$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/40BEDF113EC28F27A4735C81592F01A9D8F44EF8.cer File: 40BEDF113EC28F27A4735C81592F01A9D8F44EF8.cer (raw, json) Hash identifier: DQAmGD2Kob/h0P3Q29Gp40HhK6wu903atjrV28AcmzY= Subject key identifier: 40:BE:DF:11:3E:C2:8F:27:A4:73:5C:81:59:2F:01:A9:D8:F4:4E:F8 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 1BF9D339A4FB5B717F9DB7BD7212363C39644BA1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/478259d6-2655-4417-bec4-83ef6644f57e/0/40BEDF113EC28F27A4735C81592F01A9D8F44EF8.mft caRepository: rsync://rpki-rsync.idnic.net/repo/478259d6-2655-4417-bec4-83ef6644f57e/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:27:28 +0000 Certificate not after: Sun 02 May 2027 00:32:28 +0000 Subordinate resources: IP: 160.25.116.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:f9:d3:39:a4:fb:5b:71:7f:9d:b7:bd:72:12:36:3c:39:64:4b:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 00:27:28 2026 GMT Not After : May 2 00:32:28 2027 GMT Subject: CN=40BEDF113EC28F27A4735C81592F01A9D8F44EF8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:22:8b:ba:15:17:56:73:3e:2f:ee:78:a0:5b: dc:ba:f1:9f:92:88:a7:67:76:1c:f2:bf:99:92:96: 95:b1:c8:ac:65:49:60:9a:6e:a2:14:44:66:c0:c6: 86:5a:e1:91:3c:99:af:03:90:af:52:fa:4f:dd:36: f3:ee:8f:23:1d:20:b9:fb:01:12:99:0a:36:ff:ed: 6c:f2:04:c7:04:bc:ee:5d:cf:b6:7a:c8:03:72:2a: 9e:76:7b:a6:dd:60:8a:6c:04:df:53:91:b5:af:54: 36:9b:31:6c:a0:ce:b8:4d:f9:55:a5:04:90:dd:64: d0:2d:1c:1f:26:aa:cb:ac:93:1c:d3:7e:84:62:9d: 6c:37:5e:ce:37:9e:f4:3a:ea:89:20:7f:c2:3b:e5: 63:29:21:78:ba:24:1f:05:85:f3:cc:fa:6c:de:9e: f4:e3:c8:52:9f:4d:cc:b1:83:37:94:d5:81:a4:bd: 4c:e3:a1:b3:3e:8d:23:28:e4:31:b7:32:0d:99:eb: 92:b3:fe:eb:fa:e8:17:15:41:f6:3f:ad:b4:45:ef: 9c:e5:49:ca:0b:c0:e3:62:0f:2d:1d:02:9a:52:8a: 17:93:9e:7e:66:a8:38:2e:80:45:71:1b:24:cd:a7: 83:0b:f4:a6:57:17:3b:ab:09:4a:59:51:c8:fc:9d: ce:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 40:BE:DF:11:3E:C2:8F:27:A4:73:5C:81:59:2F:01:A9:D8:F4:4E:F8 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/478259d6-2655-4417-bec4-83ef6644f57e/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/478259d6-2655-4417-bec4-83ef6644f57e/0/40BEDF113EC28F27A4735C81592F01A9D8F44EF8.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.116.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:98:99:65:f7:5d:77:dc:c9:25:ed:a3:37:c0:7d:2b:bb:f1: ca:8f:ae:3e:4a:33:24:85:42:ae:0a:bb:c7:15:ff:1f:29:36: ad:18:b9:1f:7b:b6:e8:11:e1:1e:29:94:bf:f0:1d:55:95:71: 18:6b:09:35:9a:f7:a8:76:54:3f:ad:7b:c7:83:fd:ba:f4:95: 31:f7:02:03:0c:0a:41:bc:82:08:8b:1a:85:da:b2:8a:9b:0e: 84:4f:ac:46:4c:b5:ed:33:83:76:6a:35:56:52:28:d6:08:ce: 94:e9:76:56:cd:3b:9e:05:b0:b6:4e:1d:c7:0b:d0:11:7d:3e: 04:0a:8a:23:ce:5b:de:44:0d:40:c6:9b:18:36:a1:d2:e0:81: 73:23:fa:b1:f4:6a:78:1d:54:f8:d4:41:36:3c:4e:69:0b:8f: ca:bd:56:56:a3:f3:af:59:bb:ac:8e:a7:92:a9:8d:6f:a0:95: 15:71:02:ef:1d:14:b5:4a:ac:2b:9d:0f:49:02:ec:1b:68:88: 91:34:90:42:31:3a:83:fc:66:e2:12:f0:e6:83:4e:80:ad:94: 98:4b:7d:c1:6a:9a:7b:4a:b2:92:7d:de:4a:0b:c3:48:f1:24: ee:f4:0c:1c:de:21:3d:eb:1b:05:1c:32:80:73:59:55:a3:2c: ff:71:5f:f3 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUG/nTOaT7W3F/nbe9chI2PDlkS6EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAwMjcyOFoX DTI3MDUwMjAwMzIyOFowMzExMC8GA1UEAxMoNDBCRURGMTEzRUMyOEYyN0E0NzM1 QzgxNTkyRjAxQTlEOEY0NEVGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMoii7oVF1ZzPi/ueKBb3Lrxn5KIp2d2HPK/mZKWlbHIrGVJYJpuohREZsDG hlrhkTyZrwOQr1L6T9028+6PIx0gufsBEpkKNv/tbPIExwS87l3PtnrIA3IqnnZ7 pt1gimwE31ORta9UNpsxbKDOuE35VaUEkN1k0C0cHyaqy6yTHNN+hGKdbDdezjee 9DrqiSB/wjvlYykheLokHwWF88z6bN6e9OPIUp9NzLGDN5TVgaS9TOOhsz6NIyjk MbcyDZnrkrP+6/roFxVB9j+ttEXvnOVJygvA42IPLR0CmlKKF5OefmaoOC6ARXEb JM2ngwv0plcXO6sJSllRyPydzpkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEC+3xE+wo8npHNcgVkvAanY9E74MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzQ3ODI1OWQ2LTI2NTUtNDQxNy1iZWM0LTgzZWY2NjQ0ZjU3ZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby80NzgyNTlk Ni0yNjU1LTQ0MTctYmVjNC04M2VmNjY0NGY1N2UvMC80MEJFREYxMTNFQzI4RjI3 QTQ3MzVDODE1OTJGMDFBOUQ4RjQ0RUY4Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAoBl0MA0GCSqGSIb3DQEBCwUAA4IBAQB7mJll91133Mkl7aM3wH0ru/HKj64+ SjMkhUKuCrvHFf8fKTatGLkfe7boEeEeKZS/8B1VlXEYawk1mveodlQ/rXvHg/26 9JUx9wIDDApBvIIIixqF2rKKmw6ET6xGTLXtM4N2ajVWUijWCM6U6XZWzTueBbC2 Th3HC9ARfT4ECoojzlveRA1AxpsYNqHS4IFzI/qx9Gp4HVT41EE2PE5pC4/KvVZW o/OvWbusjqeSqY1voJUVcQLvHRS1SqwrnQ9JAuwbaIiRNJBCMTqD/GbiEvDmg06A rZSYS33Bapp7SrKSfd5KC8NI8STu9Awc3iE96xsFHDKAc1lVoyz/cV/z -----END CERTIFICATE-----Generated at Tue May 12 22:46:01 2026 by rpki-client