$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/32BA6AEC51EA214BB4B742FAE2EC3F0C4D72B326.cer File: 32BA6AEC51EA214BB4B742FAE2EC3F0C4D72B326.cer (raw, json) Hash identifier: rFAPUoUn9w9aAIsKkNciamItByhQv6FDiyhV9DtsX3k= Subject key identifier: 32:BA:6A:EC:51:EA:21:4B:B4:B7:42:FA:E2:EC:3F:0C:4D:72:B3:26 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2B4388B53428A7AB23288A9952CBB6F5B5501A4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/811d9abc-4987-4dbc-976d-3f32b291715d/0/32BA6AEC51EA214BB4B742FAE2EC3F0C4D72B326.mft caRepository: rsync://rpki-rsync.idnic.net/repo/811d9abc-4987-4dbc-976d-3f32b291715d/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:06:36 +0000 Certificate not after: Sun 02 May 2027 01:11:36 +0000 Subordinate resources: IP: 103.250.129.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:43:88:b5:34:28:a7:ab:23:28:8a:99:52:cb:b6:f5:b5:50:1a:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:06:36 2026 GMT Not After : May 2 01:11:36 2027 GMT Subject: CN=32BA6AEC51EA214BB4B742FAE2EC3F0C4D72B326 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:09:1a:a2:f2:95:eb:a3:19:8e:d6:85:2d:47: 75:cc:6e:f9:e0:58:41:45:25:40:c8:3d:c6:3d:7c: af:9c:47:18:23:e9:9f:75:a3:3c:25:c3:b1:d9:d2: 92:d2:78:e0:a3:7a:70:e5:26:20:95:fe:42:81:f5: 6b:19:14:f5:c0:50:2a:01:00:e1:a1:7c:70:ba:ee: b4:fa:ae:c8:64:c6:ec:29:fc:94:7a:f8:30:3a:ee: 3e:3c:e2:19:41:f6:5e:b7:52:94:83:c4:3e:fa:da: 6f:47:6d:92:5a:78:87:b6:3a:18:ff:33:ba:5b:8a: 59:01:0c:ce:fb:1d:b2:48:c1:ce:7e:f9:16:03:f7: d4:e0:02:48:95:87:62:33:09:a2:6c:8e:01:56:dd: d3:3f:cd:2f:76:5a:1e:c3:ce:d0:79:80:e4:05:41: 24:c4:81:f1:ea:e0:71:ba:cb:57:4a:17:36:83:8c: ce:52:0a:fe:68:ac:ed:41:ff:2b:2c:86:78:04:08: 0a:42:17:e3:d1:63:11:c2:cf:42:42:7f:bf:49:1e: 14:cd:79:96:3e:db:0d:a4:64:5b:ba:4c:4b:83:84: d4:f1:5c:73:9c:28:d3:6a:f2:c4:ae:18:42:af:b0: 0b:0c:86:88:f2:1d:02:0a:28:8b:62:14:a0:5f:92: 20:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 32:BA:6A:EC:51:EA:21:4B:B4:B7:42:FA:E2:EC:3F:0C:4D:72:B3:26 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/811d9abc-4987-4dbc-976d-3f32b291715d/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/811d9abc-4987-4dbc-976d-3f32b291715d/0/32BA6AEC51EA214BB4B742FAE2EC3F0C4D72B326.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.250.129.0/24 Signature Algorithm: sha256WithRSAEncryption 32:5d:fa:bd:a1:07:31:a9:6b:57:a2:6c:ca:e6:71:24:db:24: 86:8e:18:9c:03:6a:b5:0d:9c:57:bc:80:9a:35:de:2a:12:a9: ae:56:37:a5:a4:ce:33:37:89:f0:06:23:73:28:cb:c2:e3:1a: 18:f5:26:17:f3:d1:bd:3b:c4:f4:6b:d9:2a:0a:34:25:ae:68: 13:d1:01:95:5f:75:79:31:4c:01:a7:c7:7c:66:61:5e:dd:73: c3:6f:c0:24:2e:d5:b7:7b:51:84:e4:54:5c:d0:c1:d6:4c:fc: e1:64:d6:16:af:68:f2:17:ae:67:b3:0e:c5:f5:f1:5f:54:fd: fb:d2:cf:ab:54:6a:44:ac:e5:68:5c:94:a9:f8:6f:3c:84:12: 1f:c3:11:b8:06:0f:70:f1:2b:01:3a:69:1d:cd:25:6e:65:b5: 8c:53:ea:8b:9c:a4:1f:20:b0:95:9e:99:96:a6:60:b1:94:69: 69:ea:a6:f3:d9:71:24:54:4a:9d:a0:2b:88:db:5f:58:60:13: 0f:1e:61:2f:fb:68:e8:47:7e:19:a4:d8:89:3e:85:60:67:cb: 94:05:23:29:80:d5:91:85:14:4c:d8:f9:9c:d3:ed:7c:63:6c: 8e:94:b7:9c:c3:04:eb:60:c3:fe:c5:4e:e4:1f:f8:e1:0c:ca: 42:dc:d6:c8 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUK0OItTQop6sjKIqZUsu29bVQGkowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMDYzNloX DTI3MDUwMjAxMTEzNlowMzExMC8GA1UEAxMoMzJCQTZBRUM1MUVBMjE0QkI0Qjc0 MkZBRTJFQzNGMEM0RDcyQjMyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALsJGqLyleujGY7WhS1Hdcxu+eBYQUUlQMg9xj18r5xHGCPpn3WjPCXDsdnS ktJ44KN6cOUmIJX+QoH1axkU9cBQKgEA4aF8cLrutPquyGTG7Cn8lHr4MDruPjzi GUH2XrdSlIPEPvrab0dtklp4h7Y6GP8zuluKWQEMzvsdskjBzn75FgP31OACSJWH YjMJomyOAVbd0z/NL3ZaHsPO0HmA5AVBJMSB8ergcbrLV0oXNoOMzlIK/mis7UH/ KyyGeAQICkIX49FjEcLPQkJ/v0keFM15lj7bDaRkW7pMS4OE1PFcc5wo02ryxK4Y Qq+wCwyGiPIdAgooi2IUoF+SIEMCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDK6auxR6iFLtLdC+uLsPwxNcrMmMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzgxMWQ5YWJjLTQ5ODctNGRiYy05NzZkLTNmMzJiMjkxNzE1ZC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84MTFkOWFi Yy00OTg3LTRkYmMtOTc2ZC0zZjMyYjI5MTcxNWQvMC8zMkJBNkFFQzUxRUEyMTRC QjRCNzQyRkFFMkVDM0YwQzRENzJCMzI2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ/qBMA0GCSqGSIb3DQEBCwUAA4IBAQAyXfq9oQcxqWtXomzK5nEk2ySGjhic A2q1DZxXvICaNd4qEqmuVjelpM4zN4nwBiNzKMvC4xoY9SYX89G9O8T0a9kqCjQl rmgT0QGVX3V5MUwBp8d8ZmFe3XPDb8AkLtW3e1GE5FRc0MHWTPzhZNYWr2jyF65n sw7F9fFfVP370s+rVGpErOVoXJSp+G88hBIfwxG4Bg9w8SsBOmkdzSVuZbWMU+qL nKQfILCVnpmWpmCxlGlp6qbz2XEkVEqdoCuI219YYBMPHmEv+2joR34ZpNiJPoVg Z8uUBSMpgNWRhRRM2Pmc0+18Y2yOlLecwwTrYMP+xU7kH/jhDMpC3NbI -----END CERTIFICATE-----Generated at Tue May 12 22:03:43 2026 by rpki-client