$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/020628DB16DFDDF442923B09D04B73C68D0A0CB3.cer File: 020628DB16DFDDF442923B09D04B73C68D0A0CB3.cer (raw, json) Hash identifier: aYSYBP4biQCnW91oX7D0Pxcdr61lngjolaG+llx5uQc= Subject key identifier: 02:06:28:DB:16:DF:DD:F4:42:92:3B:09:D0:4B:73:C6:8D:0A:0C:B3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5F77CA1C8FEAEA67E6E32ED495209C019A35803D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/2c909737-1564-46ca-9009-8d28a56e98ee/0/020628DB16DFDDF442923B09D04B73C68D0A0CB3.mft caRepository: rsync://rpki-rsync.idnic.net/repo/2c909737-1564-46ca-9009-8d28a56e98ee/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:08:51 +0000 Certificate not after: Sun 02 May 2027 00:13:51 +0000 Subordinate resources: IP: 103.78.44.0/23 IP: 2001:df6:a00::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:77:ca:1c:8f:ea:ea:67:e6:e3:2e:d4:95:20:9c:01:9a:35:80:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:08:51 2026 GMT Not After : May 2 00:13:51 2027 GMT Subject: CN=020628DB16DFDDF442923B09D04B73C68D0A0CB3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:be:b0:a4:68:7c:d5:f2:e9:8a:e2:fd:bc:b8: c8:3f:1c:f1:b8:69:7d:37:94:e7:3c:4a:4f:16:02: ae:c1:6c:72:d9:1e:c1:ba:ad:6b:8a:4b:28:bc:16: 0a:e9:3b:1b:71:fc:1f:d0:6b:a5:75:8c:79:f5:08: 5c:3f:17:ea:0c:a4:dc:f2:8f:69:c1:cf:01:75:cc: cc:9c:4d:0e:89:1b:65:13:f2:0c:84:59:16:3b:b8: d8:53:0d:68:8c:27:71:6f:ac:99:ee:5e:87:c3:2c: 13:91:2e:17:3c:06:b5:46:c5:8e:2a:0a:3d:98:95: 16:39:76:d8:a2:52:2c:14:26:e9:fe:88:d6:cf:6a: f6:71:90:38:d4:0b:23:6c:86:1b:bb:61:31:a1:3b: a6:db:f5:24:42:15:ca:b7:2b:0e:94:64:66:51:2f: cb:56:d4:4e:b4:c9:91:9d:08:75:b5:55:fe:60:e7: f2:70:b8:d8:09:3c:b1:84:5f:d0:d5:10:50:cd:a5: 0e:c1:32:30:d8:36:11:0e:28:36:82:f3:0d:f0:c6: ff:f4:8e:d3:c2:02:04:06:ee:17:56:64:4a:16:3a: f4:ed:61:f9:76:81:63:8b:32:c1:95:5c:32:89:ea: 67:25:de:26:f9:7b:6a:d7:e2:f7:0f:e9:7c:bb:48: c0:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 02:06:28:DB:16:DF:DD:F4:42:92:3B:09:D0:4B:73:C6:8D:0A:0C:B3 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/2c909737-1564-46ca-9009-8d28a56e98ee/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/2c909737-1564-46ca-9009-8d28a56e98ee/0/020628DB16DFDDF442923B09D04B73C68D0A0CB3.