$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2AC4B9218D44A8AF6A893D00D5F28F34ADB83EED.cer File: 2AC4B9218D44A8AF6A893D00D5F28F34ADB83EED.cer (raw, json) Hash identifier: hdoi2gpWmhDuP4GQsRAu2YicwhUppHgvsjQFdRPI088= Subject key identifier: 2A:C4:B9:21:8D:44:A8:AF:6A:89:3D:00:D5:F2:8F:34:AD:B8:3E:ED Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2D8BC1A4DA9F0B29BCE8F26D2042716B91AE181F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/3c86cb5d-f07d-426a-8e5e-a77a978dd2ee/0/2AC4B9218D44A8AF6A893D00D5F28F34ADB83EED.mft caRepository: rsync://rpki-rsync.idnic.net/repo/3c86cb5d-f07d-426a-8e5e-a77a978dd2ee/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:19:58 +0000 Certificate not after: Sun 02 May 2027 00:24:58 +0000 Subordinate resources: IP: 103.71.25.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:8b:c1:a4:da:9f:0b:29:bc:e8:f2:6d:20:42:71:6b:91:ae:18:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:19:58 2026 GMT Not After : May 2 00:24:58 2027 GMT Subject: CN=2AC4B9218D44A8AF6A893D00D5F28F34ADB83EED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d9:89:28:ef:c9:72:98:b7:3f:77:7e:8b:54: 69:05:7e:93:38:e1:4a:f4:56:ae:14:6e:a7:9d:4e: 14:fb:5f:f3:97:49:21:eb:f2:3d:24:bd:2f:73:ab: d0:88:54:5d:45:d7:76:97:9d:ac:c7:59:c7:28:01: 92:39:d2:2a:ff:b1:16:23:2a:d7:ab:99:51:ba:ea: 76:49:01:77:30:fd:6e:44:1d:69:63:c9:1c:a8:2d: 6b:d3:1e:da:21:c6:a4:31:de:1d:c9:e8:fd:d6:d7: fe:b4:85:7e:88:44:b6:e6:99:d0:3a:9d:69:49:e6: a1:da:0b:c1:10:06:95:37:49:ab:e0:7e:ff:c5:d8: 48:be:ca:8c:01:98:a7:0d:73:b8:0f:b0:ef:8e:3b: ae:b9:26:31:7e:8a:48:25:f8:fa:08:04:81:be:2e: c3:7d:42:20:59:50:8b:3e:b8:1c:64:d8:ab:2c:27: bd:8b:df:d6:86:f8:c1:0c:ee:d7:be:21:16:2b:44: 96:d6:92:a9:ca:00:37:3e:17:2d:41:47:b7:ea:8d: 3c:25:1a:de:53:0e:d2:16:55:98:76:53:7f:5b:bb: 6f:99:db:d1:64:18:e7:2a:4f:42:af:8a:60:1f:65: 65:c5:3a:7a:4b:48:29:a6:af:e6:a9:f6:c8:cb:88: 08:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:C4:B9:21:8D:44:A8:AF:6A:89:3D:00:D5:F2:8F:34:AD:B8:3E:ED X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/3c86cb5d-f07d-426a-8e5e-a77a978dd2ee/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/3c86cb5d-f07d-426a-8e5e-a77a978dd2ee/0/2AC4B9218D44A8AF6A893D00D5F28F34ADB83EED.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.71.25.0/24 Signature Algorithm: sha256WithRSAEncryption 55:7f:6d:df:8f:0f:4f:c7:aa:06:4e:d6:bf:3c:de:08:8c:3b: 27:f8:a0:7a:93:1d:bc:65:90:df:85:20:8b:d6:14:f8:83:ea: 42:a7:05:5e:9f:4c:19:e7:33:84:1a:e1:a9:de:96:15:5b:90: 7e:8f:25:b8:78:23:35:3e:57:2a:4f:58:68:c2:34:78:aa:6d: 4b:50:b3:a3:06:f5:e1:e9:de:b7:21:3c:6f:e5:69:b5:1b:50: 75:1e:68:dd:79:c9:61:17:83:18:cc:81:29:00:fa:26:79:45: 3a:a1:73:e3:89:76:78:27:00:7e:c7:d5:21:49:08:c8:56:65: c9:71:04:6e:f8:d9:6d:51:ae:24:a1:08:4b:dc:c0:a3:2b:97: f2:9f:ad:25:ab:16:e1:cd:f7:ca:21:67:ea:db:65:c2:ce:71: 03:ea:fd:84:e3:e3:7e:f6:2d:36:1e:8b:4e:73:cc:3e:7a:a9: 6d:8d:e3:37:c8:ce:81:1a:3a:ff:e5:04:be:e4:e6:4e:7e:7a: a1:47:a8:d6:25:ea:1a:41:a7:b5:cd:8c:cd:53:f3:59:82:db: ff:41:a5:18:ab:2a:b8:46:21:79:4f:9e:c0:ea:35:54:13:5d: dc:57:2a:6c:e9:60:98:18:dd:dc:72:fc:90:72:50:06:93:82: 9b:72:a1:b1 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIULYvBpNqfCym86PJtIEJxa5GuGB8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMTk1OFoX DTI3MDUwMjAwMjQ1OFowMzExMC8GA1UEAxMoMkFDNEI5MjE4RDQ0QThBRjZBODkz RDAwRDVGMjhGMzRBREI4M0VFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHZiSjvyXKYtz93fotUaQV+kzjhSvRWrhRup51OFPtf85dJIevyPSS9L3Or 0IhUXUXXdpedrMdZxygBkjnSKv+xFiMq16uZUbrqdkkBdzD9bkQdaWPJHKgta9Me 2iHGpDHeHcno/dbX/rSFfohEtuaZ0DqdaUnmodoLwRAGlTdJq+B+/8XYSL7KjAGY pw1zuA+w7447rrkmMX6KSCX4+ggEgb4uw31CIFlQiz64HGTYqywnvYvf1ob4wQzu 174hFitEltaSqcoANz4XLUFHt+qNPCUa3lMO0hZVmHZTf1u7b5nb0WQY5ypPQq+K YB9lZcU6ektIKaav5qn2yMuICOsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCrEuSGNRKivaok9ANXyjzStuD7tMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzNjODZjYjVkLWYwN2QtNDI2YS04ZTVlLWE3N2E5NzhkZDJlZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zYzg2Y2I1 ZC1mMDdkLTQyNmEtOGU1ZS1hNzdhOTc4ZGQyZWUvMC8yQUM0QjkyMThENDRBOEFG NkE4OTNEMDBENUYyOEYzNEFEQjgzRUVELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ0cZMA0GCSqGSIb3DQEBCwUAA4IBAQBVf23fjw9Px6oGTta/PN4IjDsn+KB6 kx28ZZDfhSCL1hT4g+pCpwVen0wZ5zOEGuGp3pYVW5B+jyW4eCM1PlcqT1howjR4 qm1LULOjBvXh6d63ITxv5Wm1G1B1HmjdeclhF4MYzIEpAPomeUU6oXPjiXZ4JwB+ x9UhSQjIVmXJcQRu+NltUa4koQhL3MCjK5fyn60lqxbhzffKIWfq22XCznED6v2E 4+N+9i02HotOc8w+eqltjeM3yM6BGjr/5QS+5OZOfnqhR6jWJeoaQae1zYzNU/NZ gtv/QaUYqyq4RiF5T57A6jVUE13cVyps6WCYGN3ccvyQclAGk4KbcqGx -----END CERTIFICATE-----Generated at Tue May 12 22:10:28 2026 by rpki-client