$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2F70AB35F1AA8A2E18ABE3ABF18E46E1A24A5F77.cer File: 2F70AB35F1AA8A2E18ABE3ABF18E46E1A24A5F77.cer (raw, json) Hash identifier: BQ7Xzvj5DkN4djEVqwpXw5UGSojl42/p/cv5Pvwq19o= Subject key identifier: 2F:70:AB:35:F1:AA:8A:2E:18:AB:E3:AB:F1:8E:46:E1:A2:4A:5F:77 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 12522D6DA79BD2E7BED7B40DB902C366FE786C36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/8d48bb88-a758-443f-b708-48e387d66f57/0/2F70AB35F1AA8A2E18ABE3ABF18E46E1A24A5F77.mft caRepository: rsync://rpki-rsync.idnic.net/repo/8d48bb88-a758-443f-b708-48e387d66f57/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:15:17 +0000 Certificate not after: Sun 02 May 2027 01:20:17 +0000 Subordinate resources: IP: 103.27.194.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:52:2d:6d:a7:9b:d2:e7:be:d7:b4:0d:b9:02:c3:66:fe:78:6c:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:15:17 2026 GMT Not After : May 2 01:20:17 2027 GMT Subject: CN=2F70AB35F1AA8A2E18ABE3ABF18E46E1A24A5F77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:cc:3e:ad:c8:d2:55:5b:7b:2a:bb:b8:25:2b: 47:be:ba:cc:70:d9:39:00:9e:df:29:de:fb:56:6c: 66:f1:1f:cf:96:4d:f9:f9:ae:ac:03:bc:ba:17:9a: a6:ed:b5:ca:da:7a:7b:69:2c:8e:f0:a6:e4:e3:9c: e1:5b:23:08:06:a2:32:57:4e:cb:84:f1:9f:fb:b1: a5:ae:78:5b:a3:92:f3:45:ff:81:e7:e0:f8:c6:e0: 8b:20:12:93:17:79:b3:13:c1:3b:df:6a:a8:fe:28: b0:a0:71:2e:28:68:1b:06:26:ca:b1:b7:72:9e:0f: 08:19:7f:5c:dd:f1:1d:a2:0e:ba:77:68:44:78:ab: 8d:22:ef:8b:91:6d:ac:aa:7f:d0:95:f4:df:94:12: 6d:5d:f4:4d:ad:df:dc:d4:19:1b:c6:52:ca:fe:30: 1d:66:81:d5:65:f9:8c:10:3b:ae:68:07:48:3d:79: 2c:ed:d3:1e:d0:e4:d7:91:77:6e:92:06:bf:2c:a1: 23:28:ba:1e:b5:ca:d9:8b:be:fe:63:f6:c8:5c:07: 8c:80:25:59:be:19:c4:9e:a2:d8:ed:a0:f9:b5:3f: 18:37:83:a9:d5:2a:70:2f:23:72:17:fb:01:07:bf: 52:cb:95:b2:0f:be:9e:e3:d9:11:b1:71:8d:95:88: 58:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2F:70:AB:35:F1:AA:8A:2E:18:AB:E3:AB:F1:8E:46:E1:A2:4A:5F:77 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/8d48bb88-a758-443f-b708-48e387d66f57/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/8d48bb88-a758-443f-b708-48e387d66f57/0/2F70AB35F1AA8A2E18ABE3ABF18E46E1A24A5F77.