$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/28880E6A35B6C8AECBC08328E0C2F639619FE0BA.cer File: 28880E6A35B6C8AECBC08328E0C2F639619FE0BA.cer (raw, json) Hash identifier: vE6p+Ennr/pu1aCLcQdKvfZc5xO9pYOPXOghA/2pE50= Subject key identifier: 28:88:0E:6A:35:B6:C8:AE:CB:C0:83:28:E0:C2:F6:39:61:9F:E0:BA Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 282F65556EC7DF1ACB130A9CC6E4BA3686D7B10D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/3c88442b-c48e-4ba0-8ad7-58e1263c6dc7/0/28880E6A35B6C8AECBC08328E0C2F639619FE0BA.mft caRepository: rsync://rpki-rsync.idnic.net/repo/3c88442b-c48e-4ba0-8ad7-58e1263c6dc7/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:20:00 +0000 Certificate not after: Sun 02 May 2027 00:25:00 +0000 Subordinate resources: IP: 103.164.150.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:2f:65:55:6e:c7:df:1a:cb:13:0a:9c:c6:e4:ba:36:86:d7:b1:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:20:00 2026 GMT Not After : May 2 00:25:00 2027 GMT Subject: CN=28880E6A35B6C8AECBC08328E0C2F639619FE0BA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:95:07:0d:12:81:bd:4d:f4:fc:84:dd:3f:d1: 06:d9:29:70:38:89:2f:d1:db:24:c6:e1:82:7a:4e: 65:d3:e3:f7:25:53:2d:5e:85:d1:d9:fa:1b:d5:2d: b3:f6:88:c7:e5:10:6a:cb:ea:38:65:e0:aa:61:ec: 63:43:54:77:3a:00:26:71:eb:bf:02:8d:41:f1:c1: a5:be:2b:fa:a7:5d:a3:72:e9:48:da:18:f1:cd:91: cd:90:8b:fb:92:4a:7f:cc:d4:34:e8:00:c3:dd:07: d1:9b:6c:c8:fd:13:e6:e1:30:05:80:0f:eb:d7:f3: 0f:e2:59:06:a6:76:44:e9:0e:75:9f:56:34:f0:67: bc:43:eb:03:87:d2:74:59:0b:c4:d1:28:cd:20:1b: 99:93:0d:15:d2:14:68:fa:6c:38:e1:49:aa:f8:36: b3:f1:30:ba:72:e5:04:fd:77:4e:70:29:7e:f8:70: d0:86:c1:37:52:8c:c6:26:e2:00:ac:64:b4:79:47: 19:a9:81:8f:6a:6c:aa:8a:25:07:bf:da:8a:da:1d: 00:cf:5d:b4:d1:ee:b1:25:00:fa:fe:53:a0:6b:18: 44:8d:2d:39:e8:2f:eb:5c:50:cc:14:57:bb:76:78: 77:c6:7d:c9:61:46:07:42:2b:0b:d7:79:1b:19:22: c6:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 28:88:0E:6A:35:B6:C8:AE:CB:C0:83:28:E0:C2:F6:39:61:9F:E0:BA X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/3c88442b-c48e-4ba0-8ad7-58e1263c6dc7/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/3c88442b-c48e-4ba0-8ad7-58e1263c6dc7/0/28880E6A35B6C8AECBC08328E0C2F639619FE0BA.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.164.150.0/23 Signature Algorithm: sha256WithRSAEncryption 74:2b:48:e3:86:c7:08:9b:88:f6:30:ca:a1:ee:62:22:34:ac: ae:ba:5b:3e:d4:05:75:46:7b:a8:88:b9:86:09:cc:59:c9:91: 02:4a:46:d2:2d:10:94:b5:0d:c6:65:b7:1e:e5:d9:ef:90:43: e8:08:de:dc:17:fa:d2:80:51:08:b0:60:52:9d:52:f6:cc:76: 5a:23:f2:64:3c:4a:4b:98:4f:19:d4:0d:5f:ed:3f:85:b4:74: 3a:06:8a:02:b1:74:0d:96:85:91:c4:01:85:3d:01:04:48:43: df:29:18:1e:46:ae:f4:18:7c:9d:44:52:fb:41:fe:80:c3:c8: 57:0e:3d:ff:be:aa:c6:c5:a4:ac:01:57:a3:0e:08:ac:79:02: 0b:5f:9f:2d:6c:b9:2c:36:a8:4d:41:9c:02:ce:5d:d8:59:b0: f3:88:0e:fc:33:fd:7c:eb:16:9b:05:0f:b6:16:a7:69:3c:b9: 73:59:24:6a:90:54:84:0d:2e:19:32:8d:b4:f4:07:71:57:14: f5:f5:2e:d7:76:77:c3:56:8f:1d:78:bc:d5:d5:75:38:cb:b5: 1d:64:06:9c:92:c5:b1:7d:34:36:d2:dd:33:21:2e:ad:bd:9f: c9:fe:9d:b0:99:8b:5c:d4:b3:d5:d5:3a:41:8c:18:5e:75:70: d9:b0:06:d0 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUKC9lVW7H3xrLEwqcxuS6NobXsQ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMjAwMFoX DTI3MDUwMjAwMjUwMFowMzExMC8GA1UEAxMoMjg4ODBFNkEzNUI2QzhBRUNCQzA4 MzI4RTBDMkY2Mzk2MTlGRTBCQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJOVBw0Sgb1N9PyE3T/RBtkpcDiJL9HbJMbhgnpOZdPj9yVTLV6F0dn6G9Ut s/aIx+UQasvqOGXgqmHsY0NUdzoAJnHrvwKNQfHBpb4r+qddo3LpSNoY8c2RzZCL +5JKf8zUNOgAw90H0ZtsyP0T5uEwBYAP69fzD+JZBqZ2ROkOdZ9WNPBnvEPrA4fS dFkLxNEozSAbmZMNFdIUaPpsOOFJqvg2s/EwunLlBP13TnApfvhw0IbBN1KMxibi AKxktHlHGamBj2psqoolB7/aitodAM9dtNHusSUA+v5ToGsYRI0tOegv61xQzBRX u3Z4d8Z9yWFGB0IrC9d5GxkixtECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCiIDmo1tsiuy8CDKODC9jlhn+C6MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzNjODg0NDJiLWM0OGUtNGJhMC04YWQ3LTU4ZTEyNjNjNmRjNy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zYzg4NDQy Yi1jNDhlLTRiYTAtOGFkNy01OGUxMjYzYzZkYzcvMC8yODg4MEU2QTM1QjZDOEFF Q0JDMDgzMjhFMEMyRjYzOTYxOUZFMEJBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6SWMA0GCSqGSIb3DQEBCwUAA4IBAQB0K0jjhscIm4j2MMqh7mIiNKyuuls+ 1AV1RnuoiLmGCcxZyZECSkbSLRCUtQ3GZbce5dnvkEPoCN7cF/rSgFEIsGBSnVL2 zHZaI/JkPEpLmE8Z1A1f7T+FtHQ6BooCsXQNloWRxAGFPQEESEPfKRgeRq70GHyd RFL7Qf6Aw8hXDj3/vqrGxaSsAVejDgiseQILX58tbLksNqhNQZwCzl3YWbDziA78 M/186xabBQ+2FqdpPLlzWSRqkFSEDS4ZMo209AdxVxT19S7XdnfDVo8deLzV1XU4 y7UdZAacksWxfTQ20t0zIS6tvZ/J/p2wmYtc1LPV1TpBjBhedXDZsAbQ -----END CERTIFICATE-----Generated at Tue May 12 22:03:08 2026 by rpki-client