$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft File: manifest.mft (raw, json) Hash identifier: 1xkg3dDIcV+0eOrMfSTNM0qquBQCIK994kxdPMG9Eo0= Subject key identifier: D5:60:94:0E:08:1F:61:66:C6:23:2D:78:B2:08:3D:62:09:2D:07:0D Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 203818BE8F8146C0F81777602D4F63FEFE26BFC7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft Manifest number: 0214 Signing time: Mon 04 Dec 2023 00:02:19 +0000 Manifest this update: Mon 04 Dec 2023 00:02:19 +0000 Manifest next update: Tue 05 Dec 2023 12:02:19 +0000 Files and hashes: 1: 19d8d605-09bf-4dfb-b2db-2001ae07c998.roa (hash: tavFnNkTrRvCL5f7+YXMZYTp9yrjoe48kvTv44vvQKI=) 2: 220cee0c-6002-409a-8194-38e216c0096c.crl (hash: aB8DJyfO7xWu5VRP/CtO1Q8dhQHRS6pkpTT0+zmnNCU=) 3: 28716f72-e93f-4c3d-a271-5f3613042c49.roa (hash: KaIbxFdYc0cEPJvbeb6Vn/RdJoveI7TUAL9kg6fW9sA=) 4: 417866c6-b48e-49e4-a19e-cfccea84fbb7.roa (hash: 39oac7gWH/j70QC8CrJkgzmLNL+obom8V036n6vNSEg=) 5: 41d48512-3b44-4b3e-ba21-6171938cc43c.roa (hash: ZjmIFRzidG1TMX3C5QjP/cfJyLO5k37KEfMANcLQyXY=) 6: 53444f16-12b0-454c-a0a2-d187f20f7db6.roa (hash: V835R8TmCpKTRy6oNO7FkxOAtoOpEoSQkXukj0kmDWE=) 7: 55399736-f7a1-421f-ae49-44f3fdfab3e0.roa (hash: dpGBJZxOttRs9hx54/vFWGVumKGIrBP4bJA6+PRdheg=) 8: 7a46d818-cb1e-45ab-86c7-1a9a37c1a951.roa (hash: OviVw4sesSKEz6rYOGVal5fdrOlMaTf42aOlpknXYVg=) 9: 9b20d5e9-2739-41d9-a7b0-ed324e639c56.roa (hash: 7nzR4XI5qLht06QhU6IfPx6u3FPLg5yYHT70EZv+jzU=) 10: c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa (hash: Uw0Y+0clje4rIiumxrMC3ZoRB3Kpz1XYQSUBlLS0MZ0=) 11: c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa (hash: XtuTpjSiI2dVgQef0P2RXqlIgtYHKxNMT1Kfu4ayQME=) 12: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (hash: N3f154rI/RnmY0+CcL3PFnnAKRoz6/zq+M6gr+nxxe0=) 13: d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa (hash: RRatC3oEVHmrS3nofmiaqP0ph16QZ1538Lz6c7XXUzw=) 14: e4e32025-6c2b-424d-92b8-3acaacb55baa.roa (hash: ujVOzP92dm5WPv9LBjs/+61taagqZXuLXEyLQyICaRc=) 15: f95587cf-7170-48b0-b508-4aa1770ec2e7.roa (hash: BQMHObClmsSuEWpxYujo2ka8hYP4vfqQTL+vzFmUOD4=) 16: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (hash: 2bDhLO+JXhIqxnRHS70eVf4hPTSWGYw4h+2voxF1c0o=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 05 Dec 2023 12:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:38:18:be:8f:81:46:c0:f8:17:77:60:2d:4f:63:fe:fe:26:bf:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Dec 4 00:02:19 2023 GMT Not After : Dec 5 12:02:19 2023 GMT Subject: serialNumber=d2e7a7cfad788ccfcefbbb7610b76d603c28e553149a6790306c962d46bff42c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8c:1f:30:82:30:72:62:cc:a2:19:e8:a3:13: 29:d0:47:92:48:4d:61:93:69:80:cd:f6:a7:7a:24: 12:f7:7c:b8:bd:fc:3f:c4:08:e2:68:d8:3d:dc:81: 14:da:b2:2c:f3:79:f3:17:9b:f0:23:0c:5c:55:cd: 34:a8:67:36:7b:12:d0:95:9f:52:cc:aa:1f:31:cc: cc:7c:36:1f:91:8a:b0:ec:71:d0:a7:1e:4d:32:b8: 4b:6f:4f:ba:bb:85:e7:e0:a6:5a:78:77:b5:47:39: 