Manifest

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft
File:                     manifest.mft (raw, json)
Hash identifier:          4G/z/j8KtyB3orrMc9K0mSfwmBO7ds54akqlAR0PAXo=
Subject key identifier:   AA:7C:B0:B6:0C:73:49:2C:79:33:BB:3D:8F:00:EC:82:0A:11:B8:69
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Certificate issuer:       /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial:       744855727247FF1C8EE386FDA9BEBC70211C115A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft
Manifest number:          039C
Signing time:             Sat 14 Sep 2024 00:07:41 +0000
Manifest this update:     Sat 14 Sep 2024 00:07:41 +0000
Manifest next update:     Wed 18 Sep 2024 00:07:41 +0000
Files and hashes:         1: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (hash: +IYOVcM4AVlGne+L2cXbwconyFUIqWdykDTKNe7uAuk=)
                          2: 11134e5c-49e1-4313-9cf2-7f2e61dd8b0c.roa (hash: D3E6WYXf40BOK1sjjdTfPizLlK+p8ysmzxaueoytRPA=)
                          3: 20b0bc1b-7e39-47a8-967a-5b3f58d75e03.roa (hash: LJbzK+Da3GjX5su0OivzdYBwaLDvNeDUSVkpjzL6Ahk=)
                          4: 2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa (hash: X4ZMrDuXkG6zzNlDrYn2DtL+f80IdXT3kyJMRAG9lbo=)
                          5: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (hash: XJYblZx2ALUcnKk4Pqn76oxw0d/C4qD51WtgQVNAY8w=)
                          6: 2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa (hash: cytpzTysettjDnEcmUBYXQcfd0D5aLGqtbiTtnCD0AQ=)
                          7: 3537691c-1a10-4699-a8a0-4cec50a35534.roa (hash: kU44kLGgugZjPcl6SjunM+pw0BKfESo5OGmxkVAmucM=)
                          8: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (hash: 4hIM6CWjE0JX9ytjXZbnZtOPoQaQRU4WSd2iZz5u4iM=)
                          9: 589cbaa9-e0fe-4ad9-ba2a-25c4433a8da4.roa (hash: wO7dX3L10In2h1ZUmJ7K3P1pS8CbRv0M0s8rcv/Xbgc=)
                          10: 65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa (hash: ezboTTs3JawoLhW3dRWZvMk809eHiWpyVALwUxDif00=)
                          11: 719ca283-3642-49b6-998d-44526d9a59a7.roa (hash: 3wAlPnW7abjWZ0TanTn3WOd1VMVmhtFLiSbLVMvyRkc=)
                          12: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (hash: IjBGvo2CRPe9RI6IdQG/LkN+uRvZU4M9CHgiT5Ls1Bw=)
                          13: 86cfd33f-a067-4c5c-8ad5-49ec8cde1823.roa (hash: RMSrWbSuCKOuQjpxWDQy0/hDLyaI+qMgPWuvep2ssoQ=)
                          14: 90ca90a9-a10a-44e7-82b9-1365746ba55e.crl (hash: 0mvD92Vr2Ki2V2Z82HNwNCC3JVRDoUKcKjsiCr/g6UM=)
                          15: 97e51edc-22c5-4cb0-846c-06d6751df3b4.roa (hash: mIEQVk32t5K3vpR2WXUTCDbPkc4XN9RZSSCpDQx+cuk=)
                          16: 98be1b25-e267-48c9-8089-71d3f3f86c51.roa (hash: /PtV1APEFSKIPV5aZOOVw6BGjbfrW3AW2CaPIKcdNQE=)
                          17: 9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa (hash: TTOTyFUz+K4LEpjWQ03hLvt2rWp1rjINRBtf1LALUPE=)
                          18: 9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa (hash: Tc9GB1N4Ij6J0GqN099cmb4diybXdHbwXJfObWNrJHM=)
