06:0e:1b:ab: 4f:0f:19:14:ed:a0:e5:87:64:22:f6:67:b8:92:30: a0:93:5d:28:98:63:65:e4:53:a7:c8:91:11:ef:8a: 8e:1d:76:2c:b3:12:32:37:4e:7b:20:33:43:b2:b3: 7a:a7:49:16:c6:1b:b5:2b:c6:70:61:7e:07:f6:b0: 31:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:74:C4:FC:12:20:20:63:48:42:3E:E8:2B:22:4D:35:AF:93:48:37 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:3f:77:54:18:8e:83:e1:7e:14:6d:1e:e9:25:39:a8:5b:d2: 68:c8:cf:d8:25:04:d5:c8:6a:f7:4f:90:71:dc:a7:de:04:04: 15:0d:58:c7:07:10:fa:f1:ac:17:67:d8:bd:9f:c3:ae:73:cf: 6e:e5:97:09:98:c7:b7:f6:f7:d0:dc:f6:98:63:cc:f8:b7:91: c4:38:94:88:e5:79:34:d6:5a:cf:42:4c:aa:c4:55:ff:b3:9d: 86:f3:04:77:0f:8f:cb:36:75:e8:7c:ae:21:ef:cb:b1:90:be: d7:28:32:01:0d:a8:f4:0e:34:93:67:f4:85:f4:8d:2d:5a:51: ce:11:b5:ff:9e:9d:71:bf:9b:0b:2d:93:8b:76:f6:1d:70:1f: ba:e8:7b:25:19:8d:a9:52:19:d4:c1:29:e1:26:6e:81:e9:ba: b2:dc:ac:c2:99:e8:78:69:c6:ea:db:ca:c8:9b:7e:d3:8b:66: 27:a4:62:d2:dc:12:20:c4:15:96:d6:22:0c:b0:86:f1:03:02: 2d:57:a3:31:6e:5e:5a:1d:82:2b:6c:b3:d3:cd:53:be:50:f7: a9:66:a3:38:a3:fb:27:da:b7:7e:aa:33:ce:48:98:28:38:2b: 7b:e9:5e:29:61:4a:1a:68:9a:97:28:cd:b2:b0:5b:7e:62:bf: 35:a6:2a:47 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUPJSCUGp+IXBqnoh+iDfF+FGy0KMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTEwMTAwMDIwN1oX DTI1MTEwNTAwMDIwN1owejFJMEcGA1UEBRNAMWZmMjYxYzRhNGMzN2VmOWFkZmRh NmVmNjk4YjIzM2U5ZjdhNTM3M2QzZjcwN2Q2YzI5NmFlNjg0Y2JiMDk5ZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gQ8no1gy4dQJcHBuTeIgOYWvR41 JdIzTdoY/16HT616WmVedGLvT06R/cegztRg3EJ70iv9AfFn/I+7K773hAwq98Cv r2MRQFKFCzF9nqXNvnnY/iD+qBCVzfG+Ui3TQ2anka2vSswo24Sz0Zc+s3j5agCl Ag/LPYBYvn/QDy4gDbovBNS28S97qRjRr/LHcu9+ewuaoL26HHDbG+/vlrg0nMEg S2ZAYXREC/oVSFDWo4jTouZNErgc4tABxgYOG6tPDxkU7aDlh2Qi9me4kjCgk10o mGNl5FOnyJER74qOHXYssxIyN057IDNDsrN6p0kWxhu1K8ZwYX4H9rAxVQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFK10xPwSICBjSEI+6CsiTTWvk0g3MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBADM/d1QYjoPhfhRtHuklOahb0mjIz9gl BNXIavdPkHHcp94EBBUNWMcHEPrxrBdn2L2fw65zz27llwmYx7f299Dc9phjzPi3 kcQ4lIjleTTWWs9CTKrEVf+znYbzBHcPj8s2deh8riHvy7GQvtcoMgENqPQONJNn 9IX0jS1aUc4Rtf+enXG/mwstk4t29h1wH7roeyUZjalSGdTBKeEmboHpurLcrMKZ 6HhpxurbysibftOLZiekYtLcEiDEFZbWIgywhvEDAi1XozFuXlodgitss9PNU75Q 96lmozij+yfat36qM85ImCg4K3vpXilhShpompcozbKwW35ivzWmKkc= -----END CERTIFICATE-----Generated at Sat Nov 1 11:54:04 2025 by rpki-client