$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: ulYFNQRu1y7fhQcywhSYb9m7aJswTRYCB77IEcx4mBg= Subject key identifier: 32:A7:22:C4:6E:46:65:3F:75:6A:E7:5D:E1:2F:0E:01:C2:C2:0D:2C Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 031326D6FF2D2C03B6B910E7B5CEDB86616DDE7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 04B4 Signing time: Tue 03 Jun 2025 15:02:57 +0000 Manifest this update: Tue 03 Jun 2025 15:02:57 +0000 Manifest next update: Sat 07 Jun 2025 15:02:57 +0000 Files and hashes: 1: 0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa (hash: bFH370PmA8NdApji5JUEhv3LC5nPfUtJhanuTSl2WF8=) 2: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: GXEVGv3lp6a6mNZ10fZr9q7ZkifNDXDhjeKQWuF2wTw=) 3: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: 7ocTtxhFmuozs4S7eDOJS6HLfL1/j+m8UNND9U12WKM=) 4: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: qXXEdeNpJnbmALkEwpslGjOpbxtjS7x0JpvBJQCUBmM=) 5: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (hash: GeJMuNWf6+w6005LDXjOL7bQdyji14Srwqmc9KESlYo=) 6: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: M0GrvXOE20uhKuyeVVUTHSV0Sp/NNw7IvIGk1QmX7es=) 7: 6982f3ac-c7ae-423c-a028-517d7541d973.roa (hash: En+qKToodooVHgI855ThbupZdXn6ba9dgNxTzuhcvws=) 8: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: nD1AAZ7CpIeTYiR8Iab9kZdHvayajnVG5pU6iAY8ZLg=) 9: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: Lw4NhEY37CFACIw2dZIVFtI2XJWnZliiPF6u/ul/9WI=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:13:26:d6:ff:2d:2c:03:b6:b9:10:e7:b5:ce:db:86:61:6d:de:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jun 3 15:02:57 2025 GMT Not After : Jun 7 15:02:57 2025 GMT Subject: serialNumber=66d1075ba69ee95a1473a09f94e26baf2bcece63e1be4dfe19a9f9fe549266e3, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:18:ae:19:d6:08:c0:bb:b7:85:8c:72:db:7c: 8f:47:5f:2a:76:a4:f3:73:ff:1c:d5:a6:14:d4:c5: 47:0d:f0:1e:35:14:7b:ea:fd:01:8b:f9:26:0f:ea: 6c:e6:ea:8f:bc:d2:c4:07:95:b5:0b:5c:3c:e1:96: 28:d5:2c:02:4c:bc:6c:c2:4c:e1:8e:fd:a4:17:eb: 67:41:f4:df:21:58:b7:d6:0f:cc:8c:51:b7:0e:50: 1c:4e:74:16:ca:9b:c9:8b:4d:3a:56:ae:4b:de:8f: 7c:e9:7c:92:09:4b:52:57:2b:35:43:56:c6:6f:e9: 5c:d1:99:b5:9c:9b:ac:08:17:a5:58:49:34:3a:07: bc:d7:e7:9a:90:3f:c5:e3:6c:9d:89:76:67:aa:45: ce:73:c0:39:8c:47:5b:7b:e1:5f:6f:53:13:6e:65: 99:6b:fe:36:5b:15:0e:f7:0d:c0:19:5b:11:95:47: 48:83:4e:a1:ad:46:48:3d:40:89:5b:ce:e9:ee:c0: 