This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: tfStIzgO7/vc4/4htpESVGxx0Y4IsU7HEUf7P1zjkfo= Subject key identifier: 9F:8E:2C:D7:5B:DA:57:93:12:F1:2D:32:73:E0:EB:AD:06:35:31:A5 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 49A12299D950F3E6C5FBE329D03B265361A41379 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0567 Signing time: Sat 22 Nov 2025 00:01:45 +0000 Manifest this update: Sat 22 Nov 2025 00:01:45 +0000 Manifest next update: Wed 26 Nov 2025 00:01:45 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: SoMIp9V4QsX59INEAPlXiR4LU/DTLr/fXlOK9TlAyNk=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: w+4+bxo/lRwC2hOG9Edn/+79C2GPpMAPhWdMbwG/9JU=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: Tu8KJsB24gvGTIUjn+HPIkPOVBYVMazosJy1Qzbh6a8=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: FS1vyz0XLamDOjQ21vOD06OkgWtvhJ7UwSqPGE+oQcg=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 58PnTQblNII2sxrHD4qKI/6eE/pKAhirfUgxfDJkXS8=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: cQc2HrAbBAfe1GL6X0izbfHrnYW3gH/cqRPzedsr7F8=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 26 Nov 2025 00:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:a1:22:99:d9:50:f3:e6:c5:fb:e3:29:d0:3b:26:53:61:a4:13:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 22 00:01:45 2025 GMT Not After : Nov 26 00:01:45 2025 GMT Subject: serialNumber=601087db2e6dac3c9a81a0ac2a1c51a6a454f6d6be2f77658976c59dd4d9a7e0, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:27:75:ca:b7:61:cb:3f:01:1a:21:95:98:18: 24:8c:e7:96:fa:fb:87:df:61:1e:38:98:9c:56:b8: f8:f7:19:d4:c1:ca:3a:56:fe:e1:2e:93:c4:b3:e0: dc:95:9b:34:0a:0f:1a:7c:8f:3d:c0:e8:d0:be:ec: 4f:3a:a7:45:9c:84:f8:a7:7a:9f:20:6a:be:9a:f5: 23:a1:e8:ba:ff:b9:04:4b:f9:d0:6a:4d:52:32:eb: 4f:ed:a6:78:09:a7:9d:4d:8d:d8:bf:a6:f1:5b:c1: 30:ca:3e:06:4f:f0:ed:72:b8:42:b3:02:7b:8a:82: a4:ac:39:15:b5:a4:fc:50:5b:dc:b2:99:51:70:c8: 0f:a9:28:2d:cb:92:8d:0a:00:c7:fa:40:10:d7:15: c7:a9:71:d9:b7:7f:af:e5:1b:56:49:13:64:00:8d: 8c:14:10:df:ca:c9:6c:be:14:ec:16:42:d4:e3:aa: 29:ae:13:36:5a:50:85:d8:fd:4e:f5:6e:bf:d6:c5: 78:fb:e5:75:28:02:22:8c:ee:06:a2:0b:36:48:b7: 42:a5:db:10:86:4b:9d:80:c1:ce:5f:d5:41:91:1f: b2:e9:b5:23:b5:6b:9d:6b:7e:bb:f1:0d:75:04:d4: 4b:8a:7e:b3:4e:b3:cb:0a:93:12:62:a9:f1:3e:62: e8:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:8E:2C:D7:5B:DA:57:93:12:F1:2D:32:73:E0:EB:AD:06:35:31:A5 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:22:82:3d:48:33:f6:10:30:c9:f7:19:c7:99:b8:26:53:4c: 78:a5:2c:de:97:8d:56:04:8d:71:ec:f8:77:2d:13:79:f2:18: 02:47:78:c6:af:cd:58:63:79:65:e3:07:37:44:aa:68:ae:2d: 57:f7:4b:bd:65:ce:3d:5f:29:dd:d8:b4:3f:6a:6d:94:45:00: 58:aa:17:ef:2d:19:19:d4:5e:ab:b7:73:5e:0f:c0:d7:36:42: 48:3b:f1:9b:75:9a:07:0d:c5:b3:9b:cd:e0:38:47:8c:68:11: 7a:c6:32:91:67:96:d4:8b:37:b1:7e:eb:b3:03:33:0c:e1:64: bc:7f:cf:9b:e0:7b:be:cc:1e:3c:62:fe:1d:4f:f4:9b:17:88: f3:9a:6a:fc:46:02:c4:52:03:b7:b0:fd:2d:bf:ff:41:79:72: ef:84:8c:5d:7b:5d:91:59:28:fc:a8:7c:1c:63:6f:ed:16:f3: 0a:61:bb:0e:12:1f:1e:67:64:aa:8c:39:ce:e0:55:31:5f:fe: cf:1a:b9:0c:1f:13:ae:e4:19:77:77:cf:db:63:62:09:af:24: 2f:f1:26:3a:8d:08:66:a9:1c:3f:e5:d0:e3:0d:44:6d:e3:83: d9:d4:c1:42:d5:be:85:35:79:b3:80:8c:8d:d8:9a:b7:15:de: 52:9e:4c:fd -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUSaEimdlQ8+bF++Mp0DsmU2GkE3kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTEyMjAwMDE0NVoX DTI1MTEyNjAwMDE0NVowejFJMEcGA1UEBRNANjAxMDg3ZGIyZTZkYWMzYzlhODFh MGFjMmExYzUxYTZhNDU0ZjZkNmJlMmY3NzY1ODk3NmM1OWRkNGQ5YTdlMDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9id1yrdhyz8BGiGVmBgkjOeW+vuH 32EeOJicVrj49xnUwco6Vv7hLpPEs+DclZs0Cg8afI89wOjQvuxPOqdFnIT4p3qf IGq+mvUjoei6/7kES/nQak1SMutP7aZ4CaedTY3Yv6bxW8Ewyj4GT/DtcrhCswJ7 ioKkrDkVtaT8UFvcsplRcMgPqSgty5KNCgDH+kAQ1xXHqXHZt3+v5RtWSRNkAI2M FBDfyslsvhTsFkLU46oprhM2WlCF2P1O9W6/1sV4++V1KAIijO4Gogs2SLdCpdsQ hkudgMHOX9VBkR+y6bUjtWuda3678Q11BNRLin6zTrPLCpMSYqnxPmLo/wIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFJ+OLNdb2leTEvEtMnPg660GNTGlMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAHMigj1IM/YQMMn3GceZuCZTTHilLN6X jVYEjXHs+HctE3nyGAJHeMavzVhjeWXjBzdEqmiuLVf3S71lzj1fKd3YtD9qbZRF AFiqF+8tGRnUXqu3c14PwNc2Qkg78Zt1mgcNxbObzeA4R4xoEXrGMpFnltSLN7F+ 67MDMwzhZLx/z5vge77MHjxi/h1P9JsXiPOaavxGAsRSA7ew/S2//0F5cu+EjF17 XZFZKPyofBxjb+0W8wphuw4SHx5nZKqMOc7gVTFf/s8auQwfE67kGXd3z9tjYgmv JC/xJjqNCGapHD/l0OMNRG3jg9nUwULVvoU1ebOAjI3YmrcV3lKeTP0= -----END CERTIFICATE-----Generated at Sat Nov 22 11:12:35 2025 by rpki-client