
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
File: manifest.mft (raw, json)
Hash identifier: 5An/Q/BmgMMVGdp1LhPwg9jDAAzFf9OkCrOf3A5uFi8=
Subject key identifier: 1A:6A:68:12:5D:82:81:E3:B0:C4:C8:E2:4C:49:E9:40:A9:AA:F6:B8
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 1AD2AF52D6BA2DAEFADD1EAFA412FA61997A421B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
Manifest number: 0652
Signing time: Wed 15 Jul 2026 00:12:31 +0000
Manifest this update: Wed 15 Jul 2026 00:12:31 +0000
Manifest next update: Sun 19 Jul 2026 00:12:31 +0000
Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: DwjozQ9ZRoxgyaw63ICoHCqyI7UfmJvjKfJ4vxg1oIk=)
2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: M+i7XpsJD4p5Tk2yVGdLmGjDs5xTMXCNLVAUi3YO9fw=)
3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: ixxf6ccd3osEyLmWkgkbiHVYyusTctrUjOhnPpMvlE4=)
4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: pL63iKjbLOLYlourekfOR4Nmgu8cB/gmsl43BXFS/jc=)
5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: 64kuFuROhLtieOXlazTSy2bjQ+E6VKxKN/jo5XO5H34=)
6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: ZpxX4uxdJxBRqoXrMr+4TjfM6a61MegoEvwGJaS8fgI=)
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 Jul 2026 00:12:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:d2:af:52:d6:ba:2d:ae:fa:dd:1e:af:a4:12:fa:61:99:7a:42:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Jul 15 00:12:31 2026 GMT
Not After : Jul 19 00:12:31 2026 GMT
Subject: serialNumber=5a550d49a97e5bfd1fbe6359ba62fc497ab7fdc334d93462eb5f3e0a02e2f758, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7a:28:2b:ae:40:23:5d:ea:f7:c3:ef:aa:0e:
2c:28:35:81:49:3d:f7:6e:ec:f1:cf:62:e3:51:e3:
0d:43:8e:79:f1:d7:f1:f1:f0:9a:c3:e1:92:9c:b6:
23:ce:0d:cc:07:8b:c2:df:71:fa:3a:54:79:00:1d:
02:da:5f:d5:4e:d1:26:8c:47:40:51:58:8e:a2:19:
67:c5:c0:f2:c3:97:20:a1:8e:1f:1d:09:3b:57:39:
7f:21:92:e9:12:80:7d:7f:46:8a:79:df:11:1d:76:
aa:7c:6e:5d:6d:89:9e:0f:49:b2:0f:64:ca:bb:78:
0e:04:60:4d:b4:aa:54:82:9f:48:19:f5:39:36:93:
30:db:3c:71:eb:22:71:1b:39:65:1d:01:7c:3e:55:
04:e5:3d:31:0e:07:1f:15:99:97:a2:e9:b9:5d:34:
76:e9:32:72:d7:66:25:64:ba:47:fe:f1:43:d1:ff:
4a:a4:b2:23:a9:b3:b7:31:d3:cd:96:16:a1:b6:1e:
51:eb:f9:25:cb:b4:ab:ec:6a:47:d2:cd:69:9f:f8:
f7:52:f6:1f:52:9d:3b:ee:0a:d1:fa:a3:51:30:61:
e1:ee:44:fd:44:f6:7d:7e:1c:51:e3:63:ab:cb:cf:
53:49:c0:16:e0:6f:43:36:1e:75:4e:da:98:40:b1:
cc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:6A:68:12:5D:82:81:E3:B0:C4:C8:E2:4C:49:E9:40:A9:AA:F6:B8
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:f6:71:64:d8:5d:fa:a0:d1:e9:37:db:01:ab:9f:a3:b9:48:
26:55:bc:94:c5:3c:2a:46:5c:ac:7d:f3:76:f0:bf:ae:fb:e7:
ba:01:7a:a1:f9:7b:a0:8e:31:68:f8:e8:10:99:93:6b:ab:57:
89:4e:82:53:12:60:f4:b9:6d:5b:49:19:f7:dc:61:86:3b:b7:
7f:89:d4:94:91:54:b1:e2:61:49:7d:f3:dd:b2:95:85:22:77:
2a:43:ac:47:b6:be:0f:79:98:ed:d2:cf:4d:56:6d:b9:fd:b3:
66:3e:75:de:96:66:ed:2c:77:be:9f:97:97:c2:37:c4:2e:22:
4b:83:c4:47:5f:d7:a2:79:18:cb:da:d3:6a:43:e0:37:87:2f:
19:16:16:b4:a4:14:f7:f1:2d:81:ae:9e:c4:27:62:55:a9:b8:
eb:b4:e4:87:fa:24:16:ea:10:ae:78:f0:c4:d9:df:c2:1d:65:
da:45:bc:38:45:45:77:5c:0b:c5:bb:11:30:7d:51:a2:42:fa:
56:3f:65:fb:17:e9:5b:fd:3b:fb:15:01:20:e7:7d:5f:1d:1e:
cb:e9:eb:70:4f:ad:7e:bf:2b:03:bc:cb:93:5d:de:28:24:5c:
d8:52:39:36:73:e9:64:b3:04:0d:3f:d3:d1:89:bb:23:60:5b:
bf:28:4e:a5
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUGtKvUta6La763R6vpBL6YZl6QhswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDcxNTAwMTIzMVoX
DTI2MDcxOTAwMTIzMVowejFJMEcGA1UEBRNANWE1NTBkNDlhOTdlNWJmZDFmYmU2
MzU5YmE2MmZjNDk3YWI3ZmRjMzM0ZDkzNDYyZWI1ZjNlMGEwMmUyZjc1ODEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXooK65AI13q98Pvqg4sKDWBST33
buzxz2LjUeMNQ4558dfx8fCaw+GSnLYjzg3MB4vC33H6OlR5AB0C2l/VTtEmjEdA
UViOohlnxcDyw5cgoY4fHQk7Vzl/IZLpEoB9f0aKed8RHXaqfG5dbYmeD0myD2TK
u3gOBGBNtKpUgp9IGfU5NpMw2zxx6yJxGzllHQF8PlUE5T0xDgcfFZmXoum5XTR2
6TJy12YlZLpH/vFD0f9KpLIjqbO3MdPNlhahth5R6/kly7Sr7GpH0s1pn/j3UvYf
Up077grR+qNRMGHh7kT9RPZ9fhxR42Ory89TScAW4G9DNh51TtqYQLHMOwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBpqaBJdgoHjsMTI4kxJ6UCpqva4MB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNzA4YWFmYWYtMDBi
NC00ODViLTg1NGMtMGIzMmNhMzBmNTdiLzEyZTU5MDAxLTM1YWMtNGFiZi04NThm
LTM3Yjk1NWEyNGIzZi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBAFP2cWTYXfqg0ek32wGrn6O5SCZVvJTF
PCpGXKx983bwv67757oBeqH5e6COMWj46BCZk2urV4lOglMSYPS5bVtJGffcYYY7
t3+J1JSRVLHiYUl9892ylYUidypDrEe2vg95mO3Sz01Wbbn9s2Y+dd6WZu0sd76f
l5fCN8QuIkuDxEdf16J5GMva02pD4DeHLxkWFrSkFPfxLYGunsQnYlWpuOu05If6
JBbqEK548MTZ38IdZdpFvDhFRXdcC8W7ETB9UaJC+lY/ZfsX6Vv9O/sVASDnfV8d
Hsvp63BPrX6/KwO8y5Nd3igkXNhSOTZz6WSzBA0/09GJuyNgW78oTqU=
-----END CERTIFICATE-----
Generated at Wed Jul 15 10:14:14 2026 by rpki-client