83:1e:87:b5:3b:7c:53:44:a3:05:77:5f:20:18:b6: ca:d8:d5:b6:a0:9a:42:c6:9d:20:5e:ef:ad:35:b0: 07:89:1a:6f:dc:92:ad:21:51:72:0a:72:8a:73:4e: 70:fd:b1:93:4a:fb:cb:24:98:a1:41:c0:19:97:8c: 3e:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:A7:22:C4:6E:46:65:3F:75:6A:E7:5D:E1:2F:0E:01:C2:C2:0D:2C X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:c9:e9:d1:45:9e:75:f2:a8:b6:db:dd:d9:32:7e:ba:b5:76: 18:0d:ef:2b:51:25:c1:4b:c5:2c:c1:1e:10:72:da:5e:d3:0d: 03:6b:67:f3:46:8e:f2:52:e5:3d:32:20:65:97:df:f8:34:90: 29:0b:05:78:6e:6e:1d:79:2f:2c:af:b8:7d:35:02:81:62:4f: 56:8f:24:f0:f5:6b:77:7f:80:b9:d3:dd:46:0b:47:63:c7:fb: a1:f0:e2:6d:3f:ab:83:04:86:35:dd:44:74:bc:cd:68:95:46: ad:71:4a:cb:d1:4c:1c:3e:44:89:4e:a0:f3:de:b0:39:9d:18: 95:88:1a:43:4c:68:5b:66:cc:a3:80:c3:56:4c:9b:0a:c4:50: 40:5e:ec:7b:49:96:13:a1:2b:17:f1:b5:f2:85:78:f7:f6:b6: 63:a5:13:f2:3b:6b:52:08:30:78:e2:98:d6:16:ac:20:ef:3e: 73:d4:e2:0a:51:55:be:a3:0f:72:5a:b4:35:9a:5e:cd:8a:6b: e9:ff:fb:62:07:ee:cb:08:e1:e5:ef:5c:1b:88:0f:fd:5c:9a: 9b:fb:41:c7:b7:03:85:cb:19:41:95:7f:7b:fd:a9:ba:3e:87: 71:f7:af:07:30:81:f5:35:29:be:f0:eb:f5:f3:dd:66:ec:12: 8d:d8:cf:e9 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUAxMm1v8tLAO2uRDntc7bhmFt3nswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDYwMzE1MDI1N1oX DTI1MDYwNzE1MDI1N1owejFJMEcGA1UEBRNANjZkMTA3NWJhNjllZTk1YTE0NzNh MDlmOTRlMjZiYWYyYmNlY2U2M2UxYmU0ZGZlMTlhOWY5ZmU1NDkyNjZlMzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hiuGdYIwLu3hYxy23yPR18qdqTz c/8c1aYU1MVHDfAeNRR76v0Bi/kmD+ps5uqPvNLEB5W1C1w84ZYo1SwCTLxswkzh jv2kF+tnQfTfIVi31g/MjFG3DlAcTnQWypvJi006Vq5L3o986XySCUtSVys1Q1bG b+lc0Zm1nJusCBelWEk0Oge81+eakD/F42ydiXZnqkXOc8A5jEdbe+Ffb1MTbmWZ a/42WxUO9w3AGVsRlUdIg06hrUZIPUCJW87p7sCDHoe1O3xTRKMFd18gGLbK2NW2 oJpCxp0gXu+tNbAHiRpv3JKtIVFyCnKKc05w/bGTSvvLJJihQcAZl4w+NQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFDKnIsRuRmU/dWrnXeEvDgHCwg0sMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAHvJ6dFFnnXyqLbb3dkyfrq1dhgN7ytR JcFLxSzBHhBy2l7TDQNrZ/NGjvJS5T0yIGWX3/g0kCkLBXhubh15LyyvuH01AoFi T1aPJPD1a3d/gLnT3UYLR2PH+6Hw4m0/q4MEhjXdRHS8zWiVRq1xSsvRTBw+RIlO oPPesDmdGJWIGkNMaFtmzKOAw1ZMmwrEUEBe7HtJlhOhKxfxtfKFePf2tmOlE/I7 a1IIMHjimNYWrCDvPnPU4gpRVb6jD3JatDWaXs2Ka+n/+2IH7ssI4eXvXBuID/1c mpv7Qce3A4XLGUGVf3v9qbo+h3H3rwcwgfU1Kb7w6/Xz3WbsEo3Yz+k= -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:20 2025 by rpki-client