$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2D88AC791B0CC1B7D921ECE660CDE0CF2EE8ED72.cer File: 2D88AC791B0CC1B7D921ECE660CDE0CF2EE8ED72.cer (raw, json) Hash identifier: ZYuP0kdi/qYjov1LQUWDK/ACQRh5VpA0A4OAW299RzE= Subject key identifier: 2D:88:AC:79:1B:0C:C1:B7:D9:21:EC:E6:60:CD:E0:CF:2E:E8:ED:72 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 07766E8F6AD44D7A4218C3482618B47A479E7171 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/23024d24-9faa-4ab0-8fa4-0ce608c6d0a3/0/2D88AC791B0CC1B7D921ECE660CDE0CF2EE8ED72.mft caRepository: rsync://rpki-rsync.idnic.net/repo/23024d24-9faa-4ab0-8fa4-0ce608c6d0a3/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:02:52 +0000 Certificate not after: Sun 02 May 2027 00:07:52 +0000 Subordinate resources: IP: 103.162.240.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:76:6e:8f:6a:d4:4d:7a:42:18:c3:48:26:18:b4:7a:47:9e:71:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:02:52 2026 GMT Not After : May 2 00:07:52 2027 GMT Subject: CN=2D88AC791B0CC1B7D921ECE660CDE0CF2EE8ED72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:7b:2c:24:00:ba:0c:10:bb:73:cc:20:a1:73: 52:7d:5e:d4:87:64:0b:21:b8:59:e0:d8:7c:25:27: b8:27:35:f0:f6:13:af:e7:cc:de:14:a4:a1:b3:c2: 17:48:f2:0e:ee:c0:69:62:69:e5:bd:67:04:2b:92: aa:d3:3c:fe:1b:08:8f:05:34:3d:71:9e:a0:9f:ef: eb:13:76:fc:97:de:e0:28:36:dd:7d:d0:36:a7:85: 41:ef:22:86:67:75:2c:33:9c:b4:4c:64:14:b0:2d: 5a:e8:b8:08:49:aa:20:a7:b8:92:fa:a5:4a:03:45: 00:82:80:a0:72:de:93:2f:76:1d:25:55:48:74:03: 01:8c:83:d0:1d:ff:a2:7e:27:d7:97:e5:ce:ab:a6: d3:75:2c:e2:4c:10:b5:5e:56:22:df:a9:ce:29:d8: 43:5b:e5:78:d9:47:c8:11:31:ff:e2:8b:f0:91:75: ae:a3:b2:d2:0a:bb:5f:9b:1f:d0:c4:83:60:89:23: 5b:76:6f:50:e2:89:b2:fc:a7:36:7f:27:10:76:16: a7:d5:2f:d4:4d:c4:8e:d5:b6:9b:fa:48:42:23:c0: 1f:99:95:26:d4:ad:8c:68:07:b8:08:67:c9:eb:fd: 4f:02:04:44:54:43:bf:57:13:88:9d:68:16:06:f1: 32:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2D:88:AC:79:1B:0C:C1:B7:D9:21:EC:E6:60:CD:E0:CF:2E:E8:ED:72 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/23024d24-9faa-4ab0-8fa4-0ce608c6d0a3/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/23024d24-9faa-4ab0-8fa4-0ce608c6d0a3/0/2D88AC791B0CC1B7D921ECE660CDE0CF2EE8ED72.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.162.240.0/23 Signature Algorithm: sha256WithRSAEncryption 6c:35:00:93:d1:fd:17:d0:ef:e4:a4:9c:51:e7:0a:6a:e8:73: 7f:e7:bb:ed:7c:08:36:b8:15:2b:44:bb:96:12:61:ff:8e:d2: 32:94:e9:2d:d2:a0:49:8e:77:5f:09:f2:10:c3:0a:20:24:1e: 0d:31:88:98:48:d8:32:94:77:86:c3:74:b6:31:a3:6b:df:9e: 85:31:1f:f6:2d:0a:61:ce:cd:e6:3e:3d:ba:fb:1d:4b:de:f0: 6d:69:5d:75:8e:3c:d0:32:e8:6c:e0:c7:47:9d:d5:c8:67:6b: 6b:f7:fc:28:fb:7b:18:5b:3c:74:9d:aa:a5:e7:74:52:87:62: 5d:9f:79:47:93:56:70:a4:e9:2d:66:54:e1:c3:8a:d5:37:df: 5d:d3:7c:d7:77:36:65:ac:85:77:ec:f9:7b:30:91:a8:d2:e7: 88:00:be:94:7f:12:69:b6:46:51:2d:77:1e:e4:e4:72:93:de: 92:31:fb:bc:31:c5:e4:94:ce:f2:04:74:27:e4:68:4e:8d:f0: 53:7e:21:13:dc:f1:3c:26:8b:10:97:2e:3c:1a:88:e2:36:76: e1:c7:d3:47:b6:dc:cf:2c:28:a3:26:71:35:a3:2c:de:73:09: 83:ef:01:5f:bb:93:43:e9:5b:51:94:2e:e0:57:fe:a6:30:b3: a0:04:04:3e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUB3Zuj2rUTXpCGMNIJhi0ekeecXEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMDI1MloX DTI3MDUwMjAwMDc1MlowMzExMC8GA1UEAxMoMkQ4OEFDNzkxQjBDQzFCN0Q5MjFF Q0U2NjBDREUwQ0YyRUU4RUQ3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJR7LCQAugwQu3PMIKFzUn1e1IdkCyG4WeDYfCUnuCc18PYTr+fM3hSkobPC F0jyDu7AaWJp5b1nBCuSqtM8/hsIjwU0PXGeoJ/v6xN2/Jfe4Cg23X3QNqeFQe8i hmd1LDOctExkFLAtWui4CEmqIKe4kvqlSgNFAIKAoHLeky92HSVVSHQDAYyD0B3/ on4n15flzqum03Us4kwQtV5WIt+pzinYQ1vleNlHyBEx/+KL8JF1rqOy0gq7X5sf 0MSDYIkjW3ZvUOKJsvynNn8nEHYWp9Uv1E3EjtW2m/pIQiPAH5mVJtStjGgHuAhn yev9TwIERFRDv1cTiJ1oFgbxMikCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC2IrHkbDMG32SHs5mDN4M8u6O1yMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzIzMDI0ZDI0LTlmYWEtNGFiMC04ZmE0LTBjZTYwOGM2ZDBhMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yMzAyNGQy NC05ZmFhLTRhYjAtOGZhNC0wY2U2MDhjNmQwYTMvMC8yRDg4QUM3OTFCMENDMUI3 RDkyMUVDRTY2MENERTBDRjJFRThFRDcyLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6LwMA0GCSqGSIb3DQEBCwUAA4IBAQBsNQCT0f0X0O/kpJxR5wpq6HN/57vt fAg2uBUrRLuWEmH/jtIylOkt0qBJjndfCfIQwwogJB4NMYiYSNgylHeGw3S2MaNr 356FMR/2LQphzs3mPj26+x1L3vBtaV11jjzQMuhs4MdHndXIZ2tr9/wo+3sYWzx0 naql53RSh2Jdn3lHk1ZwpOktZlThw4rVN99d03zXdzZlrIV37Pl7MJGo0ueIAL6U fxJptkZRLXce5ORyk96SMfu8McXklM7yBHQn5GhOjfBTfiET3PE8JosQly48Goji Nnbhx9NHttzPLCijJnE1oyzecwmD7wFfu5ND6VtRlC7gV/6mMLOgBAQ+ -----END CERTIFICATE-----Generated at Tue May 12 22:39:02 2026 by rpki-client