$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2843C420C9538DE003DB96047ACE7F2FE1B83454.cer File: 2843C420C9538DE003DB96047ACE7F2FE1B83454.cer (raw, json) Hash identifier: WZ3GnSbpX4/2NWMHN0zWPqg75saepjyi0/Ql7TO4FuQ= Subject key identifier: 28:43:C4:20:C9:53:8D:E0:03:DB:96:04:7A:CE:7F:2F:E1:B8:34:54 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4D3F960EFBAB7D9F4EDE3C6CE4FE81C6E247DA35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/2843C420C9538DE003DB96047ACE7F2FE1B83454.mft caRepository: rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:34:58 +0000 Certificate not after: Sun 02 May 2027 01:39:58 +0000 Subordinate resources: IP: 103.66.62.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:3f:96:0e:fb:ab:7d:9f:4e:de:3c:6c:e4:fe:81:c6:e2:47:da:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:34:58 2026 GMT Not After : May 2 01:39:58 2027 GMT Subject: CN=2843C420C9538DE003DB96047ACE7F2FE1B83454 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:1f:0e:52:d2:77:b7:ee:c1:73:17:ab:70:e9: 80:28:3f:47:51:e0:5e:0e:9e:73:90:28:99:c1:f7: 0a:ab:e8:3f:f7:11:b4:ee:87:0c:48:02:fe:30:05: d8:b3:98:2f:c0:04:d3:76:67:7c:bb:4a:4d:56:9f: 61:14:3f:9f:b4:13:1e:3f:cf:25:84:1a:4e:52:67: f0:ed:01:d4:40:a0:5d:cf:c1:3c:d2:f3:2a:03:03: 88:b2:fd:3b:c4:24:7f:56:6f:36:e2:8b:b4:2f:5a: 6f:c7:fd:12:74:55:75:5b:17:9a:2f:f5:3c:20:bd: 76:88:8c:36:27:b5:f1:51:42:1d:a1:77:ff:ed:53: ff:87:7f:5d:a3:b3:7e:be:e9:0a:c5:ea:b4:21:0a: 44:1f:30:bb:86:84:9d:51:54:32:a4:00:30:13:8f: 3c:b9:34:96:77:99:44:91:56:29:7a:8d:8a:51:3c: 19:d7:2d:0b:10:be:dc:39:e3:c3:64:84:d5:02:06: 51:6b:83:ab:ae:a6:f9:41:b2:42:d6:c0:41:0e:c1: 20:58:df:b0:ed:4b:03:d0:fa:4a:db:b7:5d:89:3d: 52:9c:bb:ce:47:ba:3b:2c:df:74:36:b8:27:d8:f2: f7:40:f5:27:08:b1:c5:9c:d4:ea:f8:b4:2e:8c:95: ce:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 28:43:C4:20:C9:53:8D:E0:03:DB:96:04:7A:CE:7F:2F:E1:B8:34:54 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/2843C420C9538DE003DB96047ACE7F2FE1B83454.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.66.62.0/23 Signature Algorithm: sha256WithRSAEncryption 52:fb:6f:84:5e:22:2d:16:82:9c:5e:5b:ba:04:bf:75:f1:5d: a4:c0:6d:22:4b:12:e6:15:03:2c:2d:a0:fa:4c:cb:6e:23:45: 33:e2:df:3c:10:16:5a:7c:d4:a8:ef:01:5b:5f:cb:f7:f7:64: 5e:01:86:5b:a1:48:62:d4:f0:b4:16:d2:7f:01:2d:95:00:6e: 7c:84:71:50:a7:7d:b5:c3:f8:5c:21:44:ba:d4:4d:a8:4e:69: d2:90:4f:9f:9b:7e:9c:f3:ee:37:df:e4:db:0c:e4:53:18:3f: 43:17:69:96:bb:e3:bc:4d:26:90:cf:b3:af:09:24:e6:e1:e1: b8:c0:de:47:e1:5e:e3:d5:bc:69:06:1d:69:82:10:70:7b:18: b6:a2:c6:47:e6:93:fc:13:d4:42:5d:16:b2:69:89:f7:3b:89: 48:9a:2b:9c:23:f9:c2:97:42:d0:6e:d9:08:12:9f:b4:4f:5d: 96:6f:99:5c:71:2b:ca:41:4e:ad:c6:80:5e:f4:c3:d8:46:16: 84:d0:fc:1a:89:18:d7:f8:41:4e:8d:9c:e1:07:1e:88:e7:6d: 40:4f:ef:dc:7c:1c:f1:05:a7:f8:22:fe:22:ee:0f:2d:27:0f: e9:32:e5:16:e5:19:97:f1:6f:16:41:0e:32:bb:aa:c5:18:27: aa:99:58:f4 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUTT+WDvurfZ9O3jxs5P6BxuJH2jUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzQ1OFoX DTI3MDUwMjAxMzk1OFowMzExMC8GA1UEAxMoMjg0M0M0MjBDOTUzOERFMDAzREI5 NjA0N0FDRTdGMkZFMUI4MzQ1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL8fDlLSd7fuwXMXq3DpgCg/R1HgXg6ec5AomcH3CqvoP/cRtO6HDEgC/jAF 2LOYL8AE03ZnfLtKTVafYRQ/n7QTHj/PJYQaTlJn8O0B1ECgXc/BPNLzKgMDiLL9 O8Qkf1ZvNuKLtC9ab8f9EnRVdVsXmi/1PCC9doiMNie18VFCHaF3/+1T/4d/XaOz fr7pCsXqtCEKRB8wu4aEnVFUMqQAMBOPPLk0lneZRJFWKXqNilE8GdctCxC+3Dnj w2SE1QIGUWuDq66m+UGyQtbAQQ7BIFjfsO1LA9D6Stu3XYk9Upy7zke6OyzfdDa4 J9jy90D1JwixxZzU6vi0LoyVzi8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFChDxCDJU43gA9uWBHrOfy/huDRUMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2FiYTkwOTQ0LTY1NmQtNGFhNy05MTczLTU5MTI4MDgzM2Y4MS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hYmE5MDk0 NC02NTZkLTRhYTctOTE3My01OTEyODA4MzNmODEvMC8yODQzQzQyMEM5NTM4REUw MDNEQjk2MDQ3QUNFN0YyRkUxQjgzNDU0Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ0I+MA0GCSqGSIb3DQEBCwUAA4IBAQBS+2+EXiItFoKcXlu6BL918V2kwG0i SxLmFQMsLaD6TMtuI0Uz4t88EBZafNSo7wFbX8v392ReAYZboUhi1PC0FtJ/AS2V AG58hHFQp321w/hcIUS61E2oTmnSkE+fm36c8+433+TbDORTGD9DF2mWu+O8TSaQ z7OvCSTm4eG4wN5H4V7j1bxpBh1pghBwexi2osZH5pP8E9RCXRayaYn3O4lImiuc I/nCl0LQbtkIEp+0T12Wb5lccSvKQU6txoBe9MPYRhaE0PwaiRjX+EFOjZzhBx6I 521AT+/cfBzxBaf4Iv4i7g8tJw/pMuUW5RmX8W8WQQ4yu6rFGCeqmVj0 -----END CERTIFICATE-----Generated at Tue May 12 22:38:53 2026 by rpki-client