$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2DFC5C3D3882FE6E7F9A9EFE2F6B96555FF52DD7.cer File: 2DFC5C3D3882FE6E7F9A9EFE2F6B96555FF52DD7.cer (raw, json) Hash identifier: x6VLbtjHTk3JPG8ztLeHuqL8G0X+iUzjyGh9gbcuweM= Subject key identifier: 2D:FC:5C:3D:38:82:FE:6E:7F:9A:9E:FE:2F:6B:96:55:5F:F5:2D:D7 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5731624A0B789A3E8CC20B3CB9D3B506FC3165EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/6ef0013b-59a6-4733-89f8-28fa3d88579f/0/2DFC5C3D3882FE6E7F9A9EFE2F6B96555FF52DD7.mft caRepository: rsync://rpki-rsync.idnic.net/repo/6ef0013b-59a6-4733-89f8-28fa3d88579f/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:53:16 +0000 Certificate not after: Sun 02 May 2027 00:58:16 +0000 Subordinate resources: IP: 103.101.218.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:31:62:4a:0b:78:9a:3e:8c:c2:0b:3c:b9:d3:b5:06:fc:31:65:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:53:16 2026 GMT Not After : May 2 00:58:16 2027 GMT Subject: CN=2DFC5C3D3882FE6E7F9A9EFE2F6B96555FF52DD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:15:e7:c8:70:00:44:bf:42:f8:89:17:73:a3: 1f:e3:c7:ca:5d:44:0c:3f:d9:e1:87:58:7f:b6:3d: 8e:e3:9a:70:2f:f1:4f:27:26:44:58:84:1a:a6:15: 2e:13:ec:92:84:4a:39:07:97:eb:0a:b3:a0:8b:48: b2:7b:f8:2c:38:11:d5:f9:63:23:6a:63:76:8c:24: 85:1e:b7:4c:6a:60:aa:1f:22:b9:06:c7:9f:6e:54: c1:e3:3e:4f:00:d4:94:91:2f:45:4d:49:0b:24:64: a1:86:76:19:0a:6b:55:14:c1:e8:bc:56:ad:6a:5f: a2:e4:e8:6c:ec:6f:e1:f0:d9:97:ff:ee:75:61:04: 4c:ff:91:ad:3c:8a:b7:14:46:1e:fc:70:ce:13:7d: cb:7a:20:51:fe:1a:ac:02:ef:05:ed:6f:90:f6:70: c3:d8:2d:3a:75:cf:72:da:3f:4c:d9:3a:f5:1c:0a: d3:fe:7b:0c:43:22:ed:a3:63:fd:80:64:f4:a4:5c: 37:55:40:f7:a0:b8:32:fd:a4:c7:9e:75:cc:ab:76: c8:cd:7d:77:d5:46:c7:58:a8:07:29:dc:df:30:0b: 9f:de:bd:67:09:81:71:23:b7:eb:69:42:c9:ba:8f: 99:9c:43:de:9d:46:4d:0b:30:69:fa:20:ce:08:b6: d1:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2D:FC:5C:3D:38:82:FE:6E:7F:9A:9E:FE:2F:6B:96:55:5F:F5:2D:D7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/6ef0013b-59a6-4733-89f8-28fa3d88579f/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/6ef0013b-59a6-4733-89f8-28fa3d88579f/0/2DFC5C3D3882FE6E7F9A9EFE2F6B96555FF52DD7.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.101.218.0/23 Signature Algorithm: sha256WithRSAEncryption 35:cc:bb:80:4f:3b:06:dd:ea:3a:61:bb:77:dd:d9:b8:f6:1a: 04:52:d6:5f:be:ae:47:4e:5d:ca:02:e9:5f:36:d8:56:c7:fe: 82:0b:9b:53:34:63:d8:e6:49:58:40:51:14:f2:2e:e2:5e:91: 81:2f:4d:82:a2:93:b0:bf:16:da:26:c3:a9:05:88:ca:92:25: 18:44:06:bb:d0:12:05:26:e1:db:9a:d9:d4:2e:e0:41:11:3d: 0a:14:a3:f0:a1:46:85:02:2e:86:a5:90:13:c7:bd:8a:2f:e5: 64:13:d0:13:12:41:f1:0e:de:a3:a0:d9:07:e5:8f:ab:6e:24: 96:63:57:3e:5c:b6:7a:a9:b5:f4:b8:ff:37:13:8a:94:a1:8c: 1b:ca:f9:54:ce:98:4a:f4:29:aa:54:c1:75:71:7e:de:3d:8a: 8a:3c:4a:ff:ee:5a:c2:26:a1:38:ec:d7:23:ff:ab:b0:55:6f: dd:27:99:03:d5:af:6b:26:10:9e:5b:a1:13:41:c5:3e:76:f8: d6:07:81:9e:95:d5:14:e3:f9:3a:6b:07:8c:c6:94:c9:76:91: d4:eb:fe:60:83:7c:7a:71:5f:43:13:7d:96:42:f8:bc:95:3c: a2:8b:85:e8:a8:4c:78:6f:9f:66:33:cb:23:90:d3:4f:b8:46: 16:94:de:41 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUVzFiSgt4mj6Mwgs8udO1BvwxZeswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNTMxNloX DTI3MDUwMjAwNTgxNlowMzExMC8GA1UEAxMoMkRGQzVDM0QzODgyRkU2RTdGOUE5 RUZFMkY2Qjk2NTU1RkY1MkRENzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL8V58hwAES/QviJF3OjH+PHyl1EDD/Z4YdYf7Y9juOacC/xTycmRFiEGqYV LhPskoRKOQeX6wqzoItIsnv4LDgR1fljI2pjdowkhR63TGpgqh8iuQbHn25UweM+ TwDUlJEvRU1JCyRkoYZ2GQprVRTB6LxWrWpfouTobOxv4fDZl//udWEETP+RrTyK txRGHvxwzhN9y3ogUf4arALvBe1vkPZww9gtOnXPcto/TNk69RwK0/57DEMi7aNj /YBk9KRcN1VA96C4Mv2kx551zKt2yM19d9VGx1ioBync3zALn969ZwmBcSO362lC ybqPmZxD3p1GTQswafogzgi20UkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC38XD04gv5uf5qe/i9rllVf9S3XMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzZlZjAwMTNiLTU5YTYtNDczMy04OWY4LTI4ZmEzZDg4NTc5Zi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby82ZWYwMDEz Yi01OWE2LTQ3MzMtODlmOC0yOGZhM2Q4ODU3OWYvMC8yREZDNUMzRDM4ODJGRTZF N0Y5QTlFRkUyRjZCOTY1NTVGRjUyREQ3Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ2XaMA0GCSqGSIb3DQEBCwUAA4IBAQA1zLuATzsG3eo6Ybt33dm49hoEUtZf vq5HTl3KAulfNthWx/6CC5tTNGPY5klYQFEU8i7iXpGBL02CopOwvxbaJsOpBYjK kiUYRAa70BIFJuHbmtnULuBBET0KFKPwoUaFAi6GpZATx72KL+VkE9ATEkHxDt6j oNkH5Y+rbiSWY1c+XLZ6qbX0uP83E4qUoYwbyvlUzphK9CmqVMF1cX7ePYqKPEr/ 7lrCJqE47Ncj/6uwVW/dJ5kD1a9rJhCeW6ETQcU+dvjWB4GeldUU4/k6aweMxpTJ dpHU6/5gg3x6cV9DE32WQvi8lTyii4XoqEx4b59mM8sjkNNPuEYWlN5B -----END CERTIFICATE-----Generated at Tue May 12 22:46:05 2026 by rpki-client