
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
File: manifest.mft (raw, json)
Hash identifier: uNGy2I5ULMRD1XJLU0KNa2QJeMq8trMVhhjMGQeiJKk=
Subject key identifier: 5C:A6:44:FF:17:BB:63:E0:1B:E0:72:02:41:56:FD:9E:E9:13:F6:4E
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 430DD1DCA0D50A6420DFEB777BBE92A5FB3BEBD4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
Manifest number: 05E1
Signing time: Tue 24 Mar 2026 00:07:10 +0000
Manifest this update: Tue 24 Mar 2026 00:07:10 +0000
Manifest next update: Sat 28 Mar 2026 00:07:10 +0000
Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: bY1bOBvlqNw53GsB3DZlaz+ebZWLXa5d7/fO+6xcLcE=)
2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=)
3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=)
4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=)
5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=)
6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=)
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 28 Mar 2026 00:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:0d:d1:dc:a0:d5:0a:64:20:df:eb:77:7b:be:92:a5:fb:3b:eb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Mar 24 00:07:10 2026 GMT
Not After : Mar 28 00:07:10 2026 GMT
Subject: serialNumber=da3c6656aea6ec8644784743694e560a7b1830ea360c2953d47b0d4194e84979, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5a:69:26:7a:64:bc:0d:7a:f9:26:27:9d:17:
46:d1:da:5b:3e:36:de:05:4d:55:7b:e3:9a:d4:9a:
d4:76:e9:31:76:61:b2:79:01:4d:d9:ef:80:81:d1:
07:75:1e:7a:b3:ea:60:96:48:48:29:65:83:b9:2b:
08:75:43:c0:7e:ce:e3:2b:55:e5:5d:51:10:aa:5f:
9f:ab:b6:ce:fd:8d:34:c6:84:49:4c:e8:18:37:41:
2e:62:4c:d2:74:9a:46:cd:87:12:d0:d5:e3:a0:64:
a8:3a:0a:6d:de:af:26:53:35:32:06:56:1a:01:75:
93:49:17:e5:fa:6c:f6:fa:4b:54:86:9f:ce:07:e7:
81:c2:f4:de:fd:68:c1:49:52:2a:89:fd:d7:02:3b:
e4:db:75:8f:53:3d:7d:b4:96:37:fc:b6:79:3b:eb:
6a:b6:02:12:98:75:b9:41:e5:68:09:d7:b5:a0:6b:
3f:8f:5b:c2:df:45:76:c1:72:75:43:a0:03:ea:4f:
53:e4:f2:1c:58:7e:c4:86:db:8d:6c:9f:69:54:d7:
5b:8e:8b:04:51:a9:78:0b:a0:c4:05:ca:19:dd:c2:
c8:cd:fc:85:ae:8d:5d:7e:57:36:48:ed:c7:c3:51:
a0:d2:5a:a6:fe:0a:5c:04:88:85:9e:27:d9:4a:fb:
48:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A6:44:FF:17:BB:63:E0:1B:E0:72:02:41:56:FD:9E:E9:13:F6:4E
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:fe:a3:32:95:75:7e:7c:4b:d0:66:1f:86:5b:61:55:a1:07:
76:a2:36:f4:c8:8d:2b:14:61:80:7f:5e:10:99:b9:09:86:1c:
34:9b:7b:f6:d5:4b:5e:2a:95:6d:49:93:88:39:35:84:a4:2c:
91:9b:69:f2:2e:1d:ea:9e:42:9a:48:8c:5b:c7:8c:c7:11:76:
9e:3f:a3:f0:57:7a:32:7e:5c:bf:46:d9:d6:e4:f9:c7:5d:8e:
37:14:1f:c0:1c:f8:eb:49:ff:39:0b:d1:35:41:05:b8:19:97:
5d:a8:bc:eb:99:e8:ca:6e:b2:72:ee:52:44:3b:0a:e8:f1:02:
39:44:c1:47:85:95:cd:fc:a9:2e:5f:1c:8b:94:b2:db:e7:2c:
db:41:cc:1c:2b:86:47:06:9c:8b:28:ff:77:a8:e5:bb:35:a9:
5d:7b:54:1e:e9:84:cb:8a:64:cf:a0:22:3b:04:0b:7d:11:85:
7c:a1:54:18:a7:a8:aa:a3:ab:0e:e1:84:5a:9e:46:c6:6e:e2:
41:82:3e:60:8e:14:ea:f8:09:09:d9:6e:b6:b9:9a:29:dd:e2:
75:20:85:be:84:e0:24:2d:4d:92:0e:5c:e5:1e:29:58:c9:be:
0c:7a:1e:71:68:74:5c:75:ab:e4:8f:07:36:1b:74:79:e6:f5:
c6:20:a2:e4
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUQw3R3KDVCmQg3+t3e76Spfs769QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDMyNDAwMDcxMFoX
DTI2MDMyODAwMDcxMFowejFJMEcGA1UEBRNAZGEzYzY2NTZhZWE2ZWM4NjQ0Nzg0
NzQzNjk0ZTU2MGE3YjE4MzBlYTM2MGMyOTUzZDQ3YjBkNDE5NGU4NDk3OTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVppJnpkvA16+SYnnRdG0dpbPjbe
BU1Ve+Oa1JrUdukxdmGyeQFN2e+AgdEHdR56s+pglkhIKWWDuSsIdUPAfs7jK1Xl
XVEQql+fq7bO/Y00xoRJTOgYN0EuYkzSdJpGzYcS0NXjoGSoOgpt3q8mUzUyBlYa
AXWTSRfl+mz2+ktUhp/OB+eBwvTe/WjBSVIqif3XAjvk23WPUz19tJY3/LZ5O+tq
tgISmHW5QeVoCde1oGs/j1vC30V2wXJ1Q6AD6k9T5PIcWH7EhtuNbJ9pVNdbjosE
Ual4C6DEBcoZ3cLIzfyFro1dflc2SO3Hw1Gg0lqm/gpcBIiFnifZSvtI1wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFFymRP8Xu2PgG+ByAkFW/Z7pE/ZOMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi
NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm
LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBAIj+ozKVdX58S9BmH4ZbYVWhB3aiNvTI
jSsUYYB/XhCZuQmGHDSbe/bVS14qlW1Jk4g5NYSkLJGbafIuHeqeQppIjFvHjMcR
dp4/o/BXejJ+XL9G2dbk+cddjjcUH8Ac+OtJ/zkL0TVBBbgZl12ovOuZ6MpusnLu
UkQ7CujxAjlEwUeFlc38qS5fHIuUstvnLNtBzBwrhkcGnIso/3eo5bs1qV17VB7p
hMuKZM+gIjsEC30RhXyhVBinqKqjqw7hhFqeRsZu4kGCPmCOFOr4CQnZbra5mind
4nUghb6E4CQtTZIOXOUeKVjJvgx6HnFodFx1q+SPBzYbdHnm9cYgouQ=
-----END CERTIFICATE-----
Generated at Wed Mar 25 01:10:59 2026 by rpki-client