                          19: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (hash: sR4jilq5fCXEATX8akyoLszRVVxjfDTPyKu+Mg0/igE=)
                          20: b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa (hash: aRC75SH5Xhbd2edai1s5RlN7awz8BoX4KmxT+/pnmgU=)
                          21: b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa (hash: 1Qub8PyivaHq9HxiQLBTQkgGf8kpLvRhXnLSgHnzR20=)
                          22: ba324b4e-d4cd-4df6-a846-89610642c7ba.roa (hash: bXAIUCqaoMxvZArFE3BVt+c/pwwOFKkjXtomrtNQSgI=)
                          23: c6c8c2c8-2610-4b46-9e55-67c12ceccbbe.roa (hash: yDyzJfdyIBSk52eXe1WTwmW8tWjLef/Wwpyj0dL3LkU=)
                          24: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (hash: L8SSndhsd5EjZiquSxB+mvhlMsMGIbD6dIA1r6jfdCQ=)
                          25: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (hash: Jy+/QzPZ/XLzETsFM/cx2v3NNduywP57XHHB+JeBzx0=)
                          26: c94ba698-f48b-499a-9e9f-3681b985bb5d.roa (hash: qBoJxFBZStAxekQ1Km/AFwgvCCXIwpFau7Io2447IS4=)
                          27: decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa (hash: VTQHVAEqCbGzxgyL/XRqk/an4myWb4koUxmfyj9a1rg=)
                          28: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (hash: +/gI/0e3EqSo+7RggnVIaQ8m+DKo7s9LlaBkYInN9TY=)
                          29: f8620d2a-ea0f-46ef-a270-0f639f977882.roa (hash: KSVD1VJeh1+iFMzKEQAwe5W5W9IkHOdKlrse40D//+0=)
                          30: fc41a047-335b-4f07-bd4d-51cf61bfc33f.roa (hash: wBOi6TlRYDonpgiiWog8bBb9VNcO2C0PalGqjYy5nNo=)

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Sep 2024 00:07:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:48:55:72:72:47:ff:1c:8e:e3:86:fd:a9:be:bc:70:21:1c:11:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
        Validity
            Not Before: Sep 14 00:07:41 2024 GMT
            Not After : Sep 18 00:07:41 2024 GMT
        Subject: serialNumber=b3803794e3a0a005ec2fd26524f16d9a880874e2739ddbffd8a5d749f175edef, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:85:40:55:f8:5c:bf:9e:6f:8b:84:ef:fd:b3:
                    35:60:ad:96:03:7e:ea:33:a4:43:18:05:e9:a6:43:
                    45:fa:eb:d7:5a:6b:06:63:9b:02:cf:8b:80:12:58:
                    bf:c4:c6:2c:8f:4c:98:89:5b:43:fd:36:e7:c3:a7:
                    68:12:a8:30:64:c9:95:46:80:93:56:8f:2a:b1:12:
                    8a:c3:92:1b:42:ea:23:98:29:d6:90:9d:a1:6b:e8:
                    fd:e3:52:04:3a:00:14:d5:3c:38:af:35:34:ee:3b:
                    19:7d:3f:2b:60:24:45:94:40:94:46:83:bf:87:90:
                    d3:08:60:af:08:27:8d:78:2b:20:cb:56:38:9c:6d:
                    f2:9e:6f:36:7e:8d:36:82:a6:dd:85:4f:a2:35:b5:
                    7b:ed:74:7a:63:dd:87:b0:b0:ac:ba:98:d2:5d:fc:
                    ec:70:db:2d:58:74:86:49:04:e7:cd:52:43:aa:62:
                    95:35:73:d5:4d:60:ed:8b:08:08:87:72:69:79:79:
                    88:ac:d0:d7:04:75:c5:75:a4:4f:79:86:9b:a5:ff:
