$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2AA2C2039FF72E896ECE6F0E3EAD38A0281A75AE.cer File: 2AA2C2039FF72E896ECE6F0E3EAD38A0281A75AE.cer (raw, json) Hash identifier: 0KWY52P7WBpog1jFQFTg5dxSdzNVGvl7VFgATI81R1o= Subject key identifier: 2A:A2:C2:03:9F:F7:2E:89:6E:CE:6F:0E:3E:AD:38:A0:28:1A:75:AE Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 54F8682D4A13AD3BCDBBB2AB602502C262FD44BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/d3e27da9-e6e6-44a5-98f4-590eb5a1bd65/0/2AA2C2039FF72E896ECE6F0E3EAD38A0281A75AE.mft caRepository: rsync://rpki-rsync.idnic.net/repo/d3e27da9-e6e6-44a5-98f4-590eb5a1bd65/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:58:45 +0000 Certificate not after: Sun 02 May 2027 02:03:45 +0000 Subordinate resources: IP: 103.253.127.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:f8:68:2d:4a:13:ad:3b:cd:bb:b2:ab:60:25:02:c2:62:fd:44:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:58:45 2026 GMT Not After : May 2 02:03:45 2027 GMT Subject: CN=2AA2C2039FF72E896ECE6F0E3EAD38A0281A75AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a2:7f:0e:0d:60:b2:2d:3a:24:85:9f:d1:8e: bb:3e:c1:ef:cb:ce:dc:b0:a7:bf:25:1d:d7:6b:a0: d7:a3:89:73:ea:7d:b6:2c:11:27:95:a6:9b:9d:07: 35:e3:48:49:a9:ff:fe:8c:5b:e8:34:3a:40:d0:26: 38:61:8c:c4:72:e9:82:2c:30:89:6e:09:7f:e2:94: 49:96:50:45:cc:2e:a2:58:db:87:6e:29:e6:fc:c1: 34:2d:cc:12:36:3e:d5:af:2c:00:38:da:f8:4f:26: 12:90:ce:ad:d4:03:3f:a2:07:51:d8:52:83:5a:14: 3b:98:9f:6b:60:c6:65:73:82:f5:f0:81:2a:3e:1f: 97:6b:e5:f8:4a:7b:a8:e8:9e:83:9c:56:be:3b:68: d4:b1:95:f6:e1:b4:95:c9:81:3e:9a:c3:8a:db:68: 76:54:7f:6f:be:e3:76:51:d9:02:46:54:12:3b:1f: a1:cd:6d:d5:b3:4f:ad:46:ce:e8:2c:5c:96:44:7c: b3:f6:30:83:af:7c:01:83:4e:8d:38:70:6a:e1:86: e5:de:89:7d:bf:3c:46:a4:a1:f6:ee:eb:9a:8b:f7: 1c:8d:94:5b:17:65:68:35:20:7e:fc:f0:9f:96:49: 14:52:cd:c9:2f:88:50:4e:34:20:15:47:d5:15:a3: c4:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:A2:C2:03:9F:F7:2E:89:6E:CE:6F:0E:3E:AD:38:A0:28:1A:75:AE X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/d3e27da9-e6e6-44a5-98f4-590eb5a1bd65/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/d3e27da9-e6e6-44a5-98f4-590eb5a1bd65/0/2AA2C2039FF72E896ECE6F0E3EAD38A0281A75AE.