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.78.44.0/23 IPv6: 2001:df6:a00::/48 Signature Algorithm: sha256WithRSAEncryption 9d:af:7e:0a:4b:3a:47:59:21:9d:07:2e:9c:a3:ec:93:fc:29: af:74:a7:3c:b7:71:c3:fb:f1:bc:87:a4:e9:dc:aa:e6:ce:86: 7e:f5:4c:09:51:ae:38:21:a6:64:2b:46:73:86:04:e1:8a:0d: 4a:da:ef:b1:4e:12:29:45:a6:f9:31:82:c2:3f:9e:8a:44:71: 72:13:8c:1f:94:b9:e6:b1:b8:e8:0e:ac:eb:84:a2:83:38:94: 33:17:01:e9:bc:8d:ae:26:a9:6d:57:b5:30:d6:37:60:4d:05: 3d:78:ce:5f:af:a6:02:26:1c:e8:81:c5:aa:ea:6e:86:a4:38: 7a:71:25:96:dc:0d:36:df:9c:a2:40:6a:2e:f3:ec:bd:45:36: 05:ac:44:e5:32:06:df:32:3e:2d:01:97:47:7c:cd:5f:03:7c: 08:f2:f6:92:df:41:49:0a:a6:46:9a:34:a6:da:03:60:f7:6d: d9:d9:be:4b:1b:5f:4f:7e:01:be:6d:7c:6e:5c:2d:ce:04:a2: f4:d1:b0:e5:92:ab:65:05:aa:c9:4a:49:47:e1:b3:f3:48:0a: 34:0c:ad:83:a4:da:42:04:2c:e2:d5:86:07:0b:1e:a8:94:31: fc:9e:d7:1a:cc:34:54:94:cc:53:ce:4f:05:bb:e3:ca:fe:36: 41:ea:cc:02 -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgIUX3fKHI/q6mfm4y7UlSCcAZo1gD0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMDg1MVoX DTI3MDUwMjAwMTM1MVowMzExMC8GA1UEAxMoMDIwNjI4REIxNkRGRERGNDQyOTIz QjA5RDA0QjczQzY4RDBBMENCMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALC+sKRofNXy6Yri/by4yD8c8bhpfTeU5zxKTxYCrsFsctkewbqta4pLKLwW Cuk7G3H8H9BrpXWMefUIXD8X6gyk3PKPacHPAXXMzJxNDokbZRPyDIRZFju42FMN aIwncW+sme5eh8MsE5EuFzwGtUbFjioKPZiVFjl22KJSLBQm6f6I1s9q9nGQONQL I2yGG7thMaE7ptv1JEIVyrcrDpRkZlEvy1bUTrTJkZ0IdbVV/mDn8nC42Ak8sYRf 0NUQUM2lDsEyMNg2EQ4oNoLzDfDG//SO08ICBAbuF1ZkShY69O1h+XaBY4sywZVc MonqZyXeJvl7atfi9w/pfLtIwIUCAwEAAaOCAsowggLGMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAIGKNsW3930QpI7CdBLc8aNCgyzMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzJjOTA5NzM3LTE1NjQtNDZjYS05MDA5LThkMjhhNTZlOThlZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yYzkwOTcz Ny0xNTY0LTQ2Y2EtOTAwOS04ZDI4YTU2ZTk4ZWUvMC8wMjA2MjhEQjE2REZEREY0 NDI5MjNCMDlEMDRCNzNDNjhEMEEwQ0IzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAG AwQBZ04sMA8EAgACMAkDBwAgAQ32CgAwDQYJKoZIhvcNAQELBQADggEBAJ2vfgpL OkdZIZ0HLpyj7JP8Ka90pzy3ccP78byHpOncqubOhn71TAlRrjghpmQrRnOGBOGK DUra77FOEilFpvkxgsI/nopEcXITjB+UueaxuOgOrOuEooM4lDMXAem8ja4mqW1X tTDWN2BNBT14zl+vpgImHOiBxarqboakOHpxJZbcDTbfnKJAai7z7L1FNgWsROUy Bt8yPi0Bl0d8zV8DfAjy9pLfQUkKpkaaNKbaA2D3bdnZvksbX09+Ab5tfG5cLc4E ovTRsOWSq2UFqslKSUfhs/NICjQMrYOk2kIELOLVhgcLHqiUMfye1xrMNFSUzFPO TwW748r+NkHqzAI= -----END CERTIFICATE-----Generated at Tue May 12 22:10:19 2026 by rpki-client