$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft File: manifest.mft (raw, json) Hash identifier: PFj6Vz2MB60TSrN+leZEMELfN0/RYpJ9Jw7zuAd9FHQ= Subject key identifier: 13:E4:DE:0F:32:94:EB:35:EA:FE:63:A8:48:42:17:C3:48:59:F9:69 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 6AFB63DBEF8ECF8287ACADFF6B2C573A9ED79EE3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft Manifest number: 038C Signing time: Thu 21 Nov 2024 15:01:17 +0000 Manifest this update: Thu 21 Nov 2024 15:01:17 +0000 Manifest next update: Mon 25 Nov 2024 15:01:17 +0000 Files and hashes: 1: 19d8d605-09bf-4dfb-b2db-2001ae07c998.roa (hash: KCEAp0wv5uHAm8Vw2iNK/njjxirF/S8Ti9M/ywaE4cQ=) 2: 220cee0c-6002-409a-8194-38e216c0096c.crl (hash: 6x7+oGPng73b1uYuilYfxRXpbnq9hB2oWw3sbHF9i9s=) 3: 28716f72-e93f-4c3d-a271-5f3613042c49.roa (hash: PUONZR/he5SdPIbiCs8EFjEdIOiv1WAtHk8mNY+OoMI=) 4: 417866c6-b48e-49e4-a19e-cfccea84fbb7.roa (hash: RZZdmR+5bGCpmvhnWv0q5H1TGl+m0xTRl2/jqZE3s2E=) 5: 41d48512-3b44-4b3e-ba21-6171938cc43c.roa (hash: 5TvXD4lDdBP8HCQ9cczX1l4KBZGmRY4mhWkhauSaUAk=) 6: 53444f16-12b0-454c-a0a2-d187f20f7db6.roa (hash: pMZjenvqUcF0xX3kgW+oxo4ODuXRZIUtXoEQH1fzj/c=) 7: 55399736-f7a1-421f-ae49-44f3fdfab3e0.roa (hash: PA+C/wNgJXA8pesxMyr+3h/a6hfB/Y/iEs709ZGhF+4=) 8: 7a46d818-cb1e-45ab-86c7-1a9a37c1a951.roa (hash: kRTZNDdjnUEILRKZCONc6gvWpYhp2pWl5sb1cgNHPLE=) 9: 9b20d5e9-2739-41d9-a7b0-ed324e639c56.roa (hash: pY2sR00+scURetNxrCMvNVLxvbO7pPfiWRhNHvHrXWg=) 10: c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa (hash: xHa7VivSl/tujJ7Jum2vyJqT1B4zXnL8MOQbSDb/06U=) 11: c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa (hash: Q+XciY9m9wjp7hitaFg6acR/Glo+68uiy6AKPuZROfM=) 12: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (hash: 1OIKMztBBqFnG2HedSTgrKILEhYAwqPgV0f9G0mN//0=) 13: d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa (hash: 6/m5qW+hkK1G7zmOyL+xaYJ3vWr5N16/vmWwkzGKcQQ=) 14: e4e32025-6c2b-424d-92b8-3acaacb55baa.roa (hash: VJjcv6fSBTsbnktKvctaAh+auP0xQTnTUZFRq4IqUvY=) 15: f95587cf-7170-48b0-b508-4aa1770ec2e7.roa (hash: ZqV8KPQKMkYH75oBmyvx58E8+ismKG+m1cg6sikDubM=) 16: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (hash: c6AyO/Ghu5HE3hAC3dZAcenLNFdosTOYNrVCOWD8fdw=) Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:fb:63:db:ef:8e:cf:82:87:ac:ad:ff:6b:2c:57:3a:9e:d7:9e:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 21 15:01:17 2024 GMT Not After : Nov 25 15:01:17 2024 GMT Subject: serialNumber=1410f680dea2c6db3305db3b8e850d89ad3326a04992e30ff8da2ba6e46e470b, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b0:0f:a6:53:c3:4c:4a:8d:9e:1c:db:7c:11: c4:46:26:82:f2:9a:d7:fd:26:b3:9c:d1:7d:ea:fb: 4c:83:60:06:cb:95:24:6c:b0:b5:1e:ae:5a:03:84: 4f:1d:cf:e2:71:12:42:f2:88:94:3c:c0:11:0e:29: 8a:ce:37:13:08:0c:f2:fc:5e:a9:d9:e1:44:8d:5c: 5e:2e:3f:c5:a7:65:9c:b4:c8:48:13:d4:97:b4:d2: af:9f:f7:49:04:39:fb:60:25:ae:91:dc:97:cd:e9: 88:b5:e9:22:03:99:98:42:64:60:2d:91:77:02:01: 