$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/10DB2C44E26CA2A146EF738D39F53CBB0901DB52.cer File: 10DB2C44E26CA2A146EF738D39F53CBB0901DB52.cer (raw, json) Hash identifier: Bgg3Iv3MS1/iLOXPEEcNhMlFKO5VRW3yjCO+6Ga2cR4= Subject key identifier: 10:DB:2C:44:E2:6C:A2:A1:46:EF:73:8D:39:F5:3C:BB:09:01:DB:52 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 193ABA6C7D9B1D4A17CEE630DEF60F5D50A55D61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/10DB2C44E26CA2A146EF738D39F53CBB0901DB52.mft caRepository: rsync://rpki-rsync.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:41:48 +0000 Certificate not after: Sun 02 May 2027 00:46:48 +0000 Subordinate resources: IP: 43.240.228.0/22 IP: 103.10.120.0/22 IP: 103.11.28.0/22 IP: 116.68.160.0/22 IP: 116.68.167.0 -- 116.68.169.255 IP: 2404:fd00::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:3a:ba:6c:7d:9b:1d:4a:17:ce:e6:30:de:f6:0f:5d:50:a5:5d:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:41:48 2026 GMT Not After : May 2 00:46:48 2027 GMT Subject: CN=10DB2C44E26CA2A146EF738D39F53CBB0901DB52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:54:9a:d1:ac:b6:f7:f6:5b:e6:a5:fc:7a:76: 03:5b:8a:10:40:1e:c1:dc:5d:7c:ac:eb:60:6f:05: 44:46:64:5c:58:95:32:5e:93:b8:28:87:f8:9a:80: c7:52:f2:12:89:b0:15:7e:4f:47:d1:f9:c8:ab:d1: fb:50:bc:64:14:2d:a3:0c:52:0a:cc:0f:af:fb:5b: f9:54:58:82:d3:01:af:fd:06:01:c2:b8:f9:db:93: 3c:8b:44:16:d7:b5:ae:62:ef:4a:4b:65:03:3f:7b: af:be:9e:3f:d0:30:4d:76:89:61:4d:66:f1:f7:22: 3b:6a:63:ea:0c:b7:ee:1b:1d:1b:f5:bc:12:d5:26: 22:0d:0d:d9:58:40:fb:94:09:ed:d8:bb:81:63:6e: 93:42:17:44:f7:76:ab:dc:e3:82:4a:87:90:52:1c: a0:03:42:31:e4:8c:51:36:a1:0c:18:0a:36:d9:f8: ab:32:ae:a4:8d:ea:01:59:a3:e9:9a:48:49:e2:39: e9:ee:a2:a0:2d:16:53:1e:d2:12:7e:fe:e7:e2:ff: 8a:b8:57:d2:7d:d7:fe:97:74:91:cd:2f:5f:66:4c: 8d:a2:dd:03:60:d8:5c:bb:1a:c0:41:53:25:83:6f: 1e:92:d8:bc:ce:6e:da:a5:85:c2:bf:e6:9e:5f:fc: a4:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 10:DB:2C:44:E2:6C:A2:A1:46:EF:73:8D:39:F5:3C:BB:09:01:DB:52 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/10DB2C44E26CA2A146EF738D39F53CBB0901DB52.