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.27.194.0/23 Signature Algorithm: sha256WithRSAEncryption 3a:55:43:56:89:dc:e7:6d:17:12:97:cb:e3:62:2a:a9:f0:93: b5:64:ca:69:23:af:42:e1:2a:a5:20:4c:88:6f:f2:27:9c:cf: c7:d0:6b:d7:a0:6a:00:d2:41:67:b7:ff:b7:fb:94:fd:9a:7d: cb:bb:8d:26:7c:c9:4e:f4:1d:09:94:2c:48:79:b5:d5:ec:a9: f3:6d:9b:69:8b:66:dc:9e:b3:dc:28:2c:66:2d:a7:3b:c0:47: 68:e3:75:69:03:96:40:b0:cb:f7:bc:98:b9:7c:5e:23:fc:ff: 53:bc:f7:00:a3:0d:91:5c:8c:62:cd:c0:97:07:96:0e:09:2e: f2:e6:a3:cf:24:f7:7e:ea:7e:03:a3:1b:f3:9b:f9:48:30:e2: 8b:23:7f:81:13:81:3b:67:82:d8:5f:ff:fb:23:23:d3:55:32: ee:69:d4:4b:78:23:3c:5b:b3:2e:70:34:a4:ae:f7:7b:59:da: 9a:a3:22:fc:74:fa:e4:47:e6:85:12:61:14:32:0c:1f:6e:e1: c1:3c:3a:b0:6d:76:0f:68:bf:19:cf:5b:03:a6:0f:c5:c3:06: 9d:96:f1:af:f5:8e:df:20:74:68:c3:39:85:2b:27:75:32:26: 9b:f2:c9:cf:c0:82:9c:ab:b3:33:c2:3d:2d:ee:00:87:7a:b1: 38:06:f5:c2 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUElItbaeb0ue+17QNuQLDZv54bDYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMTUxN1oX DTI3MDUwMjAxMjAxN1owMzExMC8GA1UEAxMoMkY3MEFCMzVGMUFBOEEyRTE4QUJF M0FCRjE4RTQ2RTFBMjRBNUY3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKrMPq3I0lVbeyq7uCUrR766zHDZOQCe3yne+1ZsZvEfz5ZN+fmurAO8uhea pu21ytp6e2ksjvCm5OOc4VsjCAaiMldOy4Txn/uxpa54W6OS80X/gefg+MbgiyAS kxd5sxPBO99qqP4osKBxLihoGwYmyrG3cp4PCBl/XN3xHaIOundoRHirjSLvi5Ft rKp/0JX035QSbV30Ta3f3NQZG8ZSyv4wHWaB1WX5jBA7rmgHSD15LO3THtDk15F3 bpIGvyyhIyi6HrXK2Yu+/mP2yFwHjIAlWb4ZxJ6i2O2g+bU/GDeDqdUqcC8jchf7 AQe/UsuVsg++nuPZEbFxjZWIWHUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC9wqzXxqoouGKvjq/GORuGiSl93MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzhkNDhiYjg4LWE3NTgtNDQzZi1iNzA4LTQ4ZTM4N2Q2NmY1Ny8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84ZDQ4YmI4 OC1hNzU4LTQ0M2YtYjcwOC00OGUzODdkNjZmNTcvMC8yRjcwQUIzNUYxQUE4QTJF MThBQkUzQUJGMThFNDZFMUEyNEE1Rjc3Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZxvCMA0GCSqGSIb3DQEBCwUAA4IBAQA6VUNWidznbRcSl8vjYiqp8JO1ZMpp I69C4SqlIEyIb/InnM/H0GvXoGoA0kFnt/+3+5T9mn3Lu40mfMlO9B0JlCxIebXV 7KnzbZtpi2bcnrPcKCxmLac7wEdo43VpA5ZAsMv3vJi5fF4j/P9TvPcAow2RXIxi zcCXB5YOCS7y5qPPJPd+6n4Doxvzm/lIMOKLI3+BE4E7Z4LYX//7IyPTVTLuadRL eCM8W7MucDSkrvd7WdqaoyL8dPrkR+aFEmEUMgwfbuHBPDqwbXYPaL8Zz1sDpg/F wwadlvGv9Y7fIHRowzmFKyd1Miab8snPwIKcq7Mzwj0t7gCHerE4BvXC -----END CERTIFICATE-----Generated at Tue May 12 22:47:34 2026 by rpki-client