$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2BFC741AA1771FC5CE779E4CF88A5C3AF52F8E7A.cer File: 2BFC741AA1771FC5CE779E4CF88A5C3AF52F8E7A.cer (raw, json) Hash identifier: nkfJut8Wg6fkT8O6HO+PVUTe+7yPk2mqZUcn7x82zMA= Subject key identifier: 2B:FC:74:1A:A1:77:1F:C5:CE:77:9E:4C:F8:8A:5C:3A:F5:2F:8E:7A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 70E7D750454D4C35BD1011D6A08AE48BA50B687E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/adbd3a50-832e-4127-94e1-48ace164cf26/0/2BFC741AA1771FC5CE779E4CF88A5C3AF52F8E7A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/adbd3a50-832e-4127-94e1-48ace164cf26/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:36:14 +0000 Certificate not after: Sun 02 May 2027 01:41:14 +0000 Subordinate resources: IP: 103.59.160.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:e7:d7:50:45:4d:4c:35:bd:10:11:d6:a0:8a:e4:8b:a5:0b:68:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:36:14 2026 GMT Not After : May 2 01:41:14 2027 GMT Subject: CN=2BFC741AA1771FC5CE779E4CF88A5C3AF52F8E7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d8:eb:1f:07:94:68:32:fc:d1:ba:b6:34:3d: 7b:33:b3:f1:eb:28:83:b6:67:f6:40:42:8e:2e:be: 67:73:fc:87:40:c0:a0:b9:b4:2d:39:43:11:ec:78: 04:75:f9:21:b2:ef:be:ba:e3:e3:2c:b5:02:00:a4: 2a:f9:54:2c:66:38:48:34:57:0f:10:1c:a9:72:0b: e2:ee:a3:a9:f2:2b:a6:57:c1:0a:b7:3e:9a:fe:d1: e7:54:35:33:67:d0:b5:54:15:77:23:12:93:d4:5f: 43:25:8b:5c:ab:31:90:40:0d:11:2a:a8:2d:81:1e: 0a:62:9b:d9:ed:62:44:97:3f:b5:46:6d:6c:75:e5: af:30:a1:bf:39:12:ac:8b:07:b7:c9:ac:b2:30:f2: 5d:9a:de:2e:be:98:82:ab:ea:88:37:1a:cc:7c:1d: 51:08:2d:16:5e:a5:99:74:b1:ef:82:33:9b:4c:d5: cf:fd:60:2a:62:ef:16:11:7d:1d:d7:7f:fd:b3:5c: 15:dd:f2:d1:eb:8d:bc:29:07:ca:d7:d0:3e:f9:d9: 75:e5:e8:8e:60:a9:43:08:71:dc:87:de:03:5d:0d: 30:7b:5d:68:b4:2b:7a:f4:8d:21:f0:0b:d6:d5:91: 08:e2:55:89:3d:09:9b:03:fa:c0:73:1e:77:85:20: 76:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2B:FC:74:1A:A1:77:1F:C5:CE:77:9E:4C:F8:8A:5C:3A:F5:2F:8E:7A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/adbd3a50-832e-4127-94e1-48ace164cf26/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/adbd3a50-832e-4127-94e1-48ace164cf26/0/2BFC741AA1771FC5CE779E4CF88A5C3AF52F8E7A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.59.160.0/23 Signature Algorithm: sha256WithRSAEncryption 4b:8b:de:4a:14:68:72:68:d9:c8:2e:d9:a2:2a:08:c3:e7:3d: 77:70:4b:59:4a:b0:ed:ba:0c:e9:e8:59:ce:db:de:bf:88:c9: 01:70:83:34:54:a2:5d:62:b8:bf:ed:33:5a:8b:ba:91:da:4d: 13:50:35:f7:35:f3:86:b2:0d:72:f2:06:9b:89:05:7e:4a:44: 5b:6d:38:57:24:01:ad:f1:b7:2c:85:06:84:74:bd:6f:2b:70: 54:df:31:8e:5e:29:ce:03:c2:59:c5:ef:b4:fc:a0:4d:a0:59: 35:ec:26:dc:6c:03:95:4e:f6:d6:90:06:54:2b:6d:df:77:2d: f6:e5:b7:84:ef:5c:2c:33:f6:df:d9:21:88:b4:84:30:aa:90: 7e:b1:a6:fa:38:70:28:12:81:8c:9e:df:6b:ad:52:83:a0:8f: 8f:09:bd:8d:0d:72:bf:33:fa:cb:26:df:64:42:b4:ec:5f:3c: 96:d6:8a:b5:72:d5:a9:2d:d5:67:b6:02:de:2f:52:7d:ff:ae: 44:e0:8c:6e:34:f6:d9:ed:0b:cc:fb:48:f5:06:55:f4:f3:1d: 39:1e:c9:19:20:fa:95:01:0e:4d:e7:fe:f1:44:11:08:04:98: c4:b0:78:4d:2f:d0:7c:92:45:5d:cc:46:20:34:9a:a0:71:f7: 4a:54:0e:2a -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUcOfXUEVNTDW9EBHWoIrki6ULaH4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzYxNFoX DTI3MDUwMjAxNDExNFowMzExMC8GA1UEAxMoMkJGQzc0MUFBMTc3MUZDNUNFNzc5 RTRDRjg4QTVDM0FGNTJGOEU3QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHY6x8HlGgy/NG6tjQ9ezOz8esog7Zn9kBCji6+Z3P8h0DAoLm0LTlDEex4 BHX5IbLvvrrj4yy1AgCkKvlULGY4SDRXDxAcqXIL4u6jqfIrplfBCrc+mv7R51Q1 M2fQtVQVdyMSk9RfQyWLXKsxkEANESqoLYEeCmKb2e1iRJc/tUZtbHXlrzChvzkS rIsHt8mssjDyXZreLr6YgqvqiDcazHwdUQgtFl6lmXSx74Izm0zVz/1gKmLvFhF9 Hdd//bNcFd3y0euNvCkHytfQPvnZdeXojmCpQwhx3IfeA10NMHtdaLQrevSNIfAL 1tWRCOJViT0JmwP6wHMed4Ugdj0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCv8dBqhdx/FzneeTPiKXDr1L456MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2FkYmQzYTUwLTgzMmUtNDEyNy05NGUxLTQ4YWNlMTY0Y2YyNi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hZGJkM2E1 MC04MzJlLTQxMjctOTRlMS00OGFjZTE2NGNmMjYvMC8yQkZDNzQxQUExNzcxRkM1 Q0U3NzlFNENGODhBNUMzQUY1MkY4RTdBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZzugMA0GCSqGSIb3DQEBCwUAA4IBAQBLi95KFGhyaNnILtmiKgjD5z13cEtZ SrDtugzp6FnO296/iMkBcIM0VKJdYri/7TNai7qR2k0TUDX3NfOGsg1y8gabiQV+ SkRbbThXJAGt8bcshQaEdL1vK3BU3zGOXinOA8JZxe+0/KBNoFk17CbcbAOVTvbW kAZUK23fdy325beE71wsM/bf2SGItIQwqpB+sab6OHAoEoGMnt9rrVKDoI+PCb2N DXK/M/rLJt9kQrTsXzyW1oq1ctWpLdVntgLeL1J9/65E4IxuNPbZ7QvM+0j1BlX0 8x05HskZIPqVAQ5N5/7xRBEIBJjEsHhNL9B8kkVdzEYgNJqgcfdKVA4q -----END CERTIFICATE-----Generated at Tue May 12 22:09:52 2026 by rpki-client