
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
File: manifest.mft (raw, json)
Hash identifier: XG8OU1j/64VlEaEkjDOp0FgW6AmL9tfUo1Btnpl7Ej4=
Subject key identifier: 39:C0:93:6B:3A:BB:49:1F:11:E5:18:98:83:82:1A:A6:44:59:FC:2F
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 033E7CF8D909BCDA8CE79A814FF62AE84FFDF646
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
Manifest number: 0650
Signing time: Mon 13 Jul 2026 00:12:04 +0000
Manifest this update: Mon 13 Jul 2026 00:12:04 +0000
Manifest next update: Fri 17 Jul 2026 00:12:04 +0000
Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: srTzPzU87s0GOw3SQxF91NrUrkXJAzILPzI76mvPqFY=)
2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: M+i7XpsJD4p5Tk2yVGdLmGjDs5xTMXCNLVAUi3YO9fw=)
3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: ixxf6ccd3osEyLmWkgkbiHVYyusTctrUjOhnPpMvlE4=)
4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: pL63iKjbLOLYlourekfOR4Nmgu8cB/gmsl43BXFS/jc=)
5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 64kuFuROhLtieOXlazTSy2bjQ+E6VKxKN/jo5XO5H34=)
6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: ZpxX4uxdJxBRqoXrMr+4TjfM6a61MegoEvwGJaS8fgI=)
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 17 Jul 2026 00:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:3e:7c:f8:d9:09:bc:da:8c:e7:9a:81:4f:f6:2a:e8:4f:fd:f6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Jul 13 00:12:04 2026 GMT
Not After : Jul 17 00:12:04 2026 GMT
Subject: serialNumber=ca86d1623fd2e990ea9ded7b0a38477b256656c526e60bad957423f18612736f, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:ae:e4:fa:30:3f:f8:2d:15:53:2d:14:be:
6e:c0:c6:28:9a:04:5a:8a:28:60:50:d8:e3:59:fa:
9e:3d:06:56:1f:db:9c:2f:b6:e2:1b:e5:aa:0a:d5:
15:27:8f:02:64:58:a0:4b:3e:64:e2:b1:57:49:9a:
2f:5d:fa:7f:a0:27:dd:60:ee:c7:8e:cb:c3:36:81:
6f:05:89:6f:d5:a4:48:ae:58:45:4b:53:bf:39:cf:
1e:fb:f2:0f:5c:49:e2:51:41:b5:cd:db:7d:08:98:
8a:af:30:f2:0a:cc:72:c3:24:87:1e:00:40:23:1c:
92:ef:2f:b4:bb:cd:43:46:b9:74:42:57:8d:f0:1b:
6f:74:7e:3d:bd:ce:b0:ad:62:19:e0:45:74:6e:dd:
4e:b1:b4:30:5a:e8:f3:11:8c:41:9c:4d:fe:ec:48:
e7:8c:d8:f5:05:15:d1:6f:12:45:8e:04:b5:a2:f5:
62:5f:91:a9:1e:56:47:42:fd:33:68:6a:5b:25:73:
71:fc:d9:09:3f:f0:87:fc:c9:97:7e:21:ad:e1:b4:
33:dd:95:79:92:f6:aa:31:6e:52:63:95:3e:e5:40:
8e:d4:8e:07:f4:eb:79:1e:0a:48:73:bf:c3:ff:9a:
33:bb:e0:28:88:10:75:01:05:5e:57:b7:e5:4c:18:
c9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C0:93:6B:3A:BB:49:1F:11:E5:18:98:83:82:1A:A6:44:59:FC:2F
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:63:be:ea:2b:54:e2:b7:54:47:c6:87:27:6b:41:05:81:ea:
a0:df:f6:b1:8a:6e:0f:6d:83:64:00:94:4e:ab:24:cc:58:47:
75:94:65:e6:8d:d9:7f:25:e4:77:ee:36:f0:0a:bb:eb:22:07:
47:85:80:62:94:7c:a0:c4:e7:14:fc:14:15:83:14:df:73:6f:
22:30:96:6e:17:c7:23:00:1e:d5:fa:fb:48:20:9d:8f:31:cf:
74:87:8c:d9:c2:31:b0:b0:c7:6e:b4:e7:79:f3:6b:b9:76:27:
6a:f7:a5:1d:92:dd:c0:eb:03:d4:7e:18:40:fe:80:11:ac:c5:
84:b1:76:cd:d7:a0:2b:21:fc:21:70:37:48:8c:3b:e1:20:80:
00:f8:bd:83:9a:c7:61:ab:38:d8:3f:f1:85:e5:8b:4d:f3:bc:
23:11:83:da:38:93:42:90:2e:27:86:16:f9:14:6d:f5:b8:f7:
42:f7:10:01:44:b7:c2:e5:17:38:35:76:c7:a9:02:77:73:39:
5a:68:2e:e3:95:d2:43:16:d2:79:09:7c:4b:04:e8:b0:b9:9b:
6e:86:08:e1:29:35:e4:83:72:e3:bb:1d:b2:ac:d6:fd:fe:2d:
43:2d:f9:96:41:db:94:46:0d:6f:aa:c9:d2:0d:79:17:89:ce:
14:de:e8:ef
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUAz58+NkJvNqM55qBT/Yq6E/99kYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDcxMzAwMTIwNFoX
DTI2MDcxNzAwMTIwNFowejFJMEcGA1UEBRNAY2E4NmQxNjIzZmQyZTk5MGVhOWRl
ZDdiMGEzODQ3N2IyNTY2NTZjNTI2ZTYwYmFkOTU3NDIzZjE4NjEyNzM2ZjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzGu5PowP/gtFVMtFL5uwMYomgRa
iihgUNjjWfqePQZWH9ucL7biG+WqCtUVJ48CZFigSz5k4rFXSZovXfp/oCfdYO7H
jsvDNoFvBYlv1aRIrlhFS1O/Oc8e+/IPXEniUUG1zdt9CJiKrzDyCsxywySHHgBA
IxyS7y+0u81DRrl0QleN8BtvdH49vc6wrWIZ4EV0bt1OsbQwWujzEYxBnE3+7Ejn
jNj1BRXRbxJFjgS1ovViX5GpHlZHQv0zaGpbJXNx/NkJP/CH/MmXfiGt4bQz3ZV5
kvaqMW5SY5U+5UCO1I4H9Ot5HgpIc7/D/5ozu+AoiBB1AQVeV7flTBjJvQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDnAk2s6u0kfEeUYmIOCGqZEWfwvMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi
NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm
LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBAIRjvuorVOK3VEfGhydrQQWB6qDf9rGK
bg9tg2QAlE6rJMxYR3WUZeaN2X8l5HfuNvAKu+siB0eFgGKUfKDE5xT8FBWDFN9z
byIwlm4XxyMAHtX6+0ggnY8xz3SHjNnCMbCwx26053nza7l2J2r3pR2S3cDrA9R+
GED+gBGsxYSxds3XoCsh/CFwN0iMO+EggAD4vYOax2GrONg/8YXli03zvCMRg9o4
k0KQLieGFvkUbfW490L3EAFEt8LlFzg1dsepAndzOVpoLuOV0kMW0nkJfEsE6LC5
m26GCOEpNeSDcuO7HbKs1v3+LUMt+ZZB25RGDW+qydINeReJzhTe6O8=
-----END CERTIFICATE-----
Generated at Mon Jul 13 15:22:48 2026 by rpki-client