$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/064B9E28C1AE598921210EB5E94CAE9E89533533.cer File: 064B9E28C1AE598921210EB5E94CAE9E89533533.cer (raw, json) Hash identifier: F01oR3Milds0lAb8LyHr2yNMHh4N269fOD/IrDLNsmk= Subject key identifier: 06:4B:9E:28:C1:AE:59:89:21:21:0E:B5:E9:4C:AE:9E:89:53:35:33 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 353F3B0347B59FE12F6E69F8D688784CC0F65123 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/13f0a83c-2bc0-42a5-a4ae-11a53882df10/0/064B9E28C1AE598921210EB5E94CAE9E89533533.mft caRepository: rsync://rpki-rsync.idnic.net/repo/13f0a83c-2bc0-42a5-a4ae-11a53882df10/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:51:45 +0000 Certificate not after: Sat 01 May 2027 23:56:45 +0000 Subordinate resources: IP: 103.158.128.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:3f:3b:03:47:b5:9f:e1:2f:6e:69:f8:d6:88:78:4c:c0:f6:51:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:51:45 2026 GMT Not After : May 1 23:56:45 2027 GMT Subject: CN=064B9E28C1AE598921210EB5E94CAE9E89533533 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:68:8a:4a:78:b3:6c:e5:e7:29:27:18:00:a2: 3e:53:49:ec:07:50:c3:5f:3b:54:25:78:1c:62:3f: ef:28:a2:6d:ba:d4:04:c5:77:6a:5b:69:7c:a9:d9: 85:c1:a2:f2:20:ab:e0:e2:9d:7e:0d:15:e1:55:1b: b4:88:3e:d5:76:40:dc:15:23:dd:bc:81:65:e7:6d: 83:56:fc:cd:c6:f2:e6:34:d5:50:e0:21:8a:7a:49: 6d:e8:71:46:36:b1:89:4c:19:65:ab:8e:b6:84:06: 40:d2:19:2b:78:b9:6f:c3:5b:92:15:76:fa:e5:95: 40:90:29:ee:f2:38:18:fc:45:08:24:05:3e:e7:6e: 8c:51:f8:6c:c9:f0:de:b6:75:1d:1e:5f:3f:fb:9e: a3:29:c0:a9:5d:90:ad:91:bf:ac:2c:9c:ab:7e:59: 4b:57:2b:d0:7d:e4:96:5d:4f:14:06:83:26:f2:33: 14:55:ec:77:da:7c:e6:66:dd:9f:2b:59:4f:52:36: 54:4e:46:0e:96:ad:9d:d7:7a:f4:7b:d2:af:c8:9e: 7e:57:8a:b0:47:32:df:03:07:17:42:8e:50:3e:5b: 61:6b:46:09:b9:d6:88:e0:f4:14:32:84:21:da:42: 0e:9c:4f:79:cf:ff:46:1f:86:03:02:f2:30:ff:4e: dc:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 06:4B:9E:28:C1:AE:59:89:21:21:0E:B5:E9:4C:AE:9E:89:53:35:33 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/13f0a83c-2bc0-42a5-a4ae-11a53882df10/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/13f0a83c-2bc0-42a5-a4ae-11a53882df10/0/064B9E28C1AE598921210EB5E94CAE9E89533533.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.158.128.0/23 Signature Algorithm: sha256WithRSAEncryption 2d:1a:c1:32:91:e5:db:9d:95:44:2d:53:24:02:84:19:91:0c: 8e:a5:55:4d:62:e7:49:b6:04:b1:8b:71:6a:10:e4:49:df:90: 19:db:87:c3:12:f3:78:a4:f3:c2:19:04:28:4c:9f:c9:f6:1b: f9:3e:cf:52:0d:2e:72:1c:a1:f7:9a:9c:d8:57:73:6e:fc:a3: a2:aa:f9:f6:a7:1a:94:15:46:b3:03:3a:56:4f:11:db:ed:4c: b5:b8:14:14:6c:fe:9a:f9:1f:f6:ba:d2:81:05:66:04:c8:a4: a9:70:21:4d:c2:b9:a7:25:10:d0:71:dd:e3:7e:43:a8:64:cc: d5:63:c4:65:e6:6b:3a:94:dd:c0:eb:bb:63:52:45:31:a7:c5: 75:ff:14:2d:c1:95:9e:fb:b6:f8:0a:bc:e9:7b:17:72:d0:ca: 4e:36:ce:db:92:af:5a:24:13:a0:f4:85:c0:21:6f:bb:51:1e: 5e:37:2d:f0:83:6d:19:f5:8f:dd:dd:92:c1:40:db:cb:d6:ec: 76:02:95:af:ea:95:0b:f5:a7:c5:b9:78:ca:2b:2d:c3:e1:51: 53:09:87:5f:16:78:d5:ac:a7:8d:1f:df:ae:04:7b:53:28:b4: 1f:c8:6c:bf:3c:ec:1f:93:fd:11:88:fc:79:57:b1:a2:a0:9a: 51:5e:c0:ce -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUNT87A0e1n+Evbmn41oh4TMD2USMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTE0NVoX DTI3MDUwMTIzNTY0NVowMzExMC8GA1UEAxMoMDY0QjlFMjhDMUFFNTk4OTIxMjEw RUI1RTk0Q0FFOUU4OTUzMzUzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKxoikp4s2zl5yknGACiPlNJ7AdQw187VCV4HGI/7yiibbrUBMV3altpfKnZ hcGi8iCr4OKdfg0V4VUbtIg+1XZA3BUj3byBZedtg1b8zcby5jTVUOAhinpJbehx RjaxiUwZZauOtoQGQNIZK3i5b8NbkhV2+uWVQJAp7vI4GPxFCCQFPudujFH4bMnw 3rZ1HR5fP/ueoynAqV2QrZG/rCycq35ZS1cr0H3kll1PFAaDJvIzFFXsd9p85mbd nytZT1I2VE5GDpatndd69HvSr8iefleKsEcy3wMHF0KOUD5bYWtGCbnWiOD0FDKE IdpCDpxPec//Rh+GAwLyMP9O3HUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAZLnijBrlmJISEOtelMrp6JUzUzMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzEzZjBhODNjLTJiYzAtNDJhNS1hNGFlLTExYTUzODgyZGYxMC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xM2YwYTgz Yy0yYmMwLTQyYTUtYTRhZS0xMWE1Mzg4MmRmMTAvMC8wNjRCOUUyOEMxQUU1OTg5 MjEyMTBFQjVFOTRDQUU5RTg5NTMzNTMzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ56AMA0GCSqGSIb3DQEBCwUAA4IBAQAtGsEykeXbnZVELVMkAoQZkQyOpVVN YudJtgSxi3FqEORJ35AZ24fDEvN4pPPCGQQoTJ/J9hv5Ps9SDS5yHKH3mpzYV3Nu /KOiqvn2pxqUFUazAzpWTxHb7Uy1uBQUbP6a+R/2utKBBWYEyKSpcCFNwrmnJRDQ cd3jfkOoZMzVY8Rl5ms6lN3A67tjUkUxp8V1/xQtwZWe+7b4Crzpexdy0MpONs7b kq9aJBOg9IXAIW+7UR5eNy3wg20Z9Y/d3ZLBQNvL1ux2ApWv6pUL9afFuXjKKy3D 4VFTCYdfFnjVrKeNH9+uBHtTKLQfyGy/POwfk/0RiPx5V7GioJpRXsDO -----END CERTIFICATE-----Generated at Wed May 13 01:35:13 2026 by rpki-client