$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2A7FB8016DA000A9D10C9809C44EDE2E9FDAB6FA.cer File: 2A7FB8016DA000A9D10C9809C44EDE2E9FDAB6FA.cer (raw, json) Hash identifier: MBknpTDfDtwX7Yxk1xsR9kzAinpg4DAiuRzbDiseues= Subject key identifier: 2A:7F:B8:01:6D:A0:00:A9:D1:0C:98:09:C4:4E:DE:2E:9F:DA:B6:FA Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 65954ECCE12C3F85DC96DA81EA3F3470B1A138FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/cca2e0db-e293-41c5-8583-38015758421c/0/2A7FB8016DA000A9D10C9809C44EDE2E9FDAB6FA.mft caRepository: rsync://rpki-rsync.idnic.net/repo/cca2e0db-e293-41c5-8583-38015758421c/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:55:06 +0000 Certificate not after: Sun 02 May 2027 02:00:06 +0000 Subordinate resources: IP: 103.176.200.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:95:4e:cc:e1:2c:3f:85:dc:96:da:81:ea:3f:34:70:b1:a1:38:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:55:06 2026 GMT Not After : May 2 02:00:06 2027 GMT Subject: CN=2A7FB8016DA000A9D10C9809C44EDE2E9FDAB6FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:00:be:24:fc:34:b4:9d:6b:2d:11:27:fc:cc: ae:9b:34:67:c7:30:14:ec:de:62:0c:77:4e:da:e0: f9:3d:23:dc:8b:92:cf:4b:02:2a:d1:37:91:8d:7c: d3:98:2b:09:25:80:93:d1:d3:dd:e9:2c:f0:53:eb: cd:bf:92:13:c1:aa:d4:89:28:a1:f3:4c:4f:9f:03: 29:03:36:ae:51:1c:7e:0a:f9:77:b9:5e:d4:d9:cb: 04:ad:5a:17:37:75:12:7f:81:d0:e4:10:16:c1:f2: 7c:74:dc:f2:3a:be:96:2c:78:c1:87:9e:3e:9f:6f: ff:50:6f:28:8e:e5:53:ee:6d:f7:27:9f:d6:3c:69: 88:62:da:70:e6:43:fe:5d:93:c6:1d:56:b1:d8:c2: 3f:f6:a7:d8:b2:76:bd:24:36:8e:a6:64:4f:cc:65: 4e:fb:1e:54:d5:67:e6:f8:49:68:9b:8a:e1:d8:0c: 05:a2:91:03:38:66:88:c6:cb:69:c6:de:9b:f4:e1: b3:9c:1e:4c:97:7b:22:c0:9f:86:77:66:96:16:d2: 22:fd:57:1c:bc:b9:7b:ed:5d:7c:5d:ce:e9:00:7d: 73:9a:d0:27:ab:28:bc:b0:8d:5c:be:2c:bc:d6:ab: d2:78:12:d8:9a:b8:99:06:c8:31:3e:9c:93:86:f6: a7:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:7F:B8:01:6D:A0:00:A9:D1:0C:98:09:C4:4E:DE:2E:9F:DA:B6:FA X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/cca2e0db-e293-41c5-8583-38015758421c/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/cca2e0db-e293-41c5-8583-38015758421c/0/2A7FB8016DA000A9D10C9809C44EDE2E9FDAB6FA.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.176.200.0/23 Signature Algorithm: sha256WithRSAEncryption 07:cc:dd:80:dd:34:dc:b5:14:fc:71:39:9e:30:a4:86:c5:7d: 42:76:bf:c8:51:c4:e5:47:38:7f:11:ca:94:28:08:a6:f9:ca: 2a:f9:6a:19:24:e4:f5:d8:84:76:29:a0:f4:01:4a:28:22:39: 86:33:7c:d6:29:cc:d0:c4:10:b4:99:22:8d:8e:10:e0:a8:64: 1d:42:c7:92:f2:9c:06:68:d9:93:ef:a0:12:fb:4f:f4:86:7e: 62:fd:78:e2:a0:50:78:e5:22:a7:f2:07:3e:76:ac:10:ae:a0: 97:bf:01:7f:5a:d6:16:f0:bf:4e:4a:d5:f3:cc:4d:c8:56:16: bb:10:11:44:34:1a:ac:99:71:38:a3:f2:70:81:61:3d:44:44: a0:b8:ff:9a:0e:e9:c0:06:81:d2:04:4e:dc:52:99:ab:e9:65: ae:44:a3:ed:5d:ce:3d:b6:66:ee:98:6e:46:cc:5b:36:80:66: 07:eb:0e:0c:41:b0:1d:96:80:fb:6d:90:13:6c:5c:0c:49:13: 3d:04:56:45:ab:c7:29:38:4b:29:1e:b2:0f:cc:96:ff:72:cc: 86:14:e8:5c:a8:38:53:1f:f6:79:b7:ee:8e:76:61:44:98:14: 97:c3:18:f8:56:be:0b:3c:98:a5:66:4a:eb:0a:24:04:63:86: ef:9d:66:cd -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUZZVOzOEsP4XcltqB6j80cLGhOPowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNTUwNloX DTI3MDUwMjAyMDAwNlowMzExMC8GA1UEAxMoMkE3RkI4MDE2REEwMDBBOUQxMEM5 ODA5QzQ0RURFMkU5RkRBQjZGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPYAviT8NLSday0RJ/zMrps0Z8cwFOzeYgx3Ttrg+T0j3IuSz0sCKtE3kY18 05grCSWAk9HT3eks8FPrzb+SE8Gq1IkoofNMT58DKQM2rlEcfgr5d7le1NnLBK1a Fzd1En+B0OQQFsHyfHTc8jq+lix4wYeePp9v/1BvKI7lU+5t9yef1jxpiGLacOZD /l2Txh1WsdjCP/an2LJ2vSQ2jqZkT8xlTvseVNVn5vhJaJuK4dgMBaKRAzhmiMbL acbem/Ths5weTJd7IsCfhndmlhbSIv1XHLy5e+1dfF3O6QB9c5rQJ6sovLCNXL4s vNar0ngS2Jq4mQbIMT6ck4b2p8cCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCp/uAFtoACp0QyYCcRO3i6f2rb6MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2NjYTJlMGRiLWUyOTMtNDFjNS04NTgzLTM4MDE1NzU4NDIxYy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9jY2EyZTBk Yi1lMjkzLTQxYzUtODU4My0zODAxNTc1ODQyMWMvMC8yQTdGQjgwMTZEQTAwMEE5 RDEwQzk4MDlDNDRFREUyRTlGREFCNkZBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ7DIMA0GCSqGSIb3DQEBCwUAA4IBAQAHzN2A3TTctRT8cTmeMKSGxX1Cdr/I UcTlRzh/EcqUKAim+coq+WoZJOT12IR2KaD0AUooIjmGM3zWKczQxBC0mSKNjhDg qGQdQseS8pwGaNmT76AS+0/0hn5i/XjioFB45SKn8gc+dqwQrqCXvwF/WtYW8L9O StXzzE3IVha7EBFENBqsmXE4o/JwgWE9RESguP+aDunABoHSBE7cUpmr6WWuRKPt Xc49tmbumG5GzFs2gGYH6w4MQbAdloD7bZATbFwMSRM9BFZFq8cpOEspHrIPzJb/ csyGFOhcqDhTH/Z5t+6OdmFEmBSXwxj4Vr4LPJilZkrrCiQEY4bvnWbN -----END CERTIFICATE-----Generated at Tue May 12 22:45:58 2026 by rpki-client