$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/025CE36BF82CD1F7C5FF7CDA56D97B902468C030.cer File: 025CE36BF82CD1F7C5FF7CDA56D97B902468C030.cer (raw, json) Hash identifier: vpZZZpA9spKFJcSiaHJHcQRF4ZfMT4MqOLVzB6J8qf4= Subject key identifier: 02:5C:E3:6B:F8:2C:D1:F7:C5:FF:7C:DA:56:D9:7B:90:24:68:C0:30 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5E9511180FD333CC51996120C340B4E4055CF46A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/59a37aec-63c2-45d1-96ae-da16d1018b0f/0/025CE36BF82CD1F7C5FF7CDA56D97B902468C030.mft caRepository: rsync://rpki-rsync.idnic.net/repo/59a37aec-63c2-45d1-96ae-da16d1018b0f/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:38:49 +0000 Certificate not after: Sun 02 May 2027 00:43:49 +0000 Subordinate resources: IP: 103.173.128.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:95:11:18:0f:d3:33:cc:51:99:61:20:c3:40:b4:e4:05:5c:f4:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:38:49 2026 GMT Not After : May 2 00:43:49 2027 GMT Subject: CN=025CE36BF82CD1F7C5FF7CDA56D97B902468C030 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:be:44:da:2c:17:c6:0e:40:7c:e8:cd:35:a7: 02:89:99:75:12:c4:a3:16:b5:22:0c:5f:59:d1:df: ee:d8:f2:b7:9d:34:96:f4:6f:27:fb:50:26:3e:0e: 4a:33:65:84:5f:fb:b8:9f:22:5b:ca:bb:e4:43:16: 67:95:96:a1:22:0f:a1:02:9d:60:9b:aa:55:79:fe: 2b:52:30:32:5c:43:50:c4:41:86:6a:28:63:00:70: c4:d8:4b:2b:c0:4f:69:79:47:ad:16:84:63:55:40: f6:19:4c:31:0b:0c:b3:0a:8c:94:89:b8:a2:d1:6c: 9a:91:fb:dd:93:6e:23:e1:9b:7e:31:1d:ff:4e:4d: be:bf:ed:22:6c:03:0d:69:00:b1:0d:77:e3:9b:52: ac:d6:81:80:50:db:b5:67:40:90:74:9e:91:40:93: 23:0c:46:76:d8:48:d9:a7:18:47:3d:4c:c1:ab:63: 3d:9c:41:39:89:d4:00:9a:71:4a:d9:01:88:a4:81: 52:b0:59:18:d8:4e:ab:f6:16:bd:d2:6d:a0:62:45: 7f:4b:c9:ba:e3:0c:7c:a3:3e:df:f2:b1:fb:be:d0: 57:e2:37:57:34:e4:6b:6c:da:7b:f7:98:70:a2:7c: 6c:20:df:9f:78:04:22:6c:fe:69:97:5b:b2:ff:fd: fb:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 02:5C:E3:6B:F8:2C:D1:F7:C5:FF:7C:DA:56:D9:7B:90:24:68:C0:30 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/59a37aec-63c2-45d1-96ae-da16d1018b0f/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/59a37aec-63c2-45d1-96ae-da16d1018b0f/0/025CE36BF82CD1F7C5FF7CDA56D97B902468C030.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.173.128.0/23 Signature Algorithm: sha256WithRSAEncryption 36:66:d2:91:70:c6:35:61:62:2f:8c:ba:bf:08:3c:56:a4:bd: 1c:47:0b:28:b7:3c:2b:5e:71:a1:8c:cb:00:87:5a:7b:7c:e1: 73:30:30:01:7d:e6:f9:a8:8b:bf:1b:76:97:b3:b5:78:dd:8b: c9:12:bb:4d:0b:36:eb:98:55:4d:ae:d3:0b:cd:b3:76:67:68: e6:8e:95:dd:55:a6:51:48:57:2d:4d:6f:bd:d4:b8:f4:3c:ca: 4f:45:48:a1:23:99:3c:21:aa:6f:5c:74:b7:7e:cb:22:44:c2: bf:3f:99:b6:63:d7:ee:9d:61:1c:45:74:c7:ed:91:04:8e:65: a3:74:48:63:54:40:38:11:90:79:32:2d:3b:f2:e7:24:cc:89: c9:fd:b4:c8:4f:e0:1a:2d:05:23:4e:67:b2:47:8f:a3:e0:85: 15:22:8d:fb:4b:df:d8:f8:0c:9d:f6:54:80:c8:c0:7f:17:ac: f2:f4:d2:8c:73:a1:d1:1b:50:55:86:8d:e5:a8:d3:69:c0:8e: 61:b7:7d:43:af:21:04:8c:73:f8:4d:70:a6:0d:45:0d:96:42: 3f:59:31:2f:5e:18:17:e8:f5:2a:bb:b9:06:b5:6a:be:68:10: c0:e4:71:f4:17:08:cf:6c:65:23:20:63:6a:96:c7:6c:07:46: 48:04:76:ec -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUXpURGA/TM8xRmWEgw0C05AVc9GowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMzg0OVoX DTI3MDUwMjAwNDM0OVowMzExMC8GA1UEAxMoMDI1Q0UzNkJGODJDRDFGN0M1RkY3 Q0RBNTZEOTdCOTAyNDY4QzAzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO+RNosF8YOQHzozTWnAomZdRLEoxa1IgxfWdHf7tjyt500lvRvJ/tQJj4O SjNlhF/7uJ8iW8q75EMWZ5WWoSIPoQKdYJuqVXn+K1IwMlxDUMRBhmooYwBwxNhL K8BPaXlHrRaEY1VA9hlMMQsMswqMlIm4otFsmpH73ZNuI+GbfjEd/05Nvr/tImwD DWkAsQ1345tSrNaBgFDbtWdAkHSekUCTIwxGdthI2acYRz1MwatjPZxBOYnUAJpx StkBiKSBUrBZGNhOq/YWvdJtoGJFf0vJuuMMfKM+3/Kx+77QV+I3VzTka2zae/eY cKJ8bCDfn3gEImz+aZdbsv/9+9UCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAJc42v4LNH3xf982lbZe5AkaMAwMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzU5YTM3YWVjLTYzYzItNDVkMS05NmFlLWRhMTZkMTAxOGIwZi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81OWEzN2Fl Yy02M2MyLTQ1ZDEtOTZhZS1kYTE2ZDEwMThiMGYvMC8wMjVDRTM2QkY4MkNEMUY3 QzVGRjdDREE1NkQ5N0I5MDI0NjhDMDMwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ62AMA0GCSqGSIb3DQEBCwUAA4IBAQA2ZtKRcMY1YWIvjLq/CDxWpL0cRwso tzwrXnGhjMsAh1p7fOFzMDABfeb5qIu/G3aXs7V43YvJErtNCzbrmFVNrtMLzbN2 Z2jmjpXdVaZRSFctTW+91Lj0PMpPRUihI5k8IapvXHS3fssiRMK/P5m2Y9funWEc RXTH7ZEEjmWjdEhjVEA4EZB5Mi078uckzInJ/bTIT+AaLQUjTmeyR4+j4IUVIo37 S9/Y+Ayd9lSAyMB/F6zy9NKMc6HRG1BVho3lqNNpwI5ht31DryEEjHP4TXCmDUUN lkI/WTEvXhgX6PUqu7kGtWq+aBDA5HH0FwjPbGUjIGNqlsdsB0ZIBHbs -----END CERTIFICATE-----Generated at Tue May 12 22:10:07 2026 by rpki-client