$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/1A2902CA140E59A2AE35FF32B4F6D120A03741DF.cer File: 1A2902CA140E59A2AE35FF32B4F6D120A03741DF.cer (raw, json) Hash identifier: y3M+HY0QnWkh4rpPWMFCU4xVlc/8UWjiblCPk0Ew+BI= Subject key identifier: 1A:29:02:CA:14:0E:59:A2:AE:35:FF:32:B4:F6:D1:20:A0:37:41:DF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 758EA17AD37EF6E8978B686A0A48B861673B86FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/c5e31ecf-52a4-4677-9103-5f37a4091d75/0/1A2902CA140E59A2AE35FF32B4F6D120A03741DF.mft caRepository: rsync://rpki-rsync.idnic.net/repo/c5e31ecf-52a4-4677-9103-5f37a4091d75/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:50:39 +0000 Certificate not after: Sun 02 May 2027 01:55:39 +0000 Subordinate resources: IP: 103.184.14.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:8e:a1:7a:d3:7e:f6:e8:97:8b:68:6a:0a:48:b8:61:67:3b:86:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:50:39 2026 GMT Not After : May 2 01:55:39 2027 GMT Subject: CN=1A2902CA140E59A2AE35FF32B4F6D120A03741DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:0a:03:9f:bb:19:e8:b4:53:1a:a7:57:29:ad: e2:5f:67:c9:39:d3:07:41:8f:f8:09:9e:d8:35:34: c1:d6:16:47:c9:08:11:16:9e:44:e8:08:21:2a:1f: 78:e3:f9:a7:68:02:e0:7b:26:ba:fb:ca:f7:12:49: ce:f2:65:e1:ad:57:e7:b3:8b:c0:4c:cb:c4:c1:51: 5a:e3:3a:60:e1:99:2d:6e:ef:07:47:45:9d:cc:84: a1:91:71:ca:28:dc:0e:ab:46:e8:34:92:e0:d8:f3: 16:2d:02:e7:9b:d0:83:f3:71:14:97:3a:1d:29:d0: 75:54:7a:3f:35:d5:0e:f9:82:2f:dd:84:9f:d0:de: 0d:13:36:be:51:e4:a8:8b:aa:5f:b8:ae:81:fb:25: 02:49:ea:50:4a:6f:d1:de:dd:05:a2:2a:f3:8d:4e: e6:e1:82:ac:d7:fe:77:ac:41:fa:60:da:38:2f:aa: 6a:6f:5f:b9:3a:67:86:0b:83:2c:ba:c2:1e:82:73: db:67:88:5c:16:63:37:67:3b:e8:f5:c4:e7:ae:d5: 27:89:e9:ce:ec:6e:b2:c6:1c:84:fd:b9:8c:b1:de: 27:5c:2c:3b:cc:eb:89:32:be:dd:80:a4:bc:09:9b: 02:30:69:6f:3c:83:cb:9f:2d:0f:c4:83:6a:3f:c0: 95:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 1A:29:02:CA:14:0E:59:A2:AE:35:FF:32:B4:F6:D1:20:A0:37:41:DF X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/c5e31ecf-52a4-4677-9103-5f37a4091d75/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/c5e31ecf-52a4-4677-9103-5f37a4091d75/0/1A2902CA140E59A2AE35FF32B4F6D120A03741DF.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.184.14.0/23 Signature Algorithm: sha256WithRSAEncryption 59:9f:8a:39:91:21:37:13:e6:80:23:da:82:f0:7e:d6:f1:b6: fe:09:6f:97:bb:fe:19:59:63:f5:33:c9:6b:bf:f8:f9:ca:2d: 3e:4e:2b:cb:ff:6f:d8:7a:b7:53:c0:06:dd:99:b5:95:eb:c7: 68:73:7c:4f:b0:b0:46:4b:a3:96:73:00:55:64:13:a4:24:c5: 04:5c:35:48:6a:1a:7d:9c:6b:82:b5:c0:c6:52:58:95:61:e5: 6e:ce:85:6d:a0:0d:cb:95:e9:99:b1:f5:86:55:5b:5b:62:df: 27:2d:2b:9d:5a:60:f8:04:ac:85:49:01:a2:5c:31:83:78:47: f8:e2:b4:b9:11:c2:00:3f:8f:f8:79:9a:80:1c:48:93:32:f2: 28:9e:83:78:44:ba:39:55:3d:78:c9:4e:9b:fb:9e:26:2e:3e: 2a:5a:22:48:1e:61:02:f8:3a:6b:81:99:71:37:a6:ce:9b:4d: 8f:6b:1a:c6:bb:62:65:22:c6:8c:2c:f4:86:01:4e:1d:a3:c7: 40:00:45:cc:ab:73:4f:37:8f:2f:b0:e2:8e:1b:1c:94:81:ee: ff:14:87:3e:d4:07:b1:3c:5d:8d:68:6c:ef:8a:c0:90:77:0e: 0a:4d:96:80:f2:3e:a4:a2:4e:e2:da:69:9c:bf:55:05:dc:89: 25:13:be:16 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUdY6hetN+9uiXi2hqCki4YWc7hv8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNTAzOVoX DTI3MDUwMjAxNTUzOVowMzExMC8GA1UEAxMoMUEyOTAyQ0ExNDBFNTlBMkFFMzVG RjMyQjRGNkQxMjBBMDM3NDFERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKMKA5+7Gei0UxqnVymt4l9nyTnTB0GP+Ame2DU0wdYWR8kIERaeROgIISof eOP5p2gC4HsmuvvK9xJJzvJl4a1X57OLwEzLxMFRWuM6YOGZLW7vB0dFncyEoZFx yijcDqtG6DSS4NjzFi0C55vQg/NxFJc6HSnQdVR6PzXVDvmCL92En9DeDRM2vlHk qIuqX7iugfslAknqUEpv0d7dBaIq841O5uGCrNf+d6xB+mDaOC+qam9fuTpnhguD LLrCHoJz22eIXBZjN2c76PXE567VJ4npzuxussYchP25jLHeJ1wsO8zriTK+3YCk vAmbAjBpbzyDy58tD8SDaj/Ald0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBopAsoUDlmirjX/MrT20SCgN0HfMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2M1ZTMxZWNmLTUyYTQtNDY3Ny05MTAzLTVmMzdhNDA5MWQ3NS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9jNWUzMWVj Zi01MmE0LTQ2NzctOTEwMy01ZjM3YTQwOTFkNzUvMC8xQTI5MDJDQTE0MEU1OUEy QUUzNUZGMzJCNEY2RDEyMEEwMzc0MURGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ7gOMA0GCSqGSIb3DQEBCwUAA4IBAQBZn4o5kSE3E+aAI9qC8H7W8bb+CW+X u/4ZWWP1M8lrv/j5yi0+TivL/2/YerdTwAbdmbWV68doc3xPsLBGS6OWcwBVZBOk JMUEXDVIahp9nGuCtcDGUliVYeVuzoVtoA3LlemZsfWGVVtbYt8nLSudWmD4BKyF SQGiXDGDeEf44rS5EcIAP4/4eZqAHEiTMvIonoN4RLo5VT14yU6b+54mLj4qWiJI HmEC+DprgZlxN6bOm02PaxrGu2JlIsaMLPSGAU4do8dAAEXMq3NPN48vsOKOGxyU ge7/FIc+1AexPF2NaGzvisCQdw4KTZaA8j6kok7i2mmcv1UF3IklE74W -----END CERTIFICATE-----Generated at Tue May 12 22:03:52 2026 by rpki-client