$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2CB08023BB428AE4D02727C96B069C5F59CEE8A3.cer File: 2CB08023BB428AE4D02727C96B069C5F59CEE8A3.cer (raw, json) Hash identifier: Cp30oRUKjP8LRp/W7KaN9mfJI54eFHFQStwnIKOLSGg= Subject key identifier: 2C:B0:80:23:BB:42:8A:E4:D0:27:27:C9:6B:06:9C:5F:59:CE:E8:A3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 249C8078EC5023394070FA6A4745F3AE70900803 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/2CB08023BB428AE4D02727C96B069C5F59CEE8A3.mft caRepository: rsync://rpki-rsync.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:33:21 +0000 Certificate not after: Sun 02 May 2027 02:38:21 +0000 Subordinate resources: IP: 115.178.128.0/17 IP: 202.148.0.0/19 IP: 203.201.160.0/20 IP: 2404:1b8::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:9c:80:78:ec:50:23:39:40:70:fa:6a:47:45:f3:ae:70:90:08:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:33:21 2026 GMT Not After : May 2 02:38:21 2027 GMT Subject: CN=2CB08023BB428AE4D02727C96B069C5F59CEE8A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d9:be:14:d6:7e:f8:f5:90:a9:bf:ed:a4:2c: 69:45:cc:b6:af:14:ff:41:2e:78:ab:53:b1:dd:49: 48:34:79:fd:24:2e:c6:4f:b4:db:ae:de:59:32:13: f4:6e:af:dc:1b:ac:ad:ab:36:84:9a:7f:c6:ce:30: 57:5a:d0:5b:23:1d:ae:21:0d:49:5f:92:c2:2a:b4: ba:a9:fb:eb:4b:71:a1:7f:0b:99:7f:15:b1:59:2b: 44:10:bf:ee:56:07:78:f1:3f:73:63:80:c4:a5:3e: 8c:66:eb:33:4b:f7:44:72:d8:c2:dc:b0:c9:35:f3: 91:ce:50:4f:63:fe:b5:55:e7:40:ca:54:0c:3c:7d: 11:b1:98:c6:0c:7e:73:9f:eb:bd:24:52:4e:89:96: d3:7b:ed:b2:9d:8c:c6:e8:42:5a:99:af:15:79:53: b5:44:74:c7:a3:c0:94:e1:52:e9:72:bd:d2:dd:18: 26:b0:d2:60:6f:40:9b:8f:c0:62:8f:7e:03:14:e2: 09:8e:6d:cd:0c:29:8b:e9:18:50:01:b6:c2:de:c1: 5c:dc:29:03:fe:89:d1:22:f0:fc:4c:b2:3b:49:db: fb:dd:e4:6c:7c:9f:c9:d0:06:5a:7f:ff:74:11:f0: 27:43:38:6e:b4:0d:2a:52:18:5a:99:2a:2c:9e:af: 27:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2C:B0:80:23:BB:42:8A:E4:D0:27:27:C9:6B:06:9C:5F:59:CE:E8:A3 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/2CB08023BB428AE4D02727C96B069C5F59CEE8A3.