
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
File: manifest.mft (raw, json)
Hash identifier: /4qpwzlVeACnu5hjqWNfm8KqQXloTRl21PdaqWRCSXo=
Subject key identifier: C1:29:37:FC:95:0D:F2:0F:7B:27:C0:84:69:27:85:9C:A7:8C:1E:CC
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 53449E49A4E68159BAB907166BBD6E4905349327
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
Manifest number: 0647
Signing time: Sat 04 Jul 2026 00:09:57 +0000
Manifest this update: Sat 04 Jul 2026 00:09:57 +0000
Manifest next update: Wed 08 Jul 2026 00:09:57 +0000
Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: bjXf9Th56bAaNsLYjHWkDIvp8IhSjO54bij4HbTokUY=)
2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: M+i7XpsJD4p5Tk2yVGdLmGjDs5xTMXCNLVAUi3YO9fw=)
3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: ixxf6ccd3osEyLmWkgkbiHVYyusTctrUjOhnPpMvlE4=)
4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: pL63iKjbLOLYlourekfOR4Nmgu8cB/gmsl43BXFS/jc=)
5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 64kuFuROhLtieOXlazTSy2bjQ+E6VKxKN/jo5XO5H34=)
6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: ZpxX4uxdJxBRqoXrMr+4TjfM6a61MegoEvwGJaS8fgI=)
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 Jul 2026 00:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:44:9e:49:a4:e6:81:59:ba:b9:07:16:6b:bd:6e:49:05:34:93:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Jul 4 00:09:57 2026 GMT
Not After : Jul 8 00:09:57 2026 GMT
Subject: serialNumber=37684bf6bc72ed018360454da98200f4cd0a7a5979a8e5c91f630ccc607e463a, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:20:a4:10:c9:f2:5a:9a:50:eb:45:29:d8:aa:
c5:8a:3c:ce:1c:f1:ff:24:87:a1:23:e7:aa:2c:63:
9c:b7:32:f1:de:a3:06:a6:69:3a:71:bb:19:cd:5c:
f5:8f:c4:53:41:78:e5:07:97:f7:76:da:b1:62:67:
75:bc:a8:da:62:51:18:fa:af:89:1a:ba:ae:29:4a:
2c:c5:88:ab:b3:84:65:c8:00:01:b7:60:62:7c:8c:
51:59:be:2c:45:19:c8:f8:2a:73:84:b0:79:bc:2a:
98:58:77:66:3a:d1:ef:bc:ac:43:f2:95:13:2f:65:
af:16:d6:98:fa:3c:f1:46:2b:b3:59:c2:c0:39:a5:
8e:83:9b:b5:aa:be:60:97:e4:7f:67:27:b9:2b:0b:
37:d0:ce:17:02:e4:c3:7a:97:4d:1a:03:0f:d6:1e:
a4:5e:9c:90:c9:f0:b4:0a:da:c2:16:5c:19:e1:23:
ca:e0:be:73:36:0d:55:f0:f7:41:48:dd:03:1f:d9:
27:c6:27:e4:81:61:75:3d:35:0c:39:80:2b:e5:8c:
ec:cb:f7:4d:e6:66:c3:24:8a:7e:6d:89:cc:34:ab:
ff:e3:b0:87:75:72:d4:8e:f5:b9:d6:a1:e3:cf:be:
45:60:1a:8f:1b:27:fb:bb:01:cc:ba:78:f0:dc:e5:
47:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:29:37:FC:95:0D:F2:0F:7B:27:C0:84:69:27:85:9C:A7:8C:1E:CC
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:f1:5b:c7:72:a3:9f:d9:23:80:86:df:d3:04:e9:00:59:14:
ac:5c:6f:35:5f:a6:f8:d1:92:54:13:f1:a7:1e:04:b7:68:1e:
41:d8:0b:61:ae:bb:a9:bf:e8:07:10:e0:6d:12:8a:94:c8:34:
37:3d:c1:6d:56:64:56:a7:c0:11:0e:a7:96:15:28:60:c7:07:
99:79:00:52:1d:9e:62:cf:c3:a5:44:f8:dc:1a:3f:b4:9c:2b:
0c:e7:4f:19:86:fc:1d:a5:7a:b4:83:5a:de:e4:d5:7c:47:23:
f4:ba:ab:99:74:1c:f5:31:31:a6:32:3b:75:be:5b:5a:62:f3:
02:4c:65:2f:48:d2:16:ac:df:d2:6f:a9:0a:f3:33:2d:54:ea:
60:59:86:61:7d:6f:40:03:75:be:9b:51:e0:91:cd:eb:a3:a8:
f5:bb:19:c0:e6:dd:a8:d4:42:43:da:36:fc:b4:57:9f:a9:8d:
a9:f8:c9:5a:23:49:bb:ca:d4:be:54:55:99:58:36:fb:0f:e2:
99:50:4a:d1:49:22:20:02:73:2a:c2:d2:c4:56:4d:41:ff:ba:
5a:62:b5:7e:4b:73:1f:03:69:b9:9b:f1:3c:60:ac:6b:26:19:
f5:d1:39:66:31:c2:c6:be:9b:68:49:26:46:2c:c8:1f:32:96:
37:59:71:b6
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUU0SeSaTmgVm6uQcWa71uSQU0kycwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDcwNDAwMDk1N1oX
DTI2MDcwODAwMDk1N1owejFJMEcGA1UEBRNAMzc2ODRiZjZiYzcyZWQwMTgzNjA0
NTRkYTk4MjAwZjRjZDBhN2E1OTc5YThlNWM5MWY2MzBjY2M2MDdlNDYzYTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSCkEMnyWppQ60Up2KrFijzOHPH/
JIehI+eqLGOctzLx3qMGpmk6cbsZzVz1j8RTQXjlB5f3dtqxYmd1vKjaYlEY+q+J
GrquKUosxYirs4RlyAABt2BifIxRWb4sRRnI+CpzhLB5vCqYWHdmOtHvvKxD8pUT
L2WvFtaY+jzxRiuzWcLAOaWOg5u1qr5gl+R/Zye5Kws30M4XAuTDepdNGgMP1h6k
XpyQyfC0CtrCFlwZ4SPK4L5zNg1V8PdBSN0DH9knxifkgWF1PTUMOYAr5Yzsy/dN
5mbDJIp+bYnMNKv/47CHdXLUjvW51qHjz75FYBqPGyf7uwHMunjw3OVH0wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFMEpN/yVDfIPeyfAhGknhZynjB7MMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi
NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm
LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBAFjxW8dyo5/ZI4CG39ME6QBZFKxcbzVf
pvjRklQT8aceBLdoHkHYC2Guu6m/6AcQ4G0SipTINDc9wW1WZFanwBEOp5YVKGDH
B5l5AFIdnmLPw6VE+NwaP7ScKwznTxmG/B2lerSDWt7k1XxHI/S6q5l0HPUxMaYy
O3W+W1pi8wJMZS9I0has39JvqQrzMy1U6mBZhmF9b0ADdb6bUeCRzeujqPW7GcDm
3ajUQkPaNvy0V5+pjan4yVojSbvK1L5UVZlYNvsP4plQStFJIiACcyrC0sRWTUH/
ulpitX5Lcx8Dabmb8TxgrGsmGfXROWYxwsa+m2hJJkYsyB8yljdZcbY=
-----END CERTIFICATE-----
Generated at Sat Jul 4 14:21:31 2026 by rpki-client