$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: Bqws9BMr2mbKhJ70qexcAOaIccmGwH+REDlyiMms8AE= Subject key identifier: B7:A2:E6:64:D2:4D:1D:CE:02:AA:90:F1:98:A3:71:0F:A6:C2:27:84 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 295D705D21CA76CCD383370367AB6A6B2E8114 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 0600 Signing time: Fri 24 Apr 2026 00:14:36 +0000 Manifest this update: Fri 24 Apr 2026 00:14:36 +0000 Manifest next update: Tue 28 Apr 2026 00:14:36 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: NsVY9tZpzRf765MPIsQ4lFqo3wGbP1C7BaKgZy08sdk=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 00:14:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:5d:70:5d:21:ca:76:cc:d3:83:37:03:67:ab:6a:6b:2e:81:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 24 00:14:36 2026 GMT Not After : Apr 28 00:14:36 2026 GMT Subject: serialNumber=4e80335e58ca2140d5d74a02a4b365db883c1f8ae91fa716d48c3443c4c26ebd, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ee:3c:a4:9a:23:71:ac:a0:38:37:2a:e3:54: e3:97:d6:7f:32:3c:10:df:a0:1d:59:5f:9d:a1:a7: e8:de:9d:20:5a:f3:29:20:af:03:26:e9:48:47:7e: f8:e6:d1:09:53:0f:49:ce:b8:f1:a9:0b:b7:60:5b: 14:08:21:b6:d7:fb:1a:b3:53:e1:95:59:9d:62:21: 8d:a5:c3:11:f1:0f:8b:08:e9:7f:fe:96:db:e1:60: fd:85:2b:e5:32:c0:23:66:c8:64:8f:c5:19:2e:d4: 7c:c2:88:b3:d1:c0:b2:b5:05:fd:38:f6:66:30:ec: 12:fc:f0:40:76:55:46:da:d5:a1:1d:33:e4:b3:6f: d0:de:eb:9a:cc:67:ac:c6:cb:4d:20:79:1d:a4:c2: 16:2b:e8:c3:6e:20:39:4c:ac:01:ec:77:0a:36:c2: c5:9b:d1:52:b8:07:78:78:ef:12:48:e9:56:c2:68: 6d:40:ba:a4:a8:7c:c8:3b:1d:a5:f9:b6:2e:1b:66: 06:7b:fd:40:c6:76:39:f5:4d:3b:2b:ef:06:21:57: 8e:06:bc:2c:3c:4c:86:5b:5f:6e:ec:ca:44:49:13: d8:e6:e7:15:e8:78:79:61:cd:f9:c2:a5:c8:80:4a: 18:53:dd:ab:ac:80:61:98:87:a3:36:16:e8:3b:66: 99:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:A2:E6:64:D2:4D:1D:CE:02:AA:90:F1:98:A3:71:0F:A6:C2:27:84 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:ce:76:4f:c0:6f:b5:8b:a5:4e:65:9d:cb:e8:bb:8f:6b:fc: d5:39:66:0b:e0:e6:ee:c9:b9:df:9c:cf:fd:ee:8a:64:74:e4: d5:f8:ae:13:ac:50:96:14:4b:e2:8c:6a:fd:36:78:93:64:42: a6:42:af:2b:b5:89:14:7a:82:a3:7d:e1:78:a8:d8:91:77:28: b0:61:50:be:67:66:c0:bc:e4:13:a2:39:7b:07:9d:1c:2c:ac: 0b:6d:09:af:99:f9:fb:15:ea:bc:83:d3:ad:86:87:a3:e2:b1: 44:e8:d0:f1:a4:5e:7e:16:53:72:26:74:01:98:f3:d2:dc:a2: 5b:6d:26:e8:ac:d1:30:3f:40:6d:05:f8:34:40:f4:e6:70:f7: 