$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2B5A078B9D8A317DA7A2AD402090C9AE72A1D0F4.cer File: 2B5A078B9D8A317DA7A2AD402090C9AE72A1D0F4.cer (raw, json) Hash identifier: HHMJ59/9MG8Xj6fGZRJ4M2BCRZigEKc23pKcWd4H8k0= Subject key identifier: 2B:5A:07:8B:9D:8A:31:7D:A7:A2:AD:40:20:90:C9:AE:72:A1:D0:F4 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6198C4C3E7EA5B4973283717810373A372137C0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/13d80643-d5e9-41af-94df-6d94fbf46487/0/2B5A078B9D8A317DA7A2AD402090C9AE72A1D0F4.mft caRepository: rsync://rpki-rsync.idnic.net/repo/13d80643-d5e9-41af-94df-6d94fbf46487/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:51:41 +0000 Certificate not after: Sat 01 May 2027 23:56:41 +0000 Subordinate resources: IP: 103.100.96.0/22 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:98:c4:c3:e7:ea:5b:49:73:28:37:17:81:03:73:a3:72:13:7c:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:51:41 2026 GMT Not After : May 1 23:56:41 2027 GMT Subject: CN=2B5A078B9D8A317DA7A2AD402090C9AE72A1D0F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:6a:04:fc:6c:3d:48:36:06:31:1e:ce:4a:a0: 1b:40:e2:cb:0b:7c:dd:8f:68:3f:da:50:54:6f:e0: 56:00:3b:d9:41:3a:92:9d:dc:ea:07:42:1b:2e:24: 0a:2f:f9:79:16:43:5a:6a:28:41:2c:dc:2f:8a:61: 6d:9f:74:4d:03:e8:8d:d5:ed:84:ea:33:37:62:81: 05:d1:c8:9a:9e:0d:1c:7b:70:3d:3f:db:9a:2a:1e: 25:61:d5:64:d6:ad:a8:d4:e9:a2:bf:8c:41:a9:43: bf:75:87:c3:99:e9:7f:71:32:96:13:6f:48:7c:b7: f5:e6:37:cc:57:b4:dc:6d:f9:1a:dd:ec:c4:5d:c5: d7:9c:d1:65:4c:5d:21:ee:c6:d1:32:6b:00:c6:cd: 0b:e0:94:f2:c1:02:fa:a4:53:a3:1b:0b:97:3d:14: 88:06:26:1e:6a:dd:90:28:5b:37:42:b0:77:22:51: 1b:f6:8d:fc:94:ad:e0:86:fe:ee:b3:4b:c0:75:11: f8:9e:c9:47:0a:a5:ea:17:9b:43:94:e7:52:85:66: f9:2f:e1:4b:5f:4e:be:8c:83:b5:4a:33:81:5f:81: b1:b5:90:2e:25:99:bf:1d:e2:af:b1:e4:f7:17:49: c8:06:b8:cd:8a:1a:98:fd:0e:50:9d:81:cb:1f:d9: 29:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2B:5A:07:8B:9D:8A:31:7D:A7:A2:AD:40:20:90:C9:AE:72:A1:D0:F4 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/13d80643-d5e9-41af-94df-6d94fbf46487/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/13d80643-d5e9-41af-94df-6d94fbf46487/0/2B5A078B9D8A317DA7A2AD402090C9AE72A1D0F4.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.100.96.0/22 Signature Algorithm: sha256WithRSAEncryption 42:2e:14:79:4d:b5:a7:39:7c:1b:da:9e:67:56:67:91:78:0a: a2:11:55:3d:c0:98:87:49:87:5d:93:8b:5d:e9:93:8c:02:61: ec:15:d5:8c:a6:93:fe:13:c1:d9:0c:40:c9:b6:a3:a4:ad:d8: 9a:2f:76:e1:ad:a1:99:61:24:d8:59:cd:6a:e9:8d:be:c3:9a: 35:7c:14:13:d3:01:02:1f:72:f3:43:82:39:28:7f:51:e9:77: 8b:56:a8:43:d1:16:89:4b:4a:48:9c:43:9d:94:7b:c7:2c:cf: db:6a:6e:02:4c:c1:ff:78:34:96:ba:89:a5:d9:38:bb:93:a4: 0b:91:9f:8c:49:25:98:33:84:f6:f3:50:78:10:f1:ca:1e:a0: 6f:17:eb:5f:eb:39:24:84:d6:8c:bc:e5:c1:07:ac:ae:7b:d7: 74:85:72:04:c3:bb:a6:2f:21:92:54:05:11:5e:2a:34:b6:b3: b9:67:4c:11:3b:8f:8c:0f:4b:b5:50:0e:ca:15:70:7e:ac:21: 17:4d:4a:76:2d:26:4b:8f:1a:85:1e:98:59:e5:2b:98:d7:06: 34:d2:c1:27:4c:de:ea:ea:6d:c0:da:f8:95:19:4a:41:de:cc: fd:a8:10:f1:e4:a7:76:c6:02:42:c7:f4:ab:d9:5b:77:56:a9: 9e:4a:70:76 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUYZjEw+fqW0lzKDcXgQNzo3ITfA4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTE0MVoX DTI3MDUwMTIzNTY0MVowMzExMC8GA1UEAxMoMkI1QTA3OEI5RDhBMzE3REE3QTJB RDQwMjA5MEM5QUU3MkExRDBGNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKRqBPxsPUg2BjEezkqgG0Diywt83Y9oP9pQVG/gVgA72UE6kp3c6gdCGy4k Ci/5eRZDWmooQSzcL4phbZ90TQPojdXthOozN2KBBdHImp4NHHtwPT/bmioeJWHV ZNatqNTpor+MQalDv3WHw5npf3EylhNvSHy39eY3zFe03G35Gt3sxF3F15zRZUxd Ie7G0TJrAMbNC+CU8sEC+qRToxsLlz0UiAYmHmrdkChbN0KwdyJRG/aN/JSt4Ib+ 7rNLwHUR+J7JRwql6hebQ5TnUoVm+S/hS19OvoyDtUozgV+BsbWQLiWZvx3ir7Hk 9xdJyAa4zYoamP0OUJ2Byx/ZKQECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCtaB4udijF9p6KtQCCQya5yodD0MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzEzZDgwNjQzLWQ1ZTktNDFhZi05NGRmLTZkOTRmYmY0NjQ4Ny8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xM2Q4MDY0 My1kNWU5LTQxYWYtOTRkZi02ZDk0ZmJmNDY0ODcvMC8yQjVBMDc4QjlEOEEzMTdE QTdBMkFENDAyMDkwQzlBRTcyQTFEMEY0Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ2RgMA0GCSqGSIb3DQEBCwUAA4IBAQBCLhR5TbWnOXwb2p5nVmeReAqiEVU9 wJiHSYddk4td6ZOMAmHsFdWMppP+E8HZDEDJtqOkrdiaL3bhraGZYSTYWc1q6Y2+ w5o1fBQT0wECH3LzQ4I5KH9R6XeLVqhD0RaJS0pInEOdlHvHLM/bam4CTMH/eDSW uoml2Ti7k6QLkZ+MSSWYM4T281B4EPHKHqBvF+tf6zkkhNaMvOXBB6yue9d0hXIE w7umLyGSVAURXio0trO5Z0wRO4+MD0u1UA7KFXB+rCEXTUp2LSZLjxqFHphZ5SuY 1wY00sEnTN7q6m3A2viVGUpB3sz9qBDx5Kd2xgJCx/Sr2Vt3VqmeSnB2 -----END CERTIFICATE-----Generated at Tue May 12 22:03:45 2026 by rpki-client