$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/20840877BDCDCB9EC9ED6DCAC5F4C85F35070D39.cer File: 20840877BDCDCB9EC9ED6DCAC5F4C85F35070D39.cer (raw, json) Hash identifier: gDBuZDhSzCiVZ9n8HqOYmssm1E4wlpDIwqXAcrVm4vk= Subject key identifier: 20:84:08:77:BD:CD:CB:9E:C9:ED:6D:CA:C5:F4:C8:5F:35:07:0D:39 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 64C3323F76A7BC7276BF3EE2E3B942BB8E4FD68D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/20840877BDCDCB9EC9ED6DCAC5F4C85F35070D39.mft caRepository: rsync://rpki-rsync.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:41:59 +0000 Certificate not after: Sun 02 May 2027 01:46:59 +0000 Subordinate resources: IP: 103.184.64.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:c3:32:3f:76:a7:bc:72:76:bf:3e:e2:e3:b9:42:bb:8e:4f:d6:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:41:59 2026 GMT Not After : May 2 01:46:59 2027 GMT Subject: CN=20840877BDCDCB9EC9ED6DCAC5F4C85F35070D39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:43:cb:77:83:b7:8a:d6:60:0b:3a:c8:06:4d: ac:36:0e:7a:03:bb:06:da:ff:59:7d:43:1b:e1:e0: ba:e0:a0:e9:4a:72:98:c5:19:ce:04:91:94:66:b0: 9e:7d:2a:3a:e6:61:ad:05:16:76:00:da:4e:64:46: 41:6d:36:16:23:64:4f:b1:21:4b:70:8f:96:51:5f: e8:f2:8c:04:c6:65:77:6d:de:bb:48:26:2f:c5:16: fa:18:0b:73:e6:75:1c:90:be:87:e4:5e:df:fd:62: 09:22:64:56:55:ee:da:5b:0b:0c:b6:7e:29:ae:fb: 57:37:8b:d0:17:a7:33:2a:0a:22:64:ad:3d:bb:36: 5f:12:b1:4d:80:89:f0:44:ea:2d:ff:55:ce:f3:bc: 11:b2:c4:f6:07:75:2c:37:77:1f:95:35:2d:ee:58: 91:bf:9e:db:d5:89:45:b2:3e:68:9e:2e:a0:b3:58: bc:1b:05:f8:9a:fe:87:99:8e:cd:d5:db:22:4e:fe: f6:c9:04:87:99:f4:a1:f2:6e:66:84:4c:96:0e:d5: 54:f1:a3:ce:dd:27:b5:02:74:68:99:67:3d:60:80: 91:2e:fb:47:03:0a:5a:11:db:d4:2f:0e:9b:f1:10: c7:95:64:ba:bd:e7:df:45:b2:d7:aa:a4:05:0a:d4: 0e:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 20:84:08:77:BD:CD:CB:9E:C9:ED:6D:CA:C5:F4:C8:5F:35:07:0D:39 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/20840877BDCDCB9EC9ED6DCAC5F4C85F35070D39.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.184.64.0/23 Signature Algorithm: sha256WithRSAEncryption 4d:60:6e:a3:98:cf:be:b9:04:af:98:a0:a6:42:cb:0f:1d:a4: 16:60:52:b9:3e:12:7a:48:f2:0b:49:d3:57:1d:79:0f:9f:f2: 99:4c:6d:e2:ce:c6:bf:aa:27:a8:ac:4f:a8:7b:32:f0:35:9b: d6:dc:c6:c8:d6:a9:a4:13:b1:03:2e:c7:8a:a1:9a:cb:02:25: fc:c5:d2:1f:cb:0d:38:a0:07:12:54:28:b2:d5:41:2d:2e:d3: 7e:46:6d:69:c6:b0:76:65:23:98:2d:97:d6:af:0c:8b:8b:e4: 8f:a7:29:44:de:35:64:cd:7e:5d:2f:10:cd:0b:e6:bd:c0:19: 24:0f:17:af:7d:71:27:00:0f:bf:7c:42:78:b8:50:3b:e3:d5: fc:c9:bc:7a:2b:4c:45:dd:0d:8c:62:83:16:a3:0d:c3:54:de: 05:9a:b2:be:e1:70:6e:09:98:fc:59:cf:77:df:52:1e:6c:20: b8:df:d6:af:d6:99:3a:0e:4e:e8:0f:3c:34:37:de:39:f1:03: c0:99:12:01:de:2e:c3:4c:be:6d:01:c3:4f:3a:44:cd:49:f0: 5a:ac:b5:62:8b:33:33:fd:ea:ce:cb:75:74:76:5e:e0:82:0f: 78:5c:60:d6:06:2a:3d:a7:6e:79:5f:b8:a9:d2:6e:39:ee:48: 06:92:88:63 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUZMMyP3anvHJ2vz7i47lCu45P1o0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNDE1OVoX DTI3MDUwMjAxNDY1OVowMzExMC8GA1UEAxMoMjA4NDA4NzdCRENEQ0I5RUM5RUQ2 RENBQzVGNEM4NUYzNTA3MEQzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMdDy3eDt4rWYAs6yAZNrDYOegO7Btr/WX1DG+HguuCg6UpymMUZzgSRlGaw nn0qOuZhrQUWdgDaTmRGQW02FiNkT7EhS3CPllFf6PKMBMZld23eu0gmL8UW+hgL c+Z1HJC+h+Re3/1iCSJkVlXu2lsLDLZ+Ka77VzeL0BenMyoKImStPbs2XxKxTYCJ 8ETqLf9VzvO8EbLE9gd1LDd3H5U1Le5Ykb+e29WJRbI+aJ4uoLNYvBsF+Jr+h5mO zdXbIk7+9skEh5n0ofJuZoRMlg7VVPGjzt0ntQJ0aJlnPWCAkS77RwMKWhHb1C8O m/EQx5Vkur3n30Wy16qkBQrUDkcCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCCECHe9zcueye1tysX0yF81Bw05MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2I2ZDg4NDk2LWIyYmEtNGQxMy05ODI1LWFlMzhhZmYxZGExNS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9iNmQ4ODQ5 Ni1iMmJhLTRkMTMtOTgyNS1hZTM4YWZmMWRhMTUvMC8yMDg0MDg3N0JEQ0RDQjlF QzlFRDZEQ0FDNUY0Qzg1RjM1MDcwRDM5Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ7hAMA0GCSqGSIb3DQEBCwUAA4IBAQBNYG6jmM++uQSvmKCmQssPHaQWYFK5 PhJ6SPILSdNXHXkPn/KZTG3izsa/qieorE+oezLwNZvW3MbI1qmkE7EDLseKoZrL AiX8xdIfyw04oAcSVCiy1UEtLtN+Rm1pxrB2ZSOYLZfWrwyLi+SPpylE3jVkzX5d LxDNC+a9wBkkDxevfXEnAA+/fEJ4uFA749X8ybx6K0xF3Q2MYoMWow3DVN4FmrK+ 4XBuCZj8Wc9331IebCC439av1pk6Dk7oDzw0N9458QPAmRIB3i7DTL5tAcNPOkTN SfBarLViizMz/erOy3V0dl7ggg94XGDWBio9p255X7ip0m457kgGkohj -----END CERTIFICATE-----Generated at Tue May 12 22:38:45 2026 by rpki-client