$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2FF28EC31FA9595D4C9372E0378B127BFC07D543.cer File: 2FF28EC31FA9595D4C9372E0378B127BFC07D543.cer (raw, json) Hash identifier: XEQ24SVFeFb0SlnbeZBebvcmOckRrUAROVp6egij/98= Subject key identifier: 2F:F2:8E:C3:1F:A9:59:5D:4C:93:72:E0:37:8B:12:7B:FC:07:D5:43 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2CEFF099315C1FFBA252B4315629CD29C7CEC6EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/26c060fb-e936-4a23-bbe2-94457bf709bf/0/2FF28EC31FA9595D4C9372E0378B127BFC07D543.mft caRepository: rsync://rpki-rsync.idnic.net/repo/26c060fb-e936-4a23-bbe2-94457bf709bf/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:04:52 +0000 Certificate not after: Sun 02 May 2027 00:09:52 +0000 Subordinate resources: IP: 103.78.158.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:ef:f0:99:31:5c:1f:fb:a2:52:b4:31:56:29:cd:29:c7:ce:c6:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:04:52 2026 GMT Not After : May 2 00:09:52 2027 GMT Subject: CN=2FF28EC31FA9595D4C9372E0378B127BFC07D543 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a8:f1:fb:43:b2:6a:36:96:0c:6a:b3:4d:47: cc:df:3d:e6:ae:73:31:f8:91:4a:35:3a:50:aa:dc: f6:e5:7e:5a:33:e7:ab:97:59:16:ac:96:dd:be:da: 05:e6:78:4d:b0:2c:d3:6f:83:23:e7:5a:15:55:db: 65:de:ee:7d:55:4f:e7:9c:08:28:c4:c3:de:dc:98: b9:3b:f3:95:14:77:b8:79:62:07:07:19:e7:31:a7: 33:11:75:8a:ea:f4:d8:ac:56:43:f0:85:5d:c6:22: ee:a3:1b:70:1a:36:00:87:2f:e2:dd:5e:4f:ee:1f: 1e:5c:d0:64:5a:c0:b8:5a:39:2e:8f:09:07:c0:c0: 3f:3f:63:0b:55:aa:2e:81:86:e2:9f:1d:84:76:f4: 62:2e:c3:75:ad:2e:48:cb:3b:b6:8a:62:fa:4e:5f: 84:29:00:03:98:93:a6:d7:6d:6a:9c:9a:81:05:9b: 5f:c8:6e:5b:64:fe:40:77:63:18:0f:5f:47:df:15: 2a:71:78:c6:da:a2:9b:3a:c4:18:cb:9c:65:b0:0c: d4:8c:ee:8e:7a:e0:0e:47:39:74:51:5b:a8:8c:7e: 12:d1:2b:75:3b:aa:1e:32:22:99:f4:7a:18:a8:1d: ac:39:eb:49:6e:3c:fb:2b:58:40:1e:cb:95:bc:f7: 1e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2F:F2:8E:C3:1F:A9:59:5D:4C:93:72:E0:37:8B:12:7B:FC:07:D5:43 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/26c060fb-e936-4a23-bbe2-94457bf709bf/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/26c060fb-e936-4a23-bbe2-94457bf709bf/0/2FF28EC31FA9595D4C9372E0378B127BFC07D543.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.78.158.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:f8:5f:ec:3f:22:95:46:3c:5a:81:60:88:43:d8:e8:93:67: a4:ed:9e:24:56:c8:4a:b0:bd:3f:e3:17:96:96:58:d7:13:f5: 05:13:46:19:6b:2c:23:5d:57:49:3b:e4:02:5b:2c:03:ad:23: fe:c2:f9:8a:6e:a7:7b:1f:1c:78:5d:45:18:74:87:2c:22:b1: 7d:40:2d:6e:c1:a7:64:1a:bf:62:c2:dc:68:2f:6d:6a:d3:81: b3:97:4f:de:a3:fb:fb:5e:a4:b2:82:c5:0d:6d:f5:61:10:d7: e4:33:8c:43:2e:2c:d7:22:80:01:68:32:fa:55:5b:90:56:ca: 5a:77:e7:a2:de:20:76:30:77:60:e1:5f:0d:e9:ee:49:91:f3: ca:dd:51:18:87:f0:74:bb:d2:aa:70:c2:ee:65:3f:99:39:23: 65:45:9f:29:22:7e:9a:d6:1e:f8:34:38:8f:5c:e4:f4:e9:d9: d7:c1:65:3f:3f:1b:27:11:3a:e1:79:81:50:ab:1c:c8:30:9c: ae:01:43:5b:ac:54:5a:fc:2b:3a:e7:0d:a3:5c:0a:62:a9:cd: 90:17:ae:40:8b:e5:63:87:5b:5f:6c:5e:9e:ec:6c:7e:ee:1e: f5:e9:a2:2d:07:8c:9e:07:aa:6e:25:4d:b1:57:11:26:e9:7c: c0:fb:38:39 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIULO/wmTFcH/uiUrQxVinNKcfOxu4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMDQ1MloX DTI3MDUwMjAwMDk1MlowMzExMC8GA1UEAxMoMkZGMjhFQzMxRkE5NTk1RDRDOTM3 MkUwMzc4QjEyN0JGQzA3RDU0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKSo8ftDsmo2lgxqs01HzN895q5zMfiRSjU6UKrc9uV+WjPnq5dZFqyW3b7a BeZ4TbAs02+DI+daFVXbZd7ufVVP55wIKMTD3tyYuTvzlRR3uHliBwcZ5zGnMxF1 iur02KxWQ/CFXcYi7qMbcBo2AIcv4t1eT+4fHlzQZFrAuFo5Lo8JB8DAPz9jC1Wq LoGG4p8dhHb0Yi7Dda0uSMs7topi+k5fhCkAA5iTptdtapyagQWbX8huW2T+QHdj GA9fR98VKnF4xtqimzrEGMucZbAM1IzujnrgDkc5dFFbqIx+EtErdTuqHjIimfR6 GKgdrDnrSW48+ytYQB7Llbz3HiECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC/yjsMfqVldTJNy4DeLEnv8B9VDMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzI2YzA2MGZiLWU5MzYtNGEyMy1iYmUyLTk0NDU3YmY3MDliZi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yNmMwNjBm Yi1lOTM2LTRhMjMtYmJlMi05NDQ1N2JmNzA5YmYvMC8yRkYyOEVDMzFGQTk1OTVE NEM5MzcyRTAzNzhCMTI3QkZDMDdENTQzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ06eMA0GCSqGSIb3DQEBCwUAA4IBAQA8+F/sPyKVRjxagWCIQ9jok2ek7Z4k VshKsL0/4xeWlljXE/UFE0YZaywjXVdJO+QCWywDrSP+wvmKbqd7Hxx4XUUYdIcs IrF9QC1uwadkGr9iwtxoL21q04Gzl0/eo/v7XqSygsUNbfVhENfkM4xDLizXIoAB aDL6VVuQVspad+ei3iB2MHdg4V8N6e5JkfPK3VEYh/B0u9KqcMLuZT+ZOSNlRZ8p In6a1h74NDiPXOT06dnXwWU/PxsnETrheYFQqxzIMJyuAUNbrFRa/Cs65w2jXApi qc2QF65Ai+Vjh1tfbF6e7Gx+7h716aItB4yeB6puJU2xVxEm6XzA+zg5 -----END CERTIFICATE-----Generated at Tue May 12 22:03:16 2026 by rpki-client