                    3f:c4:13:ac:ad:1f:80:bd:1b:d8:2b:e7:a8:bc:c3:
                    0d:61:37:58:7f:c9:e0:73:e9:08:96:7e:2a:6f:a4:
                    85:53:5b:c2:2f:65:27:ad:e4:99:1e:7f:21:64:b0:
                    e8:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:7C:B0:B6:0C:73:49:2C:79:33:BB:3D:8F:00:EC:82:0A:11:B8:69
            X509v3 Authority Key Identifier:
                keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:aa:ee:38:15:d9:90:e7:28:40:f5:75:65:09:cf:e7:1c:3d:
         d9:a4:87:6d:f1:10:a2:bb:c3:ba:f5:5e:60:af:b5:d1:39:44:
         38:ec:4a:30:7e:fb:7f:05:69:1a:7d:fa:0c:7b:c9:d8:fb:c7:
         4f:6f:74:a5:c2:70:92:88:55:2b:3f:6a:7c:15:42:c2:77:f9:
         19:8a:60:20:e8:e1:2a:a1:cb:86:e6:c7:bc:eb:40:04:39:bf:
         ea:b8:79:34:e4:97:a0:06:a6:60:f8:45:54:3f:4b:c4:f3:48:
         9b:19:c6:71:53:0f:ef:3a:54:1e:55:81:0f:50:1f:da:d3:ca:
         97:22:ca:3f:b5:94:f8:14:90:d4:dc:25:31:7e:41:b7:a2:80:
         cf:df:d2:60:95:3d:21:cf:ab:26:ad:2e:3a:ef:0c:de:68:c7:
         a9:e8:d4:e5:d9:0f:56:2f:79:e0:c5:3b:75:af:f4:49:f8:e0:
         86:22:86:89:93:37:05:7e:ac:27:87:7e:57:8b:2f:c1:5c:da:
         da:46:38:a0:15:c8:05:6b:3d:ea:20:71:41:17:a5:40:b1:7b:
         20:1f:ea:20:8b:0f:6a:65:3a:62:1c:0e:64:ad:14:99:64:21:
         ca:cd:a5:75:95:a5:26:62:9a:d1:c9:f3:1b:72:b6:95:84:30:
         35:e7:78:31
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUdEhVcnJH/xyO44b9qb68cCEcEVowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDkxNDAwMDc0MVoX
DTI0MDkxODAwMDc0MVowejFJMEcGA1UEBRNAYjM4MDM3OTRlM2EwYTAwNWVjMmZk
MjY1MjRmMTZkOWE4ODA4NzRlMjczOWRkYmZmZDhhNWQ3NDlmMTc1ZWRlZjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oVAVfhcv55vi4Tv/bM1YK2WA37q
M6RDGAXppkNF+uvXWmsGY5sCz4uAEli/xMYsj0yYiVtD/Tbnw6doEqgwZMmVRoCT
Vo8qsRKKw5IbQuojmCnWkJ2ha+j941IEOgAU1Tw4rzU07jsZfT8rYCRFlECURoO/
h5DTCGCvCCeNeCsgy1Y4nG3ynm82fo02gqbdhU+iNbV77XR6Y92HsLCsupjSXfzs
cNstWHSGSQTnzVJDqmKVNXPVTWDtiwgIh3JpeXmIrNDXBHXFdaRPeYabpf8/xBOs
rR+AvRvYK+eovMMNYTdYf8ngc+kIln4qb6SFU1vCL2UnreSZHn8hZLDotQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFKp8sLYMc0kseTO7PY8A7IIKEbhpMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMH8GCCsGAQUFBwELBHMwcTBvBggrBgEF
BQcwC4ZjcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJiY2JiODVhZTYvbWFu
aWZlc3QubWZ0MIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1y
c3luYy51cy1lYXN0LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvYzNjZDdjMjQtMTJj
Yi00YWJjLThmZDItNWUyYmNiYjg1YWU2LzkwY2E5MGE5LWExMGEtNDRlNy04MmI5
LTEzNjU3NDZiYTU1ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYw
BKACBQAwDQYJKoZIhvcNAQELBQADggEBADuq7jgV2ZDnKED1dWUJz+ccPdmkh23x
EKK7w7r1XmCvtdE5RDjsSjB++38FaRp9+gx7ydj7x09vdKXCcJKIVSs/anwVQsJ3
+RmKYCDo4Sqhy4bmx7zrQAQ5v+q4eTTkl6AGpmD4RVQ/S8TzSJsZxnFTD+86VB5V
gQ9QH9rTypciyj+1lPgUkNTcJTF+QbeigM/f0mCVPSHPqyatLjrvDN5ox6no1OXZ
D1YveeDFO3Wv9En44IYihomTNwV+rCeHfleLL8Fc2tpGOKAVyAVrPeogcUEXpUCx
eyAf6iCLD2plOmIcDmStFJlkIcrNpXWVpSZimtHJ8xtytpWEMDXneDE=
-----END CERTIFICATE-----
Generated at Sat Sep 14 00:38:58 2024 by rpki-client on console-fra.rpki-client.org