$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft File: manifest.mft (raw, json) Hash identifier: 4ArSDuf3IfrcVyIjFsEFDY6C8pLfD2muG/hQWDON9kI= Subject key identifier: DE:32:B7:3E:59:92:DE:31:A9:2B:ED:2F:3B:7F:95:71:F8:28:D0:55 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 72ED00A6BFF504A9BBA4F7A74312A8892F6017 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft Manifest number: 05FD Signing time: Tue 21 Apr 2026 00:13:36 +0000 Manifest this update: Tue 21 Apr 2026 00:13:36 +0000 Manifest next update: Sat 25 Apr 2026 00:13:36 +0000 Files and hashes: 1: 12e59001-35ac-4abf-858f-37b955a24b3f.crl (hash: krklQgX1MMFJSZswZddrPhgFbHcCgxYXDaEOc9PoFv4=) 2: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (hash: ZgXif8S6dFgOk8pXaBB5oQDqoSRbzkHSYpNTMkKHvaw=) 3: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (hash: JRXJ76EhN1hTBPJiUCV0pPwXjtlo/Df5evwhbIWEB1c=) 4: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (hash: Op4Pxjv4bi/CyLc0yEqiMNSWXCCmLL5vj/qBevLlyto=) 5: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (hash: /viX8+pzxtBqPVItYbjRQ8va9EDiRwR/Zgb8KuMClDo=) 6: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (hash: IE/QQxiERKhi3QbfE3eOEseq4RILf1okL7GJghbd8cE=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Apr 2026 00:13:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:ed:00:a6:bf:f5:04:a9:bb:a4:f7:a7:43:12:a8:89:2f:60:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 21 00:13:36 2026 GMT Not After : Apr 25 00:13:36 2026 GMT Subject: serialNumber=b62a77c48362716baa8f8938e8be21a56eacbac1aedb281b40b61d2bcefc89b9, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:03:46:6c:b5:65:9f:8a:46:e2:af:9b:a2:53: b2:c2:b4:d6:1e:07:e1:48:a3:6b:bf:73:7e:3b:89: b5:e3:66:1e:9c:26:ec:e2:40:88:84:e4:31:52:0d: bd:9b:d9:d4:eb:e2:5c:d2:4e:f2:77:dc:79:b5:e3: 36:7e:82:79:21:7e:ba:eb:f6:bb:ea:15:13:50:34: f3:3c:7d:59:59:40:fe:f8:e4:87:a6:02:b9:cc:10: af:4a:16:e6:08:5b:90:03:ca:f3:bd:bb:85:1f:27: c3:67:f2:12:fb:b1:47:a3:7b:ba:a4:b7:23:a8:63: 0e:36:f4:88:18:31:78:f3:72:b9:14:64:38:fd:ad: 2a:eb:a1:79:c4:17:e8:75:9c:38:dd:1b:3e:7f:38: 0b:4d:bc:43:b8:62:b8:73:e9:a9:34:e8:ef:c0:3f: 86:07:ec:7a:e1:e4:e9:58:17:75:87:ac:9a:4b:ed: bc:79:63:84:39:6b:8a:7a:a3:0c:57:ff:f4:8a:1a: 91:1d:82:1f:bb:cf:05:4f:f1:4c:b7:8d:e2:fb:71: 4d:e5:b6:8f:6a:0e:ae:95:9d:97:99:7b:e1:59:85: 41:7a:4c:3f:79:d6:77:8b:58:09:fe:c7:b7:63:cd: d5:a9:16:39:fb:a9:59:ff:fa:d9:78:05:4d:fc:ca: 62:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:32:B7:3E:59:92:DE:31:A9:2B:ED:2F:3B:7F:95:71:F8:28:D0:55 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:ae:76:f8:7d:8a:b2:90:d5:fe:65:59:f9:ad:bf:ac:65:83: 85:28:d8:17:4f:bf:cb:f7:8f:ff:6d:86:6c:5e:fa:94:59:be: 