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 115.178.128.0/17 202.148.0.0/19 203.201.160.0/20 IPv6: 2404:1b8::/32 Signature Algorithm: sha256WithRSAEncryption 0b:bf:3a:e6:8d:0d:ed:65:91:37:7c:65:bd:cc:ec:41:e0:17: 22:af:a6:80:7f:9e:24:55:a4:64:59:60:a8:c4:67:0c:0a:05: 01:79:ab:8f:c4:67:6b:02:09:8f:e0:89:bd:c0:b3:73:5d:8e: 33:91:df:98:81:74:5e:b0:c0:03:c5:3b:b1:c1:15:64:a0:e2: 74:7e:7c:ba:85:54:b4:e4:f6:2b:4a:1f:63:31:1e:1f:2b:46: b5:6d:92:d3:38:89:1f:df:a4:1f:e4:b4:3b:aa:6d:20:c1:a6: 02:4b:f3:50:b4:39:99:54:ca:92:00:96:c4:41:74:6d:fe:f0: 4d:a8:14:a6:41:10:73:8e:63:5a:00:f7:ea:60:45:ae:a2:ed: 00:87:46:88:a9:e8:e1:f4:68:98:ea:67:3a:bd:2c:52:4f:2d: 14:2b:5f:0c:30:38:f7:46:d6:55:ea:be:85:c7:37:09:32:09: 82:32:e1:89:ce:13:1f:98:16:bc:cd:13:2c:86:70:1c:d8:95: b5:d8:f6:90:60:b5:70:1a:f4:10:6a:44:af:1a:28:c8:5b:67: de:1c:12:42:29:7a:5b:1f:37:0e:56:07:0d:41:f3:37:bf:69: 26:0f:93:c9:f3:41:69:5e:2f:bd:81:85:6a:85:ae:d7:70:26: e8:60:94:03 -----BEGIN CERTIFICATE----- MIIF4TCCBMmgAwIBAgIUJJyAeOxQIzlAcPpqR0XzrnCQCAMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMzMyMVoX DTI3MDUwMjAyMzgyMVowMzExMC8GA1UEAxMoMkNCMDgwMjNCQjQyOEFFNEQwMjcy N0M5NkIwNjlDNUY1OUNFRThBMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjZvhTWfvj1kKm/7aQsaUXMtq8U/0EueKtTsd1JSDR5/SQuxk+0267eWTIT 9G6v3Busras2hJp/xs4wV1rQWyMdriENSV+Swiq0uqn760txoX8LmX8VsVkrRBC/ 7lYHePE/c2OAxKU+jGbrM0v3RHLYwtywyTXzkc5QT2P+tVXnQMpUDDx9EbGYxgx+ c5/rvSRSTomW03vtsp2MxuhCWpmvFXlTtUR0x6PAlOFS6XK90t0YJrDSYG9Am4/A Yo9+AxTiCY5tzQwpi+kYUAG2wt7BXNwpA/6J0SLw/EyyO0nb+93kbHyfydAGWn// dBHwJ0M4brQNKlIYWpkqLJ6vJ3MCAwEAAaOCAtQwggLQMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCywgCO7Qork0CcnyWsGnF9ZzuijMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2YzNGVjYzQwLTZiODQtNDllOC1iNjBiLTZlOTkwNDEyOGNhOC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mMzRlY2M0 MC02Yjg0LTQ5ZTgtYjYwYi02ZTk5MDQxMjhjYTgvMC8yQ0IwODAyM0JCNDI4QUU0 RDAyNzI3Qzk2QjA2OUM1RjU5Q0VFOEEzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATAS AwQHc7KAAwQFypQAAwQEy8mgMA0EAgACMAcDBQAkBAG4MA0GCSqGSIb3DQEBCwUA A4IBAQALvzrmjQ3tZZE3fGW9zOxB4Bcir6aAf54kVaRkWWCoxGcMCgUBeauPxGdr AgmP4Im9wLNzXY4zkd+YgXResMADxTuxwRVkoOJ0fny6hVS05PYrSh9jMR4fK0a1 bZLTOIkf36Qf5LQ7qm0gwaYCS/NQtDmZVMqSAJbEQXRt/vBNqBSmQRBzjmNaAPfq YEWuou0Ah0aIqejh9GiY6mc6vSxSTy0UK18MMDj3RtZV6r6FxzcJMgmCMuGJzhMf mBa8zRMshnAc2JW12PaQYLVwGvQQakSvGijIW2feHBJCKXpbHzcOVgcNQfM3v2km D5PJ80FpXi+9gYVqha7XcCboYJQD -----END CERTIFICATE-----Generated at Tue May 12 22:03:41 2026 by rpki-client