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.253.127.0/24 Signature Algorithm: sha256WithRSAEncryption 14:cd:8c:31:2b:3c:d7:55:9a:c0:54:f4:d2:ad:52:3c:6b:a7: fd:f3:a9:d3:d2:fb:ed:0b:09:ac:4c:92:55:7e:b5:b8:aa:09: b3:7d:36:d6:cb:f6:58:af:df:ec:ff:16:83:f2:52:66:77:75: 1b:14:fa:bf:d5:0b:6e:31:13:f8:7b:48:00:7d:82:d1:74:be: d0:e3:ee:48:24:93:42:33:6f:74:93:6c:8d:92:c2:9f:61:b6: ff:1e:3e:a3:28:f3:f1:59:c6:af:73:6b:6c:9a:40:9c:c9:fe: 68:b7:90:af:9a:b5:9d:e5:20:7c:c2:d3:e0:c9:d2:39:12:67: a3:1b:43:23:e3:14:2b:22:3a:65:c0:8c:d4:77:27:58:eb:36: 6b:cc:99:10:98:33:d5:d1:22:10:11:b4:0a:9b:a6:2d:4d:03: 48:f1:2a:28:ae:5c:a3:b5:4c:5d:12:df:be:52:8c:b5:19:41: 56:7a:6f:60:d5:ae:d2:fa:e9:49:7d:e6:b6:d6:74:a0:13:45: 2b:4d:c9:55:22:94:23:8a:76:4f:20:62:e4:ec:ef:fa:62:13: 42:10:0f:e9:c2:e6:b6:04:c7:da:40:9b:32:bf:c7:c2:17:13: 6e:3f:aa:be:73:c3:8d:95:c5:d1:9c:e5:5e:57:f7:71:75:9b: 1a:9e:44:a2 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUVPhoLUoTrTvNu7KrYCUCwmL9RLwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNTg0NVoX DTI3MDUwMjAyMDM0NVowMzExMC8GA1UEAxMoMkFBMkMyMDM5RkY3MkU4OTZFQ0U2 RjBFM0VBRDM4QTAyODFBNzVBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ+ifw4NYLItOiSFn9GOuz7B78vO3LCnvyUd12ug16OJc+p9tiwRJ5Wmm50H NeNISan//oxb6DQ6QNAmOGGMxHLpgiwwiW4Jf+KUSZZQRcwuoljbh24p5vzBNC3M EjY+1a8sADja+E8mEpDOrdQDP6IHUdhSg1oUO5ifa2DGZXOC9fCBKj4fl2vl+Ep7 qOieg5xWvjto1LGV9uG0lcmBPprDittodlR/b77jdlHZAkZUEjsfoc1t1bNPrUbO 6CxclkR8s/Ywg698AYNOjThwauGG5d6Jfb88RqSh9u7rmov3HI2UWxdlaDUgfvzw n5ZJFFLNyS+IUE40IBVH1RWjxP8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCqiwgOf9y6Jbs5vDj6tOKAoGnWuMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2QzZTI3ZGE5LWU2ZTYtNDRhNS05OGY0LTU5MGViNWExYmQ2NS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9kM2UyN2Rh OS1lNmU2LTQ0YTUtOThmNC01OTBlYjVhMWJkNjUvMC8yQUEyQzIwMzlGRjcyRTg5 NkVDRTZGMEUzRUFEMzhBMDI4MUE3NUFFLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ/1/MA0GCSqGSIb3DQEBCwUAA4IBAQAUzYwxKzzXVZrAVPTSrVI8a6f986nT 0vvtCwmsTJJVfrW4qgmzfTbWy/ZYr9/s/xaD8lJmd3UbFPq/1QtuMRP4e0gAfYLR dL7Q4+5IJJNCM290k2yNksKfYbb/Hj6jKPPxWcavc2tsmkCcyf5ot5CvmrWd5SB8 wtPgydI5EmejG0Mj4xQrIjplwIzUdydY6zZrzJkQmDPV0SIQEbQKm6YtTQNI8Soo rlyjtUxdEt++Uoy1GUFWem9g1a7S+ulJfea21nSgE0UrTclVIpQjinZPIGLk7O/6 YhNCEA/pwua2BMfaQJsyv8fCFxNuP6q+c8ONlcXRnOVeV/dxdZsankSi -----END CERTIFICATE-----Generated at Wed May 13 01:07:14 2026 by rpki-client