$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/0D24E8A0B85F76A222BCBF8DE4EB1F5B73D081C3.cer File: 0D24E8A0B85F76A222BCBF8DE4EB1F5B73D081C3.cer (raw, json) Hash identifier: KYHRY6voArKE5qq80r+orZ1AH/4RnN3fLy+Ml0DWPsE= Subject key identifier: 0D:24:E8:A0:B8:5F:76:A2:22:BC:BF:8D:E4:EB:1F:5B:73:D0:81:C3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 730D26E4A0CA8F785D49CF97188F91EC90049640 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/174dc5e1-1d55-49d2-93d4-5d98ead779ed/0/0D24E8A0B85F76A222BCBF8DE4EB1F5B73D081C3.mft caRepository: rsync://rpki-rsync.idnic.net/repo/174dc5e1-1d55-49d2-93d4-5d98ead779ed/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:54:46 +0000 Certificate not after: Sat 01 May 2027 23:59:46 +0000 Subordinate resources: IP: 103.196.85.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:0d:26:e4:a0:ca:8f:78:5d:49:cf:97:18:8f:91:ec:90:04:96:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:54:46 2026 GMT Not After : May 1 23:59:46 2027 GMT Subject: CN=0D24E8A0B85F76A222BCBF8DE4EB1F5B73D081C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:00:72:50:66:5a:89:04:5d:06:20:26:07:4f: 5f:c9:b3:1a:1c:e5:41:64:57:03:66:49:fc:37:14: 28:ad:f8:19:d8:21:c7:6c:cb:ed:37:a9:4a:1d:95: ec:81:e0:c2:2d:a4:68:4e:69:8a:68:8a:27:c6:fd: e2:4e:f7:da:de:62:27:fb:df:c9:ae:bd:a2:2c:57: 67:82:6e:6c:50:f8:13:ce:b8:f6:20:bd:fb:83:5b: 1d:5f:5c:0d:eb:ec:de:85:a9:5e:db:1b:ef:a8:02: e3:e3:5e:62:fc:ec:41:f4:6e:14:74:bb:30:be:2a: 48:f8:ce:8f:a6:9a:4d:e4:f9:4a:64:82:df:f5:92: 8b:58:65:bc:32:7a:65:ef:ab:2e:6d:32:ee:20:8e: 41:65:73:ad:c0:65:35:f3:31:4b:2b:b4:65:f7:09: f9:01:8c:b6:7e:23:3d:dc:11:d4:fd:d4:fa:15:1e: 8d:ef:ae:43:f9:db:f5:eb:7e:25:58:48:87:4b:9d: 32:c0:ca:f0:cf:7c:1c:b3:93:c4:7a:3b:77:46:a1: 24:c9:e1:f9:92:d0:29:ae:09:2e:88:56:38:56:da: c1:c2:27:93:19:b3:92:51:43:23:cc:1b:ca:f9:70: 48:0c:82:fb:7a:26:af:bd:d8:61:89:f1:20:0f:3a: b9:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 0D:24:E8:A0:B8:5F:76:A2:22:BC:BF:8D:E4:EB:1F:5B:73:D0:81:C3 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/174dc5e1-1d55-49d2-93d4-5d98ead779ed/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/174dc5e1-1d55-49d2-93d4-5d98ead779ed/0/0D24E8A0B85F76A222BCBF8DE4EB1F5B73D081C3.