43:a0:a1:5b:bc:4e:67:96:58:b7:c0:d8:db:74:c1:23:34:a7: 2d:5e:e1:f5:d9:69:43:e3:b3:67:7b:03:97:bb:e4:cb:f7:7c: 76:46:2d:9b:90:57:bc:a7:1f:ce:d3:bb:6a:76:b7:59:ab:1e: 8f:53:aa:5b:60:9e:75:93:34:c7:e4:c8:11:f9:37:be:e0:c7: 8c:a4:b9:70:da:39:56:e8:0c:b6:2a:0f:bf:0d:62:d7:20:77: 15:86:1d:79:45:c0:5d:5a:06:14:ee:68:f3:44:89:b3:e7:d3: b0:c8:e2:28:6d:71:6e:44:80:cb:68:28:95:51:e6:e7:74:76: b1:12:c9:a1:5c:e9:7a:cb:7d:b5:37:90:dc:8a:3e:ad:1c:c3: 49:9b:56:3c:9b:a3:d2:4d:ba:fd:5b:cf:51:6b:3a:e0:e6:8b: 75:6a:f9:49:c7:21:4d:8e:e9:2b:22:41:1b:a6:f7:56:cf:15: 49:d3:32:58:22:b3:c1:42:43:19:2b:ad:b4:15:83:7c:e5:a1: 26:6a:c3:12:06:6b:f0:c4:cc:c6:4b:8e:d5:74:63:f2:2a:b7: 55:ff:8e:85 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgITcu0Apr/1BKm7pPenQxKoiS9gFzANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTE4ODA2RjAwMDAxMTAvBgNVBAUTKEU3Q0FEQTVGMDg4 MUQ3N0JFQTQ4QjA3NjhBMzc2NkI1MDA2NUFGMDgwHhcNMjYwNDIxMDAxMzM2WhcN MjYwNDI1MDAxMzM2WjB6MUkwRwYDVQQFE0BiNjJhNzdjNDgzNjI3MTZiYWE4Zjg5 MzhlOGJlMjFhNTZlYWNiYWMxYWVkYjI4MWI0MGI2MWQyYmNlZmM4OWI5MS0wKwYD VQQDEyRiYjlhOTExNi1mNjE1LTQ2MmUtYTY4MC01MjY2YjMyN2UwZmEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwA0ZstWWfikbir5uiU7LCtNYeB+FI o2u/c347ibXjZh6cJuziQIiE5DFSDb2b2dTr4lzSTvJ33Hm14zZ+gnkhfrrr9rvq FRNQNPM8fVlZQP745IemArnMEK9KFuYIW5ADyvO9u4UfJ8Nn8hL7sUeje7qktyOo Yw429IgYMXjzcrkUZDj9rSrroXnEF+h1nDjdGz5/OAtNvEO4Yrhz6ak06O/AP4YH 7Hrh5OlYF3WHrJpL7bx5Y4Q5a4p6owxX//SKGpEdgh+7zwVP8Uy3jeL7cU3lto9q Dq6VnZeZe+FZhUF6TD951neLWAn+x7djzdWpFjn7qVn/+tl4BU38ymLvAgMBAAGj ggJBMIICPTAdBgNVHQ4EFgQU3jK3PlmS3jGpK+0vO3+Vcfgo0FUwHwYDVR0jBBgw FoAU58raXwiB13vqSLB2ijdmtQBlrwgwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyLzU4cmFYd2lC MTN2cVNMQjJpamRtdFFCbHJ3Zy5jZXIwfwYIKwYBBQUHAQsEczBxMG8GCCsGAQUF BzALhmNyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v dm9sdW1lLzcwOGFhZmFmLTAwYjQtNDg1Yi04NTRjLTBiMzJjYTMwZjU3Yi9tYW5p ZmVzdC5tZnQwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJz eW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0 LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYt MzdiOTU1YTI0YjNmLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsG AQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAE oAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAa52+H2KspDV/mVZ+a2/rGWDhSjYF0+/ y/eP/22GbF76lFm+Q6ChW7xOZ5ZYt8DY23TBIzSnLV7h9dlpQ+OzZ3sDl7vky/d8 dkYtm5BXvKcfztO7ana3Wasej1OqW2CedZM0x+TIEfk3vuDHjKS5cNo5VugMtioP vw1i1yB3FYYdeUXAXVoGFO5o80SJs+fTsMjiKG1xbkSAy2golVHm53R2sRLJoVzp est9tTeQ3Io+rRzDSZtWPJuj0k26/VvPUWs64OaLdWr5ScchTY7pKyJBG6b3Vs8V SdMyWCKzwUJDGSuttBWDfOWhJmrDEgZr8MTMxkuO1XRj8iq3Vf+OhQ== -----END CERTIFICATE-----Generated at Tue Apr 21 18:01:43 2026 by rpki-client