$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/152D7DF6753FDF6809AF8EEC4158A0787450959B.cer File: 152D7DF6753FDF6809AF8EEC4158A0787450959B.cer (raw, json) Hash identifier: hpGxIFg0gmJQZDSQgh4viKcroqtYP9qUGlTmROEE954= Subject key identifier: 15:2D:7D:F6:75:3F:DF:68:09:AF:8E:EC:41:58:A0:78:74:50:95:9B Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: DDA36417297A9918D263BFED7CB375E470AE2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/152D7DF6753FDF6809AF8EEC4158A0787450959B.mft caRepository: rsync://rpki-rsync.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:15:47 +0000 Certificate not after: Sun 02 May 2027 01:20:47 +0000 Subordinate resources: IP: 103.86.100.0/23 IP: 2405:2cc0::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: dd:a3:64:17:29:7a:99:18:d2:63:bf:ed:7c:b3:75:e4:70:ae:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:15:47 2026 GMT Not After : May 2 01:20:47 2027 GMT Subject: CN=152D7DF6753FDF6809AF8EEC4158A0787450959B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:5c:0b:63:cc:b4:be:b1:c4:ff:22:ec:92:ec: e4:38:61:48:66:1a:1e:d1:43:55:ed:b8:89:97:fe: ac:41:68:2b:d8:6f:75:99:1b:23:20:19:a2:d1:2d: e3:de:f0:20:20:b0:5f:f8:ea:85:3d:9c:46:d4:e1: a8:ac:e2:6b:7c:11:4a:bd:8f:69:25:ff:df:8f:b7: b3:7e:4f:61:76:0b:69:34:3f:01:ae:6d:9b:24:8d: 6f:81:8c:b7:63:5d:de:24:a2:81:46:63:80:d0:8e: 74:7d:84:4e:ec:43:8f:ca:e5:c5:e4:20:33:8c:6b: 53:2e:5a:87:db:96:32:f2:b2:67:f8:74:a1:2c:53: 76:d7:51:c7:3f:39:8e:82:fe:4a:98:d3:b0:55:e7: 91:f5:a1:bd:7e:50:d1:ad:b6:04:dd:c8:4a:a9:e5: 5c:ab:21:0a:ee:90:2d:1e:87:18:b7:16:fc:d2:2a: 19:89:72:28:38:75:d7:ff:6b:3f:2e:04:06:85:4b: da:1d:7a:dd:f6:d1:0d:26:7e:8d:93:a9:d3:6e:0d: c3:3e:27:31:da:2d:a5:5a:75:1d:d6:88:1e:57:95: e3:5a:6b:e4:0f:e5:df:48:50:e7:e2:fd:85:72:0c: d2:59:35:4a:42:b6:59:08:fc:e8:ac:40:08:03:bf: a2:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 15:2D:7D:F6:75:3F:DF:68:09:AF:8E:EC:41:58:A0:78:74:50:95:9B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/152D7DF6753FDF6809AF8EEC4158A0787450959B.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.86.100.0/23 IPv6: 2405:2cc0::/32 Signature Algorithm: sha256WithRSAEncryption 6a:87:3a:a0:e5:33:f5:92:1d:e7:3b:ad:e6:33:69:3c:12:8f: 5e:9f:8c:e8:43:01:dd:44:26:b7:d7:6e:23:ff:f9:43:42:d5: 03:dc:00:9b:67:21:63:7c:e6:bc:34:60:ad:b9:53:43:50:91: 6d:75:1a:5f:5f:e7:7f:d4:16:81:e1:61:cf:96:06:cf:66:0a: 7f:96:f7:c4:7c:5b:1d:79:fc:a1:09:db:c3:e6:4c:06:3f:dd: cb:31:77:cd:91:97:2a:2a:72:7e:59:58:83:17:61:98:0b:70: 71:cd:84:5a:75:db:eb:21:3f:e3:f9:43:00:6a:f8:3d:8d:e1: 89:19:a0:ae:ee:bf:52:81:f7:ef:52:50:57:07:cf:85:4e:f4: f9:22:db:37:3c:59:4d:b5:1f:09:89:2a:c0:7c:b7:a8:f9:f0: cc:58:38:8b:53:58:30:fe:7b:21:5d:65:82:49:e2:49:94:2e: f2:70:2a:1c:01:a7:49:83:f8:e3:e2:4b:e4:3f:04:c7:44:90: 13:04:08:64:95:a5:0b:2d:07:1b:de:85:02:aa:8c:d9:8b:3f: d4:0f:fe:2e:be:6d:14:73:3b:f5:ad:f9:fe:21:c1:c9:b2:9f: 8c:9f:72:e0:c1:48:c6:1c:3d:bf:a3:a3:03:81:61:5a:de:63: 58:65:eb:34 -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIUAN2jZBcpepkY0mO/7XyzdeRwri0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMTU0N1oX DTI3MDUwMjAxMjA0N1owMzExMC8GA1UEAxMoMTUyRDdERjY3NTNGREY2ODA5QUY4 RUVDNDE1OEEwNzg3NDUwOTU5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALNcC2PMtL6xxP8i7JLs5DhhSGYaHtFDVe24iZf+rEFoK9hvdZkbIyAZotEt 497wICCwX/jqhT2cRtThqKzia3wRSr2PaSX/34+3s35PYXYLaTQ/Aa5tmySNb4GM t2Nd3iSigUZjgNCOdH2ETuxDj8rlxeQgM4xrUy5ah9uWMvKyZ/h0oSxTdtdRxz85 joL+SpjTsFXnkfWhvX5Q0a22BN3ISqnlXKshCu6QLR6HGLcW/NIqGYlyKDh11/9r Py4EBoVL2h163fbRDSZ+jZOp024Nwz4nMdotpVp1HdaIHleV41pr5A/l30hQ5+L9 hXIM0lk1SkK2WQj86KxACAO/ouUCAwEAAaOCAsgwggLEMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBUtffZ1P99oCa+O7EFYoHh0UJWbMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzhlNjkzYjg5LTQ1OTctNDBiNS05MmIwLWIyOTlmYTc2OWFmYS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84ZTY5M2I4 OS00NTk3LTQwYjUtOTJiMC1iMjk5ZmE3NjlhZmEvMC8xNTJEN0RGNjc1M0ZERjY4 MDlBRjhFRUM0MTU4QTA3ODc0NTA5NTlCLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAG AwQBZ1ZkMA0EAgACMAcDBQAkBSzAMA0GCSqGSIb3DQEBCwUAA4IBAQBqhzqg5TP1 kh3nO63mM2k8Eo9en4zoQwHdRCa3124j//lDQtUD3ACbZyFjfOa8NGCtuVNDUJFt dRpfX+d/1BaB4WHPlgbPZgp/lvfEfFsdefyhCdvD5kwGP93LMXfNkZcqKnJ+WViD F2GYC3BxzYRaddvrIT/j+UMAavg9jeGJGaCu7r9SgffvUlBXB8+FTvT5Its3PFlN tR8JiSrAfLeo+fDMWDiLU1gw/nshXWWCSeJJlC7ycCocAadJg/jj4kvkPwTHRJAT BAhklaULLQcb3oUCqozZiz/UD/4uvm0Uczv1rfn+IcHJsp+Mn3LgwUjGHD2/o6MD gWFa3mNYZes0 -----END CERTIFICATE-----Generated at Tue May 12 22:10:22 2026 by rpki-client