$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: exzaneJ6MB7bOKXWPjdgmkDP2j8pfwgwvOiy+knUrGQ= Subject key identifier: EE:22:DB:84:34:63:B7:CB:12:19:04:97:73:CE:62:D1:94:B9:62:C7 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 53EF592813D61130D6C48C5DF47D9BCB82662AEE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05E9 Signing time: Wed 01 Apr 2026 00:08:58 +0000 Manifest this update: Wed 01 Apr 2026 00:08:58 +0000 Manifest next update: Sun 05 Apr 2026 00:08:58 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: TPtGoTlwaseWZE7LEHjpHvujD9A3hyck2hctT1ZsVJQ=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 Apr 2026 00:08:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:ef:59:28:13:d6:11:30:d6:c4:8c:5d:f4:7d:9b:cb:82:66:2a:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 1 00:08:58 2026 GMT Not After : Apr 5 00:08:58 2026 GMT Subject: serialNumber=df8d21bda10f8e9ae43cc9a783eb86abddecf5e5366812fd03820b4b78b1d88a, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:33:40:77:a4:34:4f:d7:a2:d1:63:a7:7b:0a: 00:7f:04:d9:85:3c:3f:bf:76:a6:b5:23:cc:54:0c: 34:4a:87:48:ce:89:3c:aa:04:38:11:91:fb:52:65: af:fd:cc:36:8a:e9:da:93:a9:37:ed:93:62:9c:7c: c1:31:bf:df:b5:c3:6f:95:35:06:6a:38:49:f2:ba: 9e:89:d8:16:c0:1d:66:8e:58:7e:78:0e:38:03:a8: 2e:3d:c4:42:a4:51:e8:52:a7:81:6e:74:4d:f9:b9: f2:a5:bb:b8:6d:54:70:5a:08:a5:34:de:bf:db:86: 24:1c:d7:4d:58:2a:2b:f4:b8:df:2a:8d:8a:cd:eb: c4:71:ad:9c:2a:0c:a5:5b:03:ac:76:e5:37:da:25: 76:53:0a:7e:fc:98:76:f3:ff:a7:2b:28:c4:53:7e: 84:7f:23:cf:0c:bf:7b:2b:ad:7a:ec:a9:87:f1:b3: d6:84:18:01:d8:24:c2:30:9e:97:2c:aa:61:df:72: 73:57:b1:04:a8:7c:cf:74:2a:07:44:2a:bb:bb:6a: f7:13:98:1f:3e:84:61:47:62:89:b1:ae:0b:46:7c: 08:00:4f:d4:09:ff:95:37:46:64:26:b5:70:37:e6: 78:32:65:e5:f3:c1:bc:a4:a1:57:58:7b:e2:c1:bd: 4b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:22:DB:84:34:63:B7:CB:12:19:04:97:73:CE:62:D1:94:B9:62:C7 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:79:f1:06:84:e5:58:9c:90:e9:32:55:88:03:d2:bd:c6:39: be:62:d5:06:5c:3f:4c:69:c9:aa:be:0e:ef:33:2d:3a:4e:24: 60:4e:d9:b7:1c:1b:90:0e:17:f9:78:fc:e3:9e:23:a0:1f:8f: bb:00:55:e5:1a:51:3f:15:fe:8e:cc:6b:c9:9c:6e:47:e6:18: c0:ec:6c:c7:4e:d1:b8:8c:9c:cc:bc:37:32:3c:17:47:cc:24: 76:e5:ca:bd:92:74:9f:97:6d:90:38:e6:5a:97:c9:58:7d:13: 2d:be:f6:b5:03:63:84:49:11:b2:aa:23:95:b1:6e:f5:2f:f8: e0:44:6b:f9:4b:9e:fd:93:f5:c8:f5:b9:4d:8b:2b:6e:47:4a: 16:f3:b4:64:da:b0:fc:1c:e9:e5:61:5b:a8:e5:5a:e1:56:c5: d9:cb:78:4b:90:82:a9:80:ac:4f:6d:d9:74:13:80:e6:b2:9b: b8:01:e2:f8:35:1a:34:bf:6e:0f:26:e5:36:32:7d:c1:88:98: d8:2f:53:a3:d7:77:b3:d9:c2:af:22:69:4b:c1:bb:17:10:67: 49:45:37:e9:e5:30:b7:0a:12:d4:23:a9:3f:e5:ad:ed:70:28: 8e:50:67:2c:eb:53:2d:71:5f:72:5a:a2:a6:16:9c:a4:13:b5: 4b:33:fc:64 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUU+9ZKBPWETDWxIxd9H2by4JmKu4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDQwMTAwMDg1OFoX DTI2MDQwNTAwMDg1OFowejFJMEcGA1UEBRNAZGY4ZDIxYmRhMTBmOGU5YWU0M2Nj OWE3ODNlYjg2YWJkZGVjZjVlNTM2NjgxMmZkMDM4MjBiNGI3OGIxZDg4YTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jNAd6Q0T9ei0WOnewoAfwTZhTw/ v3amtSPMVAw0SodIzok8qgQ4EZH7UmWv/cw2iunak6k37ZNinHzBMb/ftcNvlTUG ajhJ8rqeidgWwB1mjlh+eA44A6guPcRCpFHoUqeBbnRN+bnypbu4bVRwWgilNN6/ 24YkHNdNWCor9LjfKo2KzevEca2cKgylWwOsduU32iV2Uwp+/Jh28/+nKyjEU36E fyPPDL97K6167KmH8bPWhBgB2CTCMJ6XLKph33JzV7EEqHzPdCoHRCq7u2r3E5gf PoRhR2KJsa4LRnwIAE/UCf+VN0ZkJrVwN+Z4MmXl88G8pKFXWHviwb1L3QIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFO4i24Q0Y7fLEhkEl3POYtGUuWLHMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBADh58QaE5VickOkyVYgD0r3GOb5i1QZc P0xpyaq+Du8zLTpOJGBO2bccG5AOF/l4/OOeI6Afj7sAVeUaUT8V/o7Ma8mcbkfm GMDsbMdO0biMnMy8NzI8F0fMJHblyr2SdJ+XbZA45lqXyVh9Ey2+9rUDY4RJEbKq I5WxbvUv+OBEa/lLnv2T9cj1uU2LK25HShbztGTasPwc6eVhW6jlWuFWxdnLeEuQ gqmArE9t2XQTgOaym7gB4vg1GjS/bg8m5TYyfcGImNgvU6PXd7PZwq8iaUvBuxcQ Z0lFN+nlMLcKEtQjqT/lre1wKI5QZyzrUy1xX3JaoqYWnKQTtUsz/GQ= -----END CERTIFICATE-----Generated at Wed Apr 1 08:05:30 2026 by rpki-client