1b:33:8f:65:78:d4:29:c4:b7:2f:88:8c:0b:38:c2: 94:c2:f0:e7:08:99:9b:b9:06:b7:37:3b:b0:3f:54: b0:db:f6:00:c4:ea:0a:0e:b8:a7:ac:76:79:40:a6: 96:a6:66:47:6e:3e:29:0e:14:a4:02:28:67:a6:44: 9e:76:18:df:21:92:dd:da:c0:e4:72:bf:c1:f8:b0: 74:e2:38:fe:9f:ef:89:57:50:2a:03:67:c3:07:36: 23:3b:c7:f9:a9:b6:e5:3d:b4:23:44:c5:19:9c:26: 3d:9b:ca:4a:37:09:f2:40:eb:7e:ad:20:e0:e0:f6: 47:26:41:33:67:58:98:fe:1a:fa:84:f6:42:0f:c7: cd:05:fc:b0:d4:f7:12:8e:f9:af:5c:82:c0:53:f4: b3:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:60:94:0E:08:1F:61:66:C6:23:2D:78:B2:08:3D:62:09:2D:07:0D X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e8:7a:8b:4f:19:07:82:d7:4c:49:9a:31:11:f9:a3:66:df:07: 7f:24:09:71:ab:40:b8:0d:b6:82:35:85:72:a3:b4:10:14:53: e4:3d:ac:f2:13:e5:20:05:a5:5f:c8:38:2b:0c:95:ad:e2:c2: 14:50:d6:b0:c5:06:e8:4e:ae:6e:c1:1d:67:99:18:81:b5:5d: d6:73:81:58:8e:95:21:f1:82:37:30:3a:6b:c4:3b:5a:13:16: 0a:88:03:4e:aa:00:dc:b5:c1:df:93:38:d3:56:b6:63:88:b5: 48:d2:44:8b:c9:3d:20:d9:96:a3:f1:ea:8c:39:26:5c:f8:ea: ac:c3:97:d3:10:36:fb:29:aa:e7:72:b7:f3:68:04:05:2c:ac: 15:93:da:a3:80:64:a2:b9:07:08:47:67:41:88:11:2f:5c:e4: cb:02:0f:05:cd:77:5e:9e:98:68:d4:56:1e:e9:cc:cc:e1:f1: e4:96:f5:ab:da:c2:f3:d0:be:bd:83:1e:3e:4d:8d:a3:c8:76: 58:b1:5d:d2:cb:5d:0f:13:3d:71:5a:e9:a0:33:b6:c0:b7:d2: 6f:57:b6:af:ab:26:f7:55:86:01:93:e7:c6:4e:f4:a0:e7:d3: 07:9b:ff:26:a6:d9:a0:c8:f7:56:e2:48:3e:f1:60:11:bc:77: 35:04:3d:ae -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUIDgYvo+BRsD4F3dgLU9j/v4mv8cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTIzMTIwNDAwMDIxOVoX DTIzMTIwNTEyMDIxOVowejFJMEcGA1UEBRNAZDJlN2E3Y2ZhZDc4OGNjZmNlZmJi Yjc2MTBiNzZkNjAzYzI4ZTU1MzE0OWE2NzkwMzA2Yzk2MmQ0NmJmZjQyYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIwfMIIwcmLMohnooxMp0EeSSE1h k2mAzfaneiQS93y4vfw/xAjiaNg93IEU2rIs83nzF5vwIwxcVc00qGc2exLQlZ9S zKofMczMfDYfkYqw7HHQpx5NMrhLb0+6u4Xn4KZaeHe1RzkbM49leNQpxLcviIwL OMKUwvDnCJmbuQa3NzuwP1Sw2/YAxOoKDrinrHZ5QKaWpmZHbj4pDhSkAihnpkSe dhjfIZLd2sDkcr/B+LB04jj+n++JV1AqA2fDBzYjO8f5qbblPbQjRMUZnCY9m8pK NwnyQOt+rSDg4PZHJkEzZ1iY/hr6hPZCD8fNBfyw1PcSjvmvXILAU/SztwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFNVglA4IH2FmxiMteLIIPWIJLQcNMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2Yjk2ODEzZTQvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3 MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0LzIyMGNlZTBjLTYwMDItNDA5YS04MTk0 LTM4ZTIxNmMwMDk2Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBAOh6i08ZB4LXTEmaMRH5o2bfB38kCXGr QLgNtoI1hXKjtBAUU+Q9rPIT5SAFpV/IOCsMla3iwhRQ1rDFBuhOrm7BHWeZGIG1 XdZzgViOlSHxgjcwOmvEO1oTFgqIA06qANy1wd+TONNWtmOItUjSRIvJPSDZlqPx 6ow5Jlz46qzDl9MQNvspqudyt/NoBAUsrBWT2qOAZKK5BwhHZ0GIES9c5MsCDwXN d16emGjUVh7pzMzh8eSW9avawvPQvr2DHj5NjaPIdlixXdLLXQ8TPXFa6aAztsC3 0m9Xtq+rJvdVhgGT58ZO9KDn0web/yam2aDI91biSD7xYBG8dzUEPa4= -----END CERTIFICATE-----Generated at Mon Dec 4 00:31:46 2023 by rpki-client on console-ams.rpki-client.org