$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: vhft1M+tpvDERgwYkfPQDUUPzveHrzwEA59cOOtZ4w8= Subject key identifier: 47:2F:A1:EC:18:75:6C:08:9B:39:4B:B2:E8:F3:1E:E5:A0:70:0C:66 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 122836B282471B011FBE977A2458BEDDC569B8C3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05D9 Signing time: Mon 16 Mar 2026 00:05:09 +0000 Manifest this update: Mon 16 Mar 2026 00:05:09 +0000 Manifest next update: Fri 20 Mar 2026 00:05:09 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: POF+09o6eV+U++hFQZxKFEPPUSb6pj0HFxgPGFA8Vu8=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Mar 2026 00:05:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:28:36:b2:82:47:1b:01:1f:be:97:7a:24:58:be:dd:c5:69:b8:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 16 00:05:09 2026 GMT Not After : Mar 20 00:05:09 2026 GMT Subject: serialNumber=97472fdba3ca99f42b0a765d4331e486314cacdf04391d0d1017839a320038b8, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:f4:7e:82:6e:58:ce:db:4b:c9:cb:b3:9b:45: 0e:02:23:ed:29:c4:c6:99:9d:0f:e1:17:d3:0a:2d: eb:89:5c:db:c7:ba:aa:d2:0c:e3:0c:75:15:58:89: 0d:68:84:d8:ff:c1:8e:da:ee:91:aa:0f:1e:66:92: 4e:e1:fe:27:d4:6b:e8:b9:e2:de:d6:25:bc:48:00: 8a:0f:10:9d:53:05:83:81:aa:d3:3c:0d:d4:c4:44: c5:5a:02:1c:65:fc:9e:44:86:87:6f:9a:68:02:4d: a6:1b:a9:7b:f3:b0:8b:96:6e:61:55:b0:a8:cf:3a: 04:1b:3d:a5:be:c7:69:b8:7f:fe:b7:dc:4c:fe:5b: 83:81:12:cd:8d:98:92:d3:74:7c:9a:4c:70:f9:39: 76:af:fe:b3:e1:cc:40:85:d4:82:f1:af:4a:14:ef: a4:93:ce:02:86:a7:04:a3:07:06:d6:53:2e:4d:ba: 3c:ba:c7:38:f5:7c:04:99:00:15:4a:67:01:51:8c: f1:f1:43:6b:29:46:11:88:a4:1a:96:b6:d4:61:20: 5e:34:79:30:91:df:61:e0:a0:95:fe:29:83:a8:a6: 49:33:2d:ad:0f:91:0a:24:d7:bf:cc:35:0e:25:2c: 16:82:7a:5a:15:82:e0:18:b8:3a:68:3c:55:78:8e: 97:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:2F:A1:EC:18:75:6C:08:9B:39:4B:B2:E8:F3:1E:E5:A0:70:0C:66 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:f1:e6:b2:08:37:9f:7a:43:39:26:0c:23:ca:ad:6a:67:06: 77:d9:ba:f1:f1:ce:c4:a8:eb:50:74:91:93:ae:97:a5:20:c5: de:8d:1b:6a:94:96:9c:27:ba:34:10:40:12:c8:37:48:59:53: c9:63:02:7a:54:9c:fd:53:1f:02:b1:3f:db:36:be:77:7d:4c: 02:e6:32:19:3c:f6:89:b9:cb:c0:e4:c9:6f:2e:04:8a:04:ab: a3:da:b5:f6:07:4c:de:a7:ad:d4:4e:6d:e6:dc:f8:fe:49:25: cb:29:a9:9f:cd:ad:17:14:d5:34:94:29:b7:e6:90:92:83:a8: 76:bf:df:ce:d9:b5:59:cd:13:33:2d:93:61:12:77:e8:f2:8c: 93:b9:42:fd:0d:9c:34:56:cb:94:ea:f1:ea:dd:a2:49:76:62: f9:41:c5:9b:3e:8f:bd:85:0d:66:d3:37:39:54:3b:f2:89:0e: 0e:dc:75:c9:cf:01:69:d6:71:02:13:a0:36:2b:f7:eb:d9:4f: 9a:04:66:09:91:98:5d:32:29:91:d4:ad:19:a4:06:f9:16:61: c0:61:ed:20:ee:bb:ba:ab:87:74:a8:2b:9b:ea:36:f1:1b:12: 2b:2d:80:22:c4:da:e1:f4:ca:27:13:64:28:02:1b:03:e9:1c: bc:4b:4e:51 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUEig2soJHGwEfvpd6JFi+3cVpuMMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDMxNjAwMDUwOVoX DTI2MDMyMDAwMDUwOVowejFJMEcGA1UEBRNAOTc0NzJmZGJhM2NhOTlmNDJiMGE3 NjVkNDMzMWU0ODYzMTRjYWNkZjA0MzkxZDBkMTAxNzgzOWEzMjAwMzhiODEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/R+gm5YzttLycuzm0UOAiPtKcTG mZ0P4RfTCi3riVzbx7qq0gzjDHUVWIkNaITY/8GO2u6Rqg8eZpJO4f4n1GvoueLe 1iW8SACKDxCdUwWDgarTPA3UxETFWgIcZfyeRIaHb5poAk2mG6l787CLlm5hVbCo zzoEGz2lvsdpuH/+t9xM/luDgRLNjZiS03R8mkxw+Tl2r/6z4cxAhdSC8a9KFO+k k84ChqcEowcG1lMuTbo8usc49XwEmQAVSmcBUYzx8UNrKUYRiKQalrbUYSBeNHkw kd9h4KCV/imDqKZJMy2tD5EKJNe/zDUOJSwWgnpaFYLgGLg6aDxVeI6X/QIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFEcvoewYdWwImzlLsujzHuWgcAxmMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAArx5rIIN596QzkmDCPKrWpnBnfZuvHx zsSo61B0kZOul6Ugxd6NG2qUlpwnujQQQBLIN0hZU8ljAnpUnP1THwKxP9s2vnd9 TALmMhk89om5y8DkyW8uBIoEq6PatfYHTN6nrdRObebc+P5JJcspqZ/NrRcU1TSU KbfmkJKDqHa/387ZtVnNEzMtk2ESd+jyjJO5Qv0NnDRWy5Tq8erdokl2YvlBxZs+ j72FDWbTNzlUO/KJDg7cdcnPAWnWcQIToDYr9+vZT5oEZgmRmF0yKZHUrRmkBvkW YcBh7SDuu7qrh3SoK5vqNvEbEistgCLE2uH0yicTZCgCGwPpHLxLTlE= -----END CERTIFICATE-----Generated at Mon Mar 16 05:08:36 2026 by rpki-client