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.196.85.0/24 Signature Algorithm: sha256WithRSAEncryption 28:a6:d0:a7:55:4c:72:64:28:8a:ca:cb:c7:b0:76:f3:03:30: 4b:2a:b4:5d:8d:06:2b:9b:69:15:64:78:35:60:7c:13:62:49: f6:54:14:9c:46:27:c3:ba:f0:cc:f8:c4:82:d9:c4:84:c6:ea: 9c:e3:1a:eb:aa:8c:c5:b8:ca:27:23:ce:c0:eb:5c:b1:51:11: 87:cd:19:c8:58:54:01:fa:c6:e4:d3:d3:df:e8:26:b6:d4:d4: 6c:47:44:94:a1:e6:39:c4:fe:7b:e1:ce:46:86:98:0a:b1:26: e6:f6:60:67:cb:3b:57:77:dd:28:36:f2:0b:f1:2c:ae:ed:06: 9b:0c:e8:1b:60:4f:82:ba:2b:f9:54:32:a4:21:bb:6a:9a:af: 0b:26:4e:46:2e:4f:73:ab:83:59:94:0b:ce:72:4d:89:9e:2c: 8d:7f:14:a7:06:c0:56:07:bb:2d:26:97:2c:ce:4e:f3:ec:1c: 70:ab:b2:b4:59:55:8e:c4:66:70:f4:ff:4d:8a:bd:ca:ce:37: c9:6c:30:4a:6f:1e:5a:0e:45:26:f4:bc:ed:5d:b0:72:e0:fd: 57:1e:ec:e4:41:59:db:26:5b:70:7d:50:c1:59:37:db:c3:18: 50:9a:7f:d5:bc:2b:66:b6:fb:28:6f:45:17:d9:ad:dc:c9:0c: cb:f0:c6:1a -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUcw0m5KDKj3hdSc+XGI+R7JAElkAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTQ0NloX DTI3MDUwMTIzNTk0NlowMzExMC8GA1UEAxMoMEQyNEU4QTBCODVGNzZBMjIyQkNC RjhERTRFQjFGNUI3M0QwODFDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMsAclBmWokEXQYgJgdPX8mzGhzlQWRXA2ZJ/DcUKK34Gdghx2zL7TepSh2V 7IHgwi2kaE5pimiKJ8b94k732t5iJ/vfya69oixXZ4JubFD4E8649iC9+4NbHV9c Devs3oWpXtsb76gC4+NeYvzsQfRuFHS7ML4qSPjOj6aaTeT5SmSC3/WSi1hlvDJ6 Ze+rLm0y7iCOQWVzrcBlNfMxSyu0ZfcJ+QGMtn4jPdwR1P3U+hUeje+uQ/nb9et+ JVhIh0udMsDK8M98HLOTxHo7d0ahJMnh+ZLQKa4JLohWOFbawcInkxmzklFDI8wb yvlwSAyC+3omr73YYYnxIA86uXcCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFA0k6KC4X3aiIry/jeTrH1tz0IHDMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzE3NGRjNWUxLTFkNTUtNDlkMi05M2Q0LTVkOThlYWQ3NzllZC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xNzRkYzVl MS0xZDU1LTQ5ZDItOTNkNC01ZDk4ZWFkNzc5ZWQvMC8wRDI0RThBMEI4NUY3NkEy MjJCQ0JGOERFNEVCMUY1QjczRDA4MUMzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ8RVMA0GCSqGSIb3DQEBCwUAA4IBAQAoptCnVUxyZCiKysvHsHbzAzBLKrRd jQYrm2kVZHg1YHwTYkn2VBScRifDuvDM+MSC2cSExuqc4xrrqozFuMonI87A61yx URGHzRnIWFQB+sbk09Pf6Ca21NRsR0SUoeY5xP574c5GhpgKsSbm9mBnyztXd90o NvIL8Syu7QabDOgbYE+Cuiv5VDKkIbtqmq8LJk5GLk9zq4NZlAvOck2JniyNfxSn BsBWB7stJpcszk7z7Bxwq7K0WVWOxGZw9P9Nir3KzjfJbDBKbx5aDkUm9LztXbBy 4P1XHuzkQVnbJltwfVDBWTfbwxhQmn/VvCtmtvsob0UX2a3cyQzL8MYa -----END CERTIFICATE-----Generated at Tue May 12 22:16:25 2026 by rpki-client