Manifest

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
File:                     manifest.mft (raw, json)
Hash identifier:          gl5MqCQLVr9y7TRyH5IOU0BoekV2eol7fS9QWeTC/Xg=
Subject key identifier:   BD:99:74:D9:86:65:78:F1:60:31:E9:FF:B8:A5:44:61:FE:A1:4A:E3
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Certificate issuer:       /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial:       7FAE4D7246592D26ADE2210A73AA4BB81B4C7B33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
Manifest number:          0644
Signing time:             Wed 01 Jul 2026 00:09:18 +0000
Manifest this update:     Wed 01 Jul 2026 00:09:18 +0000
Manifest next update:     Sun 05 Jul 2026 00:09:18 +0000
Files and hashes:         1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: iThjILplABJ6HFT06AlGZxDgipAd9Y8KGsluMLeqRU8=)
                          2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: M+i7XpsJD4p5Tk2yVGdLmGjDs5xTMXCNLVAUi3YO9fw=)
                          3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: ixxf6ccd3osEyLmWkgkbiHVYyusTctrUjOhnPpMvlE4=)
                          4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: pL63iKjbLOLYlourekfOR4Nmgu8cB/gmsl43BXFS/jc=)
                          5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 64kuFuROhLtieOXlazTSy2bjQ+E6VKxKN/jo5XO5H34=)
                          6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: ZpxX4uxdJxBRqoXrMr+4TjfM6a61MegoEvwGJaS8fgI=)
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 05 Jul 2026 00:09:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:ae:4d:72:46:59:2d:26:ad:e2:21:0a:73:aa:4b:b8:1b:4c:7b:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
        Validity
            Not Before: Jul  1 00:09:18 2026 GMT
            Not After : Jul  5 00:09:18 2026 GMT
        Subject: serialNumber=41e4e8b74fc5675badd00c0b4e6068597a4f1b5d151bca91347cc208b7e7667a, CN=bb9a9116-f615-462e-a680-5266b327e0fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:45:c0:23:ed:b7:df:59:d8:2b:99:8e:28:e1:
                    cb:f5:9a:9b:b7:7f:a3:5b:82:da:7a:e7:0c:00:82:
                    9e:ad:99:66:ae:fd:50:4d:fb:4e:9d:0a:c5:88:7b:
                    13:cb:38:a6:d6:46:16:e8:f1:d7:57:50:11:a0:0a:
                    6a:a7:a9:0b:d9:d9:30:0f:ec:2d:9f:9a:89:3a:64:
                    2e:25:05:40:3a:49:2c:d1:0f:c4:bd:69:9d:c9:14:
                    95:f3:a0:05:0c:3d:87:52:55:d7:f3:bc:9d:c8:00:
                    b7:c9:13:52:22:96:2b:aa:05:33:e0:46:83:4c:08:
                    b5:a2:eb:8f:20:64:0d:f4:75:e1:8a:b9:82:9f:b0:
                    50:50:9f:ec:05:88:0c:4e:f6:5f:4d:9c:72:5f:55:
                    32:07:c3:d6:9c:03:1e:1d:10:8d:d6:44:89:4b:2d:
                    aa:30:76:c8:38:ae:24:78:a3:72:d1:6c:7d:c4:b1:
                    89:12:27:e3:63:b8:6b:e1:bb:9b:1a:ed:6b:b6:1e:
                    91:22:3d:5d:ce:81:21:37:cc:79:d7:b6:06:a8:9c:
                    3e:99:ef:5e:5e:8b:e4:c1:78:ba:b3:dd:f1:7a:c7:
                    02:58:8b:20:06:77:6f:da:d9:78:e2:df:a9:a6:97:
                    80:81:95:a4:a4:6a:a3:b4:b1:47:d8:be:64:cf:16:
                    c1:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:99:74:D9:86:65:78:F1:60:31:E9:FF:B8:A5:44:61:FE:A1:4A:E3
            X509v3 Authority Key Identifier:
                keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:59:28:ee:6b:12:c0:c2:13:b6:45:80:0a:d2:da:49:ff:84:
         64:a5:25:5c:50:c4:cb:6e:f5:5b:65:b7:db:70:c6:cb:97:8f:
         24:00:cd:9d:e1:e5:bf:8a:e3:ef:99:13:89:04:56:bc:a0:cd:
         a7:ab:6f:7c:f7:99:69:6f:96:bd:d0:42:0f:ce:cc:30:bb:b3:
         38:14:f8:cb:0f:ea:ec:45:66:a0:a5:e2:56:27:b4:cc:0c:95:
         69:b9:f9:d8:fe:46:c6:9a:cb:75:f0:f9:50:7d:91:86:d8:d4:
         e7:cc:de:c9:ba:9f:7c:fd:29:43:07:40:14:54:9c:c6:12:0c:
         12:16:76:97:fd:e1:ad:e5:a2:65:6d:f1:6f:d1:d6:45:30:99:
         9b:90:0e:7e:6b:dc:de:6e:46:7f:1c:3f:59:33:45:b6:1d:d6:
         d6:da:ab:f5:50:d2:27:f1:26:8c:a5:90:f0:fe:01:78:8a:9f:
         4b:9f:7c:98:1c:7d:04:ca:ec:09:f8:b0:29:40:ca:03:a5:a3:
         05:a9:a4:9f:ca:25:69:b3:3a:64:6b:08:90:fe:33:6d:18:f4:
         a9:20:9a:df:a0:74:a4:66:c4:16:be:b3:28:fc:db:10:07:42:
         09:f9:0d:4d:d3:b5:9f:6f:e9:cc:76:44:df:c9:94:a5:c9:16:
         fd:98:58:79
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUf65NckZZLSat4iEKc6pLuBtMezMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDcwMTAwMDkxOFoX
DTI2MDcwNTAwMDkxOFowejFJMEcGA1UEBRNANDFlNGU4Yjc0ZmM1Njc1YmFkZDAw
YzBiNGU2MDY4NTk3YTRmMWI1ZDE1MWJjYTkxMzQ3Y2MyMDhiN2U3NjY3YTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEXAI+2331nYK5mOKOHL9Zqbt3+j
W4LaeucMAIKerZlmrv1QTftOnQrFiHsTyzim1kYW6PHXV1ARoApqp6kL2dkwD+wt
n5qJOmQuJQVAOkks0Q/EvWmdyRSV86AFDD2HUlXX87ydyAC3yRNSIpYrqgUz4EaD
TAi1ouuPIGQN9HXhirmCn7BQUJ/sBYgMTvZfTZxyX1UyB8PWnAMeHRCN1kSJSy2q
MHbIOK4keKNy0Wx9xLGJEifjY7hr4bubGu1rth6RIj1dzoEhN8x517YGqJw+me9e
XovkwXi6s93xescCWIsgBndv2tl44t+pppeAgZWkpGqjtLFH2L5kzxbBJQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFL2ZdNmGZXjxYDHp/7ilRGH+oUrjMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi
NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm
LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBAC9ZKO5rEsDCE7ZFgArS2kn/hGSlJVxQ
xMtu9Vtlt9twxsuXjyQAzZ3h5b+K4++ZE4kEVrygzaerb3z3mWlvlr3QQg/OzDC7
szgU+MsP6uxFZqCl4lYntMwMlWm5+dj+Rsaay3Xw+VB9kYbY1OfM3sm6n3z9KUMH
QBRUnMYSDBIWdpf94a3lomVt8W/R1kUwmZuQDn5r3N5uRn8cP1kzRbYd1tbaq/VQ
0ifxJoylkPD+AXiKn0uffJgcfQTK7An4sClAygOlowWppJ/KJWmzOmRrCJD+M20Y
9Kkgmt+gdKRmxBa+syj82xAHQgn5DU3TtZ9v6cx2RN/JlKXJFv2YWHk=
-----END CERTIFICATE-----
Generated at Wed Jul 1 07:10:43 2026 by rpki-client