34:ce:5c:ad:62:5b:b0:4d:62:f3:c8:a8:0b:bd:67: 26:b2:e9:32:b5:01:d4:73:1b:ca:9e:9c:bb:11:b6: 1b:f2:d6:13:78:98:e0:d3:b7:31:38:79:0f:ce:4a: e3:10:05:2e:b6:6d:a9:69:bc:21:85:74:11:a6:aa: 9b:2c:8b:2b:fb:2a:8c:f5:39:5e:21:c5:d1:ed:ee: 53:86:90:3d:51:06:b6:e7:61:39:26:fc:ab:75:be: 8e:c7:54:52:4d:5a:f0:03:ff:79:f4:b7:ba:c1:6f: 9c:f8:2e:d1:ed:2a:78:6a:ab:9d:c0:27:d2:22:cc: 8b:a6:a3:dd:0f:a8:5a:ce:9e:81:2a:50:cb:8a:53: fb:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:E4:DE:0F:32:94:EB:35:EA:FE:63:A8:48:42:17:C3:48:59:F9:69 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:f8:a3:ca:92:82:81:c3:cb:ad:e8:68:78:bf:e8:85:0e:7e: 54:a9:b2:7a:3a:e3:95:95:96:66:c8:61:36:e8:42:29:5a:ff: 0f:4c:c1:b8:65:66:aa:7c:c7:40:4d:88:e6:6f:f3:9f:23:b9: 10:10:66:a9:09:06:4b:5d:91:98:ee:cc:be:81:5d:01:8d:ec: d2:1d:82:18:84:38:d4:55:1a:77:5c:26:86:94:e5:03:29:3e: 27:3d:f7:7d:7b:70:d7:26:58:ba:d9:6f:a0:c7:8d:9d:d6:5e: 01:51:29:f1:e6:f4:91:1f:48:d4:6e:09:9c:15:4e:f2:1c:57: 9b:08:02:d0:4a:fa:a1:86:71:ec:fa:b9:69:87:3f:22:81:02: 72:f1:f9:70:c7:f0:53:b5:d8:36:c2:8d:b6:b5:b3:a0:9f:5e: 6b:f4:db:de:61:d3:4a:0a:c2:6b:06:9c:66:40:81:37:b3:7d: 4e:cb:b5:c4:10:77:e1:6a:01:1d:fd:dd:d3:9c:1e:08:31:c1: 63:a3:f5:55:0d:3a:db:20:70:a1:40:a5:73:60:86:be:20:09: 5a:4b:ae:8d:9a:95:3c:36:05:3a:df:53:11:b3:7d:ce:28:10: 2a:f8:9e:bc:d6:7c:7a:eb:bf:75:92:69:11:e6:76:70:e1:9e: 32:a5:61:46 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIUavtj2++Oz4KHrK3/ayxXOp7XnuMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEyMTE1MDExN1oX DTI0MTEyNTE1MDExN1owejFJMEcGA1UEBRNAMTQxMGY2ODBkZWEyYzZkYjMzMDVk YjNiOGU4NTBkODlhZDMzMjZhMDQ5OTJlMzBmZjhkYTJiYTZlNDZlNDcwYjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrAPplPDTEqNnhzbfBHERiaC8prX /SaznNF96vtMg2AGy5UkbLC1Hq5aA4RPHc/icRJC8oiUPMARDimKzjcTCAzy/F6p 2eFEjVxeLj/Fp2WctMhIE9SXtNKvn/dJBDn7YCWukdyXzemItekiA5mYQmRgLZF3 AgE0zlytYluwTWLzyKgLvWcmsukytQHUcxvKnpy7EbYb8tYTeJjg07cxOHkPzkrj EAUutm2pabwhhXQRpqqbLIsr+yqM9TleIcXR7e5ThpA9UQa252E5Jvyrdb6Ox1RS TVrwA/959Le6wW+c+C7R7Sp4aqudwCfSIsyLpqPdD6hazp6BKlDLilP7EwIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFBPk3g8ylOs16v5jqEhCF8NIWflpMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2Yjk2ODEzZTQvbWFu aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3 MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0LzIyMGNlZTBjLTYwMDItNDA5YS04MTk0 LTM4ZTIxNmMwMDk2Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw BKACBQAwDQYJKoZIhvcNAQELBQADggEBACX4o8qSgoHDy63oaHi/6IUOflSpsno6 45WVlmbIYTboQila/w9MwbhlZqp8x0BNiOZv858juRAQZqkJBktdkZjuzL6BXQGN 7NIdghiEONRVGndcJoaU5QMpPic99317cNcmWLrZb6DHjZ3WXgFRKfHm9JEfSNRu CZwVTvIcV5sIAtBK+qGGcez6uWmHPyKBAnLx+XDH8FO12DbCjba1s6CfXmv0295h 00oKwmsGnGZAgTezfU7LtcQQd+FqAR393dOcHggxwWOj9VUNOtsgcKFApXNghr4g CVpLro2alTw2BTrfUxGzfc4oECr4nrzWfHrrv3WSaRHmdnDhnjKlYUY= -----END CERTIFICATE-----Generated at Thu Nov 21 17:28:40 2024 by rpki-client on console-fra.rpki-client.org