54:a3:3b:02:b7:27:fe:7a:86:78:64:b9:5c:e9:db:59:c1:d7: 2f:47:99:1c:33:a3:53:b2:02:26:ab:a1:b4:49:b2:e9:4b:de: 0b:c7:8b:13:21:f6:ca:a0:8a:f9:f8:14:e3:a3:bf:0b:f0:e6: e5:8d:41:00:33:3d:c7:13:3a:34:ea:1f:44:00:d9:b4:0d:3a: 21:97:5e:c3:8a:c5:56:d2:19:cb:dc:14:e2:25:41:46:f0:9b: f0:f6:b9:86:be:6f:f0:5e:65:2d:9d:e6:70:55:43:ba:f4:56: 7b:ab:a8:c0 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgITKV1wXSHKdszTgzcDZ6tqay6BFDANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTE4ODA2RjAwMDAxMTAvBgNVBAUTKEU3Q0FEQTVGMDg4 MUQ3N0JFQTQ4QjA3NjhBMzc2NkI1MDA2NUFGMDgwHhcNMjYwNDI0MDAxNDM2WhcN MjYwNDI4MDAxNDM2WjB6MUkwRwYDVQQFE0A0ZTgwMzM1ZTU4Y2EyMTQwZDVkNzRh MDJhNGIzNjVkYjg4M2MxZjhhZTkxZmE3MTZkNDhjMzQ0M2M0YzI2ZWJkMS0wKwYD VQQDEyRiYjlhOTExNi1mNjE1LTQ2MmUtYTY4MC01MjY2YjMyN2UwZmEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC67jykmiNxrKA4NyrjVOOX1n8yPBDf oB1ZX52hp+jenSBa8ykgrwMm6UhHfvjm0QlTD0nOuPGpC7dgWxQIIbbX+xqzU+GV WZ1iIY2lwxHxD4sI6X/+ltvhYP2FK+UywCNmyGSPxRku1HzCiLPRwLK1Bf049mYw 7BL88EB2VUba1aEdM+Szb9De65rMZ6zGy00geR2kwhYr6MNuIDlMrAHsdwo2wsWb 0VK4B3h47xJI6VbCaG1AuqSofMg7HaX5ti4bZgZ7/UDGdjn1TTsr7wYhV44GvCw8 TIZbX27sykRJE9jm5xXoeHlhzfnCpciAShhT3ausgGGYh6M2Fug7ZplNAgMBAAGj ggJBMIICPTAdBgNVHQ4EFgQUt6LmZNJNHc4CqpDxmKNxD6bCJ4QwHwYDVR0jBBgw FoAU58raXwiB13vqSLB2ijdmtQBlrwgwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyLzU4cmFYd2lC MTN2cVNMQjJpamRtdFFCbHJ3Zy5jZXIwfwYIKwYBBQUHAQsEczBxMG8GCCsGAQUF BzALhmNyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v dm9sdW1lLzcwOGFhZmFmLTAwYjQtNDg1Yi04NTRjLTBiMzJjYTMwZjU3Yi9tYW5p ZmVzdC5tZnQwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJz eW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0 LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYt MzdiOTU1YTI0YjNmLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsG AQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAE oAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEc52T8BvtYulTmWdy+i7j2v81TlmC+Dm 7sm535zP/e6KZHTk1fiuE6xQlhRL4oxq/TZ4k2RCpkKvK7WJFHqCo33heKjYkXco sGFQvmdmwLzkE6I5ewedHCysC20Jr5n5+xXqvIPTrYaHo+KxROjQ8aRefhZTciZ0 AZjz0tyiW20m6KzRMD9AbQX4NED05nD3VKM7Arcn/nqGeGS5XOnbWcHXL0eZHDOj U7ICJquhtEmy6UveC8eLEyH2yqCK+fgU46O/C/Dm5Y1BADM9xxM6NOofRADZtA06 IZdew4rFVtIZy9wU4iVBRvCb8Pa5hr5v8F5lLZ3mcFVDuvRWe6uowA== -----END CERTIFICATE-----Generated at Fri Apr 24 04:27:27 2026 by rpki-client