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.228.0/22 103.10.120.0/22 103.11.28.0/22 116.68.160.0/22 116.68.167.0-116.68.169.255 IPv6: 2404:fd00::/32 Signature Algorithm: sha256WithRSAEncryption 23:6b:b9:17:9f:f7:2c:e0:e9:a3:4c:71:d0:28:52:be:37:fb: a3:e0:09:b3:6d:47:e1:68:8e:96:e4:2b:2d:f9:83:c7:d6:a5: 06:b0:df:55:4d:76:37:35:b4:fe:91:fb:59:de:b7:02:df:9e: 8a:9f:66:ee:8a:a3:3c:da:bb:00:46:04:e5:df:bd:cb:86:a1: 0e:2c:43:19:0f:f9:ad:2c:45:20:8c:1c:ce:26:34:10:e9:80: b3:88:f2:58:9b:43:da:59:13:aa:b0:1b:10:48:b8:94:fc:49: cf:16:45:e7:e9:2b:d7:d4:a8:f0:bb:5c:c9:2c:ce:53:f6:61: d4:78:2e:59:65:37:c1:97:aa:74:f9:ea:e8:b7:95:93:b5:5f: a5:e1:e4:d8:fa:aa:e4:1b:84:69:47:aa:0a:05:bd:d1:f0:91: a9:87:00:bd:f6:db:06:39:47:98:b6:b0:1f:80:51:7b:fa:3b: ae:5c:db:c6:ca:18:25:1b:c0:fe:e6:f0:a5:21:a4:60:8b:ae: ef:27:69:10:fd:cf:54:99:02:90:4d:52:2d:c3:b0:5c:21:55: 15:22:b1:58:f0:fc:2d:6a:7a:aa:31:7d:c4:27:22:55:da:13: bd:ab:8b:6c:b3:e1:94:3a:1a:8b:78:af:4a:dd:1c:bb:e3:d2: 76:73:a9:4c -----BEGIN CERTIFICATE----- MIIF9TCCBN2gAwIBAgIUGTq6bH2bHUoXzuYw3vYPXVClXWEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNDE0OFoX DTI3MDUwMjAwNDY0OFowMzExMC8GA1UEAxMoMTBEQjJDNDRFMjZDQTJBMTQ2RUY3 MzhEMzlGNTNDQkIwOTAxREI1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANNUmtGstvf2W+al/Hp2A1uKEEAewdxdfKzrYG8FREZkXFiVMl6TuCiH+JqA x1LyEomwFX5PR9H5yKvR+1C8ZBQtowxSCswPr/tb+VRYgtMBr/0GAcK4+duTPItE Fte1rmLvSktlAz97r76eP9AwTXaJYU1m8fciO2pj6gy37hsdG/W8EtUmIg0N2VhA +5QJ7di7gWNuk0IXRPd2q9zjgkqHkFIcoANCMeSMUTahDBgKNtn4qzKupI3qAVmj 6ZpISeI56e6ioC0WUx7SEn7+5+L/irhX0n3X/pd0kc0vX2ZMjaLdA2DYXLsawEFT JYNvHpLYvM5u2qWFwr/mnl/8pEsCAwEAAaOCAugwggLkMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBDbLETibKKhRu9zjTn1PLsJAdtSMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzVkMjI3ZGJlLTRhMWMtNDBiMC05NGE2LTc5M2JkYmRhMzc3Ny8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81ZDIyN2Ri ZS00YTFjLTQwYjAtOTRhNi03OTNiZGJkYTM3NzcvMC8xMERCMkM0NEUyNkNBMkEx NDZFRjczOEQzOUY1M0NCQjA5MDFEQjUyLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAm AwQCK/DkAwQCZwp4AwQCZwscAwQCdESgMAwDBAB0RKcDBAF0RKgwDQQCAAIwBwMF ACQE/QAwDQYJKoZIhvcNAQELBQADggEBACNruRef9yzg6aNMcdAoUr43+6PgCbNt R+FojpbkKy35g8fWpQaw31VNdjc1tP6R+1netwLfnoqfZu6KozzauwBGBOXfvcuG oQ4sQxkP+a0sRSCMHM4mNBDpgLOI8libQ9pZE6qwGxBIuJT8Sc8WRefpK9fUqPC7 XMkszlP2YdR4LlllN8GXqnT56ui3lZO1X6Xh5Nj6quQbhGlHqgoFvdHwkamHAL32 2wY5R5i2sB+AUXv6O65c28bKGCUbwP7m8KUhpGCLru8naRD9z1SZApBNUi3DsFwh VRUisVjw/C1qeqoxfcQnIlXaE72ri2yz4ZQ6Got4r0rdHLvj0nZzqUw= -----END CERTIFICATE-----Generated at Tue May 12 22:10:07 2026 by rpki-client